This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/D_g2kJlELMuoefn2HH3Y2o0l5YQ.roa File: D_g2kJlELMuoefn2HH3Y2o0l5YQ.roa (raw, json) Hash identifier: dyiFDNNm4intjG5QxyjFGbaTlhBNt77Zx7ofZH6deL8= Subject key identifier: 0F:F8:36:90:99:44:2C:CB:A8:79:F9:F6:1C:7D:D8:DA:8D:25:E5:84 Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8 Certificate serial: 019B7D5D1B669A2281003B043E1BB52CF73E Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/D_g2kJlELMuoefn2HH3Y2o0l5YQ.roa Signing time: Fri 02 Jan 2026 06:20:12 +0000 ROA not before: Fri 02 Jan 2026 06:20:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51765 IP address blocks: 45.159.249.0/24 maxlen: 24 141.98.169.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:1b:66:9a:22:81:00:3b:04:3e:1b:b5:2c:f7:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8 Validity Not Before: Jan 2 06:20:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0ff8369099442ccba879f9f61c7dd8da8d25e584 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:a1:f7:2a:3b:01:ee:fb:10:15:f7:44:a2:8a: 6a:8c:a6:3a:92:2f:60:63:56:f5:6d:0e:bd:48:8e: 96:4c:ac:d9:3c:77:cc:6c:63:7e:2d:69:bf:be:e9: eb:b6:8b:c8:33:43:71:9b:05:a3:f5:43:82:6c:26: 02:26:cf:93:b4:76:6c:1a:40:17:fd:6c:4a:d3:b8: 91:0d:fb:aa:c2:96:5b:48:d7:c8:5f:7b:7f:fa:e0: 95:30:26:bc:f3:29:34:53:03:4f:1d:c6:0d:b5:25: 7d:8f:b1:d1:8e:42:61:5a:6c:f5:50:72:a2:b4:11: 02:43:2d:20:c3:fa:c6:2d:4e:a7:0d:08:9c:f5:97: 15:01:49:16:b5:69:50:2f:f9:33:c0:d4:19:bc:b0: 43:4f:b6:3d:01:b1:5f:95:d5:67:42:ca:ac:4a:99: 17:35:05:74:6b:a0:67:00:38:71:4a:75:7f:c6:6c: 46:c0:ba:95:8b:42:35:4f:e8:9c:39:96:10:f3:46: 88:67:1c:e7:b2:a1:5b:19:3a:0a:0c:b0:38:96:5f: cf:78:93:1d:2a:f9:01:3d:7d:9b:8d:ab:45:93:1f: e9:af:b1:d6:02:d7:57:f9:0b:1e:a8:2b:dd:3e:4a: 96:76:e6:e6:0e:ff:32:ba:5e:c8:f9:26:89:79:35: 7a:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:F8:36:90:99:44:2C:CB:A8:79:F9:F6:1C:7D:D8:DA:8D:25:E5:84 X509v3 Authority Key Identifier: keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/D_g2kJlELMuoefn2HH3Y2o0l5YQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.159.249.0/24 141.98.169.0/24 Signature Algorithm: sha256WithRSAEncryption b3:24:0c:3d:9c:48:11:46:e5:74:d5:9f:b5:68:e2:f3:72:9d: 2f:6d:41:f7:a8:89:3c:7e:bb:a9:e1:a9:90:a0:e6:6a:a7:b8: 3f:88:7e:5c:b3:79:d8:4c:42:d4:6a:1a:69:65:ff:cc:cd:63: 33:63:cb:53:14:40:ae:bb:68:99:ce:f3:95:70:39:13:15:87: d0:82:19:3c:0a:72:8b:d6:40:b0:1e:2b:6b:ec:b8:0c:78:65: 56:f2:20:ee:47:74:f3:b4:01:f0:aa:1b:9a:9d:93:51:62:21: 82:79:9e:c3:03:4c:bf:14:95:b9:8e:2e:3f:13:b0:14:61:3e: 33:02:71:0f:ab:6e:2c:7e:cd:d8:e3:2d:83:aa:2f:3e:cf:ef: 94:14:eb:b5:ff:4b:19:76:81:fb:26:c2:26:ae:90:fb:2c:72: 0f:33:5f:39:69:f5:33:d6:ac:1f:ee:fb:71:3c:a8:97:68:85: 1a:dc:09:e0:2f:a5:9c:7f:50:c0:99:d7:75:97:bb:4e:b8:e6: 5b:6d:7d:49:ad:c7:70:2f:36:3c:ba:d4:0f:b6:c1:40:e4:bc: 2b:4f:0e:dc:60:9e:ce:2d:7b:33:2e:19:23:75:84:33:1e:ff: f8:77:da:ce:86:e0:e1:b8:19:fe:e5:b9:d8:f8:0a:e5:5b:8b: 6a:c0:f0:40 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XRtmmiKBADsEPhu1LPc+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm MWM3ZTgwHhcNMjYwMTAyMDYyMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZmY4MzY5MDk5NDQyY2NiYTg3OWY5ZjYxYzdkZDhkYThkMjVlNTg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaH3KjsB7vsQFfdEoopqjKY6ki9g Y1b1bQ69SI6WTKzZPHfMbGN+LWm/vunrtovIM0NxmwWj9UOCbCYCJs+TtHZsGkAX /WxK07iRDfuqwpZbSNfIX3t/+uCVMCa88yk0UwNPHcYNtSV9j7HRjkJhWmz1UHKi tBECQy0gw/rGLU6nDQic9ZcVAUkWtWlQL/kzwNQZvLBDT7Y9AbFfldVnQsqsSpkX NQV0a6BnADhxSnV/xmxGwLqVi0I1T+icOZYQ80aIZxznsqFbGToKDLA4ll/PeJMd KvkBPX2bjatFkx/pr7HWAtdX+QseqCvdPkqWdubmDv8yul7I+SaJeTV6ZQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFA/4NpCZRCzLqHn59hx92NqNJeWEMB8GA1UdIwQY MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt ZWU3NDY1NzU0ZmY2LzEvRF9nMmtKbEVMTXVvZWZuMkhIM1kybzBsNVlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2 LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZ/5AwQA jWKpMA0GCSqGSIb3DQEBCwUAA4IBAQCzJAw9nEgRRuV01Z+1aOLzcp0vbUH3qIk8 frup4amQoOZqp7g/iH5cs3nYTELUahppZf/MzWMzY8tTFECuu2iZzvOVcDkTFYfQ ghk8CnKL1kCwHitr7LgMeGVW8iDuR3TztAHwqhuanZNRYiGCeZ7DA0y/FJW5ji4/ E7AUYT4zAnEPq24sfs3Y4y2Dqi8+z++UFOu1/0sZdoH7JsImrpD7LHIPM185afUz 1qwf7vtxPKiXaIUa3AngL6Wcf1DAmdd1l7tOuOZbbX1JrcdwLzY8utQPtsFA5Lwr Tw7cYJ7OLXszLhkjdYQzHv/4d9rOhuDhuBn+5bnY+ArlW4tqwPBA -----END CERTIFICATE-----Generated at Mon Jan 19 23:20:57 2026 by rpki-client