This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/0DAR2RR_cEGvc-FRtkmZdZD0bB8.roa File: 0DAR2RR_cEGvc-FRtkmZdZD0bB8.roa (raw, json) Hash identifier: /HvFt9zC5hQxuKNJ2ImOGVZ/AEK8wykLij6mmaEwUto= Subject key identifier: D0:30:11:D9:14:7F:70:41:AF:73:E1:51:B6:49:99:75:90:F4:6C:1F Certificate issuer: /CN=5484b53ec069e302623596fb3aa79f5d782c09f9 Certificate serial: 019B7EA6F72EE3157CBF274FD2C823C28981 Authority key identifier: 54:84:B5:3E:C0:69:E3:02:62:35:96:FB:3A:A7:9F:5D:78:2C:09:F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VIS1PsBp4wJiNZb7OqefXXgsCfk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/0DAR2RR_cEGvc-FRtkmZdZD0bB8.roa Signing time: Fri 02 Jan 2026 12:20:29 +0000 ROA not before: Fri 02 Jan 2026 12:20:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34949 IP address blocks: 109.239.112.0/23 maxlen: 23 109.239.112.0/24 maxlen: 24 109.239.113.0/24 maxlen: 24 109.239.114.0/23 maxlen: 24 109.239.116.0/23 maxlen: 23 109.239.116.0/24 maxlen: 24 109.239.117.0/24 maxlen: 24 109.239.118.0/23 maxlen: 23 109.239.118.0/24 maxlen: 24 109.239.119.0/24 maxlen: 24 109.239.122.0/23 maxlen: 23 109.239.122.0/24 maxlen: 24 109.239.123.0/24 maxlen: 24 109.239.124.0/23 maxlen: 23 109.239.125.0/24 maxlen: 24 109.239.126.0/23 maxlen: 23 109.239.126.0/24 maxlen: 24 109.239.127.0/24 maxlen: 24 159.100.32.0/23 maxlen: 23 159.100.32.0/24 maxlen: 24 159.100.33.0/24 maxlen: 24 159.100.34.0/23 maxlen: 23 159.100.34.0/24 maxlen: 24 159.100.35.0/24 maxlen: 24 159.100.38.0/23 maxlen: 23 159.100.38.0/24 maxlen: 24 159.100.39.0/24 maxlen: 24 159.100.40.0/23 maxlen: 23 159.100.40.0/24 maxlen: 24 159.100.41.0/24 maxlen: 24 159.100.42.0/23 maxlen: 23 159.100.42.0/24 maxlen: 24 159.100.43.0/24 maxlen: 24 159.100.44.0/24 maxlen: 24 159.100.46.0/23 maxlen: 23 159.100.46.0/24 maxlen: 24 185.60.24.0/23 maxlen: 23 185.60.24.0/24 maxlen: 24 185.60.25.0/24 maxlen: 24 185.60.26.0/23 maxlen: 23 185.60.26.0/24 maxlen: 24 185.85.224.0/23 maxlen: 23 185.85.224.0/24 maxlen: 24 185.85.225.0/24 maxlen: 24 185.85.226.0/23 maxlen: 23 185.85.226.0/24 maxlen: 24 185.85.227.0/24 maxlen: 24 217.112.48.0/23 maxlen: 24 217.112.49.0/24 maxlen: 24 217.112.50.0/23 maxlen: 23 217.112.50.0/24 maxlen: 24 217.112.51.0/24 maxlen: 24 217.112.52.0/23 maxlen: 23 217.112.52.0/24 maxlen: 24 217.112.53.0/24 maxlen: 24 217.112.54.0/23 maxlen: 23 217.112.54.0/24 maxlen: 24 217.112.55.0/24 maxlen: 24 217.112.56.0/23 maxlen: 23 217.112.56.0/24 maxlen: 24 217.112.57.0/24 maxlen: 24 217.112.58.0/23 maxlen: 23 217.112.58.0/24 maxlen: 24 217.112.59.0/24 maxlen: 24 217.112.60.0/23 maxlen: 23 217.112.60.0/24 maxlen: 24 217.112.61.0/24 maxlen: 24 217.112.62.0/23 maxlen: 24 217.112.