This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/expyzDal9dyEO6AFHdQGKdXEBsY.roa File: expyzDal9dyEO6AFHdQGKdXEBsY.roa (raw, json) Hash identifier: iLVxq0kIQdGLyoYwWNpmclsxteFDJV8ZKEEfelvR8O0= Subject key identifier: 7B:1A:72:CC:36:A5:F5:DC:84:3B:A0:05:1D:D4:06:29:D5:C4:06:C6 Certificate issuer: /CN=2c94d70cfb7e69019a2e01c87d0a5d545a599b52 Certificate serial: 019B7E37945E41BD3DA54FB8DEB3D0768541 Authority key identifier: 2C:94:D7:0C:FB:7E:69:01:9A:2E:01:C8:7D:0A:5D:54:5A:59:9B:52 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJTXDPt-aQGaLgHIfQpdVFpZm1I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/expyzDal9dyEO6AFHdQGKdXEBsY.roa Signing time: Fri 02 Jan 2026 10:18:50 +0000 ROA not before: Fri 02 Jan 2026 10:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206049 IP address blocks: 185.197.56.0/22 maxlen: 24 188.65.96.0/21 maxlen: 21 212.11.67.0/24 maxlen: 24 212.11.76.0/24 maxlen: 24 2a0a:7640::/29 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/LJTXDPt-aQGaLgHIfQpdVFpZm1I.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/LJTXDPt-aQGaLgHIfQpdVFpZm1I.mft rsync://rpki.ripe.net/repository/DEFAULT/LJTXDPt-aQGaLgHIfQpdVFpZm1I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:94:5e:41:bd:3d:a5:4f:b8:de:b3:d0:76:85:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2c94d70cfb7e69019a2e01c87d0a5d545a599b52 Validity Not Before: Jan 2 10:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7b1a72cc36a5f5dc843ba0051dd40629d5c406c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:0d:78:98:b5:40:f5:9a:2e:d4:a0:4b:b9:06: c5:ce:50:b7:67:52:9f:e0:f6:7b:a1:c1:99:3b:3b: 6c:cd:3d:c1:d1:29:3b:a6:d7:5b:39:ca:62:9d:11: ba:d7:45:f3:65:89:59:e7:a4:94:dc:41:3d:76:47: b8:0a:75:17:5e:45:ba:ee:88:1a:29:57:ac:b6:94: f8:05:25:2c:3e:d3:1d:55:67:d2:88:56:76:a4:ea: bc:38:de:c9:c5:ff:6e:cb:7b:0b:52:a8:26:b6:9f: 1c:fd:2b:03:56:91:aa:27:35:5f:7f:e3:13:63:1a: fa:5f:38:96:34:c7:40:02:e2:df:57:36:d4:2e:17: 6a:1f:e4:56:e7:15:90:8d:f7:7d:74:b6:30:0d:80: 29:77:26:99:85:cc:c0:da:9d:24:36:4c:1a:47:02: d7:c6:f7:7b:a9:e3:eb:1b:cd:d0:e8:ba:44:b7:e5: fc:0a:c7:39:31:14:18:88:b2:21:7e:13:5d:f7:5b: fe:90:7b:01:3f:a1:74:49:3a:61:c3:74:47:ef:9a: a5:2f:00:6d:0f:76:83:67:de:89:67:77:60:3e:28: c1:7c:9e:1b:ef:6b:48:ce:1b:d9:0c:bd:d4:4a:dc: 33:d4:92:cb:da:3b:84:98:d3:51:b6:70:b4:b6:3f: 73:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:1A:72:CC:36:A5:F5:DC:84:3B:A0:05:1D:D4:06:29:D5:C4:06:C6 X509v3 Authority Key Identifier: keyid:2C:94:D7:0C:FB:7E:69:01:9A:2E:01:C8:7D:0A:5D:54:5A:59:9B:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJTXDPt-aQGaLgHIfQpdVFpZm1I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/expyzDal9dyEO6AFHdQGKdXEBsY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/1bda7c-9858-43f5-8659-69fc056b2625/1/LJTXDPt-aQGaLgHIfQpdVFpZm1I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.197.56.0/22 