This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/rDXd_OZlN4Uiv52rfRn8xHDUy80.roa File: rDXd_OZlN4Uiv52rfRn8xHDUy80.roa (raw, json) Hash identifier: 91Ja2DiUDudi8VvOpGDDJuXajBkTzaFVadsjPhZfAy8= Subject key identifier: AC:35:DD:FC:E6:65:37:85:22:BF:9D:AB:7D:19:FC:C4:70:D4:CB:CD Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a Certificate serial: 019B7B3695B0B6ADB2BC409196A5912C25D6 Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/rDXd_OZlN4Uiv52rfRn8xHDUy80.roa Signing time: Thu 01 Jan 2026 20:18:53 +0000 ROA not before: Thu 01 Jan 2026 20:18:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20940 IP address blocks: 109.207.109.0/24 maxlen: 24 185.225.250.0/24 maxlen: 24 185.225.251.0/24 maxlen: 24 2a10:f783:23::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.mft rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:95:b0:b6:ad:b2:bc:40:91:96:a5:91:2c:25:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a Validity Not Before: Jan 1 20:18:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ac35ddfce665378522bf9dab7d19fcc470d4cbcd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:aa:f3:12:27:ac:59:35:66:24:40:1e:6d:e5: 1d:09:9d:28:69:03:c7:1c:a4:b6:75:d9:09:12:96: 71:2f:f9:c5:5e:c5:74:8c:a5:87:2a:05:25:b2:85: a3:50:6b:84:97:8b:72:39:c0:79:ce:6c:b1:3c:d3: 33:0b:74:63:4b:cb:31:be:31:5e:e8:dd:49:99:18: d0:13:11:d9:57:6e:ac:dc:2c:01:66:a8:bf:5b:47: 7f:b4:1b:ea:57:a1:3b:28:15:25:c6:56:cb:77:db: 4c:6f:68:c2:48:c2:11:89:ed:3d:aa:aa:c4:de:d0: 41:72:a6:1d:ef:56:19:dd:72:01:35:44:f6:83:45: 3b:e1:34:ea:e6:50:7a:3a:f6:06:f4:ed:64:0a:52: 54:e6:f6:4e:43:7b:b8:85:02:a6:c4:55:dd:07:42: f9:fb:c9:b2:9c:71:e3:6e:ce:74:04:82:7e:1a:4a: 97:b9:a0:83:b1:3f:5c:31:e0:d2:a1:ed:83:6e:b0: c2:86:f7:88:6b:8e:8f:9a:94:1f:0f:c6:54:e9:dc: 53:f4:fe:32:2c:15:1e:83:33:6e:8a:ee:92:38:3b: 36:14:ab:ee:73:f5:cb:52:95:4f:c0:2f:cf:26:b4: 23:14:ea:61:ee:19:5b:8c:6d:ef:d3:9e:80:51:1c: e4:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:35:DD:FC:E6:65:37:85:22:BF:9D:AB:7D:19:FC:C4:70:D4:CB:CD X509v3 Authority Key Identifier: keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/rDXd_OZlN4Uiv52rfRn8xHDUy80.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.207.109.0/24 185.225.250.0/23 IPv6: 2a10:f783:23::/48 Signature Algorithm: sha256WithRSAEncryption 8c:b7:3f:75:62:1a:ff:e2:71:70:b3:eb:50:06:7e:ae:a8:c9: 8e:e8:df:8e:65:67:a5:1f:94:a1:6c:06:b5:86:3a:bb:28:e9: d2:6b:2b:4a:c0:02:84:3a:ed:66:0b:1e:04:27:4c:1d:ef:fb: bb:28:91:f3:be:be:20:5d:f0:44:6c:90:e6:10:7f:5c:32:5f: bd:8b:9c:57:bf:20:5d:1e:bd:fb:56:14:04:b3:2d:d2:14:a4: 6a:08:6a:e3:cb:ec:ef:09:2c:da:d4:49:45:ba:76:f1:35:71: a6:a8:3e:99:fd:45:5b:9b:9f:e6:bd:1a:1b:61:88:85:6f:65: b5:05:c4:3a:91:9f:ca:87:b7:08:0c:98:ac:a0:21:53:d7:30: 7d:5f:8f:b1:a1:52:7b:d5:43:8d:6f:0c:f4:a9:70:c1:f3:9e: 74:22:b7:c2:e4:c1:4a:b2:47:89:e4:a2:0e:2f:14:b2:7e:34: d8:aa:c9:f9:ca:43:2b:f3:42:c9:06:cb:9c:32:d5:9e:de:88: 68:f6:79:9c:06:85:fb:24:68:9f:04:47:dd:8d:d3:d7:23:3f: c4:44:d8:7f:22:2f:ec:a9:4a:d8:64:67:09:40:6b:06:58:80: ea:df:0d:eb:98:14:08:94:4d:06:96:8f:31:b5:73:15:ad:65: 89:6b:46:60 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt7NpWwtq2yvECRlqWRLCXWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx NmMzMmEwHhcNMjYwMTAxMjAxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYzM1ZGRmY2U2NjUzNzg1MjJiZjlkYWI3ZDE5ZmNjNDcwZDRjYmNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6rzEiesWTVmJEAebeUdCZ0oaQPH HKS2ddkJEpZxL/nFXsV0jKWHKgUlsoWjUGuEl4tyOcB5zmyxPNMzC3RjS8sxvjFe 6N1JmRjQExHZV26s3CwBZqi/W0d/tBvqV6E7KBUlxlbLd9tMb2jCSMIRie09qqrE 3tBBcqYd71YZ3XIBNUT2g0U74TTq5lB6OvYG9O1kClJU5vZOQ3u4hQKmxFXdB0L5 +8mynHHjbs50BIJ+GkqXuaCDsT9cMeDSoe2DbrDChveIa46PmpQfD8ZU6dxT9P4y LBUegzNuiu6SODs2FKvuc/XLUpVPwC/PJrQjFOph7hlbjG3v056AURzkZQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFKw13fzmZTeFIr+dq30Z/MRw1MvNMB8GA1UdIwQY MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt MWIwNmQxYzcwNGMxLzEvckRYZF9PWmxONFVpdjUycmZSbjh4SERVeTgwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAbc9tAwQB ueH6MA8EAgACMAkDBwAqEPeDACMwDQYJKoZIhvcNAQELBQADggEBAIy3P3ViGv/i cXCz61AGfq6oyY7o345lZ6UflKFsBrWGOrso6dJrK0rAAoQ67WYLHgQnTB3v+7so kfO+viBd8ERskOYQf1wyX72LnFe/IF0evftWFASzLdIUpGoIauPL7O8JLNrUSUW6 dvE1caaoPpn9RVubn+a9GhthiIVvZbUFxDqRn8qHtwgMmKygIVPXMH1fj7GhUnvV Q41vDPSpcMHznnQit8LkwUqyR4nkog4vFLJ+NNiqyfnKQyvzQskGy5wy1Z7eiGj2 eZwGhfskaJ8ER92N09cjP8RE2H8iL+ypSthkZwlAawZYgOrfDeuYFAiUTQaWjzG1 cxWtZYlrRmA= -----END CERTIFICATE-----Generated at Tue Jan 20 08:02:12 2026 by rpki-client