This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/dkSZC1vcgEsyqm56yAJmonI1P1E.roa File: dkSZC1vcgEsyqm56yAJmonI1P1E.roa (raw, json) Hash identifier: Wn8sFewfyDAMaX3VNG1l/GCgIijws7/FwmZlH3//5Vk= Subject key identifier: 76:44:99:0B:5B:DC:80:4B:32:AA:6E:7A:C8:02:66:A2:72:35:3F:51 Certificate issuer: /CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e Certificate serial: 019B7EA69F2A0563417C739E2B99AF123737 Authority key identifier: BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/dkSZC1vcgEsyqm56yAJmonI1P1E.roa Signing time: Fri 02 Jan 2026 12:20:07 +0000 ROA not before: Fri 02 Jan 2026 12:20:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 11251 IP address blocks: 157.23.224.0/20 maxlen: 24 2a0e:bbc0:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.mft rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:9f:2a:05:63:41:7c:73:9e:2b:99:af:12:37:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e Validity Not Before: Jan 2 12:20:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7644990b5bdc804b32aa6e7ac80266a272353f51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:82:99:23:d7:d4:f4:74:3b:06:7a:a4:0a:cd: 85:e0:ec:a5:8b:73:1a:f7:af:73:3d:6a:9a:3f:29: 65:6b:1c:a1:b2:93:f0:f9:e7:8e:cc:32:52:59:55: 27:01:01:f8:c4:63:ff:07:fd:3f:cd:71:73:12:d7: b2:bb:fb:87:84:d5:b2:0f:30:5f:d5:57:03:89:09: 85:1b:bd:a1:65:96:4a:64:e9:fc:74:bf:68:d9:fc: a7:b8:c4:86:b4:b1:ec:96:04:73:c4:2e:f8:fc:ba: 26:2f:f1:b7:51:4b:e6:55:fa:3d:bf:7f:7b:2e:9b: 28:65:9c:e3:b5:de:e3:8c:c8:ff:0f:04:a8:0c:f3: a8:5f:43:fe:29:d9:71:43:fc:1c:ea:65:91:c5:b5: 86:17:4d:26:1b:95:a6:84:eb:a1:6c:0a:57:5e:c8: 13:6e:fc:d4:8f:d8:e2:c8:88:60:70:8a:7d:ec:1f: b4:bf:b8:c0:56:62:a5:0d:57:34:46:85:5e:15:0a: 7f:7f:5d:f6:3a:5e:fc:a5:44:5e:bb:86:18:bf:3a: ec:46:0d:25:22:ce:0d:6a:78:4e:3f:95:50:65:6a: 1c:34:de:73:ef:a3:4a:8b:7f:42:b3:f5:49:6c:f7: f4:fb:2a:c6:fd:fb:45:f4:d4:76:09:c6:22:7c:1b: f2:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:44:99:0B:5B:DC:80:4B:32:AA:6E:7A:C8:02:66:A2:72:35:3F:51 X509v3 Authority Key Identifier: keyid:BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/dkSZC1vcgEsyqm56yAJmonI1P1E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.23.224.0/20 IPv6: 2a0e:bbc0:8000::/40 Signature Algorithm: sha256WithRSAEncryption 9f:b4:b0:05:71:ac:07:be:d7:7d:f4:62:ed:ae:ea:e3:32:47: 76:2c:15:80:ac:69:78:ad:b9:b5:14:18:43:0d:b9:7e:19:68: 0e:55:5f:c8:ca:b6:84:95:56:14:e8:b0:87:43:6f:44:bb:f1: 2b:2f:e7:01:0e:eb:c9:ed:62:5b:e0:b2:af:82:d7:1f:a8:2b: dd:05:06:f3:5a:9a:70:df:74:7e:0b:9a:f8:ca:c0:b0:65:66: d0:c0:f5:18:f7:f5:87:8d:83:6d:ae:26:51:6d:41:56:37:51: 0f:0a:48:74:a9:92:2b:25:12:cf:d3:10:8a:2f:2d:8a:29:e9: 83:87:dc:02:c4:b4:71:25:62:27:0a:63:9a:3f:82:65:4b:5b: cd:3c:67:4a:64:ea:ad:66:69:32:8c:4e:e1:81:e6:f3:6f:ff: 05:2e:e7:55:c3:3f:22:e5:bb:04:2d:80:0c:be:9a:55:7f:0e: ef:6a:13:98:42:86:38:17:a2:2f:89:ef:80:a6:e3:e6:22:c0: 4a:ec:72:10:8e:15:f4:6a:84:99:b9:52:c6:c8:15:00:d9:4a: 20:64:bb:dd:ae:04:89:5d:2d:e6:62:91:69:2f:64:2f:d1:c3: 82:ec:1b:c7:7d:89:6b:52:fc:32:9a:f3:4f:30:93:9e:a2:58: 54:ce:55:01 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt+pp8qBWNBfHOeK5mvEjc3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJiYTM1Y2Y4YWI2ZjNlYWEyYWViYWRkOWUyMzczZGVjMDg5 MzYyNWUwHhcNMjYwMTAyMTIyMDA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NjQ0OTkwYjViZGM4MDRiMzJhYTZlN2FjODAyNjZhMjcyMzUzZjUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4KZI9fU9HQ7BnqkCs2F4Oyli3Ma 969zPWqaPyllaxyhspPw+eeOzDJSWVUnAQH4xGP/B/0/zXFzEteyu/uHhNWyDzBf 1VcDiQmFG72hZZZKZOn8dL9o2fynuMSGtLHslgRzxC74/LomL/G3UUvmVfo9v397 LpsoZZzjtd7jjMj/DwSoDPOoX0P+KdlxQ/wc6mWRxbWGF00mG5WmhOuhbApXXsgT bvzUj9jiyIhgcIp97B+0v7jAVmKlDVc0RoVeFQp/f132Ol78pUReu4YYvzrsRg0l Is4NanhOP5VQZWocNN5z76NKi39Cs/VJbPf0+yrG/ftF9NR2CcYifBvypwIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFHZEmQtb3IBLMqpuesgCZqJyNT9RMB8GA1UdIwQY MBaAFLujXPirbz6qKuut2eI3PewIk2JeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMt NTk3YjZlMjQ5MmFiLzEvZGtTWkMxdmNnRXN5cW01NnlBSm1vbkkxUDFFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9hMGUwMWEtOWJiYy00NGVlLTk4YTMtNTk3YjZlMjQ5MmFi LzEvdTZOYy1LdHZQcW9xNjYzWjRqYzk3QWlUWWw0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQEnRfgMA4E AgACMAgDBgAqDrvAgDANBgkqhkiG9w0BAQsFAAOCAQEAn7SwBXGsB77XffRi7a7q 4zJHdiwVgKxpeK25tRQYQw25fhloDlVfyMq2hJVWFOiwh0NvRLvxKy/nAQ7rye1i W+Cyr4LXH6gr3QUG81qacN90fgua+MrAsGVm0MD1GPf1h42Dba4mUW1BVjdRDwpI dKmSKyUSz9MQii8tiinpg4fcAsS0cSViJwpjmj+CZUtbzTxnSmTqrWZpMoxO4YHm 82//BS7nVcM/IuW7BC2ADL6aVX8O72oTmEKGOBeiL4nvgKbj5iLASuxyEI4V9GqE mblSxsgVANlKIGS73a4EiV0t5mKRaS9kL9HDguwbx32Ja1L8MprzTzCTnqJYVM5V AQ== -----END CERTIFICATE-----Generated at Sun Jan 25 14:09:28 2026 by rpki-client