This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/ItFf5mGxUD7KxGy789UtNATPKKo.roa File: ItFf5mGxUD7KxGy789UtNATPKKo.roa (raw, json) Hash identifier: q6yJcUukZanUDWbF7+j0aEo4I20oQqnK0aRmb9zfRQg= Subject key identifier: 22:D1:5F:E6:61:B1:50:3E:CA:C4:6C:BB:F3:D5:2D:34:04:CF:28:AA Certificate issuer: /CN=0c037dd22b7aabe282225afb256b8d9dcbeba353 Certificate serial: 019B7E384DE945C370D8C45A4DE0DE810465 Authority key identifier: 0C:03:7D:D2:2B:7A:AB:E2:82:22:5A:FB:25:6B:8D:9D:CB:EB:A3:53 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DAN90it6q-KCIlr7JWuNncvro1M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/ItFf5mGxUD7KxGy789UtNATPKKo.roa Signing time: Fri 02 Jan 2026 10:19:37 +0000 ROA not before: Fri 02 Jan 2026 10:19:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50023 IP address blocks: 85.204.48.0/22 maxlen: 24 109.68.10.0/23 maxlen: 24 109.68.12.0/22 maxlen: 24 185.14.212.0/22 maxlen: 24 185.137.64.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/DAN90it6q-KCIlr7JWuNncvro1M.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/DAN90it6q-KCIlr7JWuNncvro1M.mft rsync://rpki.ripe.net/repository/DEFAULT/DAN90it6q-KCIlr7JWuNncvro1M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:4d:e9:45:c3:70:d8:c4:5a:4d:e0:de:81:04:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0c037dd22b7aabe282225afb256b8d9dcbeba353 Validity Not Before: Jan 2 10:19:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=22d15fe661b1503ecac46cbbf3d52d3404cf28aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:92:4b:81:07:be:ac:30:0d:95:a1:80:ab:fe: 0d:44:5f:3a:ad:fd:a5:23:d9:62:44:cb:53:fd:9a: 5e:19:64:f4:cd:f6:d7:d5:3c:48:80:2e:b9:c4:43: 92:f7:74:f7:b6:02:2e:7b:24:fc:9d:be:7e:0a:12: d8:10:5a:0f:47:0e:ec:33:9e:f9:f8:d0:9a:27:0e: 20:70:28:41:95:e5:e9:3d:5e:79:da:e8:14:94:01: 1f:a5:20:8e:95:67:7a:cb:bc:fb:bd:57:9c:7f:3f: 6b:e1:44:21:1e:b4:1d:76:44:55:d9:d8:0a:e2:5c: 56:49:b1:e0:c5:3b:2b:44:40:3f:dc:3c:c1:58:9d: 9e:85:43:bd:7e:e7:85:ea:1d:62:31:71:b5:3e:f1: fb:c7:51:3b:53:72:ef:7b:d8:39:22:f5:4f:06:99: ab:8f:be:5c:34:b8:66:34:59:48:d2:aa:67:07:ca: a9:ea:9f:2b:93:6f:de:4e:56:9f:58:83:f5:40:dd: ec:cd:40:a2:e4:b8:4f:98:3a:f7:94:b7:82:48:54: fa:2c:5e:f1:6d:8a:29:a9:33:a7:91:87:2a:4f:3b: 92:5d:2a:1a:e6:c0:27:66:90:7f:05:99:52:5c:bf: e0:ac:db:a0:b8:df:cf:12:3f:35:2d:62:94:b3:97: e4:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:D1:5F:E6:61:B1:50:3E:CA:C4:6C:BB:F3:D5:2D:34:04:CF:28:AA X509v3 Authority Key Identifier: keyid:0C:03:7D:D2:2B:7A:AB:E2:82:22:5A:FB:25:6B:8D:9D:CB:EB:A3:53 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DAN90it6q-KCIlr7JWuNncvro1M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/ItFf5mGxUD7KxGy789UtNATPKKo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/da81cb-1972-4c9b-9dab-e8f3a66ef558/1/DAN90it6q-KCIlr7JWuNncvro1M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.204.48.0/22 