This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b5a08f-d9f8-432d-ba4b-a6ef752c6dc2/1/dGvFgDTa9c-WyY5c2fus0GTGmYs.roa File: dGvFgDTa9c-WyY5c2fus0GTGmYs.roa (raw, json) Hash identifier: 1KB6ISgMwSKc5X/zQ0taoCJinEVqBhQhQ69Q8uCNRZ0= Subject key identifier: 74:6B:C5:80:34:DA:F5:CF:96:C9:8E:5C:D9:FB:AC:D0:64:C6:99:8B Certificate issuer: /CN=3ca447fd0979b8a989355c354d304d114d20727a Certificate serial: 019B7834EC0E70975C5DED06B72F68CB034E Authority key identifier: 3C:A4:47:FD:09:79:B8:A9:89:35:5C:35:4D:30:4D:11:4D:20:72:7A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PKRH_Ql5uKmJNVw1TTBNEU0gcno.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/b5a08f-d9f8-432d-ba4b-a6ef752c6dc2/1/dGvFgDTa9c-WyY5c2fus0GTGmYs.roa Signing time: Thu 01 Jan 2026 06:18:12 +0000 ROA not before: Thu 01 Jan 2026 06:18:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208967 IP address blocks: 194.76.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/b5a08f-d9f8-432d-ba4b-a6ef752c6dc2/1/PKRH_Ql5uKmJNVw1TTBNEU0gcno.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/b5a08f-d9f8-432d-ba4b-a6ef752c6dc2/1/PKRH_Ql5uKmJNVw1TTBNEU0gcno.mft rsync://rpki.ripe.net/repository/DEFAULT/PKRH_Ql5uKmJNVw1TTBNEU0gcno.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:00:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:ec:0e:70:97:5c:5d:ed:06:b7:2f:68:cb:03:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ca447fd0979b8a989355c354d304d114d20727a Validity Not Before: Jan 1 06:18:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=746bc58034daf5cf96c98e5cd9fbacd064c6998b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:0e:23:56:92:2d:30:9f:6a:d2:5a:67:6a:35: 40:e9:28:2f:9e:02:25:23:8b:1b:79:d3:40:cd:10: cd:a2:d1:88:68:6a:3e:22:bb:40:23:01:e6:07:b8: 4b:bd:8d:a4:c7:cb:2d:c1:fc:2d:6e:ae:a5:a2:c3: a4:e9:5b:1d:8a:ab:7d:cd:1e:31:da:bf:ae:81:f4: 0c:cf:9b:61:39:6a:65:b7:b5:6c:55:ed:3d:4c:d6: 35:8b:5f:ac:fa:1c:7b:94:ff:61:72:5e:e8:fd:1e: f8:b9:c6:14:70:be:33:ca:97:c3:53:d8:9a:fa:25: fd:42:ef:5b:71:0e:87:a1:5b:0f:d3:7a:74:85:16: 02:8d:62:64:13:99:d6:9c:76:55:ef:4a:08:14:da: c0:3b:be:fd:1b:2a:a7:20:36:e5:87:5c:1c:e3:1c: 92:42:d5:27:27:1e:40:bb:88:e8:cc:74:19:b8:f1: 82:84:5f:d5:75:d5:79:cb:a3:84:cd:ce:96:d9:e6: ca:2f:6c:62:88:fc:88:e5:b3:c8:9e:65:4f:d7:5f: eb:c0:83:e2:42:48:87:cb:e8:1d:13:32:14:41:d2: 7d:e3:b6:56:bd:ea:10:eb:b3:3a:db:a4:62:f0:f0: 52:d3:8c:7e:d8:ef:2c:cb:fd:b0:1f:aa:ca:5d:90: d1:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:6B:C5:80:34:DA:F5:CF:96:C9:8E:5C:D9:FB:AC:D0:64:C6:99:8B X509v3 Authority Key Identifier: keyid:3C:A4:47:FD:09:79:B8:A9:89:35:5C:35:4D:30:4D:11:4D:20:72:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PKRH_Ql5uKmJNVw1TTBNEU0gcno.