This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/25a59c-c2fc-4fd4-96f7-84adcbf5ac55/1/33KpGlS_VtYMS4VxaCOKuIoKRIU.roa File: 33KpGlS_VtYMS4VxaCOKuIoKRIU.roa (raw, json) Hash identifier: PycRk9WWt2oF1w6VPqOesZM2Iyc5sLWnv91I0/vqfTA= Subject key identifier: DF:72:A9:1A:54:BF:56:D6:0C:4B:85:71:68:23:8A:B8:8A:0A:44:85 Certificate issuer: /CN=bfd81ca90cc5224586afebab1c78b1790268d5c1 Certificate serial: 019B7C11E1BF517FC7325941BAB68BB00383 Authority key identifier: BF:D8:1C:A9:0C:C5:22:45:86:AF:EB:AB:1C:78:B1:79:02:68:D5:C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v9gcqQzFIkWGr-urHHixeQJo1cE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/25a59c-c2fc-4fd4-96f7-84adcbf5ac55/1/33KpGlS_VtYMS4VxaCOKuIoKRIU.roa Signing time: Fri 02 Jan 2026 00:18:25 +0000 ROA not before: Fri 02 Jan 2026 00:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43847 IP address blocks: 45.149.216.0/23 maxlen: 23 2a0f:7600::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/25a59c-c2fc-4fd4-96f7-84adcbf5ac55/1/v9gcqQzFIkWGr-urHHixeQJo1cE.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/25a59c-c2fc-4fd4-96f7-84adcbf5ac55/1/v9gcqQzFIkWGr-urHHixeQJo1cE.mft rsync://rpki.ripe.net/repository/DEFAULT/v9gcqQzFIkWGr-urHHixeQJo1cE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:e1:bf:51:7f:c7:32:59:41:ba:b6:8b:b0:03:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bfd81ca90cc5224586afebab1c78b1790268d5c1 Validity Not Before: Jan 2 00:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=df72a91a54bf56d60c4b857168238ab88a0a4485 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:43:4f:0a:59:9c:be:3d:5c:1a:e9:e8:ca:ac: 69:79:b4:b1:c5:d8:7a:19:f3:e2:50:33:d0:3f:99: 56:0c:d3:e9:ab:c9:85:40:12:84:1a:5e:ea:2d:06: 25:fa:bc:f8:5f:ca:10:4c:54:57:0a:c7:ad:a1:11: 64:ce:4f:2d:d2:04:f7:cb:e6:74:ef:70:93:7e:0e: df:7f:63:3f:c5:ab:6d:ce:2a:d5:7f:ce:e5:31:99: e5:b1:08:d5:eb:b0:0e:af:b2:fc:39:5e:71:f0:47: f1:af:29:8f:c9:15:34:b3:b1:06:f4:8a:25:25:b4: fd:f7:d0:be:77:c4:3e:f1:4c:1d:3a:6c:e8:dc:1f: c8:74:a4:31:62:82:4c:42:67:30:74:45:f0:bb:cd: 68:ce:6b:7b:22:44:20:9b:c3:01:16:b4:26:6a:a4: 69:66:ec:aa:79:8c:c1:b5:24:22:49:e4:95:ac:a3: 27:64:de:2c:1b:ea:46:ed:62:eb:67:0a:42:ef:26: 52:7a:4a:56:21:5d:a0:2b:a1:6c:82:96:6b:df:eb: f7:27:41:29:ad:a6:14:55:39:61:90:d8:fc:53:57: 72:c9:7e:d2:35:62:2b:89:16:56:01:6b:16:1f:e7: 1f:35:66:56:b5:e8:e3:1d:78:93:23:d7:85:07:8f: 9f:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:72:A9:1A:54:BF:56:D6:0C:4B:85:71:68:23:8A:B8:8A:0A:44:85 X509v3 Authority Key Identifier: keyid:BF:D8:1C:A9:0C:C5:22:45:86:AF:EB:AB:1C:78:B1:79:02:68:D5:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v9gcqQzFIkWGr-urHHixeQJo1cE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/25a59c-c2fc-4fd4-96f7-84adcbf5ac55/1/33KpGlS_VtYMS4VxaCOKuIoKRIU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/25a59c-c2fc-4fd4-96f7-84adcbf5ac55/1/v9gcqQzFIkWGr-urHHixeQJo1cE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.149.216.0/23 