This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/dtQ0vYUQe2hHFQXjgaPmdf2Qluw.roa File: dtQ0vYUQe2hHFQXjgaPmdf2Qluw.roa (raw, json) Hash identifier: XpIwnHaIKagXIHTB+uSCxfd4HTE9KgbBojxCDTnpYN4= Subject key identifier: 76:D4:34:BD:85:10:7B:68:47:15:05:E3:81:A3:E6:75:FD:90:96:EC Certificate issuer: /CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123 Certificate serial: 019B7BA3463B51E5CBB59757B8BAB8091514 Authority key identifier: 29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/dtQ0vYUQe2hHFQXjgaPmdf2Qluw.roa Signing time: Thu 01 Jan 2026 22:17:36 +0000 ROA not before: Thu 01 Jan 2026 22:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201935 IP address blocks: 81.85.167.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.mft rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:46:3b:51:e5:cb:b5:97:57:b8:ba:b8:09:15:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123 Validity Not Before: Jan 1 22:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=76d434bd85107b68471505e381a3e675fd9096ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:54:60:53:72:60:91:e2:02:bb:f6:b1:7a:08: 7a:8f:83:bc:00:9b:d2:10:d0:70:b1:4d:70:80:7c: 0f:c8:a6:7c:e6:1a:40:d9:c2:cf:31:28:6d:3a:ab: d4:da:a9:2b:18:d5:de:2e:31:d0:a6:5e:80:31:6b: 84:32:12:69:37:97:2e:87:49:8b:09:7c:11:5b:3e: 57:ee:be:a9:ea:d8:2a:7a:22:0f:96:25:3e:bb:2b: 4b:58:8f:97:56:29:1c:a6:47:a2:ce:3b:22:1c:95: c3:01:dd:f1:da:6f:64:67:ae:a2:75:f3:03:b9:ef: 43:82:08:5f:92:e5:7a:46:35:80:9d:87:c6:f1:48: a8:fd:df:8b:1d:4d:91:ab:67:fa:87:39:69:77:02: 86:0e:1e:6a:31:71:d0:8a:35:3b:0b:bc:7a:f6:76: d8:8a:6d:91:0a:88:5f:b9:3c:29:84:f9:41:71:7c: c9:35:d7:87:e9:03:77:fa:05:30:53:15:5c:f3:5a: 76:ba:ec:42:1f:72:a8:fc:e9:b3:1c:90:c0:55:f7: d9:73:2b:9d:62:1c:ac:5c:32:2e:87:83:3c:b5:df: c2:46:90:72:7d:17:f1:65:8d:a6:08:86:5e:7b:18: 71:38:b4:06:f0:cb:ad:6b:16:3f:7f:8f:fa:92:24: e8:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:D4:34:BD:85:10:7B:68:47:15:05:E3:81:A3:E6:75:FD:90:96:EC X509v3 Authority Key Identifier: keyid:29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/dtQ0vYUQe2hHFQXjgaPmdf2Qluw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.85.167.0/24 Signature Algorithm: sha256WithRSAEncryption 09:bf:cf:cb:1e:f1:ae:47:26:80:6d:a1:6f:33:da:be:c4:1e: 56:95:10:38:3d:c9:c2:f1:f8:50:bb:ed:04:0a:9c:43:5d:35: c7:51:30:3c:39:2d:57:43:f8:2b:b7:80:34:79:7c:b6:07:79: 36:7a:5a:f8:7c:d6:59:47:b1:79:2f:ac:8b:32:23:d7:df:8e: 33:50:92:93:69:57:19:2d:a4:dc:37:8e:cc:71:6f:43:85:57: 17:f9:25:fd:49:fc:ef:60:08:02:1e:58:a8:ea:06:95:b7:af: bb:a1:74:43:51:75:5d:40:2a:0a:96:67:20:f3:69:69:81:f3: c5:ce:ae:0a:fd:ed:b5:fe:95:59:3f:02:15:f3:e0:eb:b5:fa: ad:c4:1f:00:c2:49:56:69:92:55:ac:7a:70:10:26:db:f0:70: 75:65:84:d2:81:1a:77:4b:63:4a:03:e2:2e:d1:8c:c2:60:26: a5:56:21:a9:2b:b9:98:c6:eb:16:d2:aa:4b:f8:e4:2d:bb:5d: 49:bf:4a:de:0e:14:54:37:23:c9:a5:3d:f3:ba:a0:f0:9e:1c: 55:e6:d2:04:f7:b4:d5:06:51:ad:01:36:03:96:11:98:e2:7a: e2:1b:38:5c:d8:a9:66:35:ad:76:1e:5c:37:f5:1e:79:3d:1b: e0:30:42:35 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7o0Y7UeXLtZdXuLq4CRUUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZjZhMzAwYmY3ZDQwYjdmOGQ2MTgxYzViOGE3ZGJjNzFi N2QxMjMwHhcNMjYwMTAxMjIxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NmQ0MzRiZDg1MTA3YjY4NDcxNTA1ZTM4MWEzZTY3NWZkOTA5NmVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01RgU3JgkeICu/axegh6j4O8AJvS ENBwsU1wgHwPyKZ85hpA2cLPMShtOqvU2qkrGNXeLjHQpl6AMWuEMhJpN5cuh0mL CXwRWz5X7r6p6tgqeiIPliU+uytLWI+XVikcpkeizjsiHJXDAd3x2m9kZ66idfMD ue9DgghfkuV6RjWAnYfG8Uio/d+LHU2Rq2f6hzlpdwKGDh5qMXHQijU7C7x69nbY im2RCohfuTwphPlBcXzJNdeH6QN3+gUwUxVc81p2uuxCH3Ko/OmzHJDAVffZcyud YhysXDIuh4M8td/CRpByfRfxZY2mCIZeexhxOLQG8MutaxY/f4/6kiToOwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHbUNL2FEHtoRxUF44Gj5nX9kJbsMB8GA1UdIwQY MBaAFCn2owC/fUC3+NYYHFuKfbxxt9EjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTct Yjg0YzQxM2RmYWE0LzEvZHRRMHZZVVFlMmhIRlFYamdhUG1kZjJRbHV3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTctYjg0YzQxM2RmYWE0 LzEvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUVWnMA0G CSqGSIb3DQEBCwUAA4IBAQAJv8/LHvGuRyaAbaFvM9q+xB5WlRA4PcnC8fhQu+0E CpxDXTXHUTA8OS1XQ/grt4A0eXy2B3k2elr4fNZZR7F5L6yLMiPX344zUJKTaVcZ LaTcN47McW9DhVcX+SX9SfzvYAgCHlio6gaVt6+7oXRDUXVdQCoKlmcg82lpgfPF zq4K/e21/pVZPwIV8+DrtfqtxB8AwklWaZJVrHpwECbb8HB1ZYTSgRp3S2NKA+Iu 0YzCYCalViGpK7mYxusW0qpL+OQtu11Jv0reDhRUNyPJpT3zuqDwnhxV5tIE97TV BlGtATYDlhGY4nriGzhc2KlmNa12Hlw39R55PRvgMEI1 -----END CERTIFICATE-----Generated at Sun Jan 25 18:06:30 2026 by rpki-client