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b5a08f-d9f8-432d-ba4b-a6ef752c6dc2/1/dGvFgDTa9c-WyY5c2fus0GTGmYs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b5a08f-d9f8-432d-ba4b-a6ef752c6dc2/1/PKRH_Ql5uKmJNVw1TTBNEU0gcno.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.76.42.0/24 Signature Algorithm: sha256WithRSAEncryption 20:5b:ff:8f:fb:5c:3c:63:47:74:39:05:91:a5:3e:ad:b7:94: 55:94:3b:ad:d2:ee:7f:9d:9d:ff:e1:7e:59:7f:43:0f:6c:ff: 15:60:7f:72:a2:ec:9a:02:c3:64:17:c2:bd:6d:14:6a:da:e5: b1:be:68:28:2f:9f:e7:58:f8:4a:c1:74:66:70:2f:11:b5:f2: a5:9b:a0:c9:2d:14:7c:9d:bf:a5:9f:ce:a5:ca:de:82:e0:0b: ff:3f:e9:f9:f7:0a:29:d9:83:4e:72:0d:42:1a:6c:53:6f:ce: 70:1c:cb:e6:d9:16:2c:a3:c3:39:4c:f5:a6:70:b5:96:7b:d6: 11:18:4f:bc:83:85:3b:dd:30:f5:c6:08:1e:18:53:70:bf:9e: a2:ad:ee:72:d3:1e:77:e5:e4:c5:b9:e1:9d:ed:c0:5f:16:c6: c5:af:d6:0c:16:26:01:00:dd:2c:be:05:34:34:b4:d1:2f:0a: bb:14:fa:81:88:82:dc:59:93:15:a6:30:0e:bc:34:1a:22:cd: d3:9b:03:c5:da:27:55:8a:5b:e5:df:01:af:db:ab:2d:90:72: 0b:ec:e6:dd:40:50:4e:17:a3:6f:c9:2c:fb:ab:4c:d6:24:64: 01:35:89:73:b4:7c:cd:c2:c1:6e:47:07:63:99:24:96:7d:20: 82:64:45:a1 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4NOwOcJdcXe0Gty9oywNOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjYTQ0N2ZkMDk3OWI4YTk4OTM1NWMzNTRkMzA0ZDExNGQy MDcyN2EwHhcNMjYwMTAxMDYxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NDZiYzU4MDM0ZGFmNWNmOTZjOThlNWNkOWZiYWNkMDY0YzY5OThiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA4jVpItMJ9q0lpnajVA6SgvngIl I4sbedNAzRDNotGIaGo+IrtAIwHmB7hLvY2kx8stwfwtbq6losOk6Vsdiqt9zR4x 2r+ugfQMz5thOWplt7VsVe09TNY1i1+s+hx7lP9hcl7o/R74ucYUcL4zypfDU9ia +iX9Qu9bcQ6HoVsP03p0hRYCjWJkE5nWnHZV70oIFNrAO779GyqnIDblh1wc4xyS QtUnJx5Au4jozHQZuPGChF/VddV5y6OEzc6W2ebKL2xiiPyI5bPInmVP11/rwIPi QkiHy+gdEzIUQdJ947ZWveoQ67M626Ri8PBS04x+2O8sy/2wH6rKXZDRiwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHRrxYA02vXPlsmOXNn7rNBkxpmLMB8GA1UdIwQY MBaAFDykR/0JebipiTVcNU0wTRFNIHJ6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEtSSF9RbDV1S21KTlZ3MVRUQk5FVTBnY25vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iNWEwOGYtZDlmOC00MzJkLWJhNGIt YTZlZjc1MmM2ZGMyLzEvZEd2RmdEVGE5Yy1XeVk1YzJmdXMwR1RHbVlzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9iNWEwOGYtZDlmOC00MzJkLWJhNGItYTZlZjc1MmM2ZGMy LzEvUEtSSF9RbDV1S21KTlZ3MVRUQk5FVTBnY25vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkwqMA0G CSqGSIb3DQEBCwUAA4IBAQAgW/+P+1w8Y0d0OQWRpT6tt5RVlDut0u5/nZ3/4X5Z f0MPbP8VYH9youyaAsNkF8K9bRRq2uWxvmgoL5/nWPhKwXRmcC8RtfKlm6DJLRR8 nb+ln86lyt6C4Av/P+n59wop2YNOcg1CGmxTb85wHMvm2RYso8M5TPWmcLWWe9YR GE+8g4U73TD1xggeGFNwv56ire5y0x535eTFueGd7cBfFsbFr9YMFiYBAN0svgU0 NLTRLwq7FPqBiILcWZMVpjAOvDQaIs3TmwPF2idVilvl3wGv26stkHIL7ObdQFBO F6NvySz7q0zWJGQBNYlztHzNwsFuRwdjmSSWfSCCZEWh -----END CERTIFICATE-----Generated at Mon Feb 9 20:09:05 2026 by rpki-client