IPv6: 2a0f:7600::/32 Signature Algorithm: sha256WithRSAEncryption 4b:66:42:27:73:10:25:3a:78:85:22:ef:1f:54:23:56:1a:ab: 96:8c:79:ca:d3:3a:ed:b2:95:d7:09:24:80:8b:5f:59:47:f2: 16:7e:28:9a:2c:46:62:9b:5d:a9:60:92:2a:0c:06:28:02:2b: 86:05:c4:e0:6a:c2:e6:15:ff:a8:d7:92:9c:ca:ad:e3:d8:f7: 0a:17:2d:56:26:cb:66:b3:24:d7:0f:7b:0f:9b:2e:21:f0:0a: cb:26:6a:61:56:58:99:ba:29:60:ae:02:e8:e6:65:5f:cd:33: 55:59:08:5d:33:4e:3f:17:53:5c:47:7a:ce:fb:15:28:23:71: ab:ff:17:68:2a:5d:6f:6e:b7:bf:5f:fd:98:5d:b0:4f:15:a6: 5f:89:f1:95:e3:d6:a4:d1:c4:9e:ae:94:2f:e5:cf:14:14:8c: 61:1c:14:5c:c1:b4:c5:82:97:0d:1e:19:54:ed:42:3b:09:8e: 85:fa:dd:e6:41:36:a9:30:71:c7:b1:68:f6:8e:73:c9:b9:61: cc:d6:cb:22:80:ec:32:13:29:3c:7e:64:ad:f7:42:56:23:e1: 3e:77:59:aa:33:3a:89:7c:28:45:d3:bf:e4:77:56:ea:ac:ac: 64:9e:af:6f:5a:3c:bf:75:40:c3:c4:84:d6:3b:7d:e4:f7:08: 6f:6b:ea:c1 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8EeG/UX/HMllBuraLsAODMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmZDgxY2E5MGNjNTIyNDU4NmFmZWJhYjFjNzhiMTc5MDI2 OGQ1YzEwHhcNMjYwMTAyMDAxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZjcyYTkxYTU0YmY1NmQ2MGM0Yjg1NzE2ODIzOGFiODhhMGE0NDg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ENPClmcvj1cGunoyqxpebSxxdh6 GfPiUDPQP5lWDNPpq8mFQBKEGl7qLQYl+rz4X8oQTFRXCsetoRFkzk8t0gT3y+Z0 73CTfg7ff2M/xattzirVf87lMZnlsQjV67AOr7L8OV5x8EfxrymPyRU0s7EG9Iol JbT999C+d8Q+8UwdOmzo3B/IdKQxYoJMQmcwdEXwu81ozmt7IkQgm8MBFrQmaqRp ZuyqeYzBtSQiSeSVrKMnZN4sG+pG7WLrZwpC7yZSekpWIV2gK6FsgpZr3+v3J0Ep raYUVTlhkNj8U1dyyX7SNWIriRZWAWsWH+cfNWZWtejjHXiTI9eFB4+fIwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFN9yqRpUv1bWDEuFcWgjiriKCkSFMB8GA1UdIwQY MBaAFL/YHKkMxSJFhq/rqxx4sXkCaNXBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjlnY3FRekZJa1dHci11ckhIaXhlUUpvMWNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8yNWE1OWMtYzJmYy00ZmQ0LTk2Zjct ODRhZGNiZjVhYzU1LzEvMzNLcEdsU19WdFlNUzRWeGFDT0t1SW9LUklVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8yNWE1OWMtYzJmYy00ZmQ0LTk2ZjctODRhZGNiZjVhYzU1 LzEvdjlnY3FRekZJa1dHci11ckhIaXhlUUpvMWNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBLZXYMA0E AgACMAcDBQAqD3YAMA0GCSqGSIb3DQEBCwUAA4IBAQBLZkIncxAlOniFIu8fVCNW GquWjHnK0zrtspXXCSSAi19ZR/IWfiiaLEZim12pYJIqDAYoAiuGBcTgasLmFf+o 15Kcyq3j2PcKFy1WJstmsyTXD3sPmy4h8ArLJmphVliZuilgrgLo5mVfzTNVWQhd M04/F1NcR3rO+xUoI3Gr/xdoKl1vbre/X/2YXbBPFaZfifGV49ak0cSerpQv5c8U FIxhHBRcwbTFgpcNHhlU7UI7CY6F+t3mQTapMHHHsWj2jnPJuWHM1ssigOwyEyk8 fmSt90JWI+E+d1mqMzqJfChF07/kd1bqrKxknq9vWjy/dUDDxITWO33k9whva+rB -----END CERTIFICATE-----Generated at Sun Jan 18 15:29:37 2026 by rpki-client