This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/DfzOkC0iJ7Qwf9F4vLGZxn-I0RY.roa File: DfzOkC0iJ7Qwf9F4vLGZxn-I0RY.roa (raw, json) Hash identifier: m/N6mjMCk7nSF0Y4fLJbCwhmN916abHZ0dz7Xt3/9gg= Subject key identifier: 0D:FC:CE:90:2D:22:27:B4:30:7F:D1:78:BC:B1:99:C6:7F:88:D1:16 Certificate issuer: /CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176 Certificate serial: 019B797F41319078AB498150064DCB306AE6 Authority key identifier: 75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/DfzOkC0iJ7Qwf9F4vLGZxn-I0RY.roa Signing time: Thu 01 Jan 2026 12:19:01 +0000 ROA not before: Thu 01 Jan 2026 12:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 91.240.18.0/24 maxlen: 24 91.240.19.0/24 maxlen: 24 193.151.94.0/24 maxlen: 24 195.8.103.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/ddzHdrK_WVv0s-YLukJF8BIKIXY.crl rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/ddzHdrK_WVv0s-YLukJF8BIKIXY.mft rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:41:31:90:78:ab:49:81:50:06:4d:cb:30:6a:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176 Validity Not Before: Jan 1 12:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0dfcce902d2227b4307fd178bcb199c67f88d116 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:de:aa:64:36:94:72:99:df:2c:8b:73:93:fb: 9c:5d:ac:09:27:e8:a7:10:dd:dd:39:8e:b1:dd:52: c6:95:f3:9d:7f:5e:a1:0d:5d:c1:0a:d7:a7:81:3d: 3e:e0:61:e1:76:8c:ca:f7:9a:ae:7c:26:95:4b:00: 6e:fa:5a:1c:40:87:2c:64:bd:0d:0f:f7:f4:90:f1: bb:14:eb:5c:42:57:6b:d5:a1:fb:d7:2a:aa:eb:08: 8a:f3:70:dd:58:ce:96:c1:66:92:ee:b6:71:34:6f: fd:2d:79:8e:d8:f8:cb:dd:88:06:96:33:24:63:2e: ca:9f:9f:9f:84:e2:78:3d:0f:23:54:99:9b:55:fe: 16:f2:6c:9c:f8:d8:5d:17:05:81:8e:1c:47:b9:ea: a4:3d:43:55:52:72:86:29:09:2f:e5:4a:f8:13:82: 06:52:71:1f:49:92:ec:34:3c:4a:7c:b4:48:76:50: 27:da:82:7f:40:77:63:d0:16:53:f9:59:6d:d8:a4: 05:28:03:7b:07:f3:f6:7f:90:b8:3e:a1:52:6c:49: 7d:8a:8e:e2:af:7d:98:ca:47:d8:ff:dd:e1:38:07: 41:84:04:bd:8b:51:10:78:3f:e2:07:aa:64:2e:7a: 0a:89:df:ae:fc:f5:95:5e:46:e6:d2:af:c8:7a:ec: 1e:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:FC:CE:90:2D:22:27:B4:30:7F:D1:78:BC:B1:99:C6:7F:88:D1:16 X509v3 Authority Key Identifier: keyid:75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/DfzOkC0iJ7Qwf9F4vLGZxn-I0RY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/ddzHdrK_WVv0s-YLukJF8BIKIXY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.240.18.0/23 193.151.94.0/24 195.8.103.0/24 Signature Algorithm: sha256WithRSAEncryption 