This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/13ff49-74a5-4f01-bc6f-c4bcf1471b5a/1/D2aLgIkWm2axcGDcGw3Kc6UP1GQ.roa File: D2aLgIkWm2axcGDcGw3Kc6UP1GQ.roa (raw, json) Hash identifier: UQaV0l2AX0jwzb/CqymH+ywCUifIbA20+GngTMZKlqk= Subject key identifier: 0F:66:8B:80:89:16:9B:66:B1:70:60:DC:1B:0D:CA:73:A5:0F:D4:64 Certificate issuer: /CN=fc072ee2515a07c667e1c5cfdc0210e6581b097b Certificate serial: 019B78A276B0C394E3151CB2F09A9717DD87 Authority key identifier: FC:07:2E:E2:51:5A:07:C6:67:E1:C5:CF:DC:02:10:E6:58:1B:09:7B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Acu4lFaB8Zn4cXP3AIQ5lgbCXs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/13ff49-74a5-4f01-bc6f-c4bcf1471b5a/1/D2aLgIkWm2axcGDcGw3Kc6UP1GQ.roa Signing time: Thu 01 Jan 2026 08:17:51 +0000 ROA not before: Thu 01 Jan 2026 08:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31437 IP address blocks: 91.197.80.0/22 maxlen: 22 91.197.80.0/24 maxlen: 24 91.197.81.0/24 maxlen: 24 91.197.82.0/24 maxlen: 24 91.197.83.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/13ff49-74a5-4f01-bc6f-c4bcf1471b5a/1/_Acu4lFaB8Zn4cXP3AIQ5lgbCXs.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/13ff49-74a5-4f01-bc6f-c4bcf1471b5a/1/_Acu4lFaB8Zn4cXP3AIQ5lgbCXs.mft rsync://rpki.ripe.net/repository/DEFAULT/_Acu4lFaB8Zn4cXP3AIQ5lgbCXs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:76:b0:c3:94:e3:15:1c:b2:f0:9a:97:17:dd:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fc072ee2515a07c667e1c5cfdc0210e6581b097b Validity Not Before: Jan 1 08:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0f668b8089169b66b17060dc1b0dca73a50fd464 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:d1:18:7b:0a:95:cf:d1:69:1d:33:b3:ad:b1: a7:c3:94:11:b2:e0:0a:58:b9:96:09:2e:c5:53:07: 75:a2:77:46:2b:de:13:ff:84:d6:dc:94:5a:05:48: 2f:a8:c1:fc:a5:57:fc:43:30:b6:43:90:5c:a5:35: b6:f4:ec:3f:6c:f6:76:b9:a5:d3:cc:1a:19:fe:53: 1b:91:ea:08:7b:08:4e:69:9f:e2:ee:63:a3:95:f5: 28:74:18:79:0d:f2:2d:41:2b:59:3d:e8:ec:69:20: f1:49:ab:e4:91:e8:f0:5f:95:a3:cb:4f:d5:cd:07: 5e:cb:37:6f:a6:6f:0a:0a:61:d5:dd:c9:a2:69:ab: 6c:f8:ac:f8:a6:e7:0f:bd:8f:5e:c3:33:aa:a1:4c: 8f:94:94:f9:cd:3a:6e:ef:a3:e9:f7:1d:0b:5f:15: 2e:c8:c4:30:62:b6:01:55:81:f0:62:5c:e7:5d:ae: 65:1e:c6:6e:6a:0b:5f:cf:1c:5c:17:7f:50:11:a7: 51:14:a7:d1:bc:7f:0a:05:5c:c5:b3:6a:c8:cb:90: fd:aa:b4:45:87:15:f9:78:32:ec:9a:73:f5:d7:04: 03:73:44:ea:93:2f:a7:f1:8a:0c:91:27:f2:48:23: 0f:15:c0:4d:87:ec:11:0d:ac:69:32:46:fe:3d:e0: 55:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:66:8B:80:89:16:9B:66:B1:70:60:DC:1B:0D:CA:73:A5:0F:D4:64 X509v3 Authority Key Identifier: