This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/dZEx9OWUD23x5uuc5D0RvUQs0J0.roa File: dZEx9OWUD23x5uuc5D0RvUQs0J0.roa (raw, json) Hash identifier: JOuDISNyvO4jasphChNmyvtme6bkbF6emnrz73RUw1U= Subject key identifier: 75:91:31:F4:E5:94:0F:6D:F1:E6:EB:9C:E4:3D:11:BD:44:2C:D0:9D Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5 Certificate serial: 019B7F158B73253B628826CD556229408AAC Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/dZEx9OWUD23x5uuc5D0RvUQs0J0.roa Signing time: Fri 02 Jan 2026 14:21:16 +0000 ROA not before: Fri 02 Jan 2026 14:21:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2856 IP address blocks: 188.172.160.0/20 maxlen: 20 188.172.160.0/21 maxlen: 21 188.172.168.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.mft rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:8b:73:25:3b:62:88:26:cd:55:62:29:40:8a:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5 Validity Not Before: Jan 2 14:21:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=759131f4e5940f6df1e6eb9ce43d11bd442cd09d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:3b:d3:2f:a4:8e:78:35:8a:bd:c7:16:5d:e1: 36:08:b9:31:51:42:1d:61:25:1a:ba:95:6d:62:61: 16:ab:95:97:be:22:d8:be:c7:31:c1:56:11:3b:ae: 6e:7b:2a:37:f7:59:33:02:23:98:81:39:98:97:fe: fe:1c:91:25:30:0c:f1:8c:5e:49:ce:20:83:10:ad: f7:71:86:68:9f:91:c5:a5:84:dd:4f:33:99:5c:b2: a7:61:9f:fe:f7:d3:6f:fa:d6:31:bb:84:d6:46:f8: 6b:45:a8:b0:77:c9:1c:de:88:a5:5f:1b:4e:9b:23: 6c:5c:8a:5a:12:ae:d0:b3:84:a1:33:50:f0:e2:09: 5d:35:6e:1a:ce:37:ef:93:64:c6:c1:71:73:ab:89: 0c:21:11:7a:9d:98:9f:c1:14:37:a1:10:a7:3c:13: 00:44:47:89:c8:bb:0a:4e:a2:12:14:09:34:2e:53: 44:34:1f:e2:ed:c8:e3:77:3a:53:5d:84:c4:0f:14: e5:4d:86:c9:f9:08:14:a7:36:d7:9c:ee:b1:35:9a: 96:48:de:f2:8d:3c:99:e0:54:24:0d:8e:5a:cf:33: 56:b2:71:c2:55:ba:68:7a:ad:78:61:37:19:28:65: ef:d0:df:da:41:84:f6:ec:62:8c:36:da:08:06:fb: 1d:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:91:31:F4:E5:94:0F:6D:F1:E6:EB:9C:E4:3D:11:BD:44:2C:D0:9D X509v3 Authority Key Identifier: keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/dZEx9OWUD23x5uuc5D0RvUQs0J0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.172.160.0/20 Signature Algorithm: sha256WithRSAEncryption 4d:ae:d2:b8:9d:81:86:73:65:3d:f1:54:4e:3e:a5:f4:28:3d: 5f:27:f0:e4:d2:e2:ff:47:2b:77:50:e4:f5:f8:3a:b2:07:d8: a5:37:2b:86:84:c2:b4:14:55:bd:05:bf:da:da:65:e9:7d:ce: f6:b6:e4:22:20:e5:a0:db:40:74:b4:6f:a6:f0:2c:07:50:8b: 35:7b:a7:0c:95:b4:2b:e6:e1:a6:19:53:5f:5b:97:7c:85:dd: 84:c3:76:9f:e4:2a:bc:23:46:8c:4c:36:46:bf:f1:0b:d0:28: 7e:b3:d1:3d:07:7d:f5:0b:9f:76:53:9c:49:31:56:f4:8c:ae: a3:27:80:ca:00:4c:3d:11:3e:a3:da:c9:70:ea:cf:44:64:e7: fe:04:72:30:43:e1:75:d5:e0:e3:f3:41:8d:89:a6:79:8d:5f: d7:12:71:76:bb:2d:77:7d:1e:73:9e:30:37:a6:5d:71:75:1b: 6a:c9:7e:27:99:a2:a6:ee:37:4b:12:df:28:b8:91:3a:ea:0e: 99:3b:a9:ab:01:eb:03:65:ab:76:fb:46:1c:b6:24:89:97:70: f2:04:07:58:40:ab:7b:fc:a4:e7:76:dc:99:12:30:22:d0:3a: 05:95:07:70:fb:9e:9e:3d:9d:0b:8f:de:93:1f:90:89:19:d1: 97:c7:7a:db -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FYtzJTtiiCbNVWIpQIqsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk ZGJkZTUwHhcNMjYwMTAyMTQyMTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NTkxMzFmNGU1OTQwZjZkZjFlNmViOWNlNDNkMTFiZDQ0MmNkMDlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjvTL6SOeDWKvccWXeE2CLkxUUId YSUaupVtYmEWq5WXviLYvscxwVYRO65ueyo391kzAiOYgTmYl/7+HJElMAzxjF5J ziCDEK33cYZon5HFpYTdTzOZXLKnYZ/+99Nv+tYxu4TWRvhrRaiwd8kc3oilXxtO myNsXIpaEq7Qs4ShM1Dw4gldNW4azjfvk2TGwXFzq4kMIRF6nZifwRQ3oRCnPBMA REeJyLsKTqISFAk0LlNENB/i7cjjdzpTXYTEDxTlTYbJ+QgUpzbXnO6xNZqWSN7y jTyZ4FQkDY5azzNWsnHCVbpoeq14YTcZKGXv0N/aQYT27GKMNtoIBvsd8wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHWRMfTllA9t8ebrnOQ9Eb1ELNCdMB8GA1UdIwQY MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt NDM3Mzk0OTM4YzUyLzEvZFpFeDlPV1VEMjN4NXV1YzVEMFJ2VVFzMEowLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEvKygMA0G CSqGSIb3DQEBCwUAA4IBAQBNrtK4nYGGc2U98VROPqX0KD1fJ/Dk0uL/Ryt3UOT1 +DqyB9ilNyuGhMK0FFW9Bb/a2mXpfc72tuQiIOWg20B0tG+m8CwHUIs1e6cMlbQr 5uGmGVNfW5d8hd2Ew3af5Cq8I0aMTDZGv/EL0Ch+s9E9B331C592U5xJMVb0jK6j J4DKAEw9ET6j2slw6s9EZOf+BHIwQ+F11eDj80GNiaZ5jV/XEnF2uy13fR5znjA3 pl1xdRtqyX4nmaKm7jdLEt8ouJE66g6ZO6mrAesDZat2+0YctiSJl3DyBAdYQKt7 /KTndtyZEjAi0DoFlQdw+56ePZ0Lj96TH5CJGdGXx3rb -----END CERTIFICATE-----Generated at Thu Jan 8 17:33:29 2026 by rpki-client