This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/C_DCfRSN7oCVV67q6bLzPSt0SX0.roa File: C_DCfRSN7oCVV67q6bLzPSt0SX0.roa (raw, json) Hash identifier: tuuEyNKdU6FCNvpWoORJaYe7wS5Tgy0s63MOjepUKAA= Subject key identifier: 0B:F0:C2:7D:14:8D:EE:80:95:57:AE:EA:E9:B2:F3:3D:2B:74:49:7D Certificate issuer: /CN=d826ca5d53c1b5308e2c9c791c630a0f22337943 Certificate serial: 019C067E5BFBCF517969DFF77A9DDEF2A3CF Authority key identifier: D8:26:CA:5D:53:C1:B5:30:8E:2C:9C:79:1C:63:0A:0F:22:33:79:43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/C_DCfRSN7oCVV67q6bLzPSt0SX0.roa Signing time: Wed 28 Jan 2026 21:24:30 +0000 ROA not before: Wed 28 Jan 2026 21:24:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25577 IP address blocks: 109.68.64.0/23 maxlen: 23 109.68.68.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/2CbKXVPBtTCOLJx5HGMKDyIzeUM.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/2CbKXVPBtTCOLJx5HGMKDyIzeUM.mft rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 06 Feb 2026 12:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:06:7e:5b:fb:cf:51:79:69:df:f7:7a:9d:de:f2:a3:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d826ca5d53c1b5308e2c9c791c630a0f22337943 Validity Not Before: Jan 28 21:24:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0bf0c27d148dee809557aeeae9b2f33d2b74497d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:73:18:e4:4a:c1:77:ba:62:6a:b3:cb:27:f6: fc:48:7e:b7:19:f8:86:ce:f0:f8:47:31:95:53:71: 6a:d8:21:eb:3c:fb:03:7d:0f:6e:f8:f8:6e:7a:6c: 47:7a:e0:34:5a:41:6a:75:b5:d7:de:57:de:fc:e0: 83:0d:15:38:7f:2c:1d:7f:a7:fb:6a:a0:59:d5:f6: c8:f7:86:45:4b:df:4c:c3:0f:af:28:22:c2:74:5d: 51:a8:1d:6c:d6:9c:bc:97:ea:b2:c7:ef:3d:35:ef: 6e:75:ac:1f:80:65:a0:0c:be:f5:da:9b:52:42:b5: 56:37:ab:bb:3a:6e:79:ce:85:77:db:53:a6:a7:83: 52:3d:9a:f4:52:49:8e:9e:fd:e5:74:70:57:ca:1d: 7d:e1:82:d7:b8:ad:22:63:db:f0:bf:6b:c4:0f:71: d4:f9:38:de:b7:a9:86:41:b2:53:b5:31:e5:d9:2d: ec:74:35:7d:de:58:e6:39:64:5c:3e:8d:60:33:a2: 5f:ee:f2:7e:77:f4:74:82:c8:90:bb:60:36:99:2a: 18:4d:22:b0:58:7f:d3:d9:b0:df:28:28:35:64:51: aa:0d:a6:c4:ba:1b:0f:74:14:58:fd:27:da:0a:cf: 49:d0:5a:78:80:12:ac:5a:04:da:9f:3d:60:63:89: 81:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:F0:C2:7D:14:8D:EE:80:95:57:AE:EA:E9:B2:F3:3D:2B:74:49:7D X509v3 Authority Key Identifier: keyid:D8:26:CA:5D:53:C1:B5:30:8E:2C:9C:79:1C:63:0A:0F:22:33:79:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2CbKXVPBtTCOLJx5HGMKDyIzeUM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/C_DCfRSN7oCVV67q6bLzPSt0SX0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/4b544e-6535-4af8-bbdb-58d2ee982879/1/2CbKXVPBtTCOLJx5HGMKDyIzeUM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.68.64.0/23 109.68.68.