This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/294vEPYbeCpd5lDXEQ5_P3jQQrs.roa File: 294vEPYbeCpd5lDXEQ5_P3jQQrs.roa (raw, json) Hash identifier: dZ5oVYr1D1dRbbIY1qlywFuhazT8NAmEnSTwmdf1KNU= Subject key identifier: DB:DE:2F:10:F6:1B:78:2A:5D:E6:50:D7:11:0E:7F:3F:78:D0:42:BB Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Certificate serial: 019B7C13611FDEC487B1CA84E17E9803DD6E Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/294vEPYbeCpd5lDXEQ5_P3jQQrs.roa Signing time: Fri 02 Jan 2026 00:20:03 +0000 ROA not before: Fri 02 Jan 2026 00:20:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5065 IP address blocks: 45.8.21.0/24 maxlen: 24 185.199.54.0/24 maxlen: 24 194.76.169.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:40:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:61:1f:de:c4:87:b1:ca:84:e1:7e:98:03:dd:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Validity Not Before: Jan 2 00:20:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dbde2f10f61b782a5de650d7110e7f3f78d042bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:c9:46:a0:bb:ef:ed:fc:69:c2:75:c9:75:92: 78:63:a0:f6:63:b5:f5:c9:e0:bb:48:8b:3c:9a:43: a0:e9:a3:cc:1f:ee:06:71:b6:db:dc:5c:bf:5c:16: c8:c9:5f:07:57:68:74:b1:95:1f:40:c5:5d:76:1c: 41:e6:85:09:7e:3d:3a:73:95:ba:87:92:56:9b:95: 79:90:ec:5c:e1:9b:df:63:12:34:b7:89:17:ca:28: 01:3a:9d:e6:a3:65:da:f0:b4:83:43:d4:f1:56:e1: 0a:d9:bf:29:a4:95:ff:51:24:82:44:f8:76:43:42: c0:9d:94:c6:d2:19:d3:87:52:aa:f3:67:32:bc:81: ea:b6:d6:8c:22:03:65:af:a4:1a:7d:c4:d3:a6:0e: c2:63:c2:0b:e3:3a:88:31:aa:41:be:a7:95:93:ed: a7:0b:b0:f8:59:ef:ad:aa:7d:03:e4:37:65:29:3b: 48:b4:ba:9a:03:6d:a5:e8:f3:00:cb:0f:e6:f7:fb: 55:9c:19:60:3e:20:48:0b:84:0e:6b:3e:54:b5:36: 8b:dd:8f:30:8a:cc:a4:71:1f:9d:a3:0c:50:a6:7f: d9:24:90:76:3d:08:e5:53:03:38:0b:c5:e6:cb:2e: 8a:2f:6e:b5:d4:20:ab:64:62:11:0c:60:16:e6:23: 08:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:DE:2F:10:F6:1B:78:2A:5D:E6:50:D7:11:0E:7F:3F:78:D0:42:BB X509v3 Authority Key Identifier: keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/294vEPYbeCpd5lDXEQ5_P3jQQrs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.8.21.0/24 185.199.54.0/24 194.76.169.0/24 Signature Algorithm: sha256WithRSAEncryption 79:0a:d7:4d:3b:3b:1e:31:d4:9a:cc:df:13:91:0e:65:9b:4d: c8:17:d2:e1:42:44:c1:33:ba:4c:56:51:c7:dd:20:b8:3b:70: 1e:a6:4c:5d:56:3b:ac:90:6e:ba:e7:89:dd:36:23:9e:78:1f: d6:2b:39:ab:c6:9c:11:87:c8:7f:6d:dd:81:f6:8e:63:7d:3b: 3e:45:87:ef:dd:b8:ab:09:54:22:0e:85:0a:76:45:2f:b6:6b: 60:e1:2e:dd:75:c7:74:e1:a6:ab:ff:63:7e:f6:87:41:31:0b: a0:0b:80:e1:a2:c2:4d:3a:d2:13:08:28:3a:7b:8d:9b:cb:fe: d3:21:b9:85:0e:03:c1:47:d1:39:ba:60:77:50:df:2d:23:0d: 04:3b:be:ac:54:fe:13:42:31:33:dc:ad:6a:7f:31:8a:f9:48: 3b:cc:91:4e:e1:01:19:87:13:4a:18:1b:d6:4c:a0:61:0b:82: 04:c4:a1:12:7a:f2:dd:84:83:7c:f1:4c:06:25:fc:d0:0f:58: 6f:d0:62:be:ae:37:67:cc:84:fe:a4:77:21:5d:f6:44:d7:f0: a1:07:e9:88:56:dd:be:01:f9:20:de:6e:86:82:26:d9:74:20: f4:a8:da:2d:a9:41:5b:1f:40:d9:ec:59:d8:4d:72:4a:7f:97: 88:de:f8:6d -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt8E2Ef3sSHscqE4X6YA91uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx MTRjYWYwHhcNMjYwMTAyMDAyMDAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYmRlMmYxMGY2MWI3ODJhNWRlNjUwZDcxMTBlN2YzZjc4ZDA0MmJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMlGoLvv7fxpwnXJdZJ4Y6D2Y7X1 yeC7SIs8mkOg6aPMH+4Gcbbb3Fy/XBbIyV8HV2h0sZUfQMVddhxB5oUJfj06c5W6 h5JWm5V5kOxc4ZvfYxI0t4kXyigBOp3mo2Xa8LSDQ9TxVuEK2b8ppJX/USSCRPh2 Q0LAnZTG0hnTh1Kq82cyvIHqttaMIgNlr6QafcTTpg7CY8IL4zqIMapBvqeVk+2n C7D4We+tqn0D5DdlKTtItLqaA22l6PMAyw/m9/tVnBlgPiBIC4QOaz5UtTaL3Y8w isykcR+dowxQpn/ZJJB2PQjlUwM4C8Xmyy6KL2611CCrZGIRDGAW5iMIkQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFNveLxD2G3gqXeZQ1xEOfz940EK7MB8GA1UdIwQY MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt YjQzNDJiYTkxYWJjLzEvMjk0dkVQWWJlQ3BkNWxEWEVRNV9QM2pRUXJzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQgVAwQA ucc2AwQAwkypMA0GCSqGSIb3DQEBCwUAA4IBAQB5CtdNOzseMdSazN8TkQ5lm03I F9LhQkTBM7pMVlHH3SC4O3AepkxdVjuskG6654ndNiOeeB/WKzmrxpwRh8h/bd2B 9o5jfTs+RYfv3birCVQiDoUKdkUvtmtg4S7ddcd04aar/2N+9odBMQugC4DhosJN OtITCCg6e42by/7TIbmFDgPBR9E5umB3UN8tIw0EO76sVP4TQjEz3K1qfzGK+Ug7 zJFO4QEZhxNKGBvWTKBhC4IExKESevLdhIN88UwGJfzQD1hv0GK+rjdnzIT+pHch XfZE1/ChB+mIVt2+Afkg3m6GgibZdCD0qNotqUFbH0DZ7FnYTXJKf5eI3vht -----END CERTIFICATE-----Generated at Fri Jan 2 23:48:18 2026 by rpki-client