This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/D0GEjoznOI2frIxZsC2NiRuqe58.roa File: D0GEjoznOI2frIxZsC2NiRuqe58.roa (raw, json) Hash identifier: izqFp+9eKQWS0LIy0mUZV6cpF1Hakb27ARgQaCVrstg= Subject key identifier: 0F:41:84:8E:8C:E7:38:8D:9F:AC:8C:59:B0:2D:8D:89:1B:AA:7B:9F Certificate issuer: /CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8 Certificate serial: 019B78A239304DF6CF41FD688B37873905FA Authority key identifier: 0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/D0GEjoznOI2frIxZsC2NiRuqe58.roa Signing time: Thu 01 Jan 2026 08:17:35 +0000 ROA not before: Thu 01 Jan 2026 08:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60072 IP address blocks: 31.171.192.0/21 maxlen: 21 31.171.197.0/24 maxlen: 24 31.171.198.0/24 maxlen: 24 185.58.216.0/22 maxlen: 22 185.58.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.mft rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:39:30:4d:f6:cf:41:fd:68:8b:37:87:39:05:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8 Validity Not Before: Jan 1 08:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0f41848e8ce7388d9fac8c59b02d8d891baa7b9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:9d:18:05:16:03:5b:ca:5f:30:41:b8:6b:d5: ba:f5:94:b3:57:fd:b4:7b:42:8b:8d:c5:ac:ca:aa: 5b:ee:fb:a7:44:1c:4b:5a:0f:c1:d0:eb:2f:4a:cb: 51:c1:a7:cc:64:e4:03:4f:3a:29:c4:99:0c:b5:c6: 7c:4d:82:ea:c0:99:08:97:99:a8:6c:01:18:94:d3: 36:75:0d:62:2e:01:e5:cd:32:cb:75:11:0e:aa:ec: 3b:86:98:b3:24:55:b5:16:eb:9c:3b:6e:c7:ca:c1: 64:20:21:22:a2:68:49:21:19:99:6c:05:a1:e0:71: 99:fd:0c:3d:f9:10:3f:64:cb:7d:1b:30:4d:d5:c1: 4f:40:d6:f8:cb:d6:8a:4c:02:5e:40:99:21:dd:41: 59:a9:56:14:7a:66:c6:96:10:d9:ec:24:7d:4f:69: e6:ac:66:4e:bf:a2:1a:f1:83:18:27:18:16:c4:92: 6a:a2:48:7d:3d:e4:f2:5a:0f:a5:60:96:5a:62:78: eb:2b:55:81:79:c3:a9:b5:64:1e:ff:85:50:2d:3f: 24:56:aa:bc:c8:da:da:a1:47:e5:b9:39:6a:2b:fa: 3e:bd:34:0c:20:65:a6:df:27:96:f6:dd:08:ed:d9: f0:72:29:50:36:e2:96:c3:ae:4d:b9:b5:46:40:20: d7:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:41:84:8E:8C:E7:38:8D:9F:AC:8C:59:B0:2D:8D:89:1B:AA:7B:9F X509v3 Authority Key Identifier: keyid:0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/D0GEjoznOI2frIxZsC2NiRuqe58.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.171.192.0/21 185.58.216.0/22 Signature Algorithm: sha256WithRSAEncryption 32:b6:67:90:93:52:57:26:dd:2e:5e:8a:d9:fb:2d:97:0d:21: 79:cf:82:42:b3:ad:9c:a6:e2:74:d1:43:ed:19:d3:27:17:91: 62:4f:7a:b0:31:86:18:f7:13:01:54:51:0a:ba:15:a4:57:8f: 06:73:1f:a2:0c:2e:32:c5:c9:0b:07:15:a4:03:2e:9d:65:e8: 4f:af:7a:97:58:22:d6:07:0c:c8:d1:1a:e8:09:b8:d1:cb:2b: 95:fb:cf:20:a9:08:ad:88:15:30:23:31:14:52:17:3c:44:37: fb:da:88:b5:02:8f:7c:c1:97:49:80:13:4c:02:1d:00:a7:93: b9:69:0e:91:bc:07:aa:da:88:2c:13:f3:dd:e2:46:8f:3b:34: 63:a3:aa:c5:f6:9b:e6:d8:6a:89:db:ee:c9:cc:16:1b:0e:90: c9:85:ce:3d:0c:45:66:1a:8f:28:0d:fd:36:61:45:7d:c4:89: 99:74:4f:71:de:cf:65:5c:c0:55:f3:68:9d:b0:8d:79:3a:d1: 68:29:ec:ba:98:4c:f7:9f:a1:4a:50:3b:cb:c9:eb:2a:ae:23: 13:28:d7:2d:9e:f5:42:84:3a:44:d2:3e:07:d9:8e:3b:57:ce: e5:19:77:9d:cb:76:d4:c1:65:06:a6:c3:fb:b6:24:7b:38:3a: 8a:6d:9c:94 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4ojkwTfbPQf1oizeHOQX6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlZjgxZDllODllMmM0NzEzMjFkOTY3ZjcwOTIwOTRkYWRm ZTJhYTgwHhcNMjYwMTAxMDgxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZjQxODQ4ZThjZTczODhkOWZhYzhjNTliMDJkOGQ4OTFiYWE3YjlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA250YBRYDW8pfMEG4a9W69ZSzV/20 e0KLjcWsyqpb7vunRBxLWg/B0OsvSstRwafMZOQDTzopxJkMtcZ8TYLqwJkIl5mo bAEYlNM2dQ1iLgHlzTLLdREOquw7hpizJFW1FuucO27HysFkICEiomhJIRmZbAWh 4HGZ/Qw9+RA/ZMt9GzBN1cFPQNb4y9aKTAJeQJkh3UFZqVYUembGlhDZ7CR9T2nm rGZOv6Ia8YMYJxgWxJJqokh9PeTyWg+lYJZaYnjrK1WBecOptWQe/4VQLT8kVqq8 yNraoUfluTlqK/o+vTQMIGWm3yeW9t0I7dnwcilQNuKWw65NubVGQCDXiQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFA9BhI6M5ziNn6yMWbAtjYkbqnufMB8GA1UdIwQY MBaAFA74HZ6J4sRxMh2Wf3CSCU2t/iqoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUt MDc1ZjI0ZTRiZTcxLzEvRDBHRWpvem5PSTJmckl4WnNDMk5pUnVxZTU4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUtMDc1ZjI0ZTRiZTcx LzEvRHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH6vAAwQC uTrYMA0GCSqGSIb3DQEBCwUAA4IBAQAytmeQk1JXJt0uXorZ+y2XDSF5z4JCs62c puJ00UPtGdMnF5FiT3qwMYYY9xMBVFEKuhWkV48Gcx+iDC4yxckLBxWkAy6dZehP r3qXWCLWBwzI0RroCbjRyyuV+88gqQitiBUwIzEUUhc8RDf72oi1Ao98wZdJgBNM Ah0Ap5O5aQ6RvAeq2ogsE/Pd4kaPOzRjo6rF9pvm2GqJ2+7JzBYbDpDJhc49DEVm Go8oDf02YUV9xImZdE9x3s9lXMBV82idsI15OtFoKey6mEz3n6FKUDvLyesqriMT KNctnvVChDpE0j4H2Y47V87lGXedy3bUwWUGpsP7tiR7ODqKbZyU -----END CERTIFICATE-----Generated at Mon Feb 9 21:01:36 2026 by rpki-client