This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/dECFcKuPIDtaKYfkBtHP9FzNkPY.roa File: dECFcKuPIDtaKYfkBtHP9FzNkPY.roa (raw, json) Hash identifier: nfxA7gIFHYR0X3UKRvPVNyH71Z4WvtDgdmK9W79oICs= Subject key identifier: 74:40:85:70:AB:8F:20:3B:5A:29:87:E4:06:D1:CF:F4:5C:CD:90:F6 Certificate issuer: /CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3 Certificate serial: 019B7DCB27957E21FD002611A07B74BEC841 Authority key identifier: 00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/dECFcKuPIDtaKYfkBtHP9FzNkPY.roa Signing time: Fri 02 Jan 2026 08:20:24 +0000 ROA not before: Fri 02 Jan 2026 08:20:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215220 IP address blocks: 45.152.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/ADssOHEGkAKtCy9CsMv16S475LM.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/ADssOHEGkAKtCy9CsMv16S475LM.mft rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 15 Jan 2026 04:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:27:95:7e:21:fd:00:26:11:a0:7b:74:be:c8:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=003b2c3871069002ad0b2f42b0cbf5e92e3be4b3 Validity Not Before: Jan 2 08:20:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=74408570ab8f203b5a2987e406d1cff45ccd90f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:ec:da:56:96:20:8f:93:cf:c0:6b:57:7b:4d: 73:10:77:aa:25:16:66:14:ec:60:69:4c:47:3a:84: e8:8d:78:58:81:c1:cd:a3:17:84:65:49:7d:08:cb: c4:84:41:1e:48:74:16:fa:f8:4b:6f:42:5b:5d:97: c1:f5:c8:83:39:cb:98:d5:33:68:42:49:f5:30:9a: 23:0a:a2:44:5b:5a:80:5e:08:dc:62:af:a8:f0:df: a9:9a:99:53:78:eb:76:7e:e3:5f:29:c2:63:11:6b: 2b:6f:97:e5:fb:9e:bd:9f:7c:1c:77:c7:41:7f:91: 44:4f:42:ac:4b:8a:cf:e9:ac:ef:e8:1f:e2:79:24: a0:84:0f:cb:e6:8a:0c:17:a3:0e:5a:97:55:91:3a: 05:13:06:4f:ac:82:5e:3c:6e:ea:0d:13:ee:66:2e: 4d:63:3d:cc:86:5c:83:65:a6:8d:c5:05:ec:77:a4: 9c:24:3b:c6:58:64:e0:a6:b3:5b:bf:38:91:b4:72: d9:6d:f6:d1:84:09:bc:da:00:42:4c:00:99:1e:5c: df:d4:47:52:24:8e:3e:80:51:96:bb:0c:4a:44:53: 7f:1c:9d:10:89:42:62:d6:23:95:25:02:f5:da:12: 9d:ee:0e:0c:70:b2:c0:4e:86:0d:90:7e:86:55:29: f8:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:40:85:70:AB:8F:20:3B:5A:29:87:E4:06:D1:CF:F4:5C:CD:90:F6 X509v3 Authority Key Identifier: keyid:00:3B:2C:38:71:06:90:02:AD:0B:2F:42:B0:CB:F5:E9:2E:3B:E4:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ADssOHEGkAKtCy9CsMv16S475LM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/dECFcKuPIDtaKYfkBtHP9FzNkPY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d96688-2d98-4634-86db-b35a0a1453fb/1/ADssOHEGkAKtCy9CsMv16S475LM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.152.23.0/24 