This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/3e775d-b117-40dd-ae6a-2d502e956c04/1/DZHKsoKn60cOpPXOTjhxEjCZpns.roa File: DZHKsoKn60cOpPXOTjhxEjCZpns.roa (raw, json) Hash identifier: I2eVheSuMQHjrqYiNeoQc5mmnUzluaRJ/Ixu6RKHy+k= Subject key identifier: 0D:91:CA:B2:82:A7:EB:47:0E:A4:F5:CE:4E:38:71:12:30:99:A6:7B Certificate issuer: /CN=4c9d6c55be1be8a84ad2dfd5a7ffa5848f54d409 Certificate serial: 019B775915356CE160F376775C4238DC5E3F Authority key identifier: 4C:9D:6C:55:BE:1B:E8:A8:4A:D2:DF:D5:A7:FF:A5:84:8F:54:D4:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJ1sVb4b6KhK0t_Vp_-lhI9U1Ak.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/3e775d-b117-40dd-ae6a-2d502e956c04/1/DZHKsoKn60cOpPXOTjhxEjCZpns.roa Signing time: Thu 01 Jan 2026 02:18:05 +0000 ROA not before: Thu 01 Jan 2026 02:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207332 IP address blocks: 91.212.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/3e775d-b117-40dd-ae6a-2d502e956c04/1/TJ1sVb4b6KhK0t_Vp_-lhI9U1Ak.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/3e775d-b117-40dd-ae6a-2d502e956c04/1/TJ1sVb4b6KhK0t_Vp_-lhI9U1Ak.mft rsync://rpki.ripe.net/repository/DEFAULT/TJ1sVb4b6KhK0t_Vp_-lhI9U1Ak.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 09:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:15:35:6c:e1:60:f3:76:77:5c:42:38:dc:5e:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4c9d6c55be1be8a84ad2dfd5a7ffa5848f54d409 Validity Not Before: Jan 1 02:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0d91cab282a7eb470ea4f5ce4e3871123099a67b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:04:b5:ce:91:15:fa:ad:c9:5a:5b:eb:bd:f5: 72:4e:56:91:a1:54:41:c1:12:1a:e6:0c:10:fa:db: 11:24:ba:57:61:f1:f0:49:c8:18:a0:6f:11:66:fc: 88:49:2d:f9:db:48:fe:37:ec:e8:25:12:f1:f5:2e: 67:d0:bc:1c:d5:b3:66:5e:48:15:c6:96:20:11:a8: af:e6:75:2f:52:c3:ad:bc:eb:11:49:35:cc:9a:2c: 84:1c:08:fd:6c:b6:a6:2c:b2:b0:cf:76:e0:41:a0: de:3a:e5:d4:45:ee:e9:46:23:1c:5a:23:43:fb:e2: 87:ac:5c:83:82:e8:39:e1:23:e2:91:b0:84:f0:28: 2a:b1:6d:2b:89:85:db:f8:14:4e:7c:6d:7f:bc:8c: 11:cc:47:19:42:8c:b2:44:d4:ee:57:43:07:fa:a3: 7a:08:37:84:db:17:e1:38:0e:64:07:56:d7:36:32: 9f:e0:0c:f5:ad:94:35:7d:e2:c0:eb:d4:08:3f:74: 8d:8f:15:af:ff:63:60:2d:7b:8a:dc:8a:bb:12:be: 92:60:6f:f3:bd:a1:52:fc:ea:1b:2e:01:f3:bf:87: 98:b4:46:db:38:95:b9:fe:f9:c9:69:f3:37:c6:a6: fa:1c:f8:51:44:f1:f7:56:1f:41:d4:c7:79:4b:e1: fe:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:91:CA:B2:82:A7:EB:47:0E:A4:F5:CE:4E:38:71:12:30:99:A6:7B X509v3 Authority Key Identifier: keyid:4C:9D:6C:55:BE:1B:E8:A8:4A:D2:DF:D5:A7:FF:A5:84:8F:54:D4:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJ1sVb4b6KhK0t_Vp_-lhI9U1Ak.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/3e775d-b117-40dd-ae6a-2d502e956c04/1/DZHKsoKn60cOpPXOTjhxEjCZpns.