This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/17zD_45Ojk85pCPTQUH6kHV39wg.roa File: 17zD_45Ojk85pCPTQUH6kHV39wg.roa (raw, json) Hash identifier: 2aOFgr3OtXXpdP6T9v8he8K/GmBIDnp5QHJOyXnb+rI= Subject key identifier: D7:BC:C3:FF:8E:4E:8E:4F:39:A4:23:D3:41:41:FA:90:75:77:F7:08 Certificate issuer: /CN=40518ecbd6464d78ad451551648f9206f7fb5f42 Certificate serial: 019B78A24AA95D1502A523EBED24B60918E0 Authority key identifier: 40:51:8E:CB:D6:46:4D:78:AD:45:15:51:64:8F:92:06:F7:FB:5F:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QFGOy9ZGTXitRRVRZI-SBvf7X0I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/17zD_45Ojk85pCPTQUH6kHV39wg.roa Signing time: Thu 01 Jan 2026 08:17:40 +0000 ROA not before: Thu 01 Jan 2026 08:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214849 IP address blocks: 138.222.64.0/24 maxlen: 24 138.222.65.0/24 maxlen: 24 138.222.66.0/24 maxlen: 24 138.222.67.0/24 maxlen: 24 138.222.68.0/24 maxlen: 24 138.222.69.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/QFGOy9ZGTXitRRVRZI-SBvf7X0I.crl rsync://rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/QFGOy9ZGTXitRRVRZI-SBvf7X0I.mft rsync://rpki.ripe.net/repository/DEFAULT/QFGOy9ZGTXitRRVRZI-SBvf7X0I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 08:19:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:4a:a9:5d:15:02:a5:23:eb:ed:24:b6:09:18:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40518ecbd6464d78ad451551648f9206f7fb5f42 Validity Not Before: Jan 1 08:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d7bcc3ff8e4e8e4f39a423d34141fa907577f708 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:34:79:96:6d:a6:d3:60:f7:92:ce:2d:03:06: c2:71:8c:84:a4:83:aa:64:d2:26:81:91:c6:d9:4e: e3:c1:49:76:a7:3b:63:2e:a0:96:1d:cb:f6:e3:f9: 0a:b3:62:6d:62:2f:0b:a2:78:d6:58:8d:4f:9f:90: d2:70:30:87:cd:28:57:ba:a7:49:51:13:d4:50:71: 6e:60:c0:01:34:00:99:ca:b5:cc:29:2f:3f:6b:99: dd:e7:02:14:7c:c0:e8:f2:c9:fe:6e:c9:16:f9:81: e3:4a:95:b5:0b:1b:82:81:b3:32:0b:95:5b:81:4c: 7b:16:e1:4c:d0:70:7e:05:76:b8:22:84:97:f5:7b: c0:54:72:3c:9b:62:f7:de:15:e7:0b:d2:5f:a6:1a: db:1a:22:16:2d:0f:c2:9c:15:a1:ec:9a:51:24:bf: 25:e3:c3:3e:33:e8:bb:2e:10:1c:90:9a:97:b2:02: be:1a:97:bb:cd:a3:75:48:9c:9d:dc:8b:94:54:a0: 68:2e:41:09:d4:6b:bb:20:c4:28:09:95:da:34:a0: 43:6e:68:d8:c4:90:67:4b:81:7e:5c:c4:00:f4:d5: 55:5a:12:7f:66:eb:9b:3c:f4:a4:72:2c:5c:e3:0b: 46:24:63:14:31:31:32:dc:bb:c8:68:b4:c4:3d:9a: 10:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:BC:C3:FF:8E:4E:8E:4F:39:A4:23:D3:41:41:FA:90:75:77:F7:08 X509v3 Authority Key Identifier: keyid:40:51:8E:CB:D6:46:4D:78:AD:45:15:51:64:8F:92:06:F7:FB:5F:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QFGOy9ZGTXitRRVRZI-SBvf7X0I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/17zD_45Ojk85pCPTQUH6kHV39wg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/76/437150-783c-431a-b3fd-7c3d79401ec2/1/QFGOy9ZGTXitRRVRZI-SBvf7X0I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.222.64.0-138.222.69.255 Signature Algorithm: sha256WithRSAEncryption 65:6c:d3:e0:c9:f8:86:cb:2e:1e:e4:2e:d1:7d:11:da:7a:3c: f9:43:69:f6:eb:dd:cb:a8:f2:7f:10:5a:9d:bf:33:f9:0d:b9: 40:fd:8d:2a:0b:d9:01:33:05:f5:09:d7:75:cd:65:e7:e7:fe: 79:68:24:d1:4f:36:02:6c:13:76:64:4b:e0:af:f4:c5:ed:a5: 4f:39:af:55:ea:6c:75:b0:b3:30:d4:ed:7c:a5:b0:83:2d:0b: 13:b3:d1:fe:41:97:26:ac:70:c4:6b:50:e7:4f:97:9f:03:67: c6:0d:fa:d3:15:be:cc:f3:4b:74:ae:30:77:9a:96:87:a0:90: b6:f0:6b:00:97:a4:7c:b7:d0:5b:6b:23:45:d6:44:c8:6f:5d: bc:bc:3e:f1:48:3a:ab:48:a5:58:b3:5f:29:76:6a:1b:05:41: ba:6b:04:b6:ae:d2:70:fd:04:74:9d:b4:ce:51:ae:ac:25:cd: 79:87:70:f4:bd:84:b0:97:95:33:80:4c:b8:e6:9a:94:29:7e: ba:d8:7c:f1:4d:ad:b5:6a:be:43:67:e0:56:8f:a3:7e:e7:9d: 63:73:62:95:38:1f:22:4e:0e:aa:be:67:bf:2f:05:19:ad:c1: 71:11:ba:a0:16:97:42:91:13:24:b9:93:fd:1c:a2:33:83:77: 49:bf:c1:04 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt4okqpXRUCpSPr7SS2CRjgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwNTE4ZWNiZDY0NjRkNzhhZDQ1MTU1MTY0OGY5MjA2Zjdm YjVmNDIwHhcNMjYwMTAxMDgxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkN2JjYzNmZjhlNGU4ZTRmMzlhNDIzZDM0MTQxZmE5MDc1NzdmNzA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTR5lm2m02D3ks4tAwbCcYyEpIOq ZNImgZHG2U7jwUl2pztjLqCWHcv24/kKs2JtYi8LonjWWI1Pn5DScDCHzShXuqdJ URPUUHFuYMABNACZyrXMKS8/a5nd5wIUfMDo8sn+bskW+YHjSpW1CxuCgbMyC5Vb gUx7FuFM0HB+BXa4IoSX9XvAVHI8m2L33hXnC9JfphrbGiIWLQ/CnBWh7JpRJL8l 48M+M+i7LhAckJqXsgK+Gpe7zaN1SJyd3IuUVKBoLkEJ1Gu7IMQoCZXaNKBDbmjY xJBnS4F+XMQA9NVVWhJ/ZuubPPSkcixc4wtGJGMUMTEy3LvIaLTEPZoQcQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFNe8w/+OTo5POaQj00FB+pB1d/cIMB8GA1UdIwQY MBaAFEBRjsvWRk14rUUVUWSPkgb3+19CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUZHT3k5WkdUWGl0UlJWUlpJLVNCdmY3WDBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80MzcxNTAtNzgzYy00MzFhLWIzZmQt N2MzZDc5NDAxZWMyLzEvMTd6RF80NU9qazg1cENQVFFVSDZrSFYzOXdnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ni80MzcxNTAtNzgzYy00MzFhLWIzZmQtN2MzZDc5NDAxZWMy LzEvUUZHT3k5WkdUWGl0UlJWUlpJLVNCdmY3WDBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAaK3kAD BAGK3kQwDQYJKoZIhvcNAQELBQADggEBAGVs0+DJ+IbLLh7kLtF9Edp6PPlDafbr 3cuo8n8QWp2/M/kNuUD9jSoL2QEzBfUJ13XNZefn/nloJNFPNgJsE3ZkS+Cv9MXt pU85r1XqbHWwszDU7XylsIMtCxOz0f5BlyascMRrUOdPl58DZ8YN+tMVvszzS3Su MHealoegkLbwawCXpHy30FtrI0XWRMhvXby8PvFIOqtIpVizXyl2ahsFQbprBLau 0nD9BHSdtM5RrqwlzXmHcPS9hLCXlTOATLjmmpQpfrrYfPFNrbVqvkNn4FaPo37n nWNzYpU4HyJODqq+Z78vBRmtwXERuqAWl0KREyS5k/0cojODd0m/wQQ= -----END CERTIFICATE-----Generated at Thu Jan 1 17:29:45 2026 by rpki-client