This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/1BSkcVOn1qfh4jN9Y9DJswoRbtE.roa File: 1BSkcVOn1qfh4jN9Y9DJswoRbtE.roa (raw, json) Hash identifier: LWd2G+pwtnf/D4Tz+gcRRy7rXH1Fkn75SR7a0vRuma0= Subject key identifier: D4:14:A4:71:53:A7:D6:A7:E1:E2:33:7D:63:D0:C9:B3:0A:11:6E:D1 Certificate issuer: /CN=71601c0b8b13cc121017f6d25117ac1fd0664344 Certificate serial: 019B791132A4649F6C8ED0DAA266BCBE0638 Authority key identifier: 71:60:1C:0B:8B:13:CC:12:10:17:F6:D2:51:17:AC:1F:D0:66:43:44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/1BSkcVOn1qfh4jN9Y9DJswoRbtE.roa Signing time: Thu 01 Jan 2026 10:18:48 +0000 ROA not before: Thu 01 Jan 2026 10:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198949 IP address blocks: 37.114.64.0/21 maxlen: 24 78.152.128.0/19 maxlen: 24 185.147.228.0/22 maxlen: 24 2a00:b180::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/cWAcC4sTzBIQF_bSUResH9BmQ0Q.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/cWAcC4sTzBIQF_bSUResH9BmQ0Q.mft rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:32:a4:64:9f:6c:8e:d0:da:a2:66:bc:be:06:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71601c0b8b13cc121017f6d25117ac1fd0664344 Validity Not Before: Jan 1 10:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d414a47153a7d6a7e1e2337d63d0c9b30a116ed1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:2a:50:56:f8:68:9b:ad:c6:58:ec:4b:7b:8d: db:26:bf:16:77:0f:20:d9:fe:2b:a7:10:91:e5:c3: 10:fc:82:9a:f5:96:39:38:b8:3a:59:8c:b5:12:e9: b4:28:34:86:4d:bd:8a:b6:9b:77:e6:55:a8:e4:7a: 6d:b7:91:2c:87:b0:17:47:30:7b:25:97:64:3a:b3: 84:77:8c:12:ae:a4:4b:2f:2d:ac:94:91:9a:9c:d5: dd:64:ca:8e:1c:3c:42:20:9b:65:b2:15:72:47:bc: df:1d:eb:34:8b:3f:b7:4d:d6:53:27:93:6f:84:64: e2:6a:2f:e5:72:28:a7:17:fb:05:ed:bb:e2:16:01: 2a:74:9b:66:bd:77:67:96:f7:8a:5a:0b:57:48:18: 31:04:52:1c:47:d9:a2:26:97:06:cf:0e:67:38:e8: d5:d2:9e:f3:d8:f2:37:93:95:6a:f6:11:14:8f:b5: 08:86:3b:64:82:47:32:c2:30:94:8c:60:16:56:43: b1:62:16:0f:ca:27:5a:c5:4a:ef:d8:c5:53:24:07: 64:c8:5a:8a:57:c9:1a:a2:b8:0e:04:25:f7:b6:63: d9:00:17:e3:ed:c1:cf:cd:aa:cb:be:15:f6:a5:14: 64:d6:1e:5e:9c:d8:2c:2c:51:6e:8f:78:19:d5:ed: 8e:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:14:A4:71:53:A7:D6:A7:E1:E2:33:7D:63:D0:C9:B3:0A:11:6E:D1 X509v3 Authority Key Identifier: keyid:71:60:1C:0B:8B:13:CC:12:10:17:F6:D2:51:17:AC:1F:D0:66:43:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cWAcC4sTzBIQF_bSUResH9BmQ0Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/1BSkcVOn1qfh4jN9Y9DJswoRbtE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d5a49a-4f1a-4961-9c1f-76b0325c3b07/1/cWAcC4sTzBIQF_bSUResH9BmQ0Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.114.64.0/21 