This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/zzDkvJaiRpsmi6O7kaXorv8G2lo.roa File: zzDkvJaiRpsmi6O7kaXorv8G2lo.roa (raw, json) Hash identifier: U4Wz/U8KhaG7QlShrJHjPRkbJ49L12u0oJF2UhXulFI= Subject key identifier: CF:30:E4:BC:96:A2:46:9B:26:8B:A3:BB:91:A5:E8:AE:FF:06:DA:5A Certificate issuer: /CN=bc9d7c42e917844cbc2de4a91c6c1701de5971b5 Certificate serial: 019B7DCB2F970F182A4D04250A2892434F2E Authority key identifier: BC:9D:7C:42:E9:17:84:4C:BC:2D:E4:A9:1C:6C:17:01:DE:59:71:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vJ18QukXhEy8LeSpHGwXAd5ZcbU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/zzDkvJaiRpsmi6O7kaXorv8G2lo.roa Signing time: Fri 02 Jan 2026 08:20:26 +0000 ROA not before: Fri 02 Jan 2026 08:20:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34119 IP address blocks: 31.22.0.0/21 maxlen: 21 31.22.4.0/24 maxlen: 24 31.22.7.0/24 maxlen: 24 77.95.32.0/21 maxlen: 21 185.2.168.0/22 maxlen: 22 185.103.228.0/22 maxlen: 22 185.211.176.0/22 maxlen: 22 2a02:5300::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/vJ18QukXhEy8LeSpHGwXAd5ZcbU.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/vJ18QukXhEy8LeSpHGwXAd5ZcbU.mft rsync://rpki.ripe.net/repository/DEFAULT/vJ18QukXhEy8LeSpHGwXAd5ZcbU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 08:21:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:2f:97:0f:18:2a:4d:04:25:0a:28:92:43:4f:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bc9d7c42e917844cbc2de4a91c6c1701de5971b5 Validity Not Before: Jan 2 08:20:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cf30e4bc96a2469b268ba3bb91a5e8aeff06da5a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:06:58:b0:f0:6c:4f:a6:ef:4c:ef:3e:08:b9: 7d:fd:4f:45:ba:3b:ff:9e:f8:32:d0:c5:6b:04:15: c1:a7:94:b0:0b:d6:cf:49:08:b8:df:ce:96:8c:87: cc:3b:41:94:6a:bc:99:c2:b4:92:d8:eb:51:ed:3a: 82:40:25:c9:44:40:41:59:c7:99:f8:68:d3:11:61: dd:11:59:b7:f7:9b:85:52:dd:30:e7:a6:14:f7:27: 60:0f:21:26:d2:50:00:7c:16:ae:11:92:a2:75:4f: 9d:d8:eb:45:40:b3:06:ca:3a:4b:a0:ea:08:4e:aa: 7f:51:86:c5:3c:7b:5f:ea:71:ab:cd:cf:25:cb:d9: 3a:84:1a:16:64:b3:e7:03:1e:57:bc:11:3e:ad:1c: 61:a8:32:f8:90:0e:85:35:bb:06:de:79:50:14:18: 76:ac:e2:30:0f:48:6c:63:7d:fc:85:6c:84:1f:8a: db:85:fb:01:c5:c9:da:42:d2:c6:96:b9:5d:d9:f2: e6:04:7e:46:f8:72:eb:b5:2f:ca:1b:b4:52:b5:e5: 50:41:20:94:83:ce:2d:f3:70:6a:1c:76:43:94:16: 27:d5:a2:7a:a8:8a:e1:20:5b:a2:f9:ff:86:9a:e4: 1c:2e:ad:e5:87:c6:dd:02:84:90:95:27:49:20:8b: f6:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:30:E4:BC:96:A2:46:9B:26:8B:A3:BB:91:A5:E8:AE:FF:06:DA:5A X509v3 Authority Key Identifier: keyid:BC:9D:7C:42:E9:17:84:4C:BC:2D:E4:A9:1C:6C:17:01:DE:59:71:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vJ18QukXhEy8LeSpHGwXAd5ZcbU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/zzDkvJaiRpsmi6O7kaXorv8G2lo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/29aea2-b6c8-4af9-ad84-03fb54187ee2/1/vJ18QukXhEy8LeSpHGwXAd5ZcbU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.22.0.0/21 