This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/ccb4fd-fa67-48d6-a8fc-9a29f1f4081c/1/P-DBjLRAhGCsnhP5dVp_tFMnlGE.roa File: P-DBjLRAhGCsnhP5dVp_tFMnlGE.roa (raw, json) Hash identifier: pkN8TYGuUVnxVvKzbBZ3PyoTyNpT5OufkpOv4OKwQDY= Subject key identifier: 3F:E0:C1:8C:B4:40:84:60:AC:9E:13:F9:75:5A:7F:B4:53:27:94:61 Certificate issuer: /CN=a750263823402b83c11c5014d32666dcab111447 Certificate serial: 019B7E37F1120997CC1063AC74A3D36D2053 Authority key identifier: A7:50:26:38:23:40:2B:83:C1:1C:50:14:D3:26:66:DC:AB:11:14:47 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p1AmOCNAK4PBHFAU0yZm3KsRFEc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/ccb4fd-fa67-48d6-a8fc-9a29f1f4081c/1/P-DBjLRAhGCsnhP5dVp_tFMnlGE.roa Signing time: Fri 02 Jan 2026 10:19:13 +0000 ROA not before: Fri 02 Jan 2026 10:19:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8075 IP address blocks: 89.28.185.0/24 maxlen: 24 89.28.186.0/24 maxlen: 24 89.28.187.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/ccb4fd-fa67-48d6-a8fc-9a29f1f4081c/1/p1AmOCNAK4PBHFAU0yZm3KsRFEc.crl rsync://rpki.ripe.net/repository/DEFAULT/83/ccb4fd-fa67-48d6-a8fc-9a29f1f4081c/1/p1AmOCNAK4PBHFAU0yZm3KsRFEc.mft rsync://rpki.ripe.net/repository/DEFAULT/p1AmOCNAK4PBHFAU0yZm3KsRFEc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 13:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:f1:12:09:97:cc:10:63:ac:74:a3:d3:6d:20:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a750263823402b83c11c5014d32666dcab111447 Validity Not Before: Jan 2 10:19:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3fe0c18cb4408460ac9e13f9755a7fb453279461 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:0f:1c:fa:07:74:8d:34:45:43:21:ca:28:4f: 5c:e5:3a:97:54:a4:81:b3:94:d0:25:65:f2:11:ad: 4e:a3:39:98:eb:27:0f:93:7d:67:71:cc:78:f1:50: 87:77:67:47:63:5e:7e:6e:a3:f0:54:e2:66:18:a2: da:74:1f:23:ab:f2:63:a3:82:3e:59:27:07:aa:90: 32:f7:57:a7:11:61:b3:ad:8f:14:d9:d6:c0:e4:02: cc:b0:1f:28:b1:38:52:4f:69:8f:98:e1:1b:fd:2d: 61:74:7b:6e:a0:cf:e5:92:24:ee:05:99:f8:ec:98: 30:0b:dd:8c:1c:dc:c1:ba:a9:ed:85:6c:45:89:5d: 71:86:01:24:21:0f:19:87:8f:9e:11:ba:af:73:32: f7:40:0d:38:2d:ea:52:10:81:55:8e:e0:73:22:01: 60:25:ed:72:ff:9e:52:44:15:1d:2a:5c:aa:42:3c: f2:d6:fe:4b:7a:e5:0d:e0:c7:26:03:2b:be:d6:fd: df:bd:d9:f1:ed:8d:ce:ce:a8:2b:75:59:08:cc:0b: e4:2b:89:be:be:b0:a0:76:9e:8b:8f:c4:d7:81:24: 2d:1c:fa:9c:23:31:da:5a:a9:27:17:50:8d:00:0e: 98:d1:9e:5d:f2:30:15:63:ab:47:4f:55:b6:34:81: 47:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:E0:C1:8C:B4:40:84:60:AC:9E:13:F9:75:5A:7F:B4:53:27:94:61 X509v3 Authority Key Identifier: