This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/vVXnYinPG4h5TcTea17Iv2i5FYs.roa File: vVXnYinPG4h5TcTea17Iv2i5FYs.roa (raw, json) Hash identifier: vQ3FQGy71ne2HeyP0gu2+P/Q4WprPJAgNPNHKJfJ9Dk= Subject key identifier: BD:55:E7:62:29:CF:1B:88:79:4D:C4:DE:6B:5E:C8:BF:68:B9:15:8B Certificate issuer: /CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9 Certificate serial: 019B78A263B4F7D5949FF6719ACF97512777 Authority key identifier: D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/vVXnYinPG4h5TcTea17Iv2i5FYs.roa Signing time: Thu 01 Jan 2026 08:17:46 +0000 ROA not before: Thu 01 Jan 2026 08:17:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30766 IP address blocks: 91.132.220.0/22 maxlen: 22 185.101.172.0/22 maxlen: 22 192.109.71.0/24 maxlen: 24 192.109.74.0/24 maxlen: 24 192.109.77.0/24 maxlen: 24 192.109.79.0/24 maxlen: 24 213.232.100.0/22 maxlen: 22 217.113.176.0/20 maxlen: 20 2a05:e2c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:63:b4:f7:d5:94:9f:f6:71:9a:cf:97:51:27:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9 Validity Not Before: Jan 1 08:17:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bd55e76229cf1b88794dc4de6b5ec8bf68b9158b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:69:2c:fe:50:f5:af:4d:87:73:de:8d:f0:0c: bf:ea:ab:70:4f:c2:a0:96:12:c6:7f:81:78:df:d5: a8:6b:e6:69:28:f8:4d:d2:3d:71:4f:e4:6b:02:8f: da:cc:66:9c:9c:e4:94:eb:80:b1:59:7b:a8:13:92: eb:1a:bb:f9:14:89:fd:8e:2b:b5:03:51:81:fc:fb: a7:ad:64:4b:1b:b3:b1:4e:89:3f:8c:da:c4:9a:12: c5:5f:8e:38:1f:e8:71:4e:7f:97:56:1c:11:f3:4a: b3:72:cc:0b:4c:c0:a6:09:2a:b2:d0:64:74:65:e0: b2:a2:e2:22:6b:68:62:8a:7a:51:10:2a:cb:b5:dc: e8:bd:aa:98:36:2c:88:45:af:f7:89:3b:19:72:8b: 5e:7b:ff:6a:b3:d3:18:b1:62:86:e4:13:8e:42:ed: 28:88:f9:6f:51:f7:56:15:7d:5c:03:25:88:5f:65: 80:29:95:6b:30:b9:cf:7d:a7:e7:66:c2:3b:90:75: fc:e2:7d:5e:be:0d:41:1a:43:1e:e9:61:e7:e2:c2: 0b:12:45:be:9e:c5:9c:f5:da:f4:da:12:5e:79:8b: f6:8d:4f:fd:43:6b:e3:70:c2:ab:85:69:0e:e7:5e: 76:7a:64:3f:de:66:f7:15:03:16:b5:c3:fe:e6:22: 3c:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:55:E7:62:29:CF:1B:88:79:4D:C4:DE:6B:5E:C8:BF:68:B9:15:8B X509v3 Authority Key Identifier: keyid:D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/vVXnYinPG4h5TcTea17Iv2i5FYs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.132.220.0/22 185.101.172.0/22 192.109.71.0/24 192.109.74.0/24 192.109.77.0/24 192.109.79.0/24 213.232.100.0/22 217.113.176.0/20 IPv6: 