This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/DFoJ8Ykped-mXhqm_OYd3pUCI78.roa File: DFoJ8Ykped-mXhqm_OYd3pUCI78.roa (raw, json) Hash identifier: pZAEPyW72cPOpC8U6Y92sF/916oHQlyolVnKoAI3w7U= Subject key identifier: 0C:5A:09:F1:89:29:79:DF:A6:5E:1A:A6:FC:E6:1D:DE:95:02:23:BF Certificate issuer: /CN=78356c6a831680e9b8b7c95514953007a9407e87 Certificate serial: 019B7B3684ADEE9FC222BB8FE50B471AAA28 Authority key identifier: 78:35:6C:6A:83:16:80:E9:B8:B7:C9:55:14:95:30:07:A9:40:7E:87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eDVsaoMWgOm4t8lVFJUwB6lAfoc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/DFoJ8Ykped-mXhqm_OYd3pUCI78.roa Signing time: Thu 01 Jan 2026 20:18:48 +0000 ROA not before: Thu 01 Jan 2026 20:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3223 IP address blocks: 45.87.156.0/22 maxlen: 24 185.181.104.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/eDVsaoMWgOm4t8lVFJUwB6lAfoc.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/eDVsaoMWgOm4t8lVFJUwB6lAfoc.mft rsync://rpki.ripe.net/repository/DEFAULT/eDVsaoMWgOm4t8lVFJUwB6lAfoc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:84:ad:ee:9f:c2:22:bb:8f:e5:0b:47:1a:aa:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=78356c6a831680e9b8b7c95514953007a9407e87 Validity Not Before: Jan 1 20:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0c5a09f1892979dfa65e1aa6fce61dde950223bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d8:d8:8b:f4:06:68:65:29:12:2f:45:0b:72: cd:19:87:da:66:f8:93:90:42:40:a5:b2:96:3a:56: ae:07:84:1a:17:cb:a7:f6:a6:83:90:57:67:d7:ff: 64:b2:62:f0:85:0d:ea:ef:11:2d:c8:c4:5f:13:bd: af:60:a7:00:ca:ec:17:a9:0e:10:e5:5b:f2:7d:99: 2f:5b:e5:b7:5b:91:68:8b:d8:d8:ec:f5:b2:6a:e3: d6:70:3f:12:9e:20:d4:39:27:f8:11:03:7f:d6:64: cf:e7:d8:2b:8a:c8:ca:80:e7:ba:07:6b:2b:0b:84: f1:3c:ca:b1:b6:8f:49:4f:c7:5b:7d:f7:d0:22:eb: c9:52:40:3d:42:6e:41:1a:ed:df:09:b5:65:51:89: 05:70:33:3b:c6:a9:51:ee:52:7b:b4:3f:63:53:7f: 0e:c9:fe:20:ac:24:d4:c1:51:f7:3e:ba:72:a7:bb: 11:49:1d:14:41:2b:cb:2e:a8:23:30:eb:fe:58:84: a0:7f:e5:68:ec:78:26:4a:7e:c0:f0:31:e3:23:c9: f9:57:b8:7c:39:1a:1c:32:91:ec:fb:66:1c:ee:3a: 43:8a:32:f3:e5:1b:f5:5b:0e:6b:3d:ed:01:4c:34: 92:8b:0f:1c:82:63:56:a6:93:29:fc:f4:b1:ed:ea: 38:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:5A:09:F1:89:29:79:DF:A6:5E:1A:A6:FC:E6:1D:DE:95:02:23:BF X509v3 Authority Key Identifier: keyid:78:35:6C:6A:83:16:80:E9:B8:B7:C9:55:14:95:30:07:A9:40:7E:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eDVsaoMWgOm4t8lVFJUwB6lAfoc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/DFoJ8Ykped-mXhqm_OYd3pUCI78.