This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/1TDkQYg3xQsNih1cBCwskUXwxLA.roa File: 1TDkQYg3xQsNih1cBCwskUXwxLA.roa (raw, json) Hash identifier: paiy4NkfuCpLerrMoZiJ1VXsmPdd6kHz6S2ynGEROuU= Subject key identifier: D5:30:E4:41:88:37:C5:0B:0D:8A:1D:5C:04:2C:2C:91:45:F0:C4:B0 Certificate issuer: /CN=dc273e1e21841ce2c335fe1c961ce768017eee29 Certificate serial: 019B77589C5B6FB6D1DF7A150DC6EDF21928 Authority key identifier: DC:27:3E:1E:21:84:1C:E2:C3:35:FE:1C:96:1C:E7:68:01:7E:EE:29 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Cc-HiGEHOLDNf4clhznaAF-7ik.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/1TDkQYg3xQsNih1cBCwskUXwxLA.roa Signing time: Thu 01 Jan 2026 02:17:34 +0000 ROA not before: Thu 01 Jan 2026 02:17:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51857 IP address blocks: 185.232.212.0/24 maxlen: 24 185.232.213.0/24 maxlen: 24 2001:67c:390::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/3Cc-HiGEHOLDNf4clhznaAF-7ik.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/3Cc-HiGEHOLDNf4clhznaAF-7ik.mft rsync://rpki.ripe.net/repository/DEFAULT/3Cc-HiGEHOLDNf4clhznaAF-7ik.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:9c:5b:6f:b6:d1:df:7a:15:0d:c6:ed:f2:19:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc273e1e21841ce2c335fe1c961ce768017eee29 Validity Not Before: Jan 1 02:17:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d530e4418837c50b0d8a1d5c042c2c9145f0c4b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:0c:57:cb:82:ab:e4:be:2b:94:a4:82:d1:f2: 0e:d2:87:a9:2b:f4:a2:fb:10:d7:4c:57:56:e1:a4: 03:70:97:0e:b1:6b:1b:dd:17:b5:f0:20:15:45:01: 7a:b7:7c:c7:b8:4d:48:90:1d:89:64:5d:a1:24:51: 71:d8:28:2b:4b:c4:bf:7d:69:82:60:c9:ae:58:b0: 6f:18:71:0b:96:70:5a:3b:4d:dd:1b:46:c9:26:de: af:f9:be:18:86:58:9d:bf:d2:72:1b:0e:c6:df:0b: 38:f9:03:5f:60:15:c3:e0:f5:39:6c:51:6e:d3:49: 94:93:5c:38:4b:28:f5:b6:56:95:ca:72:2d:4e:75: ce:30:c4:43:e1:d8:7f:02:88:4a:74:26:0a:37:e6: 27:64:e7:a3:df:06:11:b3:52:48:a8:d3:bb:ab:b8: fc:f9:12:b4:f7:08:f0:e9:9a:e4:84:23:1d:75:ed: 29:f7:e6:29:59:26:bf:61:57:78:49:ce:8b:d3:69: a5:e2:8a:a7:10:1d:fc:38:ac:cd:1a:63:74:e1:f0: 10:27:d7:ec:3d:3e:30:c3:26:92:5b:15:4b:df:bf: af:7c:eb:1d:d5:8e:9a:87:e3:85:37:34:1c:a3:61: 5e:71:96:39:a9:b8:3d:24:16:a2:f7:c6:c9:7e:5d: 29:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:30:E4:41:88:37:C5:0B:0D:8A:1D:5C:04:2C:2C:91:45:F0:C4:B0 X509v3 Authority Key Identifier: keyid:DC:27:3E:1E:21:84:1C:E2:C3:35:FE:1C:96:1C:E7:68:01:7E:EE:29 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Cc-HiGEHOLDNf4clhznaAF-7ik.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/1TDkQYg3xQsNih1cBCwskUXwxLA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b4a71a-eb37-469a-8bb5-27841f507735/1/3Cc-HiGEHOLDNf4clhznaAF-7ik.