This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/dnN8Qbgzlqa5jVekVWfdeYwMnr0.roa File: dnN8Qbgzlqa5jVekVWfdeYwMnr0.roa (raw, json) Hash identifier: 2SBvdtsFiLZ+3pTsa8tg6rA3awhSjVKAsmyNnLuEU6w= Subject key identifier: 76:73:7C:41:B8:33:96:A6:B9:8D:57:A4:55:67:DD:79:8C:0C:9E:BD Certificate issuer: /CN=8acd2eb2f0618b72c646d997d3c95dd836bdd006 Certificate serial: 019B7C80DDE3368731FD51EB2FA7DAD2FE86 Authority key identifier: 8A:CD:2E:B2:F0:61:8B:72:C6:46:D9:97:D3:C9:5D:D8:36:BD:D0:06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/is0usvBhi3LGRtmX08ld2Da90AY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/dnN8Qbgzlqa5jVekVWfdeYwMnr0.roa Signing time: Fri 02 Jan 2026 02:19:38 +0000 ROA not before: Fri 02 Jan 2026 02:19:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51423 IP address blocks: 213.133.224.0/21 maxlen: 21 213.133.232.0/22 maxlen: 22 213.133.236.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/is0usvBhi3LGRtmX08ld2Da90AY.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/is0usvBhi3LGRtmX08ld2Da90AY.mft rsync://rpki.ripe.net/repository/DEFAULT/is0usvBhi3LGRtmX08ld2Da90AY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:dd:e3:36:87:31:fd:51:eb:2f:a7:da:d2:fe:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8acd2eb2f0618b72c646d997d3c95dd836bdd006 Validity Not Before: Jan 2 02:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=76737c41b83396a6b98d57a45567dd798c0c9ebd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:f2:4e:c1:4b:e1:7b:23:a8:c7:a3:88:e4:f5: 0a:cb:a7:98:26:e6:c1:64:14:87:07:cb:a3:e7:9e: ba:35:ec:b9:11:fe:e1:3e:86:9c:d8:5e:b1:9c:8c: a8:0a:1e:50:89:ef:42:b7:77:b2:d6:1e:47:27:f3: b0:85:94:28:e1:53:69:81:e1:39:c5:55:58:69:2e: 1c:8e:c7:08:23:a1:c5:6e:81:f8:cc:5f:7d:42:46: 1a:63:22:7f:9b:d3:9b:8a:0a:ef:5f:56:61:bd:e2: ed:ed:b1:14:19:33:61:28:1c:12:a2:1d:d7:1b:ab: d3:78:1c:0d:6e:ff:95:9a:52:6b:d6:85:55:2f:e7: 8a:40:51:96:48:9c:3e:05:f3:a4:73:a5:81:b1:56: 34:9b:e3:24:39:0a:df:92:25:33:6d:c3:29:33:70: e3:01:cd:77:bc:18:0b:2f:66:99:37:2c:d2:7d:1b: 67:2f:25:9c:fc:ce:3e:de:72:58:f5:3f:24:72:c4: 51:24:a6:d6:88:9b:81:61:d8:bf:8e:68:6c:7c:51: 7d:52:6d:38:88:85:81:2d:84:0a:f4:cb:03:c0:78: ee:cd:28:8e:64:07:7e:df:cb:3a:da:c5:86:81:25: 2e:be:b7:54:24:25:2e:87:51:20:ae:5d:15:fe:4c: 1b:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:73:7C:41:B8:33:96:A6:B9:8D:57:A4:55:67:DD:79:8C:0C:9E:BD X509v3 Authority Key Identifier: keyid:8A:CD:2E:B2:F0:61:8B:72:C6:46:D9:97:D3:C9:5D:D8:36:BD:D0:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/is0usvBhi3LGRtmX08ld2Da90AY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/dnN8Qbgzlqa5jVekVWfdeYwMnr0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b0587c-31e8-4a9b-af69-794c9d928cdc/1/is0usvBhi3LGRtmX08ld2Da90AY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.133.224.0/20 