This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/vNHV1DYtOsfUinz5gwCFoBzKiIg.roa File: vNHV1DYtOsfUinz5gwCFoBzKiIg.roa (raw, json) Hash identifier: OIxUV31cdJf2l/w+qSDbXSkKEcQlTRfi/zGOENFvc+w= Subject key identifier: BC:D1:D5:D4:36:2D:3A:C7:D4:8A:7C:F9:83:00:85:A0:1C:CA:88:88 Certificate issuer: /CN=6044f6ea79e4e2a3e02a8b38ed0cd3a4059138ac Certificate serial: 019B78A35ACF579D07D9607A17B1CA9F2E7A Authority key identifier: 60:44:F6:EA:79:E4:E2:A3:E0:2A:8B:38:ED:0C:D3:A4:05:91:38:AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YET26nnk4qPgKos47QzTpAWROKw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/vNHV1DYtOsfUinz5gwCFoBzKiIg.roa Signing time: Thu 01 Jan 2026 08:18:49 +0000 ROA not before: Thu 01 Jan 2026 08:18:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39534 IP address blocks: 185.151.68.0/24 maxlen: 24 185.151.69.0/24 maxlen: 24 185.151.70.0/24 maxlen: 24 194.50.38.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/YET26nnk4qPgKos47QzTpAWROKw.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/YET26nnk4qPgKos47QzTpAWROKw.mft rsync://rpki.ripe.net/repository/DEFAULT/YET26nnk4qPgKos47QzTpAWROKw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:5a:cf:57:9d:07:d9:60:7a:17:b1:ca:9f:2e:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6044f6ea79e4e2a3e02a8b38ed0cd3a4059138ac Validity Not Before: Jan 1 08:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bcd1d5d4362d3ac7d48a7cf9830085a01cca8888 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:c7:75:92:8d:a5:83:dd:a9:a7:e1:69:5e:68: 50:f3:83:b7:56:01:35:0c:84:69:0e:4e:9b:e5:f7: f4:c3:13:d9:0e:fc:9b:26:01:c9:cb:60:b4:dc:eb: 8b:97:d5:7c:7c:fc:c0:36:eb:cc:cb:87:75:3a:ef: e2:f8:b6:d7:11:d6:13:12:2a:46:3b:87:d5:79:79: 4d:1b:4c:66:25:ca:5f:51:7b:6b:dd:be:fa:01:83: 6a:41:03:e7:d6:89:15:20:9e:12:0a:1b:64:7b:77: d9:d4:90:97:91:5d:39:a7:d4:b8:bd:a0:28:63:e2: 40:e1:c3:08:de:cd:38:66:59:81:0f:87:d5:3c:56: 7d:95:03:dd:85:c7:7c:2a:cc:6a:07:e7:1d:59:47: 59:39:bf:68:3e:db:10:aa:29:c4:19:cd:ce:b9:48: 2d:1e:45:56:43:c6:24:03:96:26:94:d9:68:02:b7: 9f:29:62:3c:3e:15:68:62:e0:36:1e:c5:c1:6c:28: d9:6e:1f:8a:55:22:99:42:74:e2:ec:c5:12:5c:1e: 40:6f:6a:8a:49:3a:86:0e:41:57:e4:cb:0a:02:d3: 3a:ed:29:9d:9d:9b:be:72:37:49:c1:65:ac:e8:29: 18:fe:6b:10:d4:31:d6:e8:b4:e2:92:95:bf:55:d6: 5c:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:D1:D5:D4:36:2D:3A:C7:D4:8A:7C:F9:83:00:85:A0:1C:CA:88:88 X509v3 Authority Key Identifier: keyid:60:44:F6:EA:79:E4:E2:A3:E0:2A:8B:38:ED:0C:D3:A4:05:91:38:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YET26nnk4qPgKos47QzTpAWROKw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/vNHV1DYtOsfUinz5gwCFoBzKiIg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/611a40-b444-490c-9dee-27d608d20873/1/YET26nnk4qPgKos47QzTpAWROKw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.151.68.0-185.151.70.255 