This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/dsXROTd2qvJarDLFNerpFXp5tvM.roa File: dsXROTd2qvJarDLFNerpFXp5tvM.roa (raw, json) Hash identifier: g4jlzZr8kyp6l2Rwmj8PdLtnag5RCNjP07Ftz4rMi7Q= Subject key identifier: 76:C5:D1:39:37:76:AA:F2:5A:AC:32:C5:35:EA:E9:15:7A:79:B6:F3 Certificate issuer: /CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06 Certificate serial: 019B797E486EE3A7ED881BA4D9C42D88C8C3 Authority key identifier: D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/dsXROTd2qvJarDLFNerpFXp5tvM.roa Signing time: Thu 01 Jan 2026 12:17:57 +0000 ROA not before: Thu 01 Jan 2026 12:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15951 IP address blocks: 185.94.176.0/24 maxlen: 24 185.94.177.0/24 maxlen: 24 185.94.178.0/24 maxlen: 24 193.41.164.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.mft rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:48:6e:e3:a7:ed:88:1b:a4:d9:c4:2d:88:c8:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d002fbe9f0a413603edefb733a531f2e2c0e9c06 Validity Not Before: Jan 1 12:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=76c5d1393776aaf25aac32c535eae9157a79b6f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:63:f4:e3:00:8e:cd:9c:17:07:47:6c:e4:7f: 55:2c:a7:42:d9:fc:c4:6a:10:cd:3d:79:57:bb:ff: 22:a2:50:c3:64:ea:96:28:20:6f:18:08:4a:24:cd: bf:ec:fc:12:e9:a6:08:4c:2c:da:26:4d:49:49:06: 38:00:be:cd:8a:c0:73:ca:8c:fa:8d:df:37:8b:90: 7d:83:0a:d5:04:81:93:40:87:5e:48:b3:c2:cf:25: 3c:57:82:27:58:24:fa:15:fa:34:b5:cb:c8:d6:7f: e0:e7:9c:d5:b2:1f:cd:d8:d2:2c:08:a6:4c:99:5b: a8:89:ba:72:70:27:44:4a:f5:92:ac:33:53:1c:bb: 7c:a7:0b:84:fd:57:7b:28:ef:00:26:90:92:03:0c: 7d:90:7e:0f:1e:d9:1a:16:57:40:74:5c:e4:b3:53: 96:41:34:4e:55:b2:9d:4a:53:36:70:ab:16:a0:6c: 3c:32:b9:89:c9:11:05:0a:bb:dc:63:f0:51:6c:5d: fa:0d:d2:83:65:25:89:c4:68:0e:32:ef:48:d7:01: e0:e6:2d:c7:bd:89:fb:94:e2:9b:9f:fe:34:7a:94: c2:4e:0c:77:cc:ec:84:c0:54:a7:33:b2:b1:85:ed: a8:f8:c5:d8:71:37:62:9a:85:65:30:f7:bf:a8:a5: 07:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:C5:D1:39:37:76:AA:F2:5A:AC:32:C5:35:EA:E9:15:7A:79:B6:F3 X509v3 Authority Key Identifier: keyid:D0:02:FB:E9:F0:A4:13:60:3E:DE:FB:73:3A:53:1F:2E:2C:0E:9C:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AL76fCkE2A-3vtzOlMfLiwOnAY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/dsXROTd2qvJarDLFNerpFXp5tvM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/9bafb1-0c42-425b-aa29-19c045c6a14f/1/0AL76fCkE2A-3vtzOlMfLiwOnAY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.94.176.0-185.94.178.255 