This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/DQfM8H6WtevT9OTpqjzrSvRshz4.roa File: DQfM8H6WtevT9OTpqjzrSvRshz4.roa (raw, json) Hash identifier: XQFiObFKRxqaZwBbqwYCnX/4N71hlkX9gE2Ecl5B+eM= Subject key identifier: 0D:07:CC:F0:7E:96:B5:EB:D3:F4:E4:E9:AA:3C:EB:4A:F4:6C:87:3E Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb Certificate serial: 019B7E390098C81179355A71F42292F1DA4B Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/DQfM8H6WtevT9OTpqjzrSvRshz4.roa Signing time: Fri 02 Jan 2026 10:20:23 +0000 ROA not before: Fri 02 Jan 2026 10:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3356 IP address blocks: 91.205.116.0/22 maxlen: 24 109.234.0.0/21 maxlen: 24 185.148.224.0/22 maxlen: 24 193.242.174.0/23 maxlen: 24 2a07:6200:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.mft rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:00:98:c8:11:79:35:5a:71:f4:22:92:f1:da:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb Validity Not Before: Jan 2 10:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0d07ccf07e96b5ebd3f4e4e9aa3ceb4af46c873e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:0a:92:61:45:2c:ad:92:56:aa:86:50:e8:0b: 23:af:15:ce:c6:38:ca:cb:ef:98:46:77:05:2e:d3: ce:04:ab:73:d8:67:38:09:4f:16:07:f1:e1:51:5b: 68:11:b5:94:0b:eb:6e:06:06:06:79:e6:e4:49:30: 5b:4a:f1:d5:04:15:ed:5b:b3:6d:70:11:e5:de:c9: a0:0b:37:f7:d1:1c:53:ff:2b:5c:30:95:8f:80:d6: 6a:93:75:1c:59:65:f9:2c:f7:19:84:a4:ed:e9:08: b3:a1:a0:05:2d:34:49:26:f4:e2:d8:ce:28:a8:98: 1e:2a:a3:cb:8f:9c:a5:ce:d8:18:31:7f:13:ef:df: cc:de:b4:62:cd:60:b0:33:ed:ab:28:ee:aa:9f:d2: 47:a2:5e:16:4d:e2:0b:e3:8f:50:57:47:aa:f1:7f: ca:fc:fa:8e:9a:24:ba:05:2f:75:70:b8:77:5e:82: 2f:53:fd:24:42:6c:ac:ff:60:64:f8:bc:fd:84:86: 6e:0d:de:99:27:aa:26:57:ae:22:18:62:e0:da:e7: eb:83:1c:6f:e0:fb:57:2b:92:70:e5:27:c6:fd:27: 2c:1a:26:97:13:3f:34:fe:fd:6c:02:78:b7:1a:fe: fb:61:64:e9:b1:52:2d:f9:5d:b2:b9:a5:ad:0f:ee: ee:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:07:CC:F0:7E:96:B5:EB:D3:F4:E4:E9:AA:3C:EB:4A:F4:6C:87:3E X509v3 Authority Key Identifier: keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/DQfM8H6WtevT9OTpqjzrSvRshz4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.205.116.0/22 109.234.0.0/21 185.148.224.0/22 193.242.174.0/23 IPv6: 2a07:6200:1::/48 Signature Algorithm: sha256WithRSAEncryption 88:55:1b:f6:28:63:dc:03:8c:d8:4e:4b:9a:fa:a0:65:a1:e6: 20:a0:d8:64:e7:03:3a:c7:87:2e:79:eb:fc:65:33:d2:d1:25: 1b:68:65:a2:ea:9e:57:1e:7a:8c:e0:da:4f:98:3a:31:bd:62: 8d:46:77:75:26:59:fd:aa:da:09:7d:40:fe:25:c5:ae:38:23: 6d:24:15:ec:15:3a:f6:77:2f:5f:e3:11:81:b1:dd:d7:13:a3: 40:da:6c:3b:45:5d:3c:28:e3:43:96:57:32:40:76:f9:cf:00: 41:80:ff:f0:77:83:bb:15:46:71:47:fc:fe:8d:d8:d6:1f:f1: 47:3d:fd:e3:43:c1:c7:e1:37:59:75:a7:ac:6b:cb:0f:9a:b5: e4:3f:53:6d:10:0c:89:29:cc:c8:5d:22:79:10:4e:34:db:94: cf:44:5f:a6:7a:8a:b4:1d:a2:da:08:0b:e2:cf:39:70:3a:d7: 48:08:10:9c:cd:4b:a1:f7:7c:b4:a9:47:59:e8:1e:91:63:4a: 30:60:c7:a3:e7:4a:b5:5c:2e:d0:46:b8:7e:4e:b7:aa:1f:d1: ed:34:06:09:cb:1a:eb:5b:d7:6c:23:ae:17:0f:37:1c:41:d0: 85:f3:36:2d:f0:53:e5:28:42:5d:e4:44:c7:5b:62:21:59:a1: 06:55:01:94 -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZt+OQCYyBF5NVpx9CKS8dpLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0 NTBhZWIwHhcNMjYwMTAyMTAyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZDA3Y2NmMDdlOTZiNWViZDNmNGU0ZTlhYTNjZWI0YWY0NmM4NzNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2wqSYUUsrZJWqoZQ6AsjrxXOxjjK y++YRncFLtPOBKtz2Gc4CU8WB/HhUVtoEbWUC+tuBgYGeebkSTBbSvHVBBXtW7Nt cBHl3smgCzf30RxT/ytcMJWPgNZqk3UcWWX5LPcZhKTt6QizoaAFLTRJJvTi2M4o qJgeKqPLj5ylztgYMX8T79/M3rRizWCwM+2rKO6qn9JHol4WTeIL449QV0eq8X/K /PqOmiS6BS91cLh3XoIvU/0kQmys/2Bk+Lz9hIZuDd6ZJ6omV64iGGLg2ufrgxxv 4PtXK5Jw5SfG/ScsGiaXEz80/v1sAni3Gv77YWTpsVIt+V2yuaWtD+7ugwIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFA0HzPB+lrXr0/Tk6ao860r0bIc+MB8GA1UdIwQY MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt YTRkYjM5NmM4OTg3LzEvRFFmTThINld0ZXZUOU9UcHFqenJTdlJzaHo0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3 LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCW810AwQD beoAAwQCuZTgAwQBwfKuMA8EAgACMAkDBwAqB2IAAAEwDQYJKoZIhvcNAQELBQAD ggEBAIhVG/YoY9wDjNhOS5r6oGWh5iCg2GTnAzrHhy556/xlM9LRJRtoZaLqnlce eozg2k+YOjG9Yo1Gd3UmWf2q2gl9QP4lxa44I20kFewVOvZ3L1/jEYGx3dcTo0Da bDtFXTwo40OWVzJAdvnPAEGA//B3g7sVRnFH/P6N2NYf8Uc9/eNDwcfhN1l1p6xr yw+ateQ/U20QDIkpzMhdInkQTjTblM9EX6Z6irQdotoIC+LPOXA610gIEJzNS6H3 fLSpR1noHpFjSjBgx6PnSrVcLtBGuH5Ot6of0e00BgnLGutb12wjrhcPNxxB0IXz Ni3wU+UoQl3kRMdbYiFZoQZVAZQ= -----END CERTIFICATE-----Generated at Fri Jan 23 16:02:58 2026 by rpki-client