keyid:A7:50:26:38:23:40:2B:83:C1:1C:50:14:D3:26:66:DC:AB:11:14:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p1AmOCNAK4PBHFAU0yZm3KsRFEc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/ccb4fd-fa67-48d6-a8fc-9a29f1f4081c/1/P-DBjLRAhGCsnhP5dVp_tFMnlGE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/ccb4fd-fa67-48d6-a8fc-9a29f1f4081c/1/p1AmOCNAK4PBHFAU0yZm3KsRFEc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.28.185.0-89.28.187.255 Signature Algorithm: sha256WithRSAEncryption 8c:de:59:61:1b:e2:6e:38:ef:33:52:2e:ee:2b:3c:83:77:85: 9c:4d:82:ab:a9:b4:22:4c:9a:80:63:c0:91:7a:65:57:95:25: 0a:60:f6:fe:e2:71:61:9f:c2:42:31:c2:e1:7b:3a:01:fd:72: 8a:54:18:c5:34:11:81:99:10:5f:1f:90:8c:73:0f:09:a4:e4: 85:b4:6f:54:df:ce:d2:ee:d8:49:3a:a3:79:c2:e7:6a:bd:d9: 78:09:cc:ce:79:26:74:65:8b:a7:db:46:9c:81:c2:36:93:b5: 9c:f0:5b:62:6f:ce:5c:64:ee:7e:48:53:5e:34:f6:bc:dc:2f: 6f:59:7b:ce:62:c4:c7:04:11:22:53:ba:ab:4b:a5:4a:11:6a: 8f:99:24:25:67:62:09:e0:58:02:17:f3:f3:f0:64:f6:d2:e4: a1:1e:9d:c0:86:5a:0a:95:07:18:7a:3d:a0:d4:b0:8a:db:42: 95:b6:42:40:c5:16:d1:47:96:aa:f1:be:3d:b8:b1:56:ca:00: 2e:da:ca:b7:f0:e0:8d:bb:cf:5d:cc:98:b0:22:31:4b:0e:2f: 4a:d4:e9:4b:fc:2d:2e:f8:ad:20:7a:e8:e1:b7:1b:9d:7d:2b: f8:29:3f:e5:5d:2f:c2:76:d3:5d:bf:6a:8d:da:14:09:19:99: 21:1f:56:ce -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt+N/ESCZfMEGOsdKPTbSBTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3NTAyNjM4MjM0MDJiODNjMTFjNTAxNGQzMjY2NmRjYWIx MTE0NDcwHhcNMjYwMTAyMTAxOTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZmUwYzE4Y2I0NDA4NDYwYWM5ZTEzZjk3NTVhN2ZiNDUzMjc5NDYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzg8c+gd0jTRFQyHKKE9c5TqXVKSB s5TQJWXyEa1OozmY6ycPk31nccx48VCHd2dHY15+bqPwVOJmGKLadB8jq/Jjo4I+ WScHqpAy91enEWGzrY8U2dbA5ALMsB8osThST2mPmOEb/S1hdHtuoM/lkiTuBZn4 7JgwC92MHNzBuqnthWxFiV1xhgEkIQ8Zh4+eEbqvczL3QA04LepSEIFVjuBzIgFg Je1y/55SRBUdKlyqQjzy1v5LeuUN4McmAyu+1v3fvdnx7Y3OzqgrdVkIzAvkK4m+ vrCgdp6Lj8TXgSQtHPqcIzHaWqknF1CNAA6Y0Z5d8jAVY6tHT1W2NIFHswIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFD/gwYy0QIRgrJ4T+XVaf7RTJ5RhMB8GA1UdIwQY MBaAFKdQJjgjQCuDwRxQFNMmZtyrERRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcDFBbU9DTkFLNFBCSEZBVTB5Wm0zS3NSRkVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9jY2I0ZmQtZmE2Ny00OGQ2LWE4ZmMt OWEyOWYxZjQwODFjLzEvUC1EQmpMUkFoR0NzbmhQNWRWcF90Rk1ubEdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My9jY2I0ZmQtZmE2Ny00OGQ2LWE4ZmMtOWEyOWYxZjQwODFj LzEvcDFBbU9DTkFLNFBCSEZBVTB5Wm0zS3NSRkVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABZHLkD BAJZHLgwDQYJKoZIhvcNAQELBQADggEBAIzeWWEb4m447zNSLu4rPIN3hZxNgqup tCJMmoBjwJF6ZVeVJQpg9v7icWGfwkIxwuF7OgH9copUGMU0EYGZEF8fkIxzDwmk 5IW0b1TfztLu2Ek6o3nC52q92XgJzM55JnRli6fbRpyBwjaTtZzwW2Jvzlxk7n5I U1409rzcL29Ze85ixMcEESJTuqtLpUoRao+ZJCVnYgngWAIX8/PwZPbS5KEencCG WgqVBxh6PaDUsIrbQpW2QkDFFtFHlqrxvj24sVbKAC7ayrfw4I27z13MmLAiMUsO L0rU6Uv8LS74rSB66OG3G519K/gpP+VdL8J2012/ao3aFAkZmSEfVs4= -----END CERTIFICATE-----Generated at Sun Jan 18 16:37:18 2026 by rpki-client