This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/135fc4-b35a-42db-8141-220764dc345c/1/vGVZSv8sGgM5BoLDh6fVjRk2w7w.roa File: vGVZSv8sGgM5BoLDh6fVjRk2w7w.roa (raw, json) Hash identifier: RIvCgh4jwN9bhn2BuDsBle0NLGA7WV0r/x8kr5b3org= Subject key identifier: BC:65:59:4A:FF:2C:1A:03:39:06:82:C3:87:A7:D5:8D:19:36:C3:BC Certificate issuer: /CN=72f862dfe0c34874120d2cc169fc3144938ee8d9 Certificate serial: 019B7F12FE9F774C49FB2875615CDDCDB1A2 Authority key identifier: 72:F8:62:DF:E0:C3:48:74:12:0D:2C:C1:69:FC:31:44:93:8E:E8:D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvhi3-DDSHQSDSzBafwxRJOO6Nk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/135fc4-b35a-42db-8141-220764dc345c/1/vGVZSv8sGgM5BoLDh6fVjRk2w7w.roa Signing time: Fri 02 Jan 2026 14:18:29 +0000 ROA not before: Fri 02 Jan 2026 14:18:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198024 IP address blocks: 185.127.72.0/22 maxlen: 22 2a06:c7c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/135fc4-b35a-42db-8141-220764dc345c/1/cvhi3-DDSHQSDSzBafwxRJOO6Nk.crl rsync://rpki.ripe.net/repository/DEFAULT/96/135fc4-b35a-42db-8141-220764dc345c/1/cvhi3-DDSHQSDSzBafwxRJOO6Nk.mft rsync://rpki.ripe.net/repository/DEFAULT/cvhi3-DDSHQSDSzBafwxRJOO6Nk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:12:fe:9f:77:4c:49:fb:28:75:61:5c:dd:cd:b1:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72f862dfe0c34874120d2cc169fc3144938ee8d9 Validity Not Before: Jan 2 14:18:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bc65594aff2c1a03390682c387a7d58d1936c3bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:89:33:26:9a:33:c1:be:bf:6c:05:77:f8:0a: 73:fb:6f:41:08:22:4e:3b:51:05:e6:24:db:8d:51: e1:7f:a3:70:cd:7c:7c:a8:fe:a1:08:72:67:43:d8: 2f:48:77:8f:39:87:5f:2a:58:0a:22:57:3c:69:64: 2f:12:7f:cc:64:be:1b:ac:47:f9:57:e8:16:31:01: 6e:38:80:cf:79:ec:fd:9c:f2:ff:ba:e2:cb:fb:e7: bc:15:3f:3c:66:81:75:e1:04:03:92:c9:30:99:8c: e8:59:26:f4:45:89:6a:81:f6:a9:77:de:59:8b:96: da:1a:5d:4c:bf:74:47:4b:6a:0f:1d:53:e0:0f:22: f6:1c:bf:13:88:eb:69:8f:e7:0e:51:ea:ba:2c:96: 9a:32:18:56:7b:7f:07:ae:82:0a:ed:d1:6a:e7:8d: 79:f8:95:3f:84:df:5b:56:3a:9d:9c:22:fa:3d:4a: 86:f7:99:80:cf:13:5a:b4:82:b6:17:df:76:ad:97: 31:39:2c:f0:28:c7:f6:35:e9:c0:91:0a:7a:51:22: 57:45:e8:6c:a2:4f:a3:38:b0:90:f2:67:18:c5:5c: 1c:e8:9a:97:63:be:61:99:86:1a:a8:f2:bf:5c:1b: 8c:14:7d:bf:c5:b2:8d:a5:71:58:af:47:e1:b0:6e: da:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:65:59:4A:FF:2C:1A:03:39:06:82:C3:87:A7:D5:8D:19:36:C3:BC X509v3 Authority Key Identifier: keyid:72:F8:62:DF:E0:C3:48:74:12:0D:2C:C1:69:FC:31:44:93:8E:E8:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvhi3-DDSHQSDSzBafwxRJOO6Nk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/135fc4-b35a-42db-8141-220764dc345c/1/vGVZSv8sGgM5BoLDh6fVjRk2w7w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/96/135fc4-b35a-42db-8141-220764dc345c/1/cvhi3-DDSHQSDSzBafwxRJOO6Nk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.127.72.0/22 