193.41.164.0/23 Signature Algorithm: sha256WithRSAEncryption 32:0c:a2:6a:13:03:d2:79:04:70:bf:bd:a1:37:f1:5f:8f:5d: 81:07:a3:af:70:af:2f:64:c0:39:29:d9:75:90:57:44:e4:7c: e7:12:02:f8:4d:2a:6d:e7:87:b8:81:e9:f1:c9:7d:4e:39:fa: 8c:55:8d:e2:b4:98:60:c5:4d:c1:5c:c9:c3:02:dd:fd:ed:e6: 6a:b5:24:56:a2:72:a6:52:d3:3a:47:21:ea:b8:ba:0e:22:30: 34:df:fd:1f:28:b4:aa:49:92:50:8b:94:7d:55:d6:dc:35:97: 2a:5b:00:f2:fa:74:5c:67:8d:a8:b3:b1:c9:19:e1:4a:ca:03: 07:32:66:77:22:53:e0:77:26:e4:6e:6d:8c:b6:5d:31:2b:6f: 21:4f:29:16:15:46:89:5c:97:f8:b3:f6:45:6b:66:0a:c8:bf: bb:7d:f7:25:03:01:e1:8d:53:78:f2:30:9d:34:34:3c:a5:9d: 68:ac:90:19:b8:37:f7:10:d4:60:7f:83:c3:01:99:c4:78:39: e5:b0:6f:7e:d5:21:d7:ba:44:71:c2:d5:5f:d5:ac:e1:1a:72: ac:b1:bb:b8:a7:d6:07:d1:76:62:a4:12:59:26:13:6c:df:81: b5:b9:69:be:2b:33:39:bb:1b:58:2f:1e:34:57:c7:9c:bd:83: 38:f6:da:76 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt5fkhu46ftiBuk2cQtiMjDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwMDJmYmU5ZjBhNDEzNjAzZWRlZmI3MzNhNTMxZjJlMmMw ZTljMDYwHhcNMjYwMTAxMTIxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NmM1ZDEzOTM3NzZhYWYyNWFhYzMyYzUzNWVhZTkxNTdhNzliNmYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmP04wCOzZwXB0ds5H9VLKdC2fzE ahDNPXlXu/8iolDDZOqWKCBvGAhKJM2/7PwS6aYITCzaJk1JSQY4AL7NisBzyoz6 jd83i5B9gwrVBIGTQIdeSLPCzyU8V4InWCT6Ffo0tcvI1n/g55zVsh/N2NIsCKZM mVuoibpycCdESvWSrDNTHLt8pwuE/Vd7KO8AJpCSAwx9kH4PHtkaFldAdFzks1OW QTROVbKdSlM2cKsWoGw8MrmJyREFCrvcY/BRbF36DdKDZSWJxGgOMu9I1wHg5i3H vYn7lOKbn/40epTCTgx3zOyEwFSnM7Kxhe2o+MXYcTdimoVlMPe/qKUH8QIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFHbF0Tk3dqryWqwyxTXq6RV6ebbzMB8GA1UdIwQY MBaAFNAC++nwpBNgPt77czpTHy4sDpwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjkt MTljMDQ1YzZhMTRmLzEvZHNYUk9UZDJxdkphckRMRk5lcnBGWHA1dHZNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS85YmFmYjEtMGM0Mi00MjViLWFhMjktMTljMDQ1YzZhMTRm LzEvMEFMNzZmQ2tFMkEtM3Z0ek9sTWZMaXdPbkFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAS5XrAD BAC5XrIDBAHBKaQwDQYJKoZIhvcNAQELBQADggEBADIMomoTA9J5BHC/vaE38V+P XYEHo69wry9kwDkp2XWQV0TkfOcSAvhNKm3nh7iB6fHJfU45+oxVjeK0mGDFTcFc ycMC3f3t5mq1JFaicqZS0zpHIeq4ug4iMDTf/R8otKpJklCLlH1V1tw1lypbAPL6 dFxnjaizsckZ4UrKAwcyZnciU+B3JuRubYy2XTErbyFPKRYVRolcl/iz9kVrZgrI v7t99yUDAeGNU3jyMJ00NDylnWiskBm4N/cQ1GB/g8MBmcR4OeWwb37VIde6RHHC 1V/VrOEacqyxu7in1gfRdmKkElkmE2zfgbW5ab4rMzm7G1gvHjRXx5y9gzj22nY= -----END CERTIFICATE-----Generated at Tue Feb 10 03:10:19 2026 by rpki-client