This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/DfRI4dovSnMSIcVz_GFD0L7vBIw.roa File: DfRI4dovSnMSIcVz_GFD0L7vBIw.roa (raw, json) Hash identifier: kG8QsSLcBHIkntfvUqxfKD4RZMhBctOildhkIA33eIw= Subject key identifier: 0D:F4:48:E1:DA:2F:4A:73:12:21:C5:73:FC:61:43:D0:BE:EF:04:8C Certificate issuer: /CN=4c911324e869bc4ca5ec8bad0d3ddff685441979 Certificate serial: 019B7B36CE3141E12AAD58227B8820831B67 Authority key identifier: 4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/DfRI4dovSnMSIcVz_GFD0L7vBIw.roa Signing time: Thu 01 Jan 2026 20:19:07 +0000 ROA not before: Thu 01 Jan 2026 20:19:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20539 IP address blocks: 94.199.160.0/21 maxlen: 24 2a02:680:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.crl rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.mft rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:ce:31:41:e1:2a:ad:58:22:7b:88:20:83:1b:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4c911324e869bc4ca5ec8bad0d3ddff685441979 Validity Not Before: Jan 1 20:19:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0df448e1da2f4a731221c573fc6143d0beef048c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:52:7c:2c:b9:ea:55:8d:2c:65:da:44:5a:42: 76:e6:e8:a6:88:83:86:d9:dd:12:c0:10:b6:6e:8d: 92:44:4e:f0:42:bd:95:c8:91:20:be:36:8e:01:f5: 6e:5f:fa:e1:51:8b:38:ca:46:4e:65:b4:b1:d0:34: b5:07:68:af:2d:08:13:97:fa:91:ba:52:bb:b1:84: d3:8b:5c:33:07:1b:ce:82:ae:53:02:50:03:47:d4: 64:96:9a:c1:ba:80:37:f4:0d:f6:80:21:2d:67:bc: 90:fe:62:10:c9:a9:2d:b0:11:5d:5e:9f:59:79:59: 8b:93:c6:a3:bd:11:5d:c8:98:b8:e1:62:ce:4f:a8: ad:44:08:14:aa:ae:02:34:f2:94:82:2f:7c:48:ec: 0d:d9:61:a5:9c:00:c1:db:ee:fa:5a:e6:f6:ce:0c: 1c:32:b6:5a:0a:88:1f:0b:ba:6e:14:f8:3c:d8:b1: c1:ba:56:9e:ff:97:21:a0:fb:43:15:16:9d:cf:09: f9:4b:6a:2b:e1:0a:34:63:10:c9:c8:45:b2:c7:24: c2:3b:1d:76:28:a3:18:d7:15:26:e5:f4:83:61:73: 4d:47:bc:e4:06:9a:e7:ff:d1:49:95:52:ee:15:53: 5a:53:10:64:9a:5d:c2:7b:23:0b:04:a1:db:78:83: 55:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:F4:48:E1:DA:2F:4A:73:12:21:C5:73:FC:61:43:D0:BE:EF:04:8C X509v3 Authority Key Identifier: keyid:4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/DfRI4dovSnMSIcVz_GFD0L7vBIw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.199.160.0/21 IPv6: 2a02:680:8000::/36 Signature Algorithm: sha256WithRSAEncryption 84:22:0d:5b:57:22:4d:5d:51:ae:a8:90:cb:04:41:66:d1:32: 33:11:f0:c8:e7:78:84:e5:bd:c2:f7:5f:b2:5d:cb:30:20:d7: c3:f8:98:ab:c3:f2:9d:91:c1:a4:13:19:a1:c8:ba:90:ac:47: f2:07:cb:af:0f:6e:74:36:a4:ea:19:ff:7e:4d:b9:9e:50:17: be:50:38:26:6b:49:e4:86:7d:be:60:39:75:b8:ad:3c:bb:d4: 3f:ad:bd:7e:35:39:50:cb:b4:44:cf:cc:4d:47:52:65:91:33: 05:58:7c:28:df:53:12:3a:46:91:f7:af:40:69:8c:b5:89:68: fc:76:ee:d2:2f:d7:64:2a:1b:91:0d:99:62:4a:da:d4:70:3d: be:1a:92:44:b8:a1:52:bc:31:e1:3f:e0:c9:ac:9b:7b:be:06: 2c:c6:48:30:62:52:46:58:d2:b1:bd:a1:74:e6:cf:84:1b:27: 56:3a:52:52:a0:df:0b:00:67:28:6b:d4:e1:c5:2f:37:54:e6: b7:7e:f8:78:ac:48:3c:47:49:1a:e5:51:9c:a9:25:04:aa:7c: cf:7c:aa:20:10:f8:a2:d6:46:36:b5:cf:ad:28:a1:86:60:73: 8d:82:08:3d:77:97:73:89:2e:6a:93:7e:c6:bc:9c:1a:bc:e0: 1b:27:10:f8 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt7Ns4xQeEqrVgie4gggxtnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjOTExMzI0ZTg2OWJjNGNhNWVjOGJhZDBkM2RkZmY2ODU0 NDE5NzkwHhcNMjYwMTAxMjAxOTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZGY0NDhlMWRhMmY0YTczMTIyMWM1NzNmYzYxNDNkMGJlZWYwNDhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1J8LLnqVY0sZdpEWkJ25uimiIOG 2d0SwBC2bo2SRE7wQr2VyJEgvjaOAfVuX/rhUYs4ykZOZbSx0DS1B2ivLQgTl/qR ulK7sYTTi1wzBxvOgq5TAlADR9RklprBuoA39A32gCEtZ7yQ/mIQyaktsBFdXp9Z eVmLk8ajvRFdyJi44WLOT6itRAgUqq4CNPKUgi98SOwN2WGlnADB2+76Wub2zgwc MrZaCogfC7puFPg82LHBulae/5choPtDFRadzwn5S2or4Qo0YxDJyEWyxyTCOx12 KKMY1xUm5fSDYXNNR7zkBprn/9FJlVLuFVNaUxBkml3CeyMLBKHbeINVXQIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFA30SOHaL0pzEiHFc/xhQ9C+7wSMMB8GA1UdIwQY MBaAFEyREyToabxMpeyLrQ093/aFRBl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUt YjdkMWNhYzUxZTBjLzEvRGZSSTRkb3ZTbk1TSWNWel9HRkQwTDd2Qkl3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS8yYjM4YjMtMTJmMS00MjQyLWFkYWUtYjdkMWNhYzUxZTBj LzEvVEpFVEpPaHB2RXlsN0l1dERUM2Y5b1ZFR1hrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQDXsegMA4E AgACMAgDBgQqAgaAgDANBgkqhkiG9w0BAQsFAAOCAQEAhCINW1ciTV1RrqiQywRB ZtEyMxHwyOd4hOW9wvdfsl3LMCDXw/iYq8PynZHBpBMZoci6kKxH8gfLrw9udDak 6hn/fk25nlAXvlA4JmtJ5IZ9vmA5dbitPLvUP629fjU5UMu0RM/MTUdSZZEzBVh8 KN9TEjpGkfevQGmMtYlo/Hbu0i/XZCobkQ2ZYkra1HA9vhqSRLihUrwx4T/gyayb e74GLMZIMGJSRljSsb2hdObPhBsnVjpSUqDfCwBnKGvU4cUvN1Tmt374eKxIPEdJ GuVRnKklBKp8z3yqIBD4otZGNrXPrSihhmBzjYIIPXeXc4kuapN+xrycGrzgGycQ +A== -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:18 2026 by rpki-client