77.95.32.0/21 185.2.168.0/22 185.103.228.0/22 185.211.176.0/22 IPv6: 2a02:5300::/32 Signature Algorithm: sha256WithRSAEncryption 58:15:86:18:f0:6d:f5:c4:96:77:d8:91:71:0b:00:35:26:56: 62:09:82:06:d4:99:ad:c5:99:74:35:16:31:a8:c5:a2:b1:f0: 5a:48:98:e0:93:f8:01:37:3b:9e:01:8c:02:50:cc:f7:1e:41: 33:f3:38:ae:52:fc:28:3e:ee:e2:34:a1:e9:ef:18:fc:d5:03: 25:f2:36:31:93:59:b6:0e:af:4c:b5:ce:c2:21:e0:fc:a9:75: f0:d4:1d:2f:71:9c:95:30:dc:d7:02:bb:f4:3f:77:f0:1f:f8: 99:29:22:b7:34:d5:28:e9:5f:e2:4b:88:cf:84:f2:e5:7c:c1: 95:a1:53:a6:10:ca:f3:99:d8:55:b0:2f:43:d7:47:a0:5d:ea: bb:79:d4:ea:eb:07:07:f7:b5:b7:fb:27:1c:20:50:20:a4:3d: 45:84:10:aa:52:2d:c7:8c:f5:de:4d:05:70:4a:9f:c2:99:b8: 6d:65:e8:b0:7c:69:95:09:7e:1d:c7:c8:04:d8:18:3d:77:8e: 5c:45:26:e9:f8:bc:1a:70:4b:5e:83:14:d2:94:97:11:81:b4: 08:d2:b5:95:dc:71:e0:51:e1:16:36:5a:9d:e6:a9:61:32:8e: 3f:9d:63:89:2b:7f:c6:32:7b:0b:bf:48:19:71:22:61:de:72: e3:83:db:0a -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt9yy+XDxgqTQQlCiiSQ08uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJjOWQ3YzQyZTkxNzg0NGNiYzJkZTRhOTFjNmMxNzAxZGU1 OTcxYjUwHhcNMjYwMTAyMDgyMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjZjMwZTRiYzk2YTI0NjliMjY4YmEzYmI5MWE1ZThhZWZmMDZkYTVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAZYsPBsT6bvTO8+CLl9/U9Fujv/ nvgy0MVrBBXBp5SwC9bPSQi4386WjIfMO0GUaryZwrSS2OtR7TqCQCXJREBBWceZ +GjTEWHdEVm395uFUt0w56YU9ydgDyEm0lAAfBauEZKidU+d2OtFQLMGyjpLoOoI Tqp/UYbFPHtf6nGrzc8ly9k6hBoWZLPnAx5XvBE+rRxhqDL4kA6FNbsG3nlQFBh2 rOIwD0hsY338hWyEH4rbhfsBxcnaQtLGlrld2fLmBH5G+HLrtS/KG7RSteVQQSCU g84t83BqHHZDlBYn1aJ6qIrhIFui+f+GmuQcLq3lh8bdAoSQlSdJIIv2ewIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFM8w5LyWokabJouju5Gl6K7/BtpaMB8GA1UdIwQY MBaAFLydfELpF4RMvC3kqRxsFwHeWXG1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdkoxOFF1a1hoRXk4TGVTcEhHd1hBZDVaY2JVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yOWFlYTItYjZjOC00YWY5LWFkODQt MDNmYjU0MTg3ZWUyLzEvenpEa3ZKYWlScHNtaTZPN2thWG9ydjhHMmxvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC8yOWFlYTItYjZjOC00YWY5LWFkODQtMDNmYjU0MTg3ZWUy LzEvdkoxOFF1a1hoRXk4TGVTcEhHd1hBZDVaY2JVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHxYAAwQD TV8gAwQCuQKoAwQCuWfkAwQCudOwMA0EAgACMAcDBQAqAlMAMA0GCSqGSIb3DQEB CwUAA4IBAQBYFYYY8G31xJZ32JFxCwA1JlZiCYIG1JmtxZl0NRYxqMWisfBaSJjg k/gBNzueAYwCUMz3HkEz8ziuUvwoPu7iNKHp7xj81QMl8jYxk1m2Dq9Mtc7CIeD8 qXXw1B0vcZyVMNzXArv0P3fwH/iZKSK3NNUo6V/iS4jPhPLlfMGVoVOmEMrzmdhV sC9D10egXeq7edTq6wcH97W3+yccIFAgpD1FhBCqUi3HjPXeTQVwSp/CmbhtZeiw fGmVCX4dx8gE2Bg9d45cRSbp+LwacEtegxTSlJcRgbQI0rWV3HHgUeEWNlqd5qlh Mo4/nWOJK3/GMnsLv0gZcSJh3nLjg9sK -----END CERTIFICATE-----Generated at Fri Jan 2 14:40:59 2026 by rpki-client