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.232.212.0/23 IPv6: 2001:67c:390::/48 Signature Algorithm: sha256WithRSAEncryption 73:f2:b3:fb:d8:e4:f8:6a:64:84:44:ee:07:13:51:1e:b9:60: 42:a7:22:12:0f:b2:8b:79:11:83:5d:d6:1d:01:45:e2:49:f5: 75:6e:45:ff:e3:0e:d1:eb:a1:a5:74:dd:72:9c:fa:66:d7:6b: af:22:1d:b1:d6:c5:f0:21:ee:79:9a:3e:28:c2:60:f7:4a:f6: bc:2b:e5:d2:61:6e:ee:d1:37:eb:0e:05:13:bc:28:99:78:e6: bd:f0:7e:ba:d9:93:7b:22:bf:1b:be:3b:06:35:00:af:b9:bd: 7e:fd:06:61:2e:89:54:e9:77:1a:55:e0:47:e4:77:62:fd:c5: ea:70:0b:11:ee:98:f8:f2:0d:f2:91:02:26:66:3a:5e:22:42: 56:42:6b:c3:a5:45:05:26:8a:65:c1:94:ed:d7:f5:74:a4:be: 0c:5b:2a:f3:5e:40:f4:b5:bc:6b:25:cc:19:13:85:05:ac:a3: f5:ac:9b:3c:35:fb:da:d3:39:68:69:94:1f:7e:33:47:3b:09: 70:6f:f9:29:29:97:cd:5d:f8:f3:ac:0b:bf:5a:2d:9c:c7:26: f6:e5:a5:d4:26:1c:d8:53:06:04:c2:0b:1b:05:b8:6d:be:87: 5a:e1:81:df:6e:c9:ae:11:cf:3d:e0:68:b4:71:80:23:eb:ba: 22:84:bf:d9 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt3WJxbb7bR33oVDcbt8hkoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjMjczZTFlMjE4NDFjZTJjMzM1ZmUxYzk2MWNlNzY4MDE3 ZWVlMjkwHhcNMjYwMTAxMDIxNzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNTMwZTQ0MTg4MzdjNTBiMGQ4YTFkNWMwNDJjMmM5MTQ1ZjBjNGIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAxXy4Kr5L4rlKSC0fIO0oepK/Si +xDXTFdW4aQDcJcOsWsb3Re18CAVRQF6t3zHuE1IkB2JZF2hJFFx2CgrS8S/fWmC YMmuWLBvGHELlnBaO03dG0bJJt6v+b4Yhlidv9JyGw7G3ws4+QNfYBXD4PU5bFFu 00mUk1w4Syj1tlaVynItTnXOMMRD4dh/AohKdCYKN+YnZOej3wYRs1JIqNO7q7j8 +RK09wjw6ZrkhCMdde0p9+YpWSa/YVd4Sc6L02ml4oqnEB38OKzNGmN04fAQJ9fs PT4wwyaSWxVL37+vfOsd1Y6ah+OFNzQco2FecZY5qbg9JBai98bJfl0pcQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFNUw5EGIN8ULDYodXAQsLJFF8MSwMB8GA1UdIwQY MBaAFNwnPh4hhBziwzX+HJYc52gBfu4pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0NjLUhpR0VIT0xETmY0Y2xoem5hQUYtN2lrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iNGE3MWEtZWIzNy00NjlhLThiYjUt Mjc4NDFmNTA3NzM1LzEvMVREa1FZZzN4UXNOaWgxY0JDd3NrVVh3eExBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC9iNGE3MWEtZWIzNy00NjlhLThiYjUtMjc4NDFmNTA3NzM1 LzEvM0NjLUhpR0VIT0xETmY0Y2xoem5hQUYtN2lrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuejUMA8E AgACMAkDBwAgAQZ8A5AwDQYJKoZIhvcNAQELBQADggEBAHPys/vY5PhqZIRE7gcT UR65YEKnIhIPsot5EYNd1h0BReJJ9XVuRf/jDtHroaV03XKc+mbXa68iHbHWxfAh 7nmaPijCYPdK9rwr5dJhbu7RN+sOBRO8KJl45r3wfrrZk3sivxu+OwY1AK+5vX79 BmEuiVTpdxpV4Efkd2L9xepwCxHumPjyDfKRAiZmOl4iQlZCa8OlRQUmimXBlO3X 9XSkvgxbKvNeQPS1vGslzBkThQWso/Wsmzw1+9rTOWhplB9+M0c7CXBv+Skpl81d +POsC79aLZzHJvblpdQmHNhTBgTCCxsFuG2+h1rhgd9uya4Rzz3gaLRxgCPruiKE v9k= -----END CERTIFICATE-----Generated at Tue Feb 10 04:16:38 2026 by rpki-client