This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/DQYoTEX-x8cjYmvb3bOaTtlqK-o.roa File: DQYoTEX-x8cjYmvb3bOaTtlqK-o.roa (raw, json) Hash identifier: kvQYDQBkZ3WehVJeMmEkmsNV2/eI8PigHmwQeG9g+Eg= Subject key identifier: 0D:06:28:4C:45:FE:C7:C7:23:62:6B:DB:DD:B3:9A:4E:D9:6A:2B:EA Certificate issuer: /CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a Certificate serial: 019B79ECAA435407EE1869D05C9490410EF5 Authority key identifier: FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/DQYoTEX-x8cjYmvb3bOaTtlqK-o.roa Signing time: Thu 01 Jan 2026 14:18:31 +0000 ROA not before: Thu 01 Jan 2026 14:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7029 IP address blocks: 185.165.92.0/24 maxlen: 24 2a0d:f40::/29 maxlen: 32 2a13:80c0::/30 maxlen: 30 2a13:80c4::/30 maxlen: 30 2a13:9240::/30 maxlen: 30 2a13:9244::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.mft rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 02:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:aa:43:54:07:ee:18:69:d0:5c:94:90:41:0e:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a Validity Not Before: Jan 1 14:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0d06284c45fec7c723626bdbddb39a4ed96a2bea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:a5:42:17:74:a8:66:a3:f0:c0:f0:83:5b:32: 1c:ff:ce:a9:08:10:8e:eb:42:51:bb:0d:1c:e7:a4: b6:d1:c8:57:ff:a0:50:50:28:ff:bb:64:a1:58:b9: 61:a2:45:96:c2:fb:36:44:86:79:1c:70:ea:9f:94: 5a:71:65:9c:69:56:6a:b8:dc:dd:58:d9:22:33:7b: 36:90:8b:bd:7f:57:04:2e:1e:b7:49:72:5e:62:20: 18:cf:97:7d:38:53:f1:f5:4b:1f:18:3b:f4:d6:2e: 14:bf:35:d9:09:ec:1a:99:6e:38:ad:c2:31:0e:68: 96:4b:8e:ff:3c:6e:23:0e:5e:fc:8c:48:70:b7:90: 95:3f:0c:7d:56:85:fc:e1:86:70:9e:62:89:a9:41: 6a:89:f6:ff:12:85:fb:58:09:86:f7:60:e6:5a:3c: f6:49:31:07:20:11:16:13:aa:91:ac:52:f3:86:94: 3e:97:a6:49:d0:a2:dc:ca:ee:26:72:bf:cb:e0:ca: 46:2e:13:01:62:5b:3d:3f:37:31:ad:ac:c3:89:e0: d3:fb:a5:d1:fd:f1:2f:af:89:3b:09:da:3b:fa:1c: 4a:9a:ba:5f:82:07:be:a3:d1:28:08:fa:cc:6a:73: b5:be:31:f2:0a:cf:5b:44:30:c1:b2:e0:d4:2c:76: 90:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:06:28:4C:45:FE:C7:C7:23:62:6B:DB:DD:B3:9A:4E:D9:6A:2B:EA X509v3 Authority Key Identifier: keyid:FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/DQYoTEX-x8cjYmvb3bOaTtlqK-o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.165.92.0/24 IPv6: 2a0d:f40::/29 2a13:80c0::/29 2a13:9240::/29 