This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/aE7dmxNnMqlbMvLqgzOsP-ooEsM.roa File: aE7dmxNnMqlbMvLqgzOsP-ooEsM.roa (raw, json) Hash identifier: yRZuNFGwI8VBm9671WQ3wPUuTbQ9RDPs60a0RaW0q3g= Subject key identifier: 68:4E:DD:9B:13:67:32:A9:5B:32:F2:EA:83:33:AC:3F:EA:28:12:C3 Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9 Certificate serial: 019B797EF85413AC42993C739556C79B3F1B Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/aE7dmxNnMqlbMvLqgzOsP-ooEsM.roa Signing time: Thu 01 Jan 2026 12:18:42 +0000 ROA not before: Thu 01 Jan 2026 12:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 264617 IP address blocks: 89.249.196.0/24 maxlen: 24 212.42.198.0/24 maxlen: 24 212.42.202.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.mft rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 13:16:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:f8:54:13:ac:42:99:3c:73:95:56:c7:9b:3f:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9 Validity Not Before: Jan 1 12:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=684edd9b136732a95b32f2ea8333ac3fea2812c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:0a:c7:47:93:b0:67:5e:94:45:c8:07:49:a9: de:f2:85:1b:41:54:15:98:fb:91:81:26:eb:7c:0c: cc:ee:e5:55:9b:71:97:ea:24:a7:57:67:e4:c6:99: 07:34:1c:53:23:de:1e:3a:bf:c5:1d:96:dc:69:2f: 6b:81:87:44:60:d0:00:5d:cd:af:56:80:00:b3:68: c4:83:0b:da:1f:dc:71:ce:a8:e1:6d:bb:69:aa:f2: 37:67:bf:59:bf:2b:93:78:ed:00:bb:4d:ca:f7:8b: b9:fc:3b:3f:78:fb:cb:ed:d0:99:52:f6:b9:75:48: eb:fd:0a:97:c2:d0:19:b2:98:3b:ec:96:bc:31:e3: d5:d2:99:3c:51:53:08:5a:66:70:8a:1e:99:ac:dc: df:10:53:34:b3:e1:9a:24:7b:9c:37:36:43:10:4e: 47:c8:f1:04:98:f6:ba:f8:ce:b9:09:95:2f:99:8f: e0:88:0a:59:5d:d3:e0:09:58:37:37:a1:85:23:ac: f8:66:63:e7:8e:22:eb:c6:4a:9c:80:ae:4e:1d:41: 2d:fa:4f:11:b2:6d:c6:e8:de:78:6a:16:e7:10:cf: 4b:96:a0:5b:d8:c4:c8:5b:3b:78:78:0f:36:8b:82: 5e:87:1d:f4:ac:76:4a:75:67:04:5f:0a:b3:ee:8c: e6:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:4E:DD:9B:13:67:32:A9:5B:32:F2:EA:83:33:AC:3F:EA:28:12:C3 X509v3 Authority Key Identifier: keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/aE7dmxNnMqlbMvLqgzOsP-ooEsM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.249.196.0/24 212.42.198.0/24 212.42.202.0/24 Signature Algorithm: sha256WithRSAEncryption a4:d4:b3:17:ed:ca:bf:c1:86:6e:32:80:0a:4b:c5:41:19:f5: 90:73:d9:44:44:d1:40:83:8d:95:98:54:ba:eb:81:32:5a:92: 43:63:f9:42:8c:69:33:da:9b:f4:b0:a3:3a:d7:f5:03:c3:ad: d8:f4:9b:14:7c:aa:e3:c6:c2:5a:c5:d1:3a:cc:78:40:24:07: 0b:36:f4:b4:8e:fe:ff:74:2d:7d:b6:59:10:e4:8f:99:56:ed: f1:4c:b4:98:4f:4d:8f:b3:95:b3:99:f7:04:6e:46:c2:8e:f1: 05:36:01:45:71:df:7b:c1:73:ab:d3:18:14:10:69:50:c1:1d: 26:35:fd:eb:61:7b:f5:21:1c:a2:02:f9:68:bf:d8:2f:b2:76: 0a:13:5b:80:3d:4e:66:eb:28:73:ac:39:6b:a2:fe:bb:84:8c: ca:77:f4:1f:b6:68:97:5b:84:e9:3c:20:3c:94:06:fe:2f:4b: f3:77:6b:5d:bd:9f:86:46:7d:3c:f0:b9:cc:f2:c1:b5:a6:cd: 7f:3f:f4:73:ad:fd:51:37:22:3b:47:76:65:c2:59:82:83:d5: dc:9c:6c:18:d2:50:18:94:fa:dc:21:b2:29:3a:84:ef:86:cc: d9:c8:2b:98:61:a5:8e:c8:31:ea:10:0e:ad:33:24:1d:84:fd: f5:5f:19:e2 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5fvhUE6xCmTxzlVbHmz8bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1 MThjYjkwHhcNMjYwMTAxMTIxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODRlZGQ5YjEzNjczMmE5NWIzMmYyZWE4MzMzYWMzZmVhMjgxMmMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQrHR5OwZ16URcgHSane8oUbQVQV mPuRgSbrfAzM7uVVm3GX6iSnV2fkxpkHNBxTI94eOr/FHZbcaS9rgYdEYNAAXc2v VoAAs2jEgwvaH9xxzqjhbbtpqvI3Z79ZvyuTeO0Au03K94u5/Ds/ePvL7dCZUva5 dUjr/QqXwtAZspg77Ja8MePV0pk8UVMIWmZwih6ZrNzfEFM0s+GaJHucNzZDEE5H yPEEmPa6+M65CZUvmY/giApZXdPgCVg3N6GFI6z4ZmPnjiLrxkqcgK5OHUEt+k8R sm3G6N54ahbnEM9LlqBb2MTIWzt4eA82i4Jehx30rHZKdWcEXwqz7ozmYwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFGhO3ZsTZzKpWzLy6oMzrD/qKBLDMB8GA1UdIwQY MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt MzQyNWIxMjVlYWE3LzEvYUU3ZG14Tm5NcWxiTXZMcWd6T3NQLW9vRXNNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3 LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfnEAwQA 1CrGAwQA1CrKMA0GCSqGSIb3DQEBCwUAA4IBAQCk1LMX7cq/wYZuMoAKS8VBGfWQ c9lERNFAg42VmFS664EyWpJDY/lCjGkz2pv0sKM61/UDw63Y9JsUfKrjxsJaxdE6 zHhAJAcLNvS0jv7/dC19tlkQ5I+ZVu3xTLSYT02Ps5WzmfcEbkbCjvEFNgFFcd97 wXOr0xgUEGlQwR0mNf3rYXv1IRyiAvlov9gvsnYKE1uAPU5m6yhzrDlrov67hIzK d/QftmiXW4TpPCA8lAb+L0vzd2tdvZ+GRn088LnM8sG1ps1/P/Rzrf1RNyI7R3Zl wlmCg9XcnGwY0lAYlPrcIbIpOoTvhszZyCuYYaWOyDHqEA6tMyQdhP31Xxni -----END CERTIFICATE-----Generated at Sat Jan 10 21:06:17 2026 by rpki-client