109.68.10.0-109.68.15.255 185.14.212.0/22 185.137.64.0/22 Signature Algorithm: sha256WithRSAEncryption 47:ea:b7:88:11:53:39:88:ee:31:06:81:7b:57:df:9b:72:7b: ec:15:73:a4:1f:36:3d:79:fd:6c:cd:39:0f:f4:7a:9c:7b:b0: b4:0f:77:5e:2d:fa:22:90:cc:4f:aa:c9:dc:b7:2d:80:b5:a5: 56:2d:0c:07:63:3a:be:54:50:a6:64:dc:9c:6f:e9:40:11:aa: 77:56:9e:78:b2:13:c4:85:a5:24:5f:1a:b6:2b:70:ac:1f:ef: 12:3f:5b:58:6f:d5:e5:4f:17:0d:f5:ce:1d:d2:67:5b:1e:23: 91:d1:f0:b7:52:98:67:7a:d6:37:6c:46:78:00:36:4a:f8:58: fd:31:1d:81:db:af:a9:4e:72:2f:bb:f5:1d:c2:86:1d:02:11: 64:a2:21:fa:63:a8:61:aa:0c:29:6e:d8:59:b3:73:c1:58:de: df:c3:70:e0:8f:da:bb:01:78:3c:da:22:bf:83:6a:f9:fb:d9: 23:f2:9e:0b:a0:93:d4:b7:cd:67:aa:f9:20:33:a9:c5:47:ca: 9a:2f:24:6d:11:2f:82:2f:d5:cc:5f:55:2d:2f:68:78:d7:0c: e1:d5:1d:d3:61:dc:ca:47:4d:62:d5:f1:43:a7:bd:91:0b:f5: 56:63:c8:5a:4b:e3:42:3b:99:58:4c:55:6a:c0:42:d7:02:00: 9a:bb:7c:66 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt+OE3pRcNw2MRaTeDegQRlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBjMDM3ZGQyMmI3YWFiZTI4MjIyNWFmYjI1NmI4ZDlkY2Jl YmEzNTMwHhcNMjYwMTAyMTAxOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMmQxNWZlNjYxYjE1MDNlY2FjNDZjYmJmM2Q1MmQzNDA0Y2YyOGFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpJLgQe+rDANlaGAq/4NRF86rf2l I9liRMtT/ZpeGWT0zfbX1TxIgC65xEOS93T3tgIueyT8nb5+ChLYEFoPRw7sM575 +NCaJw4gcChBleXpPV552ugUlAEfpSCOlWd6y7z7vVecfz9r4UQhHrQddkRV2dgK 4lxWSbHgxTsrREA/3DzBWJ2ehUO9fueF6h1iMXG1PvH7x1E7U3Lve9g5IvVPBpmr j75cNLhmNFlI0qpnB8qp6p8rk2/eTlafWIP1QN3szUCi5LhPmDr3lLeCSFT6LF7x bYopqTOnkYcqTzuSXSoa5sAnZpB/BZlSXL/grNuguN/PEj81LWKUs5fk0wIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFCLRX+ZhsVA+ysRsu/PVLTQEzyiqMB8GA1UdIwQY MBaAFAwDfdIreqvigiJa+yVrjZ3L66NTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvREFOOTBpdDZxLUtDSWxyN0pXdU5uY3ZybzFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9kYTgxY2ItMTk3Mi00YzliLTlkYWIt ZThmM2E2NmVmNTU4LzEvSXRGZjVtR3hVRDdLeEd5Nzg5VXROQVRQS0tvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9kYTgxY2ItMTk3Mi00YzliLTlkYWItZThmM2E2NmVmNTU4 LzEvREFOOTBpdDZxLUtDSWxyN0pXdU5uY3ZybzFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCVcwwMAwD BAFtRAoDBARtRAADBAK5DtQDBAK5iUAwDQYJKoZIhvcNAQELBQADggEBAEfqt4gR UzmI7jEGgXtX35tye+wVc6QfNj15/WzNOQ/0epx7sLQPd14t+iKQzE+qydy3LYC1 pVYtDAdjOr5UUKZk3Jxv6UARqndWnniyE8SFpSRfGrYrcKwf7xI/W1hv1eVPFw31 zh3SZ1seI5HR8LdSmGd61jdsRngANkr4WP0xHYHbr6lOci+79R3Chh0CEWSiIfpj qGGqDClu2Fmzc8FY3t/DcOCP2rsBeDzaIr+Davn72SPyngugk9S3zWeq+SAzqcVH ypovJG0RL4Iv1cxfVS0vaHjXDOHVHdNh3MpHTWLV8UOnvZEL9VZjyFpL40I7mVhM VWrAQtcCAJq7fGY= -----END CERTIFICATE-----Generated at Mon Jan 12 03:18:01 2026 by rpki-client