7b:0f:5c:3c:e2:c3:91:8c:39:c5:29:46:a9:d6:a7:2d:54:15: 17:4c:fe:aa:f0:24:2b:bf:18:5b:b4:a2:fe:37:21:12:6b:60: a8:a0:cb:04:e5:60:f8:53:6d:7a:97:2d:b9:41:18:81:ca:e9: 41:fb:9f:95:1d:38:04:94:1d:bd:fc:41:22:33:04:ed:bd:ff: 54:e2:dd:9c:21:00:f5:9d:26:cc:b1:44:84:ac:d6:6b:9d:c8: 78:b4:ae:31:a5:5e:71:8b:03:e3:e6:9a:44:15:18:44:58:88: 23:c6:07:7d:cc:d3:f8:99:c5:c2:2c:a1:79:41:64:db:69:f6: 97:8e:13:c6:8d:54:58:9e:b6:f0:e6:20:9a:a9:a8:44:77:2d: c0:4d:17:20:2a:97:67:2b:f9:3c:09:0a:62:4b:c2:cc:60:f8: 21:04:8f:e7:f4:c6:4b:f6:c5:98:93:80:5f:9e:44:fc:5a:9a: 73:00:0d:e7:7a:57:dd:88:71:d5:70:7a:b3:a5:8e:da:1b:af: 83:21:ca:d5:d9:9a:23:1f:f4:b6:9b:cc:68:7d:a6:19:60:6f: fd:77:8d:7f:9c:65:12:f1:a8:bb:0b:fa:4c:31:1f:48:89:ef: 1f:d1:d9:bb:c7:6e:b7:f2:a5:11:1f:fc:45:15:27:29:5a:ca: fe:b1:aa:ae -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5f0ExkHirSYFQBk3LMGrmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1ZGNjNzc2YjJiZjU5NWJmNGIzZTYwYmJhNDI0NWYwMTIw YTIxNzYwHhcNMjYwMTAxMTIxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZGZjY2U5MDJkMjIyN2I0MzA3ZmQxNzhiY2IxOTljNjdmODhkMTE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArd6qZDaUcpnfLItzk/ucXawJJ+in EN3dOY6x3VLGlfOdf16hDV3BCtengT0+4GHhdozK95qufCaVSwBu+locQIcsZL0N D/f0kPG7FOtcQldr1aH71yqq6wiK83DdWM6WwWaS7rZxNG/9LXmO2PjL3YgGljMk Yy7Kn5+fhOJ4PQ8jVJmbVf4W8myc+NhdFwWBjhxHueqkPUNVUnKGKQkv5Ur4E4IG UnEfSZLsNDxKfLRIdlAn2oJ/QHdj0BZT+Vlt2KQFKAN7B/P2f5C4PqFSbEl9io7i r32YykfY/93hOAdBhAS9i1EQeD/iB6pkLnoKid+u/PWVXkbm0q/IeuwejQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFA38zpAtIie0MH/ReLyxmcZ/iNEWMB8GA1UdIwQY MBaAFHXcx3ayv1lb9LPmC7pCRfASCiF2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZGR6SGRyS19XVnYwcy1ZTHVrSkY4QklLSVhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81ODFjNWQtYmM5Yi00MGE2LWE1YTQt NjQ1NDAyMDVlY2Y0LzEvRGZ6T2tDMGlKN1F3ZjlGNHZMR1p4bi1JMFJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS81ODFjNWQtYmM5Yi00MGE2LWE1YTQtNjQ1NDAyMDVlY2Y0 LzEvZGR6SGRyS19XVnYwcy1ZTHVrSkY4QklLSVhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW/ASAwQA wZdeAwQAwwhnMA0GCSqGSIb3DQEBCwUAA4IBAQB7D1w84sORjDnFKUap1qctVBUX TP6q8CQrvxhbtKL+NyESa2CooMsE5WD4U216ly25QRiByulB+5+VHTgElB29/EEi MwTtvf9U4t2cIQD1nSbMsUSErNZrnch4tK4xpV5xiwPj5ppEFRhEWIgjxgd9zNP4 mcXCLKF5QWTbafaXjhPGjVRYnrbw5iCaqahEdy3ATRcgKpdnK/k8CQpiS8LMYPgh BI/n9MZL9sWYk4BfnkT8WppzAA3nelfdiHHVcHqzpY7aG6+DIcrV2ZojH/S2m8xo faYZYG/9d41/nGUS8ai7C/pMMR9Iie8f0dm7x2638qURH/xFFScpWsr+saqu -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:12 2026 by rpki-client