Signature Algorithm: sha256WithRSAEncryption 3f:50:06:ca:38:aa:f8:ac:d4:7f:6d:f1:5f:19:66:33:90:23: e3:ef:b6:a4:6d:ba:99:f2:f5:11:07:4a:76:74:29:d8:cf:44: c6:b0:46:23:ab:8c:43:6c:71:d1:74:d1:45:fe:6c:ab:5f:38: 37:16:62:c0:b4:1e:70:e3:48:d7:1e:b3:4f:89:a5:6e:f9:9b: 33:aa:7c:b6:8e:25:e1:75:82:ac:bc:0d:c4:fb:4a:04:7e:f0: 1e:37:e0:e7:0c:21:6c:e9:1c:3b:be:fb:63:81:bc:08:38:b2: c1:74:9a:fc:f3:d7:25:bc:21:92:0a:55:71:83:e4:c8:33:f6: cb:c0:d1:13:2e:51:0b:fe:86:8b:0e:af:30:73:ba:67:bb:8b: 13:32:a0:16:82:f5:0e:05:58:a6:f9:6d:eb:48:3b:f9:c1:22: a8:29:2d:23:f1:62:47:67:10:1c:9f:6c:68:20:d5:5f:d5:e2: a2:dd:25:9f:08:64:2c:d7:79:1a:37:2e:45:b4:5d:9c:a6:7e: e0:e7:22:50:b8:0d:a9:3a:b3:9e:ee:3e:c0:37:5e:ef:78:15: 8a:4d:c4:fd:6d:fd:d9:e4:3e:5a:aa:c5:43:82:be:75:f8:14: f9:8c:cb:45:0c:51:91:6c:ed:a9:ec:79:76:32:b6:c9:16:9d: 0f:be:ba:51 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8gN3jNocx/VHrL6fa0v6GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhY2QyZWIyZjA2MThiNzJjNjQ2ZDk5N2QzYzk1ZGQ4MzZi ZGQwMDYwHhcNMjYwMTAyMDIxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NjczN2M0MWI4MzM5NmE2Yjk4ZDU3YTQ1NTY3ZGQ3OThjMGM5ZWJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPJOwUvheyOox6OI5PUKy6eYJubB ZBSHB8uj5566Ney5Ef7hPoac2F6xnIyoCh5Qie9Ct3ey1h5HJ/OwhZQo4VNpgeE5 xVVYaS4cjscII6HFboH4zF99QkYaYyJ/m9ObigrvX1ZhveLt7bEUGTNhKBwSoh3X G6vTeBwNbv+VmlJr1oVVL+eKQFGWSJw+BfOkc6WBsVY0m+MkOQrfkiUzbcMpM3Dj Ac13vBgLL2aZNyzSfRtnLyWc/M4+3nJY9T8kcsRRJKbWiJuBYdi/jmhsfFF9Um04 iIWBLYQK9MsDwHjuzSiOZAd+38s62sWGgSUuvrdUJCUuh1Egrl0V/kwbowIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHZzfEG4M5amuY1XpFVn3XmMDJ69MB8GA1UdIwQY MBaAFIrNLrLwYYtyxkbZl9PJXdg2vdAGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXMwdXN2QmhpM0xHUnRtWDA4bGQyRGE5MEFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iMDU4N2MtMzFlOC00YTliLWFmNjkt Nzk0YzlkOTI4Y2RjLzEvZG5OOFFiZ3pscWE1alZla1ZXZmRlWXdNbnIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi9iMDU4N2MtMzFlOC00YTliLWFmNjktNzk0YzlkOTI4Y2Rj LzEvaXMwdXN2QmhpM0xHUnRtWDA4bGQyRGE5MEFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE1YXgMA0G CSqGSIb3DQEBCwUAA4IBAQA/UAbKOKr4rNR/bfFfGWYzkCPj77akbbqZ8vURB0p2 dCnYz0TGsEYjq4xDbHHRdNFF/myrXzg3FmLAtB5w40jXHrNPiaVu+Zszqny2jiXh dYKsvA3E+0oEfvAeN+DnDCFs6Rw7vvtjgbwIOLLBdJr889clvCGSClVxg+TIM/bL wNETLlEL/oaLDq8wc7pnu4sTMqAWgvUOBVim+W3rSDv5wSKoKS0j8WJHZxAcn2xo INVf1eKi3SWfCGQs13kaNy5FtF2cpn7g5yJQuA2pOrOe7j7AN17veBWKTcT9bf3Z 5D5aqsVDgr51+BT5jMtFDFGRbO2p7Hl2MrbJFp0PvrpR -----END CERTIFICATE-----Generated at Tue Jan 27 09:56:30 2026 by rpki-client