This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/dzyd5KYeCZl9jKMNHXB1explmIU.roa File: dzyd5KYeCZl9jKMNHXB1explmIU.roa (raw, json) Hash identifier: JDlou+R3Y6NUKrUn9nr65nM7DFTC0fOf1wAplyqXTmY= Subject key identifier: 77:3C:9D:E4:A6:1E:09:99:7D:8C:A3:0D:1D:70:75:7B:1A:65:98:85 Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da Certificate serial: 019BC0E313FBE31C01E8FDCF9F9BBEC82C50 Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/dzyd5KYeCZl9jKMNHXB1explmIU.roa Signing time: Thu 15 Jan 2026 09:01:05 +0000 ROA not before: Thu 15 Jan 2026 09:01:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25198 IP address blocks: 147.90.13.0/24 maxlen: 24 147.90.15.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 07:02:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:c0:e3:13:fb:e3:1c:01:e8:fd:cf:9f:9b:be:c8:2c:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da Validity Not Before: Jan 15 09:01:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=773c9de4a61e09997d8ca30d1d70757b1a659885 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:3d:0f:c1:16:3d:ed:27:27:07:57:e3:5d:2a: e7:7e:19:9c:fc:96:b9:cb:64:d6:4b:e3:ea:cf:d7: d9:f2:d7:b0:28:f1:f2:db:78:e3:c1:3d:b8:e4:6b: f2:77:eb:b6:95:48:7b:3b:bf:1d:66:cc:ee:60:e5: 35:5f:db:da:33:9f:fb:8a:bc:f4:dd:40:13:85:ca: f2:4f:6d:08:26:b0:11:1c:f1:c1:de:61:7a:82:37: c4:ce:d3:76:3f:79:6e:25:19:a2:11:53:85:19:37: fe:af:be:25:d8:47:63:13:8a:61:c4:f3:f1:ad:03: e6:19:24:28:64:49:ab:d6:27:80:43:56:a1:30:07: 3b:f9:85:27:99:a5:af:bd:06:22:2e:c7:aa:85:92: 2c:33:be:6e:8c:8a:04:45:29:3d:c7:2b:c4:97:8d: a1:5c:2f:e6:7c:76:52:b9:47:99:d5:bb:aa:cf:f5: b6:24:4b:36:9e:81:e9:6e:e1:34:18:37:77:36:58: 04:b6:90:b4:17:92:83:79:d1:83:88:c5:67:b7:ba: 65:a5:7c:bb:5b:74:92:ae:e3:c3:4b:db:72:23:ae: fc:e5:93:1e:1a:1d:8a:f9:bf:04:95:5b:2d:ab:37: 5f:15:f2:89:68:46:f6:90:c8:be:c5:ad:db:29:9e: 08:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:3C:9D:E4:A6:1E:09:99:7D:8C:A3:0D:1D:70:75:7B:1A:65:98:85 X509v3 Authority Key Identifier: keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/dzyd5KYeCZl9jKMNHXB1explmIU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 147.90.13.0/24 147.90.15.0/24 Signature Algorithm: sha256WithRSAEncryption e5:f1:fb:c4:30:59:45:17:df:43:96:39:79:9b:9b:6f:64:c2: 6b:66:16:d8:73:95:53:3d:39:5f:ad:78:14:57:0c:53:f3:2d: 63:2c:0a:82:3a:ff:f5:bf:29:e9:5d:9b:d6:f8:e1:11:e3:b1: a1:4f:f8:61:41:31:04:be:ea:25:d5:b0:28:0e:02:df:c0:81: b9:7e:61:66:a4:15:17:28:57:4a:1c:11:95:29:6e:0c:80:85: 26:c5:73:32:60:94:86:38:b7:d1:ad:fd:0c:ff:b5:9f:e6:0b: aa:ab:cd:12:84:2d:4f:09:82:db:c6:03:8e:a9:ff:7b:8d:f3: 00:04:93:9e:eb:d2:bd:d3:08:31:4b:af:e6:49:9f:d5:58:c5: 5f:63:c1:c8:29:88:61:77:37:3b:20:8f:3f:d7:85:f9:cc:bb: 6d:a3:52:7d:ca:20:17:07:b2:87:e4:b9:e6:6c:8a:d2:e9:b3: 1f:d0:b1:a9:a8:2c:43:36:85:32:e4:75:4d:66:40:d3:29:a6: f4:bb:1e:ef:90:b6:f2:36:6e:93:29:65:bc:6a:bf:d7:09:a6: 24:17:ee:ac:d9:5e:a3:06:ca:28:3f:ff:3f:b5:92:be:ec:68: a3:06:67:ed:5a:70:7e:f6:ed:27:69:0a:fe:ce:81:76:34:a3: 13:6b:72:fe -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZvA4xP74xwB6P3Pn5u+yCxQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5 NTkyZGEwHhcNMjYwMTE1MDkwMTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NzNjOWRlNGE2MWUwOTk5N2Q4Y2EzMGQxZDcwNzU3YjFhNjU5ODg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj0PwRY97ScnB1fjXSrnfhmc/Ja5 y2TWS+Pqz9fZ8tewKPHy23jjwT245Gvyd+u2lUh7O78dZszuYOU1X9vaM5/7irz0 3UAThcryT20IJrARHPHB3mF6gjfEztN2P3luJRmiEVOFGTf+r74l2EdjE4phxPPx rQPmGSQoZEmr1ieAQ1ahMAc7+YUnmaWvvQYiLseqhZIsM75ujIoERSk9xyvEl42h XC/mfHZSuUeZ1buqz/W2JEs2noHpbuE0GDd3NlgEtpC0F5KDedGDiMVnt7plpXy7 W3SSruPDS9tyI6785ZMeGh2K+b8ElVstqzdfFfKJaEb2kMi+xa3bKZ4IbQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHc8neSmHgmZfYyjDR1wdXsaZZiFMB8GA1UdIwQY MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt ZjVmYjcxYjlhNTFmLzEvZHp5ZDVLWWVDWmw5aktNTkhYQjFleHBsbUlVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAk1oNAwQA k1oPMA0GCSqGSIb3DQEBCwUAA4IBAQDl8fvEMFlFF99Dljl5m5tvZMJrZhbYc5VT PTlfrXgUVwxT8y1jLAqCOv/1vynpXZvW+OER47GhT/hhQTEEvuol1bAoDgLfwIG5 fmFmpBUXKFdKHBGVKW4MgIUmxXMyYJSGOLfRrf0M/7Wf5guqq80ShC1PCYLbxgOO qf97jfMABJOe69K90wgxS6/mSZ/VWMVfY8HIKYhhdzc7II8/14X5zLtto1J9yiAX B7KH5LnmbIrS6bMf0LGpqCxDNoUy5HVNZkDTKab0ux7vkLbyNm6TKWW8ar/XCaYk F+6s2V6jBsooP/8/tZK+7GijBmftWnB+9u0naQr+zoF2NKMTa3L+ -----END CERTIFICATE-----Generated at Mon Jan 19 16:51:40 2026 by rpki-client