IPv6: 2a06:c7c0::/29 Signature Algorithm: sha256WithRSAEncryption 94:86:2d:e4:07:da:1d:75:07:17:da:25:20:c8:21:3a:ad:76: 20:aa:00:87:8e:ea:58:5c:ac:f4:5a:36:12:b3:53:29:99:83: e5:b1:08:e8:1b:6d:29:11:6f:a2:b5:66:c6:b2:1f:15:e0:b8: c7:61:93:1c:61:99:a0:bb:bd:c7:7d:24:b4:b1:be:ab:7a:02: 07:5a:11:40:31:03:2f:f1:d5:e8:c2:5b:b3:2b:ad:72:3e:1d: 59:f2:df:43:50:00:93:4e:f1:5c:1b:0d:8d:f6:d3:2d:e6:f6: a6:b2:be:1b:7f:ae:ac:e5:f8:2f:0a:bf:b7:c0:9c:d7:38:17: df:cb:cd:1b:35:d0:6a:29:62:36:31:58:54:00:61:b6:57:26: eb:e5:98:4c:ff:3f:30:68:9c:18:29:94:69:15:ac:31:3a:5e: 16:ba:e5:06:c3:43:a2:f6:7b:00:3f:58:b6:49:b1:a3:91:f8: 0a:c4:ca:f8:2f:80:a6:14:01:61:52:56:8c:9c:f2:4f:0d:46: 69:12:03:dc:16:ac:7d:0f:3e:86:5b:cb:a8:ff:38:f2:9f:d7: 42:89:a6:cc:21:88:64:13:2b:d4:ff:cc:45:cc:e2:b9:9e:02: 4b:1b:62:6c:fb:83:3c:a6:f6:85:a2:b3:36:78:5d:8d:e0:c0: 56:88:10:b4 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/Ev6fd0xJ+yh1YVzdzbGiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyZjg2MmRmZTBjMzQ4NzQxMjBkMmNjMTY5ZmMzMTQ0OTM4 ZWU4ZDkwHhcNMjYwMTAyMTQxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYzY1NTk0YWZmMmMxYTAzMzkwNjgyYzM4N2E3ZDU4ZDE5MzZjM2JjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIkzJpozwb6/bAV3+Apz+29BCCJO O1EF5iTbjVHhf6NwzXx8qP6hCHJnQ9gvSHePOYdfKlgKIlc8aWQvEn/MZL4brEf5 V+gWMQFuOIDPeez9nPL/uuLL++e8FT88ZoF14QQDkskwmYzoWSb0RYlqgfapd95Z i5baGl1Mv3RHS2oPHVPgDyL2HL8TiOtpj+cOUeq6LJaaMhhWe38HroIK7dFq5415 +JU/hN9bVjqdnCL6PUqG95mAzxNatIK2F992rZcxOSzwKMf2NenAkQp6USJXRehs ok+jOLCQ8mcYxVwc6JqXY75hmYYaqPK/XBuMFH2/xbKNpXFYr0fhsG7abQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLxlWUr/LBoDOQaCw4en1Y0ZNsO8MB8GA1UdIwQY MBaAFHL4Yt/gw0h0Eg0swWn8MUSTjujZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3ZoaTMtRERTSFFTRFN6QmFmd3hSSk9PNk5rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni8xMzVmYzQtYjM1YS00MmRiLTgxNDEt MjIwNzY0ZGMzNDVjLzEvdkdWWlN2OHNHZ001Qm9MRGg2ZlZqUmsydzd3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ni8xMzVmYzQtYjM1YS00MmRiLTgxNDEtMjIwNzY0ZGMzNDVj LzEvY3ZoaTMtRERTSFFTRFN6QmFmd3hSSk9PNk5rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuX9IMA0E AgACMAcDBQMqBsfAMA0GCSqGSIb3DQEBCwUAA4IBAQCUhi3kB9oddQcX2iUgyCE6 rXYgqgCHjupYXKz0WjYSs1MpmYPlsQjoG20pEW+itWbGsh8V4LjHYZMcYZmgu73H fSS0sb6regIHWhFAMQMv8dXowluzK61yPh1Z8t9DUACTTvFcGw2N9tMt5vamsr4b f66s5fgvCr+3wJzXOBffy80bNdBqKWI2MVhUAGG2Vybr5ZhM/z8waJwYKZRpFawx Ol4WuuUGw0Oi9nsAP1i2SbGjkfgKxMr4L4CmFAFhUlaMnPJPDUZpEgPcFqx9Dz6G W8uo/zjyn9dCiabMIYhkEyvU/8xFzOK5ngJLG2Js+4M8pvaForM2eF2N4MBWiBC0 -----END CERTIFICATE-----Generated at Mon Jan 26 22:36:40 2026 by rpki-client