This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/dkTEhcSUjmDmfcgVaKjPvVY65ho.roa File: dkTEhcSUjmDmfcgVaKjPvVY65ho.roa (raw, json) Hash identifier: CEmoGVLgn+ZeP+7mTHI7wWOP1MgXpbR4Ij+5W74s23I= Subject key identifier: 76:44:C4:85:C4:94:8E:60:E6:7D:C8:15:68:A8:CF:BD:56:3A:E6:1A Certificate issuer: /CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2 Certificate serial: 019B7DCB69125229F1794FF230767A5ECE63 Authority key identifier: F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/dkTEhcSUjmDmfcgVaKjPvVY65ho.roa Signing time: Fri 02 Jan 2026 08:20:41 +0000 ROA not before: Fri 02 Jan 2026 08:20:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 63956 IP address blocks: 94.250.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.mft rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 14:01:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:69:12:52:29:f1:79:4f:f2:30:76:7a:5e:ce:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2 Validity Not Before: Jan 2 08:20:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7644c485c4948e60e67dc81568a8cfbd563ae61a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:0b:9b:03:58:35:ae:b1:d5:ca:48:bd:1d:37: 6e:f9:66:e6:13:a4:16:88:32:bd:96:be:bb:65:ce: 71:86:3d:4e:eb:f8:8e:e5:d3:54:46:79:d2:dc:5c: 8b:2a:e9:41:c7:0c:aa:ee:3b:13:f9:94:2f:3a:68: e3:f3:a9:5c:23:77:e4:7b:5b:51:bc:34:ae:be:82: 77:4a:e9:05:35:2c:19:65:23:45:ea:ea:d1:44:7a: 1a:94:fd:6d:9f:b3:bd:6a:42:c1:16:76:c9:5f:8b: c7:fa:b1:78:91:9e:d8:9d:e1:07:71:b1:16:54:8f: 71:68:a6:2b:f5:24:be:59:eb:b4:ef:d3:5a:db:81: 01:86:10:ff:5d:ae:0b:a8:cf:5f:d8:5b:cd:59:57: 20:85:3a:e5:11:78:00:fa:2b:6e:0b:a1:ec:fa:ec: 46:fd:d9:80:ea:79:b9:e5:a0:1e:b8:fa:11:25:d0: 1e:3b:56:35:9a:4e:cb:cf:f6:5d:7c:a0:2b:a7:17: fe:f2:22:46:73:8c:6b:10:60:3c:45:b8:3e:1a:db: 1f:69:1a:26:fe:ef:81:87:1e:63:f3:99:f3:80:24: bb:7c:77:31:57:9a:58:c0:b4:23:39:05:6a:d0:2b: 90:4f:2a:25:04:a2:08:e8:7d:b0:1c:b7:a0:0c:54: ec:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:44:C4:85:C4:94:8E:60:E6:7D:C8:15:68:A8:CF:BD:56:3A:E6:1A X509v3 Authority Key Identifier: keyid:F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/dkTEhcSUjmDmfcgVaKjPvVY65ho.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.250.207.0/24 Signature Algorithm: sha256WithRSAEncryption 0d:b8:35:69:28:1b:0b:c6:4c:cb:7b:e3:23:f5:46:c4:a0:9a: 1c:ab:20:05:33:f0:69:43:39:4d:03:89:52:1d:43:86:95:f4: 1e:57:bc:d0:45:cd:7c:78:e6:13:c6:0f:66:7d:f6:b5:2e:0c: c6:78:06:57:54:63:0d:be:94:90:70:05:c4:a8:df:28:bc:9f: 97:a2:b5:77:79:59:be:7b:cd:da:09:38:99:b4:dd:b3:4e:79: 91:88:8e:67:ff:51:ec:35:f5:3a:f3:1b:04:07:48:53:b1:8d: 77:c2:4e:ff:9b:c4:11:c4:54:dc:59:6e:08:60:56:f0:4a:63: 3a:0e:61:f3:b0:bd:76:55:9f:c2:e1:f3:cc:7b:11:9e:5f:05: c2:d6:03:9a:1f:96:12:43:61:42:7c:39:bc:f4:55:d0:90:ab: 84:f9:5b:46:d6:44:a1:be:cc:4f:e3:19:26:e9:5b:d1:f6:2b: d4:ce:4b:60:5d:b7:f6:0f:18:52:fe:92:e0:bf:a8:2a:d9:5d: 06:10:d9:cf:78:74:b3:9b:eb:80:5b:9a:cc:bd:ca:59:b3:8b: a7:af:0d:4b:33:dd:04:6b:f5:ea:a2:97:7c:99:ef:89:ac:1f: b3:18:56:8d:bd:d3:ac:7a:0a:5a:dd:d7:2f:23:ba:e4:50:37: a0:3e:f5:4d -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt9y2kSUinxeU/yMHZ6Xs5jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4ODU3ZWNmNDQxZTVlYTFkNzE4MWZlYzdlOTdlNmRiYzEy MjBmYzIwHhcNMjYwMTAyMDgyMDQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NjQ0YzQ4NWM0OTQ4ZTYwZTY3ZGM4MTU2OGE4Y2ZiZDU2M2FlNjFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wubA1g1rrHVyki9HTdu+WbmE6QW iDK9lr67Zc5xhj1O6/iO5dNURnnS3FyLKulBxwyq7jsT+ZQvOmjj86lcI3fke1tR vDSuvoJ3SukFNSwZZSNF6urRRHoalP1tn7O9akLBFnbJX4vH+rF4kZ7YneEHcbEW VI9xaKYr9SS+Weu079Na24EBhhD/Xa4LqM9f2FvNWVcghTrlEXgA+ituC6Hs+uxG /dmA6nm55aAeuPoRJdAeO1Y1mk7Lz/ZdfKArpxf+8iJGc4xrEGA8Rbg+GtsfaRom /u+Bhx5j85nzgCS7fHcxV5pYwLQjOQVq0CuQTyolBKII6H2wHLegDFTswwIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFHZExIXElI5g5n3IFWioz71WOuYaMB8GA1UdIwQY MBaAFPiFfs9EHl6h1xgf7H6X5tvBIg/CMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1JVi16MFFlWHFIWEdCX3NmcGZtMjhFaUQ4SS5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQz LWE4OWY4MTc3NjQwNi8xL2RrVEVoY1NVam1EbWZjZ1ZhS2pQdlZZNjVoby5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQzLWE4OWY4MTc3NjQw Ni8xLzEtSVYtejBRZVhxSFhHQl9zZnBmbTI4RWlEOEkuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABe+s8w DQYJKoZIhvcNAQELBQADggEBAA24NWkoGwvGTMt74yP1RsSgmhyrIAUz8GlDOU0D iVIdQ4aV9B5XvNBFzXx45hPGD2Z99rUuDMZ4BldUYw2+lJBwBcSo3yi8n5eitXd5 Wb57zdoJOJm03bNOeZGIjmf/Uew19TrzGwQHSFOxjXfCTv+bxBHEVNxZbghgVvBK YzoOYfOwvXZVn8Lh88x7EZ5fBcLWA5oflhJDYUJ8Obz0VdCQq4T5W0bWRKG+zE/j GSbpW9H2K9TOS2Bdt/YPGFL+kuC/qCrZXQYQ2c94dLOb64Bbmsy9ylmzi6evDUsz 3QRr9eqil3yZ74msH7MYVo2906x6Clrd1y8juuRQN6A+9U0= -----END CERTIFICATE-----Generated at Mon Jan 19 20:34:50 2026 by rpki-client