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/8d9136-1cb2-4349-ab86-5dc392de637b/1/eDVsaoMWgOm4t8lVFJUwB6lAfoc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.87.156.0/22 185.181.104.0/22 Signature Algorithm: sha256WithRSAEncryption 0e:7c:3c:9d:49:c5:de:3d:8e:f4:cb:f6:3e:e6:df:93:b6:c7: c3:62:cb:78:54:49:e1:f6:2d:f9:12:ad:49:d0:ad:b3:a2:95: 69:6a:d6:c9:65:2a:6c:fd:ba:3f:62:25:e8:05:1b:47:78:fa: 29:20:e7:69:02:a6:2d:e2:3a:4d:75:29:19:1b:35:be:ef:90: 03:a6:5f:b0:ba:93:e7:95:29:56:3a:56:39:4a:44:1d:ae:4f: 8a:fc:c5:ca:97:17:56:a7:d7:1c:b9:d8:6d:27:6f:29:a3:7d: 6d:f8:49:0a:d4:03:1b:d1:04:28:91:8b:06:61:c8:3d:b4:54: 65:1a:e4:a0:dc:04:4f:b4:a8:71:08:be:71:38:6a:a5:8e:0e: 14:ce:ac:25:58:e2:6b:c2:37:1e:b2:ff:c4:61:95:d0:e4:66: a4:55:a2:a6:37:c0:7b:72:4d:91:a6:0a:f1:4a:8e:36:0d:c9: af:cc:89:f8:a0:e0:4b:f8:34:09:2d:2b:7a:ba:22:92:bd:ff: 11:bb:4f:77:b5:b5:66:2c:2d:66:da:39:3b:93:4d:30:76:9b: 4e:3e:1f:00:13:04:8e:6e:14:fd:65:f7:d8:4f:70:25:00:19: 77:1f:26:96:76:e8:49:ef:e0:68:3d:86:0f:86:c9:94:67:ab: a7:c2:18:3a -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7NoSt7p/CIruP5QtHGqooMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc4MzU2YzZhODMxNjgwZTliOGI3Yzk1NTE0OTUzMDA3YTk0 MDdlODcwHhcNMjYwMTAxMjAxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYzVhMDlmMTg5Mjk3OWRmYTY1ZTFhYTZmY2U2MWRkZTk1MDIyM2JmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtjYi/QGaGUpEi9FC3LNGYfaZviT kEJApbKWOlauB4QaF8un9qaDkFdn1/9ksmLwhQ3q7xEtyMRfE72vYKcAyuwXqQ4Q 5VvyfZkvW+W3W5Foi9jY7PWyauPWcD8SniDUOSf4EQN/1mTP59grisjKgOe6B2sr C4TxPMqxto9JT8dbfffQIuvJUkA9Qm5BGu3fCbVlUYkFcDM7xqlR7lJ7tD9jU38O yf4grCTUwVH3Prpyp7sRSR0UQSvLLqgjMOv+WISgf+Vo7HgmSn7A8DHjI8n5V7h8 ORocMpHs+2Yc7jpDijLz5Rv1Ww5rPe0BTDSSiw8cgmNWppMp/PSx7eo4ZQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFAxaCfGJKXnfpl4apvzmHd6VAiO/MB8GA1UdIwQY MBaAFHg1bGqDFoDpuLfJVRSVMAepQH6HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZURWc2FvTVdnT200dDhsVkZKVXdCNmxBZm9jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84ZDkxMzYtMWNiMi00MzQ5LWFiODYt NWRjMzkyZGU2MzdiLzEvREZvSjhZa3BlZC1tWGhxbV9PWWQzcFVDSTc4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC84ZDkxMzYtMWNiMi00MzQ5LWFiODYtNWRjMzkyZGU2Mzdi LzEvZURWc2FvTVdnT200dDhsVkZKVXdCNmxBZm9jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVecAwQC ubVoMA0GCSqGSIb3DQEBCwUAA4IBAQAOfDydScXePY70y/Y+5t+TtsfDYst4VEnh 9i35Eq1J0K2zopVpatbJZSps/bo/YiXoBRtHePopIOdpAqYt4jpNdSkZGzW+75AD pl+wupPnlSlWOlY5SkQdrk+K/MXKlxdWp9ccudhtJ28po31t+EkK1AMb0QQokYsG Ycg9tFRlGuSg3ARPtKhxCL5xOGqljg4UzqwlWOJrwjcesv/EYZXQ5GakVaKmN8B7 ck2RpgrxSo42DcmvzIn4oOBL+DQJLSt6uiKSvf8Ru093tbVmLC1m2jk7k00wdptO Ph8AEwSObhT9ZffYT3AlABl3HyaWduhJ7+BoPYYPhsmUZ6unwhg6 -----END CERTIFICATE-----Generated at Tue Jan 20 01:22:11 2026 by rpki-client