This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/RDZxalDBba-KXcD-MDsp1kF4DmQ.roa File: RDZxalDBba-KXcD-MDsp1kF4DmQ.roa (raw, json) Hash identifier: RfbDrqRTWuSJ+e1Z40xGqlEQmsc4zVr3kOeTExU0ca4= Subject key identifier: 44:36:71:6A:50:C1:6D:AF:8A:5D:C0:FE:30:3B:29:D6:41:78:0E:64 Certificate issuer: /CN=7490ce6b6f8f750e03584ebbd7bdad0f11fbe31c Certificate serial: 019B7BA36A5028A73E91FC5EC81501239E39 Authority key identifier: 74:90:CE:6B:6F:8F:75:0E:03:58:4E:BB:D7:BD:AD:0F:11:FB:E3:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJDOa2-PdQ4DWE67172tDxH74xw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/RDZxalDBba-KXcD-MDsp1kF4DmQ.roa Signing time: Thu 01 Jan 2026 22:17:45 +0000 ROA not before: Thu 01 Jan 2026 22:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3292 IP address blocks: 185.149.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/dJDOa2-PdQ4DWE67172tDxH74xw.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/dJDOa2-PdQ4DWE67172tDxH74xw.mft rsync://rpki.ripe.net/repository/DEFAULT/dJDOa2-PdQ4DWE67172tDxH74xw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:6a:50:28:a7:3e:91:fc:5e:c8:15:01:23:9e:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7490ce6b6f8f750e03584ebbd7bdad0f11fbe31c Validity Not Before: Jan 1 22:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4436716a50c16daf8a5dc0fe303b29d641780e64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:3f:ab:29:71:fa:a6:bc:65:31:00:23:7f:02: 7a:e8:ef:93:34:1f:61:84:38:96:bf:15:2e:3e:57: c3:fe:e7:9f:49:9b:a7:4c:90:b5:64:59:ff:76:0b: d9:f1:1b:3e:16:92:a9:ef:08:5e:19:85:d5:c7:9a: d9:59:a9:5e:4c:28:01:a5:1e:57:c6:e2:23:b4:40: 71:bf:97:1e:8b:f9:7b:e9:21:27:fb:e6:1d:4e:d6: 18:a4:cf:54:14:c6:57:6f:b2:cf:a6:8c:a3:cd:97: 63:b9:b8:1d:b5:3e:7a:e7:5b:14:29:f1:2c:21:69: 25:2d:55:54:84:4d:ad:c2:52:17:85:a1:90:d9:8f: ca:c2:14:e2:46:60:8e:a3:fb:a5:7b:14:ab:8a:52: df:a0:42:74:24:52:ee:50:b0:2d:23:5e:31:42:fd: 1e:54:08:24:a7:4a:6b:c5:05:32:bc:b3:af:2b:95: 45:fd:6c:25:3c:2c:82:e5:db:bb:f1:51:61:28:72: 6e:36:e6:0d:35:8f:d0:20:9c:20:ac:12:4d:b3:d5: 06:a9:f3:38:90:91:fb:2c:26:c8:0c:e1:fe:80:ab: 18:aa:28:42:5d:62:34:83:0b:c0:e1:85:32:ea:c4: 34:9a:4c:88:c8:55:61:6c:b6:82:c9:59:23:16:43: d5:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:36:71:6A:50:C1:6D:AF:8A:5D:C0:FE:30:3B:29:D6:41:78:0E:64 X509v3 Authority Key Identifier: keyid:74:90:CE:6B:6F:8F:75:0E:03:58:4E:BB:D7:BD:AD:0F:11:FB:E3:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJDOa2-PdQ4DWE67172tDxH74xw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/RDZxalDBba-KXcD-MDsp1kF4DmQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/ed8eba-6bd4-4438-b3e0-c496f9cafa83/1/dJDOa2-PdQ4DWE67172tDxH74xw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.149.231.0/24 