This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/dI860G5CcZzWUW-QRPRmqWGb4fY.roa File: dI860G5CcZzWUW-QRPRmqWGb4fY.roa (raw, json) Hash identifier: xn3G/ZcwlpPlA7T3BoJ7J8XVqbOCLHLfQJh83fXIfa0= Subject key identifier: 74:8F:3A:D0:6E:42:71:9C:D6:51:6F:90:44:F4:66:A9:61:9B:E1:F6 Certificate issuer: /CN=0e170ee859e91f4973de4a572b1bad2f3a5d1825 Certificate serial: 019B7F84FF8B558146C278A912BDAD1E6686 Authority key identifier: 0E:17:0E:E8:59:E9:1F:49:73:DE:4A:57:2B:1B:AD:2F:3A:5D:18:25 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DhcO6FnpH0lz3kpXKxutLzpdGCU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/dI860G5CcZzWUW-QRPRmqWGb4fY.roa Signing time: Fri 02 Jan 2026 16:23:01 +0000 ROA not before: Fri 02 Jan 2026 16:23:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208202 IP address blocks: 45.154.52.0/24 maxlen: 24 45.154.53.0/24 maxlen: 24 45.154.54.0/24 maxlen: 24 45.154.55.0/24 maxlen: 24 2a0f:ad00::/32 maxlen: 32 2a0f:ad01::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/DhcO6FnpH0lz3kpXKxutLzpdGCU.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/DhcO6FnpH0lz3kpXKxutLzpdGCU.mft rsync://rpki.ripe.net/repository/DEFAULT/DhcO6FnpH0lz3kpXKxutLzpdGCU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 01:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:ff:8b:55:81:46:c2:78:a9:12:bd:ad:1e:66:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e170ee859e91f4973de4a572b1bad2f3a5d1825 Validity Not Before: Jan 2 16:23:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=748f3ad06e42719cd6516f9044f466a9619be1f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:28:d1:44:56:c6:be:99:d9:bc:57:b7:36:c7: 60:65:60:83:80:27:08:9b:ee:2c:d4:f1:d7:58:37: bb:2c:3b:14:e7:a4:5a:35:5b:ed:16:5a:d4:91:15: 96:9f:6f:44:1c:5d:a9:f5:6b:a7:ec:c5:4c:48:fe: 9d:e7:66:1b:4e:fd:c5:84:14:c4:52:38:ab:7a:ec: 73:16:22:b3:ed:63:4e:2f:cf:12:d0:01:88:91:51: ec:40:f6:ba:06:f2:31:7d:79:d2:90:80:20:bb:6c: e4:65:96:05:28:6b:e4:5d:de:f4:b7:af:af:d0:d0: 7e:4f:fa:6f:09:7f:dd:7c:2b:6e:f8:a4:e4:77:fa: 59:73:ca:72:44:18:58:73:b9:ac:dc:8e:dd:1b:f0: 9f:c2:97:6b:b6:0c:79:7a:45:65:21:87:c7:0d:5f: 66:95:e6:d8:36:ce:73:cd:b5:96:3c:cc:8d:88:3e: ae:c9:af:1b:53:73:78:de:ff:8c:bf:51:6e:24:7f: 6f:f1:f3:a4:24:12:b6:81:05:98:f8:41:0f:e7:e8: 8d:ee:3f:2e:69:28:a2:13:fd:7b:6c:7d:3b:a0:83: b2:27:90:26:04:97:3d:28:25:d7:2d:b9:05:c7:b2: 0e:81:19:0d:4c:cd:51:5b:3d:fb:75:c2:2d:3e:8a: 6a:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:8F:3A:D0:6E:42:71:9C:D6:51:6F:90:44:F4:66:A9:61:9B:E1:F6 X509v3 Authority Key Identifier: keyid:0E:17:0E:E8:59:E9:1F:49:73:DE:4A:57:2B:1B:AD:2F:3A:5D:18:25 