188.65.96.0/21 212.11.67.0/24 212.11.76.0/24 IPv6: 2a0a:7640::/29 Signature Algorithm: sha256WithRSAEncryption 9f:7f:bf:93:4e:c9:98:17:80:ba:7e:0f:32:23:7f:a0:91:9a: 0d:bd:e1:7c:c6:3b:bb:b0:26:f9:62:49:53:ec:29:6c:11:7f: 0a:c7:05:79:dc:35:fb:5d:42:ad:ce:1d:d3:12:77:c1:28:3f: 17:9e:3c:07:f4:5a:e0:7c:ad:bd:94:ea:79:5e:20:f1:d7:ff: cb:ac:14:13:62:73:c5:d3:9a:eb:fd:d1:84:71:bf:f5:d5:96: 6e:b3:25:2e:8a:ab:80:04:53:bc:56:57:d1:1f:35:be:5b:7b: 17:e9:ef:20:c2:97:eb:8e:a1:c2:01:13:d7:4d:55:bb:6e:63: a4:ae:99:c7:ae:7f:81:32:f4:6c:57:cf:f8:3c:e5:a0:23:70: 3b:69:c5:19:2d:b4:30:b0:f1:0c:83:94:5f:e2:d2:e0:bd:07: b1:80:56:96:89:df:14:02:ab:4c:92:49:c2:fa:72:64:c1:a2: c9:d8:8a:c5:ed:00:01:84:66:a2:07:b4:ab:db:a6:25:76:48: 0e:df:87:c6:64:e0:60:22:83:a1:ec:5b:33:60:96:61:68:1e: 82:90:75:d7:ba:c0:bf:6b:77:31:62:d4:0b:a4:f0:98:96:40: 6b:0d:0f:5a:4b:82:7c:40:ec:ae:5f:83:3a:a8:54:fc:81:70: 68:78:e3:c8 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt+N5ReQb09pU+43rPQdoVBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjOTRkNzBjZmI3ZTY5MDE5YTJlMDFjODdkMGE1ZDU0NWE1 OTliNTIwHhcNMjYwMTAyMTAxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3YjFhNzJjYzM2YTVmNWRjODQzYmEwMDUxZGQ0MDYyOWQ1YzQwNmM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw14mLVA9Zou1KBLuQbFzlC3Z1Kf 4PZ7ocGZOztszT3B0Sk7ptdbOcpinRG610XzZYlZ56SU3EE9dke4CnUXXkW67oga KVestpT4BSUsPtMdVWfSiFZ2pOq8ON7Jxf9uy3sLUqgmtp8c/SsDVpGqJzVff+MT Yxr6XziWNMdAAuLfVzbULhdqH+RW5xWQjfd9dLYwDYApdyaZhczA2p0kNkwaRwLX xvd7qePrG83Q6LpEt+X8Csc5MRQYiLIhfhNd91v+kHsBP6F0STphw3RH75qlLwBt D3aDZ96JZ3dgPijBfJ4b72tIzhvZDL3UStwz1JLL2juEmNNRtnC0tj9zqwIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFHsacsw2pfXchDugBR3UBinVxAbGMB8GA1UdIwQY MBaAFCyU1wz7fmkBmi4ByH0KXVRaWZtSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTEpUWERQdC1hUUdhTGdISWZRcGRWRnBabTFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xYmRhN2MtOTg1OC00M2Y1LTg2NTkt NjlmYzA1NmIyNjI1LzEvZXhweXpEYWw5ZHlFTzZBRkhkUUdLZFhFQnNZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi8xYmRhN2MtOTg1OC00M2Y1LTg2NTktNjlmYzA1NmIyNjI1 LzEvTEpUWERQdC1hUUdhTGdISWZRcGRWRnBabTFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCucU4AwQD vEFgAwQA1AtDAwQA1AtMMA0EAgACMAcDBQMqCnZAMA0GCSqGSIb3DQEBCwUAA4IB AQCff7+TTsmYF4C6fg8yI3+gkZoNveF8xju7sCb5YklT7ClsEX8KxwV53DX7XUKt zh3TEnfBKD8XnjwH9FrgfK29lOp5XiDx1//LrBQTYnPF05rr/dGEcb/11ZZusyUu iquABFO8VlfRHzW+W3sX6e8gwpfrjqHCARPXTVW7bmOkrpnHrn+BMvRsV8/4POWg I3A7acUZLbQwsPEMg5Rf4tLgvQexgFaWid8UAqtMkknC+nJkwaLJ2IrF7QABhGai B7Sr26YldkgO34fGZOBgIoOh7FszYJZhaB6CkHXXusC/a3cxYtQLpPCYlkBrDQ9a S4J8QOyuX4M6qFT8gXBoeOPI -----END CERTIFICATE-----Generated at Tue Jan 27 07:10:58 2026 by rpki-client