This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/5DhZq_rBdW3po_ZrXdjJ55GpFqA.roa File: 5DhZq_rBdW3po_ZrXdjJ55GpFqA.roa (raw, json) Hash identifier: QKy+PuVbWKIlnbGB9uOk/snfAnZg1+WrdQuHuNMld0k= Subject key identifier: E4:38:59:AB:FA:C1:75:6D:E9:A3:F6:6B:5D:D8:C9:E7:91:A9:16:A0 Certificate issuer: /CN=bd8f9c03e757f3db514ca38d15ada451fa2e9615 Certificate serial: 019B79ED2AC7C56911F6A5B9D4D434DC102D Authority key identifier: BD:8F:9C:03:E7:57:F3:DB:51:4C:A3:8D:15:AD:A4:51:FA:2E:96:15 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vY-cA-dX89tRTKONFa2kUfoulhU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/5DhZq_rBdW3po_ZrXdjJ55GpFqA.roa Signing time: Thu 01 Jan 2026 14:19:04 +0000 ROA not before: Thu 01 Jan 2026 14:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 185.109.96.0/22 maxlen: 24 193.3.28.0/24 maxlen: 24 2a04:a0c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/vY-cA-dX89tRTKONFa2kUfoulhU.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/vY-cA-dX89tRTKONFa2kUfoulhU.mft rsync://rpki.ripe.net/repository/DEFAULT/vY-cA-dX89tRTKONFa2kUfoulhU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 23:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:2a:c7:c5:69:11:f6:a5:b9:d4:d4:34:dc:10:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bd8f9c03e757f3db514ca38d15ada451fa2e9615 Validity Not Before: Jan 1 14:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e43859abfac1756de9a3f66b5dd8c9e791a916a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:75:69:f4:26:ab:ba:11:2c:9a:ab:ce:60:45: 82:00:76:f4:e1:e5:1e:99:01:54:cc:ae:81:ad:05: 47:69:52:f5:e9:23:58:41:a7:50:4a:b1:e1:b1:41: 30:e9:c3:28:08:5a:a3:58:2d:0f:23:19:ad:78:84: 3e:5e:cc:91:0e:d0:12:b4:d3:8c:9a:4d:31:59:7d: 02:e0:47:e6:ef:fc:19:ca:db:37:da:6f:c3:52:18: 60:fa:9a:54:ce:0b:8d:c3:e2:1a:2f:5d:9e:99:82: ed:15:94:3a:2b:ee:4d:77:d3:bc:c1:32:c8:18:1c: 00:1f:ca:89:8b:7e:7a:52:e5:5f:e6:01:ba:ab:99: cc:72:3c:e1:00:46:64:de:98:f3:ce:fd:d3:2a:6a: 47:40:26:f0:38:d3:8c:e0:54:30:c0:4e:0b:a1:9b: d1:cd:08:c1:95:87:b3:3e:0a:ab:29:1c:e9:20:64: 67:62:70:01:fa:51:ef:1e:19:02:2e:d3:b9:19:e8: bf:46:f3:ca:20:15:1f:33:35:98:95:34:aa:be:2a: 90:89:f1:a1:ff:71:a6:f5:33:d2:a6:7e:da:b3:be: cd:02:33:0c:7d:ce:cb:15:b5:e0:6b:7c:6c:00:96: 9b:34:26:d7:dc:e7:e5:3e:66:38:d2:c0:f7:12:83: 28:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:38:59:AB:FA:C1:75:6D:E9:A3:F6:6B:5D:D8:C9:E7:91:A9:16:A0 X509v3 Authority Key Identifier: keyid:BD:8F:9C:03:E7:57:F3:DB:51:4C:A3:8D:15:AD:A4:51:FA:2E:96:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vY-cA-dX89tRTKONFa2kUfoulhU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/5DhZq_rBdW3po_ZrXdjJ55GpFqA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b83e47-bc04-492d-9a07-ecdd8174007a/1/vY-cA-dX89tRTKONFa2kUfoulhU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.109.96.0/22 