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:83:59:2f:9f:68:05:78:dd:5d:5c:6a:f8:39:cd:b0:5d:51: d1:bf:3c:88:64:8b:c9:6f:1f:b0:b5:1c:30:5f:be:07:46:29: 08:5b:a6:a6:34:a0:0c:21:6b:65:8b:23:e4:95:87:fc:4f:24: ba:99:ce:12:17:7d:e8:5c:68:70:77:f2:04:01:53:d2:81:4c: 6d:9f:b9:0b:cd:5d:44:fc:84:89:33:42:f5:2b:02:e5:43:39: 22:fd:09:27:1b:b4:00:a1:a0:e2:4d:fe:16:1b:20:e3:a3:67: 76:26:69:dd:6a:4e:a8:94:e4:a5:07:f9:8f:ba:4d:dd:92:c3: fd:0a:b0:14:18:43:d8:2b:bd:9c:a3:54:c8:1e:57:99:64:5c: 56:50:ff:65:97:8d:9b:a6:66:8c:ea:2f:9a:08:ed:a6:fa:ab: 07:1a:37:ed:6c:97:81:09:54:67:ec:b9:f0:f0:cf:ab:7b:4b: 41:3a:ad:27:c0:81:fa:7a:05:fa:a4:f7:81:0d:bb:da:4b:28: 2d:19:cf:b1:53:98:f5:36:9c:e7:2a:90:9c:3b:50:6c:80:a5: bf:a6:fd:fa:70:1e:68:fc:4a:95:ea:8a:da:f4:5a:c3:76:82: 23:3c:b5:d8:e9:95:96:49:80:94:4f:d5:61:ff:ec:9f:93:d6: 8f:42:a4:4b -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZwGflv7z1F5ad/3ep3e8qPPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MjZjYTVkNTNjMWI1MzA4ZTJjOWM3OTFjNjMwYTBmMjIz Mzc5NDMwHhcNMjYwMTI4MjEyNDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYmYwYzI3ZDE0OGRlZTgwOTU1N2FlZWFlOWIyZjMzZDJiNzQ0OTdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHMY5ErBd7piarPLJ/b8SH63GfiG zvD4RzGVU3Fq2CHrPPsDfQ9u+PhuemxHeuA0WkFqdbXX3lfe/OCDDRU4fywdf6f7 aqBZ1fbI94ZFS99Mww+vKCLCdF1RqB1s1py8l+qyx+89Ne9udawfgGWgDL712ptS QrVWN6u7Om55zoV321Omp4NSPZr0UkmOnv3ldHBXyh194YLXuK0iY9vwv2vED3HU +Tjet6mGQbJTtTHl2S3sdDV93ljmOWRcPo1gM6Jf7vJ+d/R0gsiQu2A2mSoYTSKw WH/T2bDfKCg1ZFGqDabEuhsPdBRY/SfaCs9J0Fp4gBKsWgTanz1gY4mB+QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFAvwwn0Uje6AlVeu6umy8z0rdEl9MB8GA1UdIwQY MBaAFNgmyl1TwbUwjiyceRxjCg8iM3lDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkNiS1hWUEJ0VENPTEp4NUhHTUtEeUl6ZVVNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80YjU0NGUtNjUzNS00YWY4LWJiZGIt NThkMmVlOTgyODc5LzEvQ19EQ2ZSU043b0NWVjY3cTZiTHpQU3QwU1gwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS80YjU0NGUtNjUzNS00YWY4LWJiZGItNThkMmVlOTgyODc5 LzEvMkNiS1hWUEJ0VENPTEp4NUhHTUtEeUl6ZVVNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBbURAAwQA bUREMA0GCSqGSIb3DQEBCwUAA4IBAQALg1kvn2gFeN1dXGr4Oc2wXVHRvzyIZIvJ bx+wtRwwX74HRikIW6amNKAMIWtliyPklYf8TyS6mc4SF33oXGhwd/IEAVPSgUxt n7kLzV1E/ISJM0L1KwLlQzki/QknG7QAoaDiTf4WGyDjo2d2Jmndak6olOSlB/mP uk3dksP9CrAUGEPYK72co1TIHleZZFxWUP9ll42bpmaM6i+aCO2m+qsHGjftbJeB CVRn7Lnw8M+re0tBOq0nwIH6egX6pPeBDbvaSygtGc+xU5j1NpznKpCcO1BsgKW/ pv36cB5o/EqV6ora9FrDdoIjPLXY6ZWWSYCUT9Vh/+yfk9aPQqRL -----END CERTIFICATE-----Generated at Thu Feb 5 19:43:14 2026 by rpki-client