This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/dqDFD25-lBr1H4kU-f-eIMyH1ao.roa File: dqDFD25-lBr1H4kU-f-eIMyH1ao.roa (raw, json) Hash identifier: aZMJNfpwSLS2DvVJl8WR74MQgSeC0Vd4cP1ssZtEpxQ= Subject key identifier: 76:A0:C5:0F:6E:7E:94:1A:F5:1F:89:14:F9:FF:9E:20:CC:87:D5:AA Certificate issuer: /CN=a097d6a2cf42880dbebf42a3251907a21c91a4a5 Certificate serial: 019B7EA5687F91F276D009D5E05B04DA6E97 Authority key identifier: A0:97:D6:A2:CF:42:88:0D:BE:BF:42:A3:25:19:07:A2:1C:91:A4:A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oJfWos9CiA2-v0KjJRkHohyRpKU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/dqDFD25-lBr1H4kU-f-eIMyH1ao.roa Signing time: Fri 02 Jan 2026 12:18:47 +0000 ROA not before: Fri 02 Jan 2026 12:18:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50563 IP address blocks: 45.8.76.0/22 maxlen: 22 45.8.76.0/23 maxlen: 23 45.8.76.0/24 maxlen: 24 45.8.77.0/24 maxlen: 24 45.8.78.0/23 maxlen: 23 45.8.78.0/24 maxlen: 24 45.8.79.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/oJfWos9CiA2-v0KjJRkHohyRpKU.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/oJfWos9CiA2-v0KjJRkHohyRpKU.mft rsync://rpki.ripe.net/repository/DEFAULT/oJfWos9CiA2-v0KjJRkHohyRpKU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:68:7f:91:f2:76:d0:09:d5:e0:5b:04:da:6e:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a097d6a2cf42880dbebf42a3251907a21c91a4a5 Validity Not Before: Jan 2 12:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=76a0c50f6e7e941af51f8914f9ff9e20cc87d5aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:7e:28:c1:7a:8c:4a:55:4c:56:14:75:57:83: 7f:c0:6c:16:c8:ad:fc:de:25:27:e2:50:5b:20:68: f2:a5:7c:a2:48:0b:0e:55:d7:07:b6:a2:2f:1b:36: 99:a2:a4:b2:e7:5d:48:04:84:93:b8:8b:32:5e:29: 02:e5:ce:37:76:cc:5b:53:7e:20:8a:60:11:e2:05: 46:ec:a4:d0:e1:b6:f6:d6:76:6a:88:21:93:db:a2: f5:fc:f0:5f:49:4f:48:b6:95:89:4b:7d:21:4f:6b: e3:c2:7f:c8:f2:22:80:e5:cb:85:09:8f:53:41:d9: 36:64:92:24:59:d5:3a:7f:dd:63:70:a4:c6:32:47: 88:df:8c:07:de:1b:60:02:d7:5d:f6:c3:5e:94:be: d5:14:d9:80:61:9b:d9:7a:b7:7d:f1:df:fc:40:e2: 69:a9:f0:f7:45:3a:40:e5:48:2c:b9:90:ea:34:c7: 36:5f:0c:18:6f:5f:f1:0a:f0:b1:ff:04:d6:88:08: d4:61:30:db:50:4d:4d:fb:88:52:2b:09:5e:af:4f: b1:fb:53:86:df:88:9e:93:6a:6d:3b:51:82:c7:f5: c7:a8:77:d9:ea:5f:9f:67:32:b3:1f:2d:89:20:f3: 32:29:61:f7:62:75:b8:3b:db:7e:29:cb:82:78:8a: e7:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:A0:C5:0F:6E:7E:94:1A:F5:1F:89:14:F9:FF:9E:20:CC:87:D5:AA X509v3 Authority Key Identifier: keyid:A0:97:D6:A2:CF:42:88:0D:BE:BF:42:A3:25:19:07:A2:1C:91:A4:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oJfWos9CiA2-v0KjJRkHohyRpKU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/dqDFD25-lBr1H4kU-f-eIMyH1ao.