193.3.28.0/24 IPv6: 2a04:a0c0::/29 Signature Algorithm: sha256WithRSAEncryption 82:a6:a9:56:1e:d2:54:50:24:47:da:88:60:6c:13:5a:ce:01: 28:e8:52:3e:6c:98:43:90:bc:90:e4:f3:24:0a:ec:f1:c0:a1: ce:3c:ee:27:02:44:b0:20:8e:5c:50:77:6e:00:55:28:ff:79: f2:1d:6c:24:7d:27:ff:f1:75:55:69:0a:0f:ab:7a:e0:06:19: 1a:ad:41:b3:06:ec:8b:6a:5a:68:0a:e4:ef:fd:a0:5d:b9:4c: 20:db:62:fb:34:49:03:54:1b:d6:5e:66:fa:bc:6d:a7:29:8e: ed:cc:26:82:f7:b9:c7:c5:aa:d7:28:9a:bd:62:67:b5:c4:49: 03:94:fb:cf:68:84:70:2a:c3:4e:ab:9a:25:ce:38:c3:8c:87: 57:38:9e:4d:c7:08:e1:83:4b:74:cd:84:f8:62:b5:6e:96:69: db:e2:c5:d3:37:6e:14:3e:d1:61:ce:98:fd:7d:35:a7:75:b3: 78:ec:e3:c4:f6:69:de:85:4e:3c:f1:3b:f1:79:ab:e0:be:0d: a4:20:9c:64:33:4d:f1:e2:14:9d:69:97:9d:99:4a:46:25:6e: 9b:d4:e7:80:3a:c8:d8:5f:4a:60:fe:05:67:20:af:9d:e5:38: f4:8c:4d:91:ec:38:0c:f3:6b:42:85:ff:bb:47:3f:49:39:6b: b2:26:64:25 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt57SrHxWkR9qW51NQ03BAtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkOGY5YzAzZTc1N2YzZGI1MTRjYTM4ZDE1YWRhNDUxZmEy ZTk2MTUwHhcNMjYwMTAxMTQxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNDM4NTlhYmZhYzE3NTZkZTlhM2Y2NmI1ZGQ4YzllNzkxYTkxNmEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HVp9CaruhEsmqvOYEWCAHb04eUe mQFUzK6BrQVHaVL16SNYQadQSrHhsUEw6cMoCFqjWC0PIxmteIQ+XsyRDtAStNOM mk0xWX0C4Efm7/wZyts32m/DUhhg+ppUzguNw+IaL12emYLtFZQ6K+5Nd9O8wTLI GBwAH8qJi356UuVf5gG6q5nMcjzhAEZk3pjzzv3TKmpHQCbwONOM4FQwwE4LoZvR zQjBlYezPgqrKRzpIGRnYnAB+lHvHhkCLtO5Gei/RvPKIBUfMzWYlTSqviqQifGh /3Gm9TPSpn7as77NAjMMfc7LFbXga3xsAJabNCbX3OflPmY40sD3EoMopwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFOQ4Wav6wXVt6aP2a13YyeeRqRagMB8GA1UdIwQY MBaAFL2PnAPnV/PbUUyjjRWtpFH6LpYVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdlktY0EtZFg4OXRSVEtPTkZhMmtVZm91bGhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9iODNlNDctYmMwNC00OTJkLTlhMDct ZWNkZDgxNzQwMDdhLzEvNURoWnFfckJkVzNwb19aclhkako1NUdwRnFBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS9iODNlNDctYmMwNC00OTJkLTlhMDctZWNkZDgxNzQwMDdh LzEvdlktY0EtZFg4OXRSVEtPTkZhMmtVZm91bGhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuW1gAwQA wQMcMA0EAgACMAcDBQMqBKDAMA0GCSqGSIb3DQEBCwUAA4IBAQCCpqlWHtJUUCRH 2ohgbBNazgEo6FI+bJhDkLyQ5PMkCuzxwKHOPO4nAkSwII5cUHduAFUo/3nyHWwk fSf/8XVVaQoPq3rgBhkarUGzBuyLalpoCuTv/aBduUwg22L7NEkDVBvWXmb6vG2n KY7tzCaC97nHxarXKJq9Yme1xEkDlPvPaIRwKsNOq5olzjjDjIdXOJ5Nxwjhg0t0 zYT4YrVulmnb4sXTN24UPtFhzpj9fTWndbN47OPE9mnehU488Tvxeavgvg2kIJxk M03x4hSdaZedmUpGJW6b1OeAOsjYX0pg/gVnIK+d5Tj0jE2R7DgM82tChf+7Rz9J OWuyJmQl -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:04 2026 by rpki-client