78.152.128.0/19 185.147.228.0/22 IPv6: 2a00:b180::/32 Signature Algorithm: sha256WithRSAEncryption c0:aa:0f:de:05:fd:e1:3f:a2:b6:73:d4:12:dd:0a:78:44:02: ac:9b:aa:b8:a9:d9:64:7c:32:1b:6f:02:ae:5b:15:7b:21:67: c5:c3:40:37:5f:d4:07:29:9f:63:18:67:ba:d6:92:37:51:50: e0:8f:d5:c4:d9:96:d4:b9:e2:57:1e:f6:82:d3:35:08:2c:11: 4d:fc:d5:5c:59:44:63:ee:45:27:3a:1e:19:5f:04:11:7a:ba: 03:b2:ab:cc:46:78:22:5f:87:92:f2:87:74:ae:e2:42:39:ea: b0:3f:41:b6:08:3a:77:c6:c5:38:0b:c2:eb:cd:c4:d9:ff:b6: db:ea:66:54:28:53:35:cb:08:c1:32:95:c2:95:49:6a:66:94: 27:b5:d0:e7:08:4c:ea:47:8d:0e:85:96:e6:29:64:59:47:e0: 88:ea:5b:87:7e:c9:86:8d:49:fe:c8:e6:a9:20:dd:b2:df:f9: 8b:28:68:ba:44:b2:49:48:b4:14:47:79:5f:4d:d0:84:78:62: a8:7f:0b:2b:26:ed:33:07:5d:81:ee:eb:30:5d:bf:c1:a5:45: fd:9d:14:3c:a3:0b:8f:5e:07:92:2f:3d:f3:39:77:56:16:4c: 62:17:c3:23:82:a4:fe:8f:ed:fe:6b:e4:c8:73:3d:15:1f:2c: d6:50:08:ad -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt5ETKkZJ9sjtDaoma8vgY4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxNjAxYzBiOGIxM2NjMTIxMDE3ZjZkMjUxMTdhYzFmZDA2 NjQzNDQwHhcNMjYwMTAxMTAxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNDE0YTQ3MTUzYTdkNmE3ZTFlMjMzN2Q2M2QwYzliMzBhMTE2ZWQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCpQVvhom63GWOxLe43bJr8Wdw8g 2f4rpxCR5cMQ/IKa9ZY5OLg6WYy1Eum0KDSGTb2Ktpt35lWo5Hptt5Esh7AXRzB7 JZdkOrOEd4wSrqRLLy2slJGanNXdZMqOHDxCIJtlshVyR7zfHes0iz+3TdZTJ5Nv hGTiai/lciinF/sF7bviFgEqdJtmvXdnlveKWgtXSBgxBFIcR9miJpcGzw5nOOjV 0p7z2PI3k5Vq9hEUj7UIhjtkgkcywjCUjGAWVkOxYhYPyidaxUrv2MVTJAdkyFqK V8kaorgOBCX3tmPZABfj7cHPzarLvhX2pRRk1h5enNgsLFFuj3gZ1e2OtQIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFNQUpHFTp9an4eIzfWPQybMKEW7RMB8GA1UdIwQY MBaAFHFgHAuLE8wSEBf20lEXrB/QZkNEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY1dBY0M0c1R6QklRRl9iU1VSZXNIOUJtUTBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kNWE0OWEtNGYxYS00OTYxLTljMWYt NzZiMDMyNWMzYjA3LzEvMUJTa2NWT24xcWZoNGpOOVk5REpzd29SYnRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC9kNWE0OWEtNGYxYS00OTYxLTljMWYtNzZiMDMyNWMzYjA3 LzEvY1dBY0M0c1R6QklRRl9iU1VSZXNIOUJtUTBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDJXJAAwQF TpiAAwQCuZPkMA0EAgACMAcDBQAqALGAMA0GCSqGSIb3DQEBCwUAA4IBAQDAqg/e Bf3hP6K2c9QS3Qp4RAKsm6q4qdlkfDIbbwKuWxV7IWfFw0A3X9QHKZ9jGGe61pI3 UVDgj9XE2ZbUueJXHvaC0zUILBFN/NVcWURj7kUnOh4ZXwQReroDsqvMRngiX4eS 8od0ruJCOeqwP0G2CDp3xsU4C8LrzcTZ/7bb6mZUKFM1ywjBMpXClUlqZpQntdDn CEzqR40OhZbmKWRZR+CI6luHfsmGjUn+yOapIN2y3/mLKGi6RLJJSLQUR3lfTdCE eGKofwsrJu0zB12B7uswXb/BpUX9nRQ8owuPXgeSLz3zOXdWFkxiF8MjgqT+j+3+ a+TIcz0VHyzWUAit -----END CERTIFICATE-----Generated at Wed Jan 7 22:29:40 2026 by rpki-client