This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dob61PVx9CPcNwxo5ucKSKyPKFQ.roa File: dob61PVx9CPcNwxo5ucKSKyPKFQ.roa (raw, json) Hash identifier: 41ghsCVI2UUxhBp12RXkHBh4XixsaIn5iInjVf0G/w0= Subject key identifier: 76:86:FA:D4:F5:71:F4:23:DC:37:0C:68:E6:E7:0A:48:AC:8F:28:54 Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D3DD150DF5310B76DF12FD50021B4 Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dob61PVx9CPcNwxo5ucKSKyPKFQ.roa Signing time: Fri 02 Jan 2026 06:20:21 +0000 ROA not before: Fri 02 Jan 2026 06:20:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42831 IP address blocks: 89.40.92.0/24 maxlen: 24 178.239.198.0/24 maxlen: 24 178.239.204.0/24 maxlen: 24 185.192.70.0/24 maxlen: 24 185.228.225.0/24 maxlen: 24 194.32.120.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:3d:d1:50:df:53:10:b7:6d:f1:2f:d5:00:21:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7686fad4f571f423dc370c68e6e70a48ac8f2854 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:3e:e9:42:2c:b0:32:06:9b:f5:48:13:8b:96: 30:3d:fd:93:28:0c:ea:16:ee:ad:d8:ad:85:86:7f: 6d:31:8f:c2:76:b5:02:90:9c:69:bc:28:8a:c9:ef: 10:9d:09:8f:ee:8f:38:43:2e:f7:c3:77:9c:e4:57: 60:31:25:54:d0:10:09:3b:28:24:7c:68:b1:75:36: c0:7d:35:a2:04:3b:95:43:c2:d7:c6:82:67:84:62: 54:4e:af:a3:9a:bc:17:49:79:2a:11:66:1d:3a:59: ce:71:aa:44:4b:fe:00:32:0d:8a:fb:5f:77:e1:82: 3c:7c:be:b0:15:a5:3e:59:64:9f:af:86:89:bf:0e: c8:df:b7:f2:ef:02:9d:c4:fb:a7:bd:0c:bf:26:35: 30:f0:ea:5a:52:bc:d3:95:c9:d6:9b:bd:88:0c:e5: 8e:44:75:48:ea:cf:52:bd:9b:e7:d9:a4:b6:cc:46: 63:d8:51:87:cb:9d:cf:eb:9d:eb:8d:40:2f:2c:8d: e1:50:92:bd:b6:1d:20:f4:c1:5e:1d:bc:04:26:52: 71:d8:76:58:90:77:0b:38:02:b7:d2:87:4d:d5:86: 34:42:75:0d:19:ce:4f:ef:26:45:56:db:0b:91:61: b7:bc:60:af:91:5b:2a:2d:ff:20:4f:60:08:2a:48: 6e:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:86:FA:D4:F5:71:F4:23:DC:37:0C:68:E6:E7:0A:48:AC:8F:28:54 X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dob61PVx9CPcNwxo5ucKSKyPKFQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.40.92.0/24 178.239.198.0/24 178.239.204.0/24 185.192.70.0/24 185.228.225.0/24 194.32.120.0/24 Signature Algorithm: sha256WithRSAEncryption 17:e3:a3:f0:57:39:71:e3:78:f0:18:db:99:79:a2:b7:2d:83: df:d5:2a:23:0b:d5:de:dd:ee:b4:ff:6f:56:10:52:7c:d6:0b: e7:c9:ec:ca:bb:09:41:6f:20:6a:b0:cf:4c:17:f1:7e:fb:01: d0:17:31:04:a9:50:5b:a2:3e:ff:2e:da:ff:32:80:88:9e:56: c3:3b:1b:6f:c5:5d:bc:3f:86:cd:f3:6b:91:b2:4b:bd:50:b4: ee:8b:d8:d4:7f:2c:6c:c3:35:21:71:b3:a1:c1:81:b5:fd:ec: ed:d1:3e:c6:d4:a5:b6:76:5d:0e:4f:dc:d1:e1:72:a3:84:8a: 82:26:0f:9c:91:b3:d0:5b:fa:67:4d:d7:6f:fc:5f:17:29:5d: f0:92:df:ef:48:c8:89:7e:e5:40:84:d9:6b:20:54:2a:d0:56: 8a:92:e4:c3:d4:7d:90:3a:b8:42:b0:5b:2d:fe:62:30:19:77: b4:12:69:73:36:78:63:52:86:74:6f:d5:b3:2e:7e:38:19:c9: 03:e3:83:2b:b2:ac:36:d0:30:cd:8b:ec:a3:ef:8e:5b:5a:c7: 88:15:a5:89:91:17:1f:94:19:d0:97:6f:fe:89:a5:69:a4:43: 12:6d:db:95:91:dd:75:33:ea:d3:db:83:e3:d8:12:10:30:d7: b3:62:c7:5f -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt9XT3RUN9TELdt8S/VACG0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3Njg2ZmFkNGY1NzFmNDIzZGMzNzBjNjhlNmU3MGE0OGFjOGYyODU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzj7pQiywMgab9UgTi5YwPf2TKAzq Fu6t2K2Fhn9tMY/CdrUCkJxpvCiKye8QnQmP7o84Qy73w3ec5FdgMSVU0BAJOygk fGixdTbAfTWiBDuVQ8LXxoJnhGJUTq+jmrwXSXkqEWYdOlnOcapES/4AMg2K+193 4YI8fL6wFaU+WWSfr4aJvw7I37fy7wKdxPunvQy/JjUw8OpaUrzTlcnWm72IDOWO RHVI6s9SvZvn2aS2zEZj2FGHy53P653rjUAvLI3hUJK9th0g9MFeHbwEJlJx2HZY kHcLOAK30odN1YY0QnUNGc5P7yZFVtsLkWG3vGCvkVsqLf8gT2AIKkhuFQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFHaG+tT1cfQj3DcMaObnCkisjyhUMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvZG9iNjFQVng5Q1BjTnd4bzV1Y0tTS3lQS0ZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWShcAwQA su/GAwQAsu/MAwQAucBGAwQAueThAwQAwiB4MA0GCSqGSIb3DQEBCwUAA4IBAQAX 46PwVzlx43jwGNuZeaK3LYPf1SojC9Xe3e60/29WEFJ81gvnyezKuwlBbyBqsM9M F/F++wHQFzEEqVBboj7/Ltr/MoCInlbDOxtvxV28P4bN82uRsku9ULTui9jUfyxs wzUhcbOhwYG1/ezt0T7G1KW2dl0OT9zR4XKjhIqCJg+ckbPQW/pnTddv/F8XKV3w kt/vSMiJfuVAhNlrIFQq0FaKkuTD1H2QOrhCsFst/mIwGXe0EmlzNnhjUoZ0b9Wz Ln44GckD44Mrsqw20DDNi+yj745bWseIFaWJkRcflBnQl2/+iaVppEMSbduVkd11 M+rT24Pj2BIQMNezYsdf -----END CERTIFICATE-----Generated at Mon Jan 19 19:59:13 2026 by rpki-client