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/4c2b68-818b-4902-b42f-6fcaf2729be5/1/oJfWos9CiA2-v0KjJRkHohyRpKU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.8.76.0/22 Signature Algorithm: sha256WithRSAEncryption 74:59:40:d2:d1:34:3d:01:b6:04:35:d1:71:ee:4b:9a:d2:44: 2b:c7:64:0d:a0:3f:43:4a:70:df:a9:85:14:84:22:b5:bc:09: f0:28:63:17:1e:61:29:e4:0c:a7:de:cb:da:24:61:9d:0a:cc: c7:50:a4:d1:3b:b8:1c:d5:eb:57:8c:26:d4:4e:30:df:53:b3: 69:4a:7a:23:13:ad:b4:b2:9b:25:69:92:cd:d1:45:19:9b:20: 58:a5:ac:b0:aa:17:07:32:da:2b:f9:84:4d:86:f6:b1:20:b6: 1d:b6:41:02:d0:2c:23:a5:e5:a9:cb:a2:75:dc:80:81:2b:a1: 76:b1:2d:43:9d:6d:59:a2:56:af:92:2d:79:c8:4a:1b:75:3f: 7d:6d:3f:44:03:ec:4c:39:2f:dd:ba:53:6a:3d:89:50:ba:a2: 5f:11:96:78:16:f1:53:f4:15:f3:76:b8:a3:0a:6a:03:fc:7b: 9d:46:9d:08:36:54:63:78:34:c6:50:9c:1f:c3:8b:a9:88:46: bd:24:42:f7:30:2d:80:7d:c8:76:41:21:35:45:21:4d:df:7e: ae:fb:41:97:25:e2:4b:8e:35:27:41:70:7c:ba:15:e3:7d:ba: 36:8f:35:5e:23:b9:b3:42:93:d8:9e:54:38:0f:7c:a3:62:20: 2e:fb:3d:22 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pWh/kfJ20AnV4FsE2m6XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwOTdkNmEyY2Y0Mjg4MGRiZWJmNDJhMzI1MTkwN2EyMWM5 MWE0YTUwHhcNMjYwMTAyMTIxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NmEwYzUwZjZlN2U5NDFhZjUxZjg5MTRmOWZmOWUyMGNjODdkNWFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp34owXqMSlVMVhR1V4N/wGwWyK38 3iUn4lBbIGjypXyiSAsOVdcHtqIvGzaZoqSy511IBISTuIsyXikC5c43dsxbU34g imAR4gVG7KTQ4bb21nZqiCGT26L1/PBfSU9ItpWJS30hT2vjwn/I8iKA5cuFCY9T Qdk2ZJIkWdU6f91jcKTGMkeI34wH3htgAtdd9sNelL7VFNmAYZvZerd98d/8QOJp qfD3RTpA5UgsuZDqNMc2XwwYb1/xCvCx/wTWiAjUYTDbUE1N+4hSKwler0+x+1OG 34iek2ptO1GCx/XHqHfZ6l+fZzKzHy2JIPMyKWH3YnW4O9t+KcuCeIrnXQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHagxQ9ufpQa9R+JFPn/niDMh9WqMB8GA1UdIwQY MBaAFKCX1qLPQogNvr9CoyUZB6IckaSlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0pmV29zOUNpQTItdjBLakpSa0hvaHlScEtVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS80YzJiNjgtODE4Yi00OTAyLWI0MmYt NmZjYWYyNzI5YmU1LzEvZHFERkQyNS1sQnIxSDRrVS1mLWVJTXlIMWFvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS80YzJiNjgtODE4Yi00OTAyLWI0MmYtNmZjYWYyNzI5YmU1 LzEvb0pmV29zOUNpQTItdjBLakpSa0hvaHlScEtVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLQhMMA0G CSqGSIb3DQEBCwUAA4IBAQB0WUDS0TQ9AbYENdFx7kua0kQrx2QNoD9DSnDfqYUU hCK1vAnwKGMXHmEp5Ayn3svaJGGdCszHUKTRO7gc1etXjCbUTjDfU7NpSnojE620 spslaZLN0UUZmyBYpaywqhcHMtor+YRNhvaxILYdtkEC0CwjpeWpy6J13ICBK6F2 sS1DnW1Zolavki15yEobdT99bT9EA+xMOS/dulNqPYlQuqJfEZZ4FvFT9BXzdrij CmoD/HudRp0INlRjeDTGUJwfw4upiEa9JEL3MC2Afch2QSE1RSFN336u+0GXJeJL jjUnQXB8uhXjfbo2jzVeI7mzQpPYnlQ4D3yjYiAu+z0i -----END CERTIFICATE-----Generated at Sun Jan 25 17:34:29 2026 by rpki-client