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/VIS1PsBp4wJiNZb7OqefXXgsCfk.crl rsync://rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/VIS1PsBp4wJiNZb7OqefXXgsCfk.mft rsync://rpki.ripe.net/repository/DEFAULT/VIS1PsBp4wJiNZb7OqefXXgsCfk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:f7:2e:e3:15:7c:bf:27:4f:d2:c8:23:c2:89:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5484b53ec069e302623596fb3aa79f5d782c09f9 Validity Not Before: Jan 2 12:20:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d03011d9147f7041af73e151b649997590f46c1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:13:ee:c1:21:11:6e:b8:09:33:1b:27:86:aa: 3b:7c:40:04:44:c6:9c:2a:e1:cd:6b:97:cd:4b:13: 9a:35:a4:e0:65:45:b1:ce:7d:ca:fc:e9:77:30:92: ea:b7:3e:f0:23:f3:89:d9:a7:be:d7:7d:8c:77:2c: 72:f1:9e:74:61:d0:ba:d6:1a:d5:96:b0:84:8a:ab: 04:e0:b0:10:ac:85:7c:c6:ed:31:21:01:60:52:d8: e8:23:f7:87:05:47:3d:f9:3f:f7:b7:e4:57:84:6a: d6:c0:dc:ab:c9:78:77:36:9d:9c:58:82:31:ba:56: 9b:26:98:b8:46:b8:5d:e2:42:db:2f:ba:32:bf:ea: 81:5a:2b:5b:25:0e:08:73:01:30:91:15:33:7a:cc: db:29:97:4b:12:ad:22:d5:e4:00:8c:83:e2:ba:7b: 6f:58:2b:84:ef:2a:26:69:37:f3:ee:63:61:9e:ce: 84:22:87:e2:03:52:2e:73:78:7b:71:3b:09:ea:1b: 47:e2:4d:ba:2a:8f:39:52:9c:4d:54:92:ce:97:c8: 0e:28:55:6f:51:50:30:3a:d8:29:e1:40:f3:58:91: 03:92:38:55:85:c4:52:c2:da:d5:c9:a0:9e:a2:14: a9:35:bf:81:08:a2:55:ca:32:c1:31:ba:55:e4:8b: b0:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:30:11:D9:14:7F:70:41:AF:73:E1:51:B6:49:99:75:90:F4:6C:1F X509v3 Authority Key Identifier: keyid:54:84:B5:3E:C0:69:E3:02:62:35:96:FB:3A:A7:9F:5D:78:2C:09:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VIS1PsBp4wJiNZb7OqefXXgsCfk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/0DAR2RR_cEGvc-FRtkmZdZD0bB8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ca618c-35ce-4d31-bb89-ce8dd6898b27/1/VIS1PsBp4wJiNZb7OqefXXgsCfk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.239.112.0/21 109.239.122.0-109.239.127.255 159.100.32.0/22 159.100.38.0-159.100.44.255 159.100.46.0/23 185.60.24.0/22 185.85.224.0/22 217.112.48.0/20 Signature Algorithm: sha256WithRSAEncryption 1f:95:6e:30:40:6e:47:17:3c:2b:2b:fc:02:ba:15:ab:97:4e: 30:05:1b:73:ce:a2:b8:7f:b1:80:ee:70:c0:1c:d3:07:5b:db: