This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/duZd3xX6ldZFnJAWeKOY3aU-YWA.roa File: duZd3xX6ldZFnJAWeKOY3aU-YWA.roa (raw, json) Hash identifier: zrGRAnADEy4+RjdotY9/kdUuG4P+5ZGMBez8xpARCts= Subject key identifier: 76:E6:5D:DF:15:FA:95:D6:45:9C:90:16:78:A3:98:DD:A5:3E:61:60 Certificate issuer: /CN=9304eba2a97a09c9b3b08cff83dfb477141bc1cb Certificate serial: 019B7C121F836CD07D6FB2EBD5F23F50F116 Authority key identifier: 93:04:EB:A2:A9:7A:09:C9:B3:B0:8C:FF:83:DF:B4:77:14:1B:C1:CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kwTroql6CcmzsIz_g9-0dxQbwcs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/duZd3xX6ldZFnJAWeKOY3aU-YWA.roa Signing time: Fri 02 Jan 2026 00:18:41 +0000 ROA not before: Fri 02 Jan 2026 00:18:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198408 IP address blocks: 195.245.104.0/23 maxlen: 23 195.245.104.0/24 maxlen: 24 195.245.105.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/kwTroql6CcmzsIz_g9-0dxQbwcs.crl rsync://rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/kwTroql6CcmzsIz_g9-0dxQbwcs.mft rsync://rpki.ripe.net/repository/DEFAULT/kwTroql6CcmzsIz_g9-0dxQbwcs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:1f:83:6c:d0:7d:6f:b2:eb:d5:f2:3f:50:f1:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9304eba2a97a09c9b3b08cff83dfb477141bc1cb Validity Not Before: Jan 2 00:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=76e65ddf15fa95d6459c901678a398dda53e6160 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:a7:2a:b5:08:4a:f1:07:a8:c4:58:ef:4b:17: 24:47:11:df:dc:2d:92:f6:d0:59:0f:7d:56:8b:9f: 0f:b0:e8:df:11:88:ed:6e:1d:16:13:00:84:5d:9e: 4d:53:4c:8d:1e:6f:09:62:90:39:d1:4d:b5:df:99: c7:f6:1c:d0:af:08:4f:8c:a0:2e:df:f3:3b:2d:c5: 81:b1:5e:19:36:c8:f5:a3:93:70:ad:b8:16:cb:38: fc:39:b8:f3:63:91:44:f9:d9:d7:16:8c:b7:46:8c: e1:aa:5c:34:ff:37:86:64:ca:26:4c:29:fc:6f:94: 2b:49:2b:65:70:b8:a1:a0:c1:11:29:de:10:c7:ae: 8b:ff:21:fe:9e:ce:7d:db:92:71:0f:eb:44:46:9f: 1a:e8:c8:85:36:bf:33:5d:7c:9b:81:07:54:c1:6e: f5:7e:9c:95:3b:81:ad:f7:52:21:99:7e:f2:ab:28: d5:d9:06:92:1e:6e:50:70:d7:b7:c0:37:b7:0d:f6: 91:39:fe:48:5d:df:20:9a:31:cb:d4:7b:5d:bc:9b: 59:94:3b:af:47:09:0f:7d:40:b9:ed:16:87:f7:e4: b2:0e:aa:bd:7c:5a:9a:42:37:bd:b0:5a:ba:16:01: 6d:66:00:de:37:8a:c6:57:50:e0:bb:be:4f:47:2b: 94:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:E6:5D:DF:15:FA:95:D6:45:9C:90:16:78:A3:98:DD:A5:3E:61:60 X509v3 Authority Key Identifier: keyid:93:04:EB:A2:A9:7A:09:C9:B3:B0:8C:FF:83:DF:B4:77:14:1B:C1:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwTroql6CcmzsIz_g9-0dxQbwcs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/duZd3xX6ldZFnJAWeKOY3aU-YWA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/ab23ff-e53b-4d08-8392-9af993b0343e/1/kwTroql6CcmzsIz_g9-0dxQbwcs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.245.104.0/23 