keyid:FC:07:2E:E2:51:5A:07:C6:67:E1:C5:CF:DC:02:10:E6:58:1B:09:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Acu4lFaB8Zn4cXP3AIQ5lgbCXs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/13ff49-74a5-4f01-bc6f-c4bcf1471b5a/1/D2aLgIkWm2axcGDcGw3Kc6UP1GQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/13ff49-74a5-4f01-bc6f-c4bcf1471b5a/1/_Acu4lFaB8Zn4cXP3AIQ5lgbCXs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.197.80.0/22 Signature Algorithm: sha256WithRSAEncryption 70:50:7b:97:96:2a:b9:90:ec:6a:b1:c4:ea:bb:ab:df:ba:8f: a4:d9:75:4d:a7:5c:63:47:50:17:26:83:8b:63:15:84:40:cf: ed:4b:3f:f5:9e:6f:86:26:a2:40:d1:1e:6a:dc:82:41:d4:8d: c4:db:00:df:75:77:bd:f2:f8:c7:10:28:53:8d:43:d7:ac:dc: 66:85:a6:32:73:03:b3:2d:25:76:d7:ff:ec:a9:c2:7c:b4:e6: ed:4b:c1:c5:f4:b0:71:e6:78:d7:e2:76:0d:35:a1:f4:93:12: 8d:55:fc:9e:ad:f7:30:80:0b:c7:88:2c:8b:e3:b9:0e:0a:a7: 07:53:a6:9b:05:91:9a:09:37:94:ad:1b:7e:d8:c9:f6:f3:04: d1:30:f7:65:a9:3f:f8:50:48:fc:cc:50:7e:c2:64:9f:b4:03: 87:32:06:f8:80:23:1f:04:43:49:db:97:ad:cc:23:bf:4d:25: 18:ee:2f:2e:30:df:a2:37:ae:aa:46:66:85:bb:91:c6:08:3a: 27:01:4f:24:0d:3b:07:17:1f:a7:40:7c:5c:7c:6d:b3:9e:36: 38:d4:11:0d:9e:55:0b:1d:76:0b:60:7a:be:c3:99:1d:43:b9: f0:e0:e6:e6:b9:6b:96:99:8a:6d:65:31:42:df:d0:8d:29:43: 24:33:53:57 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4onaww5TjFRyy8JqXF92HMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZjMDcyZWUyNTE1YTA3YzY2N2UxYzVjZmRjMDIxMGU2NTgx YjA5N2IwHhcNMjYwMTAxMDgxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZjY2OGI4MDg5MTY5YjY2YjE3MDYwZGMxYjBkY2E3M2E1MGZkNDY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtEYewqVz9FpHTOzrbGnw5QRsuAK WLmWCS7FUwd1ondGK94T/4TW3JRaBUgvqMH8pVf8QzC2Q5BcpTW29Ow/bPZ2uaXT zBoZ/lMbkeoIewhOaZ/i7mOjlfUodBh5DfItQStZPejsaSDxSavkkejwX5Wjy0/V zQdeyzdvpm8KCmHV3cmiaats+Kz4pucPvY9ewzOqoUyPlJT5zTpu76Pp9x0LXxUu yMQwYrYBVYHwYlznXa5lHsZuagtfzxxcF39QEadRFKfRvH8KBVzFs2rIy5D9qrRF hxX5eDLsmnP11wQDc0Tqky+n8YoMkSfySCMPFcBNh+wRDaxpMkb+PeBVrQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFA9mi4CJFptmsXBg3BsNynOlD9RkMB8GA1UdIwQY MBaAFPwHLuJRWgfGZ+HFz9wCEOZYGwl7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX0FjdTRsRmFCOFpuNGNYUDNBSVE1bGdiQ1hzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xM2ZmNDktNzRhNS00ZjAxLWJjNmYt YzRiY2YxNDcxYjVhLzEvRDJhTGdJa1dtMmF4Y0dEY0d3M0tjNlVQMUdRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8xM2ZmNDktNzRhNS00ZjAxLWJjNmYtYzRiY2YxNDcxYjVh LzEvX0FjdTRsRmFCOFpuNGNYUDNBSVE1bGdiQ1hzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8VQMA0G CSqGSIb3DQEBCwUAA4IBAQBwUHuXliq5kOxqscTqu6vfuo+k2XVNp1xjR1AXJoOL YxWEQM/tSz/1nm+GJqJA0R5q3IJB1I3E2wDfdXe98vjHEChTjUPXrNxmhaYycwOz LSV21//sqcJ8tObtS8HF9LBx5njX4nYNNaH0kxKNVfyerfcwgAvHiCyL47kOCqcH U6abBZGaCTeUrRt+2Mn28wTRMPdlqT/4UEj8zFB+wmSftAOHMgb4gCMfBENJ25et zCO/TSUY7i8uMN+iN66qRmaFu5HGCDonAU8kDTsHFx+nQHxcfG2znjY41BENnlUL HXYLYHq+w5kdQ7nw4ObmuWuWmYptZTFC39CNKUMkM1NX -----END CERTIFICATE-----Generated at Tue Feb 10 00:02:29 2026 by rpki-client