d6:91:a0:75:ee:b0:44:3f:36:6a:b1:37:24:f5:31:d7:d0:23: d5:e9:75:d3:75:79:e9:a1:b3:2d:27:ea:4b:82:32:6f:8e:1d: e2:85:8d:62:14:4b:bf:26:ba:73:9e:6f:37:a4:46:2e:fa:95: eb:67:65:36:e4:84:83:30:b1:7b:1d:99:9a:a0:55:5e:6b:87: 7c:f3:2f:a0:2b:b9:da:97:eb:69:a5:0f:e9:23:8b:81:f9:88: 90:d6:ef:8a:77:9f:fc:f4:b3:51:5d:59:93:de:90:44:74:3d: 1b:22:dd:1d:1c:08:ee:4d:c4:7a:16:0f:fe:91:cc:12:8c:f8: 48:e8:06:77:74:1e:09:ed:5f:00:a5:09:82:be:a4:e2:ac:db: 3b:d6:08:e5:ce:ae:c4:d7:63:f0:4c:90:16:95:3f:7c:14:a6: d0:5f:9b:29:df:c8:9f:54:d4:9d:48:da:28:0d:e2:6c:b3:ca: 35:b3:f1:f2:4b:2d:54:1c:e1:13:e0:c6:95:e9:df:51:17:25: 02:fa:c1:c4:16:a8:31:ad:16:15:52:28:83:e3:db:56:9c:7d: 15:a2:69:ab -----BEGIN CERTIFICATE----- MIIFNzCCBB+gAwIBAgISAZt+pvcu4xV8vydP0sgjwomBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU0ODRiNTNlYzA2OWUzMDI2MjM1OTZmYjNhYTc5ZjVkNzgy YzA5ZjkwHhcNMjYwMTAyMTIyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMDMwMTFkOTE0N2Y3MDQxYWY3M2UxNTFiNjQ5OTk3NTkwZjQ2YzFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xPuwSERbrgJMxsnhqo7fEAERMac KuHNa5fNSxOaNaTgZUWxzn3K/Ol3MJLqtz7wI/OJ2ae+132Mdyxy8Z50YdC61hrV lrCEiqsE4LAQrIV8xu0xIQFgUtjoI/eHBUc9+T/3t+RXhGrWwNyryXh3Np2cWIIx ulabJpi4Rrhd4kLbL7oyv+qBWitbJQ4IcwEwkRUzeszbKZdLEq0i1eQAjIPiuntv WCuE7yomaTfz7mNhns6EIofiA1Iuc3h7cTsJ6htH4k26Ko85UpxNVJLOl8gOKFVv UVAwOtgp4UDzWJEDkjhVhcRSwtrVyaCeohSpNb+BCKJVyjLBMbpV5IuwTwIDAQAB o4ICQzCCAj8wHQYDVR0OBBYEFNAwEdkUf3BBr3PhUbZJmXWQ9GwfMB8GA1UdIwQY MBaAFFSEtT7AaeMCYjWW+zqnn114LAn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVklTMVBzQnA0d0ppTlpiN09xZWZYWGdzQ2ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jYTYxOGMtMzVjZS00ZDMxLWJiODkt Y2U4ZGQ2ODk4YjI3LzEvMERBUjJSUl9jRUd2Yy1GUnRrbVpkWkQwYkI4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC9jYTYxOGMtMzVjZS00ZDMxLWJiODktY2U4ZGQ2ODk4YjI3 LzEvVklTMVBzQnA0d0ppTlpiN09xZWZYWGdzQ2ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQDbe9wMAwD BAFt73oDBAdt7wADBAKfZCAwDAMEAZ9kJgMEAJ9kLAMEAZ9kLgMEArk8GAMEArlV 4AMEBNlwMDANBgkqhkiG9w0BAQsFAAOCAQEAH5VuMEBuRxc8Kyv8AroVq5dOMAUb c86iuH+xgO5wwBzTB1vb1pGgde6wRD82arE3JPUx19Aj1el103V56aGzLSfqS4Iy b44d4oWNYhRLvya6c55vN6RGLvqV62dlNuSEgzCxex2ZmqBVXmuHfPMvoCu52pfr aaUP6SOLgfmIkNbvinef/PSzUV1Zk96QRHQ9GyLdHRwI7k3EehYP/pHMEoz4SOgG d3QeCe1fAKUJgr6k4qzbO9YI5c6uxNdj8EyQFpU/fBSm0F+bKd/In1TUnUjaKA3i bLPKNbPx8kstVBzhE+DGlenfURclAvrBxBaoMa0WFVIog+PbVpx9FaJpqw== -----END CERTIFICATE-----Generated at Sun Jan 11 18:13:07 2026 by rpki-client