This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/D4_u-Ji1zDOLh5vm9-qBFZcJRI0.roa File: D4_u-Ji1zDOLh5vm9-qBFZcJRI0.roa (raw, json) Hash identifier: BmM0kPwof8CCOBx36xy7o8mBI2bm1FHMProInDt4fFI= Subject key identifier: 0F:8F:EE:F8:98:B5:CC:33:8B:87:9B:E6:F7:EA:81:15:97:09:44:8D Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c Certificate serial: 019B7DCB589EBFA2286E59F791510120A442 Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/D4_u-Ji1zDOLh5vm9-qBFZcJRI0.roa Signing time: Fri 02 Jan 2026 08:20:36 +0000 ROA not before: Fri 02 Jan 2026 08:20:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 26548 IP address blocks: 80.71.150.0/24 maxlen: 24 80.71.152.0/24 maxlen: 24 80.71.159.0/24 maxlen: 24 91.240.71.0/24 maxlen: 24 194.105.158.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:58:9e:bf:a2:28:6e:59:f7:91:51:01:20:a4:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c Validity Not Before: Jan 2 08:20:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0f8feef898b5cc338b879be6f7ea81159709448d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b2:1a:05:65:25:49:69:98:c0:f2:1b:94:db: 88:f1:81:8a:e1:54:ba:6d:ac:cb:73:e3:ff:69:2e: ed:e6:a4:04:ed:3a:19:d8:5d:53:30:d9:54:04:13: 3a:4a:df:02:17:ce:f1:46:ea:7d:15:eb:57:cd:f1: e0:32:59:df:35:cc:5a:60:52:62:24:fc:11:aa:7b: f2:c6:fa:67:87:d6:0b:44:13:6a:99:3d:45:c6:26: 83:79:44:d1:a4:02:c5:31:93:82:0e:8a:55:28:79: e2:34:5e:f9:59:ff:b0:67:a5:aa:6d:a0:b0:70:96: 45:be:64:d8:55:4e:53:59:0e:d6:5a:e8:13:fc:2d: b0:95:f1:07:9a:34:db:d5:d2:95:d3:d4:96:75:85: c7:23:b1:57:76:a9:6c:c1:22:0f:37:65:d4:21:cc: 96:28:6a:80:e3:10:f8:3d:d0:ad:89:d7:18:86:19: 64:d2:b6:bd:29:38:53:c0:48:18:75:88:34:a2:d1: c4:87:d7:e5:bd:e2:8b:6e:36:b4:a3:58:34:23:2d: 73:01:f8:86:77:8f:73:6e:67:4d:42:5b:fd:bf:e0: 88:33:62:f6:f8:ff:52:53:9f:fb:a1:81:80:fc:3a: 64:dd:a2:fc:e0:19:53:e4:dd:74:ae:53:00:ff:4e: 67:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:8F:EE:F8:98:B5:CC:33:8B:87:9B:E6:F7:EA:81:15:97:09:44:8D X509v3 Authority Key Identifier: keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/D4_u-Ji1zDOLh5vm9-qBFZcJRI0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.71.150.0/24 80.71.152.0/24 80.71.159.0/24 91.240.71.0/24 194.105.158.0/23 Signature Algorithm: sha256WithRSAEncryption 0a:6e:03:cf:81:fc:9a:9f:64:a1:ff:0a:c4:3a:68:29:1b:65: a5:a9:c0:20:30:e0:3d:43:81:a5:70:fc:dd:34:cf:0e:eb:3b: e3:58:97:a1:b3:a5:9a:b3:72:20:e5:fd:37:aa:4c:41:99:c7: f9:9f:52:e2:dc:94:c3:1c:3e:41:7b:4a:9e:1d:39:a4:e7:37: 80:c5:55:20:cd:5d:34:0a:04:10:09:0d:e1:6a:ed:f4:7e:76: f2:c7:21:c2:35:90:fd:95:37:e2:84:d5:e8:1e:10:c4:88:ef: fe:f6:c3:93:dc:ca:2b:ef:b3:c8:c2:e6:1c:d5:0d:ef:3d:b1: 6c:6f:c2:af:55:d0:de:a4:f1:00:d9:61:ad:6a:64:7e:fd:94: 7e:17:cd:2a:83:4e:f2:0e:f1:8c:33:66:cc:69:86:e7:a0:90: 01:ca:d5:e6:c3:07:dc:0e:7d:97:20:91:0c:9f:49:34:f3:1e: fa:8c:d5:13:c9:db:c0:6d:0e:7a:e2:3c:a7:20:cd:8a:c0:3d: b5:ce:46:53:90:a2:02:22:46:78:a7:ec:eb:8c:cf:28:8f:20: 75:df:04:77:23:eb:4a:9d:e2:2f:2f:83:52:a4:f3:fc:29:ed: a1:73:3e:0c:df:a1:27:8a:75:d0:7a:5c:06:d8:71:e6:30:3f: 89:ff:ae:d3 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt9y1iev6Iobln3kVEBIKRCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4 ZmNjNGMwHhcNMjYwMTAyMDgyMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZjhmZWVmODk4YjVjYzMzOGI4NzliZTZmN2VhODExNTk3MDk0NDhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrIaBWUlSWmYwPIblNuI8YGK4VS6 bazLc+P/aS7t5qQE7ToZ2F1TMNlUBBM6St8CF87xRup9FetXzfHgMlnfNcxaYFJi JPwRqnvyxvpnh9YLRBNqmT1FxiaDeUTRpALFMZOCDopVKHniNF75Wf+wZ6WqbaCw cJZFvmTYVU5TWQ7WWugT/C2wlfEHmjTb1dKV09SWdYXHI7FXdqlswSIPN2XUIcyW KGqA4xD4PdCtidcYhhlk0ra9KThTwEgYdYg0otHEh9flveKLbja0o1g0Iy1zAfiG d49zbmdNQlv9v+CIM2L2+P9SU5/7oYGA/Dpk3aL84BlT5N10rlMA/05n1wIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFA+P7viYtcwzi4eb5vfqgRWXCUSNMB8GA1UdIwQY MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt MjM5ZDJmZTM5OGIxLzEvRDRfdS1KaTF6RE9MaDV2bTktcUJGWmNKUkkwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUEeWAwQA UEeYAwQAUEefAwQAW/BHAwQBwmmeMA0GCSqGSIb3DQEBCwUAA4IBAQAKbgPPgfya n2Sh/wrEOmgpG2WlqcAgMOA9Q4GlcPzdNM8O6zvjWJehs6Was3Ig5f03qkxBmcf5 n1Li3JTDHD5Be0qeHTmk5zeAxVUgzV00CgQQCQ3hau30fnbyxyHCNZD9lTfihNXo HhDEiO/+9sOT3Mor77PIwuYc1Q3vPbFsb8KvVdDepPEA2WGtamR+/ZR+F80qg07y DvGMM2bMaYbnoJABytXmwwfcDn2XIJEMn0k08x76jNUTydvAbQ564jynIM2KwD21 zkZTkKICIkZ4p+zrjM8ojyB13wR3I+tKneIvL4NSpPP8Ke2hcz4M36EninXQelwG 2HHmMD+J/67T -----END CERTIFICATE-----Generated at Tue Jan 20 00:06:12 2026 by rpki-client