This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/DUa5gfrd1mbJghmCA9wsPUgatiA.roa File: DUa5gfrd1mbJghmCA9wsPUgatiA.roa (raw, json) Hash identifier: vgkaB+FL8lKIjouXupzJZRb3iZtU+i3kKGIirTBXniA= Subject key identifier: 0D:46:B9:81:FA:DD:D6:66:C9:82:19:82:03:DC:2C:3D:48:1A:B6:20 Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9 Certificate serial: 019BB301BEBD1187A68401A9798B0C00B8D6 Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/DUa5gfrd1mbJghmCA9wsPUgatiA.roa Signing time: Mon 12 Jan 2026 16:19:54 +0000 ROA not before: Mon 12 Jan 2026 16:19:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7029 IP address blocks: 159.197.128.0/18 maxlen: 24 159.197.192.0/19 maxlen: 24 159.197.224.0/19 maxlen: 24 161.8.160.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.mft rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 22:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b3:01:be:bd:11:87:a6:84:01:a9:79:8b:0c:00:b8:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9 Validity Not Before: Jan 12 16:19:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0d46b981faddd666c982198203dc2c3d481ab620 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:20:a1:2f:45:31:09:5d:34:60:3d:c2:e5:7a: 76:e6:04:ff:a6:dc:28:27:be:85:ee:31:dc:2f:d2: b2:21:23:29:aa:ab:f0:99:28:5d:99:fa:14:50:1c: 61:fc:47:9e:4f:91:4d:4b:e4:2d:70:c5:13:30:68: b9:e7:ff:cb:c7:5b:db:57:3d:c3:ea:0b:0d:22:2d: 3a:97:26:c2:fe:3a:ee:a1:9e:5b:be:10:40:eb:7b: 37:a6:6e:cc:da:5f:c7:2f:1a:71:2a:52:ce:48:6f: 68:c2:3c:3b:1f:79:f6:ff:6f:5b:bc:b5:02:ad:ba: 6a:8f:22:5d:00:86:44:82:4a:10:1f:c1:b7:27:58: af:01:0c:2b:84:68:59:73:9c:15:89:61:d9:12:0f: 0a:fc:6c:44:a8:9d:9e:fb:1b:f9:ad:ac:5f:11:e1: 96:b1:4a:80:e3:82:8c:07:3a:53:2e:c3:66:52:f4: 0e:c6:43:46:cd:b7:ae:cd:90:f7:63:f4:85:c5:63: 5a:33:69:5b:94:e7:62:c8:96:5f:49:77:35:07:50: 72:d3:75:b4:44:bc:2c:84:b0:2a:0d:48:46:6c:75: 62:7c:c0:df:f4:f6:44:29:ed:3c:81:28:f5:fa:86: 1c:00:5e:d9:19:21:35:a6:f9:2e:c6:4e:1f:61:b6: 44:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:46:B9:81:FA:DD:D6:66:C9:82:19:82:03:DC:2C:3D:48:1A:B6:20 X509v3 Authority Key Identifier: keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/DUa5gfrd1mbJghmCA9wsPUgatiA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.197.128.0/17 161.8.160.0/19 Signature Algorithm: sha256WithRSAEncryption 43:f1:91:5a:85:46:17:9f:e4:cb:85:b9:d9:fe:da:95:76:12: ff:2d:3c:fc:32:03:44:37:31:b8:cd:f2:8c:6b:37:75:2f:d6: 77:9a:9a:e5:92:fd:9c:8f:0c:e3:ac:84:84:aa:92:88:6b:f3: 0c:ed:6b:9e:d1:e0:25:79:18:ea:8b:b5:34:63:e0:a9:b9:c3: 22:20:fc:b7:f8:62:ee:0c:db:af:4d:48:c4:a6:54:82:85:e5: 33:97:b4:05:87:c4:7b:1a:7e:7b:ae:91:82:e7:24:09:18:af: dc:02:a7:3f:da:5c:89:3b:d0:fa:d8:1d:50:70:68:93:6c:4d: 81:a0:93:ef:7c:07:20:5e:d8:f6:5c:75:15:c3:49:64:5b:df: bd:b3:b7:8d:9a:23:20:af:b4:68:40:1d:9d:fa:f9:67:ce:d1: f6:64:e0:fa:69:c0:b7:38:7d:05:80:46:6e:7c:80:11:6b:bf: 9d:ab:bb:b3:fa:a8:56:dd:66:24:dc:77:c7:18:e8:9c:db:77: 5f:4b:f8:b3:50:28:52:81:2a:fe:b6:fa:8e:1f:bc:f5:e4:a0: 56:f6:21:51:8f:32:c4:83:47:2b:85:94:31:72:93:2d:6d:a8: 68:85:c4:e9:0e:10:09:7b:65:7e:19:a0:b9:69:f7:5e:15:d3: 03:3a:72:e7 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZuzAb69EYemhAGpeYsMALjWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5 MWQ0YTkwHhcNMjYwMTEyMTYxOTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZDQ2Yjk4MWZhZGRkNjY2Yzk4MjE5ODIwM2RjMmMzZDQ4MWFiNjIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCChL0UxCV00YD3C5Xp25gT/ptwo J76F7jHcL9KyISMpqqvwmShdmfoUUBxh/EeeT5FNS+QtcMUTMGi55//Lx1vbVz3D 6gsNIi06lybC/jruoZ5bvhBA63s3pm7M2l/HLxpxKlLOSG9owjw7H3n2/29bvLUC rbpqjyJdAIZEgkoQH8G3J1ivAQwrhGhZc5wViWHZEg8K/GxEqJ2e+xv5raxfEeGW sUqA44KMBzpTLsNmUvQOxkNGzbeuzZD3Y/SFxWNaM2lblOdiyJZfSXc1B1By03W0 RLwshLAqDUhGbHVifMDf9PZEKe08gSj1+oYcAF7ZGSE1pvkuxk4fYbZETQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFA1GuYH63dZmyYIZggPcLD1IGrYgMB8GA1UdIwQY MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt ZWI3YWFhNjgyOGJlLzEvRFVhNWdmcmQxbWJKZ2htQ0E5d3NQVWdhdGlBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDItZWI3YWFhNjgyOGJl LzEvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHn8WAAwQF oQigMA0GCSqGSIb3DQEBCwUAA4IBAQBD8ZFahUYXn+TLhbnZ/tqVdhL/LTz8MgNE NzG4zfKMazd1L9Z3mprlkv2cjwzjrISEqpKIa/MM7Wue0eAleRjqi7U0Y+CpucMi IPy3+GLuDNuvTUjEplSCheUzl7QFh8R7Gn57rpGC5yQJGK/cAqc/2lyJO9D62B1Q cGiTbE2BoJPvfAcgXtj2XHUVw0lkW9+9s7eNmiMgr7RoQB2d+vlnztH2ZOD6acC3 OH0FgEZufIARa7+dq7uz+qhW3WYk3HfHGOic23dfS/izUChSgSr+tvqOH7z15KBW 9iFRjzLEg0crhZQxcpMtbahohcTpDhAJe2V+GaC5afdeFdMDOnLn -----END CERTIFICATE-----Generated at Sun Jan 18 08:53:45 2026 by rpki-client