Signature Algorithm: sha256WithRSAEncryption 62:8e:dc:e3:19:1c:36:22:cc:06:cc:c5:15:d3:fb:b6:a0:92: d1:b7:49:d2:2d:c5:1f:fc:00:14:82:37:63:9a:63:bb:2e:b1: 73:0c:b8:f6:1d:fe:9a:17:1d:98:89:dc:67:24:78:2a:4d:cf: fa:22:b4:9d:09:9c:be:b3:5f:57:2f:d0:2e:a1:60:16:fa:d3: f0:07:9e:62:76:1f:9c:87:ce:0a:f5:59:e7:f1:e5:ff:7b:b9: e3:4b:5e:28:c9:cc:83:b8:4d:f5:e9:58:c1:10:f5:05:e5:c8: c4:e0:4b:08:82:a5:df:83:fd:25:d8:4d:f2:44:47:bc:3d:e7: b2:6e:84:73:d5:09:ff:b3:ce:b8:fa:2a:65:c9:09:d1:a7:3e: 6e:38:8b:cf:f0:87:84:9b:1f:7c:4e:db:99:3d:61:cd:7c:cc: 58:2b:82:9e:4f:30:59:68:9e:1a:e9:52:ba:f3:5f:c9:3f:c3: 27:82:0a:66:ff:d8:81:74:4d:68:59:87:42:5d:08:2f:24:aa: 47:c3:dd:68:1f:29:3c:76:d3:62:f6:94:be:f3:38:89:4e:6b: 3e:43:e6:c1:c4:20:3b:c0:34:88:31:07:87:e9:df:66:89:63: 72:34:71:e2:dc:09:a8:9b:6a:11:c2:84:66:5f:9b:8d:38:2c: 35:26:36:ae -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yyeVfiH9ACYRoHt0vshBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwM2IyYzM4NzEwNjkwMDJhZDBiMmY0MmIwY2JmNWU5MmUz YmU0YjMwHhcNMjYwMTAyMDgyMDI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NDQwODU3MGFiOGYyMDNiNWEyOTg3ZTQwNmQxY2ZmNDVjY2Q5MGY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArezaVpYgj5PPwGtXe01zEHeqJRZm FOxgaUxHOoTojXhYgcHNoxeEZUl9CMvEhEEeSHQW+vhLb0JbXZfB9ciDOcuY1TNo Qkn1MJojCqJEW1qAXgjcYq+o8N+pmplTeOt2fuNfKcJjEWsrb5fl+569n3wcd8dB f5FET0KsS4rP6azv6B/ieSSghA/L5ooMF6MOWpdVkToFEwZPrIJePG7qDRPuZi5N Yz3MhlyDZaaNxQXsd6ScJDvGWGTgprNbvziRtHLZbfbRhAm82gBCTACZHlzf1EdS JI4+gFGWuwxKRFN/HJ0QiUJi1iOVJQL12hKd7g4McLLAToYNkH6GVSn4gQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHRAhXCrjyA7WimH5AbRz/RczZD2MB8GA1UdIwQY MBaAFAA7LDhxBpACrQsvQrDL9ekuO+SzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQURzc09IRUdrQUt0Q3k5Q3NNdjE2UzQ3NUxNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kOTY2ODgtMmQ5OC00NjM0LTg2ZGIt YjM1YTBhMTQ1M2ZiLzEvZEVDRmNLdVBJRHRhS1lma0J0SFA5RnpOa1BZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy9kOTY2ODgtMmQ5OC00NjM0LTg2ZGItYjM1YTBhMTQ1M2Zi LzEvQURzc09IRUdrQUt0Q3k5Q3NNdjE2UzQ3NUxNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZgXMA0G CSqGSIb3DQEBCwUAA4IBAQBijtzjGRw2IswGzMUV0/u2oJLRt0nSLcUf/AAUgjdj mmO7LrFzDLj2Hf6aFx2YidxnJHgqTc/6IrSdCZy+s19XL9AuoWAW+tPwB55idh+c h84K9Vnn8eX/e7njS14oycyDuE316VjBEPUF5cjE4EsIgqXfg/0l2E3yREe8Peey boRz1Qn/s864+iplyQnRpz5uOIvP8IeEmx98TtuZPWHNfMxYK4KeTzBZaJ4a6VK6 81/JP8Mnggpm/9iBdE1oWYdCXQgvJKpHw91oHyk8dtNi9pS+8ziJTms+Q+bBxCA7 wDSIMQeH6d9miWNyNHHi3Amom2oRwoRmX5uNOCw1Jjau -----END CERTIFICATE-----Generated at Wed Jan 14 12:58:31 2026 by rpki-client