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DhcO6FnpH0lz3kpXKxutLzpdGCU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/dI860G5CcZzWUW-QRPRmqWGb4fY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cf720e-4d33-4db1-86e9-fc2ec4bb5967/1/DhcO6FnpH0lz3kpXKxutLzpdGCU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.154.52.0/22 IPv6: 2a0f:ad00::/31 Signature Algorithm: sha256WithRSAEncryption a2:a0:81:ff:a8:2d:55:d5:2a:5d:7e:74:4d:83:34:08:24:27: af:e3:c5:fe:a3:fc:b8:6d:6d:d6:bb:69:57:f0:ad:d6:e5:50: 9c:48:4b:17:cd:d5:40:e9:3a:62:71:63:89:4e:7b:b1:05:d2: b6:d5:d5:c7:4e:a4:a9:15:8b:d2:7c:3f:22:21:8d:be:3a:cd: 9e:41:6e:d9:c1:1f:81:4a:78:16:39:26:69:ad:a3:a1:37:8f: 47:68:c2:54:f2:ed:f0:ed:30:2b:3a:81:79:68:aa:31:b3:ea: 6d:6e:cb:c8:b7:34:d5:7c:b7:7c:19:b0:25:3d:5b:06:3d:64: 36:8d:f9:0b:24:25:48:87:c7:de:ba:36:27:3d:cd:90:74:7d: 22:f1:d7:85:b0:e2:c7:03:48:ed:c9:df:e3:32:a6:7c:84:a9: 1a:12:24:e0:b3:a0:19:23:01:1b:fa:07:d9:39:47:59:58:01: c9:4c:8e:e3:67:d0:6c:d6:88:e1:3a:84:54:9e:1a:66:89:f8: 05:1e:b3:7a:ca:07:de:54:37:aa:1c:f7:f6:52:e5:36:86:f1: d0:bf:a6:8b:23:d4:74:29:85:49:fa:12:eb:f2:df:5a:4b:25: 21:d3:e6:d3:80:b4:c4:cb:eb:db:de:70:a0:82:8a:f1:01:66: 81:25:54:d0 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/hP+LVYFGwnipEr2tHmaGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlMTcwZWU4NTllOTFmNDk3M2RlNGE1NzJiMWJhZDJmM2E1 ZDE4MjUwHhcNMjYwMTAyMTYyMzAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NDhmM2FkMDZlNDI3MTljZDY1MTZmOTA0NGY0NjZhOTYxOWJlMWY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCjRRFbGvpnZvFe3NsdgZWCDgCcI m+4s1PHXWDe7LDsU56RaNVvtFlrUkRWWn29EHF2p9Wun7MVMSP6d52YbTv3FhBTE UjireuxzFiKz7WNOL88S0AGIkVHsQPa6BvIxfXnSkIAgu2zkZZYFKGvkXd70t6+v 0NB+T/pvCX/dfCtu+KTkd/pZc8pyRBhYc7ms3I7dG/Cfwpdrtgx5ekVlIYfHDV9m lebYNs5zzbWWPMyNiD6uya8bU3N43v+Mv1FuJH9v8fOkJBK2gQWY+EEP5+iN7j8u aSiiE/17bH07oIOyJ5AmBJc9KCXXLbkFx7IOgRkNTM1RWz37dcItPopqDQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHSPOtBuQnGc1lFvkET0Zqlhm+H2MB8GA1UdIwQY MBaAFA4XDuhZ6R9Jc95KVysbrS86XRglMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGhjTzZGbnBIMGx6M2twWEt4dXRMenBkR0NVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9jZjcyMGUtNGQzMy00ZGIxLTg2ZTkt ZmMyZWM0YmI1OTY3LzEvZEk4NjBHNUNjWnpXVVctUVJQUm1xV0diNGZZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC9jZjcyMGUtNGQzMy00ZGIxLTg2ZTktZmMyZWM0YmI1OTY3 LzEvRGhjTzZGbnBIMGx6M2twWEt4dXRMenBkR0NVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZo0MA0E AgACMAcDBQEqD60AMA0GCSqGSIb3DQEBCwUAA4IBAQCioIH/qC1V1SpdfnRNgzQI JCev48X+o/y4bW3Wu2lX8K3W5VCcSEsXzdVA6TpicWOJTnuxBdK21dXHTqSpFYvS fD8iIY2+Os2eQW7ZwR+BSngWOSZpraOhN49HaMJU8u3w7TArOoF5aKoxs+ptbsvI tzTVfLd8GbAlPVsGPWQ2jfkLJCVIh8feujYnPc2QdH0i8deFsOLHA0jtyd/jMqZ8 hKkaEiTgs6AZIwEb+gfZOUdZWAHJTI7jZ9Bs1ojhOoRUnhpmifgFHrN6ygfeVDeq HPf2UuU2hvHQv6aLI9R0KYVJ+hLr8t9aSyUh0+bTgLTEy+vb3nCggorxAWaBJVTQ -----END CERTIFICATE-----Generated at Fri Jan 9 09:36:16 2026 by rpki-client