Signature Algorithm: sha256WithRSAEncryption 42:de:4b:a5:da:96:7e:59:09:cc:95:8b:3e:ef:39:8e:0e:d8: 39:3f:b1:0d:0e:85:8b:ba:7c:dc:45:bc:ff:af:3f:3e:a1:71: 0b:8e:83:bc:1b:99:03:b1:f7:81:d3:d8:81:df:9f:d6:93:ba: 81:db:e8:f1:92:ce:c9:a2:e3:8e:97:1e:7d:85:27:b6:45:fa: 22:24:2e:b6:b6:e3:1e:c9:bb:d2:cd:1e:d9:ea:af:62:8d:72: 5a:a6:78:d6:4a:b1:a4:38:a2:a6:65:b4:89:b9:60:5f:56:78: 3d:b3:b9:22:90:af:2b:aa:0f:e9:ad:17:41:f7:e3:3a:a7:41: f2:dc:2f:ce:88:a2:80:34:be:c9:86:13:0e:d0:e8:3a:a7:cc: 60:cf:ba:90:40:20:66:1c:ce:e6:f0:50:37:b3:37:7a:0a:14: 71:b5:93:9a:95:44:e9:09:cb:a2:4a:d5:10:c5:cc:12:93:6d: 24:58:8e:10:82:5b:74:bf:7c:e4:56:11:e2:86:55:99:d2:ef: 36:1e:00:c8:67:b3:e7:17:f2:93:1d:c6:be:4b:03:31:b5:55: e4:d2:fb:cd:1b:c0:98:5e:3c:03:0d:c4:bc:ef:19:d8:72:a7: 50:79:3c:19:a9:7a:bd:6d:13:26:4d:aa:9a:b7:71:c1:c5:52: 19:c7:65:f9 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt57KpDVAfuGGnQXJSQQQ71MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZjM2FiNTVkNTc1MDljYmZhZTc5OGJkNzFhYWEyM2IzNDQ0 ZDhlNWEwHhcNMjYwMTAxMTQxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZDA2Mjg0YzQ1ZmVjN2M3MjM2MjZiZGJkZGIzOWE0ZWQ5NmEyYmVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16VCF3SoZqPwwPCDWzIc/86pCBCO 60JRuw0c56S20chX/6BQUCj/u2ShWLlhokWWwvs2RIZ5HHDqn5RacWWcaVZquNzd WNkiM3s2kIu9f1cELh63SXJeYiAYz5d9OFPx9UsfGDv01i4UvzXZCewamW44rcIx DmiWS47/PG4jDl78jEhwt5CVPwx9VoX84YZwnmKJqUFqifb/EoX7WAmG92DmWjz2 STEHIBEWE6qRrFLzhpQ+l6ZJ0KLcyu4mcr/L4MpGLhMBYls9PzcxrazDieDT+6XR /fEvr4k7Cdo7+hxKmrpfgge+o9EoCPrManO1vjHyCs9bRDDBsuDULHaQvQIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFA0GKExF/sfHI2Jr292zmk7ZaivqMB8GA1UdIwQY MBaAFPw6tV1XUJy/rnmL1xqqI7NETY5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYt MGM0NTIxOGU3OTgxLzEvRFFZb1RFWC14OGNqWW12YjNiT2FUdGxxSy1vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYtMGM0NTIxOGU3OTgx LzEvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQAuaVcMBsE AgACMBUDBQMqDQ9AAwUDKhOAwAMFAyoTkkAwDQYJKoZIhvcNAQELBQADggEBAELe S6Xaln5ZCcyViz7vOY4O2Dk/sQ0OhYu6fNxFvP+vPz6hcQuOg7wbmQOx94HT2IHf n9aTuoHb6PGSzsmi446XHn2FJ7ZF+iIkLra24x7Ju9LNHtnqr2KNclqmeNZKsaQ4 oqZltIm5YF9WeD2zuSKQryuqD+mtF0H34zqnQfLcL86IooA0vsmGEw7Q6DqnzGDP upBAIGYczubwUDezN3oKFHG1k5qVROkJy6JK1RDFzBKTbSRYjhCCW3S/fORWEeKG VZnS7zYeAMhns+cX8pMdxr5LAzG1VeTS+80bwJhePAMNxLzvGdhyp1B5PBmper1t EyZNqpq3ccHFUhnHZfk= -----END CERTIFICATE-----Generated at Sun Jan 18 08:53:57 2026 by rpki-client