This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/1dfOhFGT4Rz19mHWVabW0kWxTss.roa File: 1dfOhFGT4Rz19mHWVabW0kWxTss.roa (raw, json) Hash identifier: Rjg1gNguWYpEwGKvfk1H+hd0eMsqKT2A4N+C2/8Q+uQ= Subject key identifier: D5:D7:CE:84:51:93:E1:1C:F5:F6:61:D6:55:A6:D6:D2:45:B1:4E:CB Certificate issuer: /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc Certificate serial: 019B7B35CAB1C290CB59980A44C02FF12A56 Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/1dfOhFGT4Rz19mHWVabW0kWxTss.roa Signing time: Thu 01 Jan 2026 20:18:01 +0000 ROA not before: Thu 01 Jan 2026 20:18:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 134450 IP address blocks: 45.82.48.0/22 maxlen: 22 45.82.48.0/23 maxlen: 23 45.82.48.0/24 maxlen: 24 45.82.49.0/24 maxlen: 24 45.82.50.0/24 maxlen: 24 45.82.51.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.mft rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 23:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:ca:b1:c2:90:cb:59:98:0a:44:c0:2f:f1:2a:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc Validity Not Before: Jan 1 20:18:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d5d7ce845193e11cf5f661d655a6d6d245b14ecb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ee:ce:c8:f6:db:07:75:7a:73:52:0a:69:33: 88:37:f8:28:04:f9:01:43:a0:c6:aa:d1:79:71:b8: d2:52:69:5c:d7:fa:97:3d:cb:61:07:95:43:73:b0: 56:c8:51:16:68:58:5a:7f:a8:39:cc:ff:dd:64:1c: 3b:d0:29:20:14:28:18:54:ba:3f:8c:44:a2:12:d2: f2:b1:49:4b:b4:ff:73:3d:1b:45:08:b4:5f:52:ed: 33:46:c3:0e:f2:b7:a5:c6:57:29:b8:c2:41:de:78: 94:d9:62:c6:f4:10:9a:43:a9:1e:b4:e6:46:70:4e: 50:77:01:c0:f8:cf:c7:0f:bb:9f:75:90:d4:af:ee: 56:eb:ad:5b:cc:e9:82:c0:e5:76:f0:4d:db:d2:69: 09:80:bf:16:68:2b:df:6f:1e:ee:4e:21:10:dc:a5: be:14:48:f0:19:4c:9c:52:83:83:c5:52:55:b5:69: 0e:35:ac:91:5d:c8:75:61:c3:9a:3e:18:97:78:ba: 36:47:51:04:c8:bf:5f:71:55:3f:6c:fa:75:a7:5b: 71:9d:76:42:a6:32:44:03:6a:75:8f:c9:af:6e:c0: 4d:07:b7:8a:35:d1:bd:7d:78:8b:11:98:1e:4a:b2: e8:14:5d:16:cb:d5:00:09:d8:a9:12:d3:ea:ef:89: ba:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:D7:CE:84:51:93:E1:1C:F5:F6:61:D6:55:A6:D6:D2:45:B1:4E:CB X509v3 Authority Key Identifier: keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/1dfOhFGT4Rz19mHWVabW0kWxTss.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.82.48.0/22 Signature Algorithm: sha256WithRSAEncryption 4c:80:9a:92:b1:b6:4e:26:c1:77:3f:51:d9:e6:b6:a4:91:04: 00:89:32:47:52:30:0d:3b:06:d1:84:f4:8d:ce:81:c1:19:69: cd:48:b1:fe:61:13:15:fe:13:d9:4a:c2:7f:c8:00:6b:28:b1: e6:08:97:c3:af:25:4a:c1:c4:57:42:cc:e7:7f:10:9b:7c:93: 80:c5:46:fa:47:24:cf:0b:90:f0:8d:49:e2:6d:8b:19:cd:97: 60:be:36:45:04:7e:06:5b:07:5f:92:15:7b:7f:71:4b:30:c0: a5:bc:b7:90:ee:79:99:75:1e:31:a4:67:4a:0a:8a:2d:74:dd: b5:76:5b:60:29:e8:c7:50:e1:9f:f3:8b:68:ee:52:64:2f:07: db:c9:17:f4:0a:66:f5:36:fe:40:9f:f4:fb:d8:c0:06:7d:84: dc:43:5c:2b:2b:ee:d7:e9:50:d7:e5:59:c6:64:5d:46:da:a6: e4:74:61:de:ca:9d:4d:45:22:18:64:4b:6e:eb:a2:fa:3c:4d: fe:1a:f6:90:3f:a6:6b:1d:87:b5:7a:5d:46:b7:6a:1e:99:c7: 1b:b2:10:33:05:7b:5d:34:4d:f7:0b:a6:c5:a1:b6:e9:6a:25: 8a:33:aa:e9:65:d2:17:50:ba:80:c2:30:25:fe:94:b6:af:1d: 2f:67:d2:0a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7NcqxwpDLWZgKRMAv8SpWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx OGM5YmMwHhcNMjYwMTAxMjAxODAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNWQ3Y2U4NDUxOTNlMTFjZjVmNjYxZDY1NWE2ZDZkMjQ1YjE0ZWNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO7OyPbbB3V6c1IKaTOIN/goBPkB Q6DGqtF5cbjSUmlc1/qXPcthB5VDc7BWyFEWaFhaf6g5zP/dZBw70CkgFCgYVLo/ jESiEtLysUlLtP9zPRtFCLRfUu0zRsMO8relxlcpuMJB3niU2WLG9BCaQ6ketOZG cE5QdwHA+M/HD7ufdZDUr+5W661bzOmCwOV28E3b0mkJgL8WaCvfbx7uTiEQ3KW+ FEjwGUycUoODxVJVtWkONayRXch1YcOaPhiXeLo2R1EEyL9fcVU/bPp1p1txnXZC pjJEA2p1j8mvbsBNB7eKNdG9fXiLEZgeSrLoFF0Wy9UACdipEtPq74m6OQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNXXzoRRk+Ec9fZh1lWm1tJFsU7LMB8GA1UdIwQY MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt YmQzYmZjOTliZGE5LzEvMWRmT2hGR1Q0UnoxOW1IV1ZhYlcwa1d4VHNzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5 LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVIwMA0G CSqGSIb3DQEBCwUAA4IBAQBMgJqSsbZOJsF3P1HZ5rakkQQAiTJHUjANOwbRhPSN zoHBGWnNSLH+YRMV/hPZSsJ/yABrKLHmCJfDryVKwcRXQsznfxCbfJOAxUb6RyTP C5DwjUnibYsZzZdgvjZFBH4GWwdfkhV7f3FLMMClvLeQ7nmZdR4xpGdKCootdN21 dltgKejHUOGf84to7lJkLwfbyRf0Cmb1Nv5An/T72MAGfYTcQ1wrK+7X6VDX5VnG ZF1G2qbkdGHeyp1NRSIYZEtu66L6PE3+GvaQP6ZrHYe1el1Gt2oemccbshAzBXtd NE33C6bFobbpaiWKM6rpZdIXULqAwjAl/pS2rx0vZ9IK -----END CERTIFICATE-----Generated at Wed Jan 21 04:08:55 2026 by rpki-client