Signature Algorithm: sha256WithRSAEncryption 5b:14:7a:f6:bf:2e:57:13:12:10:23:9a:7e:1d:43:47:21:ef: 28:2a:d0:5b:28:79:a7:e4:9e:5e:02:9d:53:b1:30:e2:88:d0: cc:66:7b:89:21:74:90:ff:dc:42:5c:e5:65:45:93:61:7e:ee: 7b:4d:44:f3:c0:2f:2a:1d:44:83:0c:99:cd:54:86:4e:f8:0b: 41:c0:63:6d:48:f7:91:23:f7:89:f6:67:d2:5c:5d:cd:e9:e6: 45:5b:6f:4a:39:20:9f:5b:35:47:eb:c7:99:26:87:fe:33:7c: b9:7d:a3:84:3a:e6:46:1a:b1:b7:0b:a9:00:03:eb:be:00:2a: 5a:78:c0:77:4d:f4:ad:0f:e3:cf:46:ed:dc:63:6c:e1:fa:26: bf:f2:6f:61:5c:d5:c0:1f:63:f6:38:d2:87:aa:c6:06:5d:27: 10:1c:ae:9c:73:3b:12:cc:68:a9:97:62:82:7e:e5:23:af:76: 7c:73:4c:05:11:aa:fc:47:cf:43:85:3d:2c:2f:99:26:18:1d: 3d:75:5b:c4:20:93:e2:c1:7e:e3:6f:cd:83:ff:57:8a:b3:a5: fd:09:19:e2:a6:76:19:f1:4a:15:ad:14:bb:0f:b7:6b:49:c1: 31:9b:0d:8c:a7:f7:68:fa:a0:00:3e:4f:bf:ab:9e:73:03:a8: 8c:cb:98:92 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8Eh+DbNB9b7Lr1fI/UPEWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzMDRlYmEyYTk3YTA5YzliM2IwOGNmZjgzZGZiNDc3MTQx YmMxY2IwHhcNMjYwMTAyMDAxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NmU2NWRkZjE1ZmE5NWQ2NDU5YzkwMTY3OGEzOThkZGE1M2U2MTYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KcqtQhK8QeoxFjvSxckRxHf3C2S 9tBZD31Wi58PsOjfEYjtbh0WEwCEXZ5NU0yNHm8JYpA50U2135nH9hzQrwhPjKAu 3/M7LcWBsV4ZNsj1o5NwrbgWyzj8ObjzY5FE+dnXFoy3Rozhqlw0/zeGZMomTCn8 b5QrSStlcLihoMERKd4Qx66L/yH+ns5925JxD+tERp8a6MiFNr8zXXybgQdUwW71 fpyVO4Gt91IhmX7yqyjV2QaSHm5QcNe3wDe3DfaROf5IXd8gmjHL1HtdvJtZlDuv RwkPfUC57RaH9+SyDqq9fFqaQje9sFq6FgFtZgDeN4rGV1Dgu75PRyuUxwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHbmXd8V+pXWRZyQFnijmN2lPmFgMB8GA1UdIwQY MBaAFJME66KpegnJs7CM/4PftHcUG8HLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3dUcm9xbDZDY216c0l6X2c5LTBkeFFid2NzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hYjIzZmYtZTUzYi00ZDA4LTgzOTIt OWFmOTkzYjAzNDNlLzEvZHVaZDN4WDZsZFpGbkpBV2VLT1kzYVUtWVdBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNi9hYjIzZmYtZTUzYi00ZDA4LTgzOTItOWFmOTkzYjAzNDNl LzEva3dUcm9xbDZDY216c0l6X2c5LTBkeFFid2NzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/VoMA0G CSqGSIb3DQEBCwUAA4IBAQBbFHr2vy5XExIQI5p+HUNHIe8oKtBbKHmn5J5eAp1T sTDiiNDMZnuJIXSQ/9xCXOVlRZNhfu57TUTzwC8qHUSDDJnNVIZO+AtBwGNtSPeR I/eJ9mfSXF3N6eZFW29KOSCfWzVH68eZJof+M3y5faOEOuZGGrG3C6kAA+u+ACpa eMB3TfStD+PPRu3cY2zh+ia/8m9hXNXAH2P2ONKHqsYGXScQHK6cczsSzGipl2KC fuUjr3Z8c0wFEar8R89DhT0sL5kmGB09dVvEIJPiwX7jb82D/1eKs6X9CRnipnYZ 8UoVrRS7D7drScExmw2Mp/do+qAAPk+/q55zA6iMy5iS -----END CERTIFICATE-----Generated at Mon Jan 26 23:22:42 2026 by rpki-client