194.50.38.0/24 Signature Algorithm: sha256WithRSAEncryption 53:8c:35:2a:3a:95:54:62:e5:d1:f0:93:aa:6b:0e:65:3a:d4: 98:c1:3f:17:9c:f6:09:7d:f6:11:d1:f4:6d:9b:50:92:e1:fb: 3d:f7:be:2d:3c:b8:ca:94:9b:34:55:00:80:82:6e:4a:b7:95: 03:a0:db:b7:d6:67:e0:ce:b3:3c:5b:f2:ac:a9:ce:37:88:5b: 0e:59:66:63:1e:87:c4:83:b4:d8:11:a9:ad:6a:cf:4e:b3:2e: 2c:20:0a:03:c1:0a:39:47:90:1e:2e:7c:e7:a6:03:ff:37:6c: e7:64:66:a1:cf:ae:41:de:12:b3:b5:b0:50:94:c5:22:aa:36: fa:93:72:96:9a:36:88:ee:4f:0c:35:23:cd:43:28:88:ee:66: c0:9b:a6:08:16:bd:12:fa:3f:44:22:76:70:7a:8d:10:dc:41: ac:1b:5d:b5:43:9f:6e:db:80:36:8b:38:c5:4e:2c:4d:17:22: 51:ad:6b:17:8f:ff:6b:85:c8:08:a0:22:a7:ef:98:fd:90:c3: 59:0b:34:ca:c5:3d:27:84:05:31:fb:59:7a:73:8d:83:fc:76: b1:23:34:68:c5:82:97:77:0a:1a:00:66:21:56:80:41:94:98: 13:a6:2d:64:62:98:91:8b:7c:7d:07:58:99:31:c7:ef:bb:e1: 27:58:a6:5e -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt4o1rPV50H2WB6F7HKny56MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNDRmNmVhNzllNGUyYTNlMDJhOGIzOGVkMGNkM2E0MDU5 MTM4YWMwHhcNMjYwMTAxMDgxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiY2QxZDVkNDM2MmQzYWM3ZDQ4YTdjZjk4MzAwODVhMDFjY2E4ODg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcd1ko2lg92pp+FpXmhQ84O3VgE1 DIRpDk6b5ff0wxPZDvybJgHJy2C03OuLl9V8fPzANuvMy4d1Ou/i+LbXEdYTEipG O4fVeXlNG0xmJcpfUXtr3b76AYNqQQPn1okVIJ4SChtke3fZ1JCXkV05p9S4vaAo Y+JA4cMI3s04ZlmBD4fVPFZ9lQPdhcd8KsxqB+cdWUdZOb9oPtsQqinEGc3OuUgt HkVWQ8YkA5YmlNloArefKWI8PhVoYuA2HsXBbCjZbh+KVSKZQnTi7MUSXB5Ab2qK STqGDkFX5MsKAtM67SmdnZu+cjdJwWWs6CkY/msQ1DHW6LTikpW/VdZc0wIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFLzR1dQ2LTrH1Ip8+YMAhaAcyoiIMB8GA1UdIwQY MBaAFGBE9up55OKj4CqLOO0M06QFkTisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUVUMjZubms0cVBnS29zNDdRelRwQVdST0t3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS82MTFhNDAtYjQ0NC00OTBjLTlkZWUt MjdkNjA4ZDIwODczLzEvdk5IVjFEWXRPc2ZVaW56NWd3Q0ZvQnpLaUlnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS82MTFhNDAtYjQ0NC00OTBjLTlkZWUtMjdkNjA4ZDIwODcz LzEvWUVUMjZubms0cVBnS29zNDdRelRwQVdST0t3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAK5l0QD BAC5l0YDBADCMiYwDQYJKoZIhvcNAQELBQADggEBAFOMNSo6lVRi5dHwk6prDmU6 1JjBPxec9gl99hHR9G2bUJLh+z33vi08uMqUmzRVAICCbkq3lQOg27fWZ+DOszxb 8qypzjeIWw5ZZmMeh8SDtNgRqa1qz06zLiwgCgPBCjlHkB4ufOemA/83bOdkZqHP rkHeErO1sFCUxSKqNvqTcpaaNojuTww1I81DKIjuZsCbpggWvRL6P0QidnB6jRDc QawbXbVDn27bgDaLOMVOLE0XIlGtaxeP/2uFyAigIqfvmP2Qw1kLNMrFPSeEBTH7 WXpzjYP8drEjNGjFgpd3ChoAZiFWgEGUmBOmLWRimJGLfH0HWJkxx++74SdYpl4= -----END CERTIFICATE-----Generated at Tue Jan 20 04:48:50 2026 by rpki-client