2a05:e2c0::/29 Signature Algorithm: sha256WithRSAEncryption 35:fe:e2:e2:69:10:f4:c6:27:75:0a:aa:5c:8d:c4:59:9c:59: 41:0c:67:b8:58:95:bf:18:63:95:36:08:91:a0:a2:59:6d:96: e7:26:84:89:16:04:8b:fe:f3:17:f2:13:cb:ba:5d:ec:9d:48: 6d:29:77:f7:0f:a6:7c:9a:34:7e:24:cb:1c:7e:4d:c1:76:af: 9b:c6:25:7a:79:52:2d:c3:82:da:1d:13:b1:e5:8f:ff:20:1c: 92:6e:94:7d:5e:fd:f8:59:cd:17:4b:3f:2f:de:7a:fe:9e:8b: a3:c6:7e:3f:61:2d:0b:0c:14:50:0e:95:f2:99:b9:01:c7:4f: f5:41:e0:53:a8:3a:d7:98:eb:42:fa:84:74:12:9c:7b:17:08: 70:d5:c8:fc:8c:3d:66:bb:7d:23:49:1a:67:ee:be:6c:9c:e8: d1:60:56:61:78:ea:2c:6b:bb:13:2b:63:93:2a:cb:72:21:1a: 4c:0c:aa:c7:2f:c7:d5:00:83:a5:82:ee:d5:e8:2d:87:ce:1c: e8:63:81:74:4b:af:9f:7f:d5:7e:7d:19:a0:13:98:95:26:71: 2f:4f:e7:2d:b9:b5:60:cf:0a:f9:63:77:fa:22:85:08:44:8a: 50:8b:79:69:1f:dc:99:49:95:92:c9:8b:0d:52:6b:78:1c:df: 1d:1a:6e:92 -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZt4omO099WUn/Zxms+XUSd3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MTE0YTkyMjA2ZjBhMTlmNzMzOWRhMGI4OTY2OWM0YTVm ZTUyYjkwHhcNMjYwMTAxMDgxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZDU1ZTc2MjI5Y2YxYjg4Nzk0ZGM0ZGU2YjVlYzhiZjY4YjkxNThiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGks/lD1r02Hc96N8Ay/6qtwT8Kg lhLGf4F439Woa+ZpKPhN0j1xT+RrAo/azGacnOSU64CxWXuoE5LrGrv5FIn9jiu1 A1GB/PunrWRLG7OxTok/jNrEmhLFX444H+hxTn+XVhwR80qzcswLTMCmCSqy0GR0 ZeCyouIia2hiinpRECrLtdzovaqYNiyIRa/3iTsZcotee/9qs9MYsWKG5BOOQu0o iPlvUfdWFX1cAyWIX2WAKZVrMLnPfafnZsI7kHX84n1evg1BGkMe6WHn4sILEkW+ nsWc9dr02hJeeYv2jU/9Q2vjcMKrhWkO5152emQ/3mb3FQMWtcP+5iI8MwIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFL1V52IpzxuIeU3E3mteyL9ouRWLMB8GA1UdIwQY MBaAFNgRSpIgbwoZ9zOdoLiWacSl/lK5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTkt NTIwOGQ5ODU0MzY0LzEvdlZYbllpblBHNGg1VGNUZWExN0l2Mmk1RllzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTktNTIwOGQ5ODU0MzY0 LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCW4TcAwQC uWWsAwQAwG1HAwQAwG1KAwQAwG1NAwQAwG1PAwQC1ehkAwQE2XGwMA0EAgACMAcD BQMqBeLAMA0GCSqGSIb3DQEBCwUAA4IBAQA1/uLiaRD0xid1CqpcjcRZnFlBDGe4 WJW/GGOVNgiRoKJZbZbnJoSJFgSL/vMX8hPLul3snUhtKXf3D6Z8mjR+JMscfk3B dq+bxiV6eVItw4LaHROx5Y//IBySbpR9Xv34Wc0XSz8v3nr+noujxn4/YS0LDBRQ DpXymbkBx0/1QeBTqDrXmOtC+oR0Epx7Fwhw1cj8jD1mu30jSRpn7r5snOjRYFZh eOosa7sTK2OTKstyIRpMDKrHL8fVAIOlgu7V6C2HzhzoY4F0S6+ff9V+fRmgE5iV JnEvT+ctubVgzwr5Y3f6IoUIRIpQi3lpH9yZSZWSyYsNUmt4HN8dGm6S -----END CERTIFICATE-----Generated at Tue Jan 27 08:31:06 2026 by rpki-client