Signature Algorithm: sha256WithRSAEncryption 16:01:38:08:0f:8b:3d:52:a5:8d:cd:76:61:5a:83:1e:f5:d5: 85:1e:1f:c3:14:2e:37:ff:ca:e4:de:d6:c5:06:23:d5:6b:fc: f6:f1:18:1a:78:4a:30:c1:4b:cc:e0:8d:1e:c2:1f:15:19:46: cf:36:7a:49:67:6d:ef:8c:7d:8a:1b:91:2c:9a:71:02:2d:28: a1:32:2c:ab:21:4d:56:c7:e7:8b:da:43:53:a7:45:76:79:8b: 03:36:36:b3:b3:ea:ca:55:c6:cb:45:1d:35:99:23:c5:d2:5d: 5c:84:42:d4:b8:e8:e0:87:b4:f0:2a:2f:21:1e:be:8f:78:a0: fb:9b:43:d9:cb:e5:3f:17:7c:6c:30:9a:51:1b:23:20:c0:eb: d9:60:b4:14:2b:60:2e:d7:76:ab:ae:37:dc:44:72:f6:59:c1: e0:c3:3a:0d:bb:9d:1d:90:ab:85:c9:cd:94:63:8f:16:70:5a: 11:4a:28:0c:67:88:e7:5d:7e:27:f5:cd:99:7f:cb:5b:2f:94: 2b:cd:63:bd:0f:02:6b:41:b9:88:e2:52:1c:f9:ab:f7:3c:3a: bd:57:4e:41:5e:b9:e4:0a:f5:18:6f:ce:fd:93:d2:e5:96:8f: b3:19:a1:61:68:2c:bc:49:b1:39:ee:0d:07:93:4a:a7:99:05: e9:fc:4f:8c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7o2pQKKc+kfxeyBUBI545MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0OTBjZTZiNmY4Zjc1MGUwMzU4NGViYmQ3YmRhZDBmMTFm YmUzMWMwHhcNMjYwMTAxMjIxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NDM2NzE2YTUwYzE2ZGFmOGE1ZGMwZmUzMDNiMjlkNjQxNzgwZTY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz+rKXH6prxlMQAjfwJ66O+TNB9h hDiWvxUuPlfD/uefSZunTJC1ZFn/dgvZ8Rs+FpKp7wheGYXVx5rZWaleTCgBpR5X xuIjtEBxv5cei/l76SEn++YdTtYYpM9UFMZXb7LPpoyjzZdjubgdtT5651sUKfEs IWklLVVUhE2twlIXhaGQ2Y/KwhTiRmCOo/ulexSrilLfoEJ0JFLuULAtI14xQv0e VAgkp0prxQUyvLOvK5VF/WwlPCyC5du78VFhKHJuNuYNNY/QIJwgrBJNs9UGqfM4 kJH7LCbIDOH+gKsYqihCXWI0gwvA4YUy6sQ0mkyIyFVhbLaCyVkjFkPV9wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFEQ2cWpQwW2vil3A/jA7KdZBeA5kMB8GA1UdIwQY MBaAFHSQzmtvj3UOA1hOu9e9rQ8R++McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEpET2EyLVBkUTREV0U2NzE3MnREeEg3NHh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9lZDhlYmEtNmJkNC00NDM4LWIzZTAt YzQ5NmY5Y2FmYTgzLzEvUkRaeGFsREJiYS1LWGNELU1Ec3Axa0Y0RG1RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy9lZDhlYmEtNmJkNC00NDM4LWIzZTAtYzQ5NmY5Y2FmYTgz LzEvZEpET2EyLVBkUTREV0U2NzE3MnREeEg3NHh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZXnMA0G CSqGSIb3DQEBCwUAA4IBAQAWATgID4s9UqWNzXZhWoMe9dWFHh/DFC43/8rk3tbF BiPVa/z28RgaeEowwUvM4I0ewh8VGUbPNnpJZ23vjH2KG5EsmnECLSihMiyrIU1W x+eL2kNTp0V2eYsDNjazs+rKVcbLRR01mSPF0l1chELUuOjgh7TwKi8hHr6PeKD7 m0PZy+U/F3xsMJpRGyMgwOvZYLQUK2Au13arrjfcRHL2WcHgwzoNu50dkKuFyc2U Y48WcFoRSigMZ4jnXX4n9c2Zf8tbL5QrzWO9DwJrQbmI4lIc+av3PDq9V05BXrnk CvUYb879k9Lllo+zGaFhaCy8SbE57g0Hk0qnmQXp/E+M -----END CERTIFICATE-----Generated at Sun Jan 25 23:31:48 2026 by rpki-client