This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/DhTjJf1PbQEdM30a_x_F_RW_BHw.roa File: DhTjJf1PbQEdM30a_x_F_RW_BHw.roa (raw, json) Hash identifier: xXu5O4M5tOzMv8sx9uTtRuO2ZIdW3jp6Trsei0NUFLM= Subject key identifier: 0E:14:E3:25:FD:4F:6D:01:1D:33:7D:1A:FF:1F:C5:FD:15:BF:04:7C Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5 Certificate serial: 019B214C0A6F9F6A3D4C527ABA17A26BBBB7 Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/DhTjJf1PbQEdM30a_x_F_RW_BHw.roa Signing time: Mon 15 Dec 2025 09:16:30 +0000 ROA not before: Mon 15 Dec 2025 09:16:30 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 54252 IP address blocks: 84.32.20.0/24 maxlen: 24 84.32.58.0/24 maxlen: 24 84.32.60.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 08:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:4c:0a:6f:9f:6a:3d:4c:52:7a:ba:17:a2:6b:bb:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5 Validity Not Before: Dec 15 09:16:30 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=0e14e325fd4f6d011d337d1aff1fc5fd15bf047c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:4b:c7:e7:4e:67:08:6e:16:b2:34:d9:d5:38: a9:d6:9a:29:f7:c5:de:6d:66:2f:3e:bd:0e:d2:db: 92:6f:33:d8:1c:f2:2d:f1:07:7d:2a:c7:42:1a:df: 73:67:22:55:6a:d3:ca:88:7c:c5:1c:12:4e:d8:2d: ee:17:8d:6e:79:ce:b1:3d:79:da:b9:fc:0e:a9:5d: f6:0e:da:74:57:82:65:10:17:34:c9:1b:0d:0c:d0: b5:7a:dc:60:95:fd:29:b1:3a:f9:8b:a0:d2:96:63: bd:3c:37:13:56:ed:f3:4c:57:cc:a9:28:eb:87:56: ab:b7:7a:c4:17:f9:cd:8f:a1:1e:af:2a:35:96:ba: 6b:e3:e6:db:b6:66:70:36:39:eb:98:6e:08:bb:1a: 09:4d:e0:90:a8:2d:87:1b:72:c4:ab:43:65:9f:f6: 53:10:cc:61:71:a0:33:ef:bd:8d:0f:64:64:43:cd: ec:0a:24:2a:99:cb:de:d6:d0:31:41:c9:25:e9:37: d0:05:8b:ca:ac:35:b5:44:32:03:67:e0:95:ce:ea: 2c:ca:6a:d7:58:9a:ac:51:23:50:a3:72:18:71:a6: 35:45:6d:5d:e1:73:be:6d:fe:b9:3f:b4:5f:84:74: 4b:28:cd:22:db:58:ca:49:61:9b:40:ce:fe:d0:b9: 47:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:14:E3:25:FD:4F:6D:01:1D:33:7D:1A:FF:1F:C5:FD:15:BF:04:7C X509v3 Authority Key Identifier: keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/DhTjJf1PbQEdM30a_x_F_RW_BHw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.32.20.0/24 84.32.58.0/24 84.32.60.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:ce:2e:b8:1d:fe:c7:e0:24:de:53:cc:2f:27:89:97:7e:51: 89:ff:e9:20:a0:0c:b7:84:3f:ff:ac:a2:c0:8c:a9:c8:ce:97: bc:6b:e5:38:e6:dd:52:8c:cd:04:05:59:3c:76:e5:0a:56:9d: 09:02:eb:62:e1:3a:74:7f:04:f8:a9:f4:b5:21:62:48:24:b7: 36:b4:9d:fc:0c:95:35:1a:b5:02:be:53:cf:f9:d0:77:1e:35: c0:81:c3:92:4b:e4:6d:06:78:cb:32:b6:31:04:4e:da:db:62: a7:ec:e1:09:e0:48:7b:c1:87:3a:a2:13:1f:bd:e8:a8:e5:cb: 53:2a:d4:5e:7f:d7:74:a9:e4:c8:86:40:36:b9:da:0b:da:a0: a3:47:a9:0d:0b:db:8c:82:51:60:9a:cb:f1:eb:d7:26:38:a0: 8e:f3:85:cd:d3:d0:d4:b0:f4:a5:24:c4:e2:dd:0b:ed:fa:25: f1:d5:4a:9a:fe:c6:55:25:89:e9:d8:65:6f:2a:a8:0f:6c:52: 69:7e:3c:1a:7a:90:e8:01:d7:12:2a:2f:2a:58:a7:07:35:8b: 74:97:9f:5d:a4:ad:25:6c:f2:3f:b0:14:c6:54:ad:8f:8f:de: 69:0c:62:96:a3:15:b7:98:be:fb:20:d9:17:8c:7b:72:00:f6: 03:8c:5f:2f -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZshTApvn2o9TFJ6uheia7u3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi ZGEzYzUwHhcNMjUxMjE1MDkxNjMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZTE0ZTMyNWZkNGY2ZDAxMWQzMzdkMWFmZjFmYzVmZDE1YmYwNDdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkvH505nCG4WsjTZ1Tip1pop98Xe bWYvPr0O0tuSbzPYHPIt8Qd9KsdCGt9zZyJVatPKiHzFHBJO2C3uF41uec6xPXna ufwOqV32Dtp0V4JlEBc0yRsNDNC1etxglf0psTr5i6DSlmO9PDcTVu3zTFfMqSjr h1art3rEF/nNj6Eeryo1lrpr4+bbtmZwNjnrmG4IuxoJTeCQqC2HG3LEq0Nln/ZT EMxhcaAz772ND2RkQ83sCiQqmcve1tAxQckl6TfQBYvKrDW1RDIDZ+CVzuosymrX WJqsUSNQo3IYcaY1RW1d4XO+bf65P7RfhHRLKM0i21jKSWGbQM7+0LlHgQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFA4U4yX9T20BHTN9Gv8fxf0VvwR8MB8GA1UdIwQY MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt MjM0ODFiZjA5MWMzLzEvRGhUakpmMVBiUUVkTTMwYV94X0ZfUldfQkh3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAUAwQA VCA6AwQAVCA8MA0GCSqGSIb3DQEBCwUAA4IBAQAczi64Hf7H4CTeU8wvJ4mXflGJ /+kgoAy3hD//rKLAjKnIzpe8a+U45t1SjM0EBVk8duUKVp0JAuti4Tp0fwT4qfS1 IWJIJLc2tJ38DJU1GrUCvlPP+dB3HjXAgcOSS+RtBnjLMrYxBE7a22Kn7OEJ4Eh7 wYc6ohMfveio5ctTKtRef9d0qeTIhkA2udoL2qCjR6kNC9uMglFgmsvx69cmOKCO 84XN09DUsPSlJMTi3Qvt+iXx1Uqa/sZVJYnp2GVvKqgPbFJpfjwaepDoAdcSKi8q WKcHNYt0l59dpK0lbPI/sBTGVK2Pj95pDGKWoxW3mL77INkXjHtyAPYDjF8v -----END CERTIFICATE-----Generated at Fri Dec 19 17:41:12 2025 by rpki-client