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/3e775d-b117-40dd-ae6a-2d502e956c04/1/TJ1sVb4b6KhK0t_Vp_-lhI9U1Ak.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.212.0.0/24 Signature Algorithm: sha256WithRSAEncryption 04:0d:d5:25:6c:6c:64:4f:c0:8d:b7:bd:a4:d9:28:b4:64:16: 64:8a:11:3c:02:43:36:3c:79:1a:40:73:6e:ff:1e:15:fe:60: c6:ba:fd:f7:28:21:d2:32:67:7e:fc:41:37:10:b1:64:28:93: 1e:79:98:b0:50:94:e5:0f:ec:85:d3:00:15:5d:eb:c7:85:5d: f7:92:4f:92:42:15:e9:ce:0a:1c:4e:9f:c6:bf:aa:52:d5:54: 8b:14:e4:3a:74:42:e5:5d:eb:73:13:48:45:90:14:01:ca:52: 70:fb:62:2a:be:03:1a:39:09:01:c2:9a:bf:b4:db:f7:93:e1: 5c:25:e6:8e:70:3b:f0:38:ac:53:b6:a1:e4:0d:a4:a4:28:e4: 4e:6f:68:e5:99:f6:ab:b3:96:c7:93:72:12:2f:c7:28:f1:46: 71:fb:87:da:9e:a3:bb:fe:38:a6:a3:91:fb:0e:b8:27:aa:ca: b5:9a:73:06:ef:92:3b:85:2d:06:7c:32:c0:0d:71:0a:4b:95: c2:bd:66:92:3b:76:bb:dc:84:4d:a6:43:ad:cd:ae:4a:56:bd: c4:29:6b:b2:97:bc:f9:33:1c:a9:d4:f4:bd:cf:08:c6:59:69: 4d:81:ed:ca:81:c7:91:82:13:88:48:46:05:d8:51:d6:43:21: 6d:4a:10:00 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3WRU1bOFg83Z3XEI43F4/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjOWQ2YzU1YmUxYmU4YTg0YWQyZGZkNWE3ZmZhNTg0OGY1 NGQ0MDkwHhcNMjYwMTAxMDIxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZDkxY2FiMjgyYTdlYjQ3MGVhNGY1Y2U0ZTM4NzExMjMwOTlhNjdiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgS1zpEV+q3JWlvrvfVyTlaRoVRB wRIa5gwQ+tsRJLpXYfHwScgYoG8RZvyISS3520j+N+zoJRLx9S5n0Lwc1bNmXkgV xpYgEaiv5nUvUsOtvOsRSTXMmiyEHAj9bLamLLKwz3bgQaDeOuXURe7pRiMcWiND ++KHrFyDgug54SPikbCE8CgqsW0riYXb+BROfG1/vIwRzEcZQoyyRNTuV0MH+qN6 CDeE2xfhOA5kB1bXNjKf4Az1rZQ1feLA69QIP3SNjxWv/2NgLXuK3Iq7Er6SYG/z vaFS/OobLgHzv4eYtEbbOJW5/vnJafM3xqb6HPhRRPH3Vh9B1Md5S+H+xwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFA2RyrKCp+tHDqT1zk44cRIwmaZ7MB8GA1UdIwQY MBaAFEydbFW+G+ioStLf1af/pYSPVNQJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEoxc1ZiNGI2S2hLMHRfVnBfLWxoSTlVMUFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8zZTc3NWQtYjExNy00MGRkLWFlNmEt MmQ1MDJlOTU2YzA0LzEvRFpIS3NvS242MGNPcFBYT1RqaHhFakNacG5zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy8zZTc3NWQtYjExNy00MGRkLWFlNmEtMmQ1MDJlOTU2YzA0 LzEvVEoxc1ZiNGI2S2hLMHRfVnBfLWxoSTlVMUFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9QAMA0G CSqGSIb3DQEBCwUAA4IBAQAEDdUlbGxkT8CNt72k2Si0ZBZkihE8AkM2PHkaQHNu /x4V/mDGuv33KCHSMmd+/EE3ELFkKJMeeZiwUJTlD+yF0wAVXevHhV33kk+SQhXp zgocTp/Gv6pS1VSLFOQ6dELlXetzE0hFkBQBylJw+2IqvgMaOQkBwpq/tNv3k+Fc JeaOcDvwOKxTtqHkDaSkKOROb2jlmfars5bHk3ISL8co8UZx+4fanqO7/jimo5H7 Drgnqsq1mnMG75I7hS0GfDLADXEKS5XCvWaSO3a73IRNpkOtza5KVr3EKWuyl7z5 Mxyp1PS9zwjGWWlNge3KgceRghOISEYF2FHWQyFtShAA -----END CERTIFICATE-----Generated at Thu Jan 1 15:35:50 2026 by rpki-client