This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/D58-o0mTsNy267l9yWClEeen-9U.roa File: D58-o0mTsNy267l9yWClEeen-9U.roa (raw, json) Hash identifier: zL9nvY9m4yNsvHsIg/CV6pNzOVRrn6CNj0HvmE2CaMk= Subject key identifier: 0F:9F:3E:A3:49:93:B0:DC:B6:EB:B9:7D:C9:60:A5:11:E7:A7:FB:D5 Certificate issuer: /CN=a5d954d6db2a1178efbec0d5d959076407cf96ca Certificate serial: 019B7F83C55657CC7DB0FA1F7B4A6C313ADC Authority key identifier: A5:D9:54:D6:DB:2A:11:78:EF:BE:C0:D5:D9:59:07:64:07:CF:96:CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pdlU1tsqEXjvvsDV2VkHZAfPlso.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/D58-o0mTsNy267l9yWClEeen-9U.roa Signing time: Fri 02 Jan 2026 16:21:40 +0000 ROA not before: Fri 02 Jan 2026 16:21:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212630 IP address blocks: 82.117.241.0/24 maxlen: 24 91.209.220.0/24 maxlen: 24 2a0b:53c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/pdlU1tsqEXjvvsDV2VkHZAfPlso.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/pdlU1tsqEXjvvsDV2VkHZAfPlso.mft rsync://rpki.ripe.net/repository/DEFAULT/pdlU1tsqEXjvvsDV2VkHZAfPlso.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 01:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:c5:56:57:cc:7d:b0:fa:1f:7b:4a:6c:31:3a:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5d954d6db2a1178efbec0d5d959076407cf96ca Validity Not Before: Jan 2 16:21:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0f9f3ea34993b0dcb6ebb97dc960a511e7a7fbd5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:35:78:5b:17:0e:c5:13:cf:f0:5c:64:a9:b9: 71:e7:21:b7:24:d9:6b:ca:7a:69:0c:ab:49:65:42: 74:72:57:a4:5d:ce:d4:cd:e0:2a:b8:00:64:5a:90: 09:7f:d8:af:12:95:c2:7b:b2:e3:02:f7:71:03:81: 23:16:19:d8:23:91:3f:cf:b4:22:7e:a6:69:03:a0: df:2c:10:2d:69:b6:40:d2:8f:57:1f:8c:db:85:e3: 5e:c3:be:d1:c5:f8:83:33:b3:bf:c3:36:92:7e:f6: 5f:be:8d:03:04:fc:66:16:6c:76:4a:b6:70:e7:1a: cf:43:1b:93:64:47:75:8c:7a:e2:f1:19:7e:5c:a9: c4:70:5f:f8:5c:8d:ed:6d:2e:57:e2:0f:42:1c:71: ce:14:4c:ca:c3:96:1c:53:fb:14:8e:b8:e7:55:b2: fe:b6:1b:a2:b8:54:f4:23:41:94:81:a9:cb:70:e7: bc:f0:64:74:32:7c:61:0d:5e:ac:c1:0c:84:56:59: a7:64:a9:07:ca:53:5d:d4:83:00:63:4e:03:34:71: f1:cb:87:b5:1b:70:7d:3d:12:6b:73:fa:ed:7e:b9: 19:34:5b:63:24:71:8c:6b:83:2a:9c:b2:3e:43:92: cf:5d:7c:83:a8:5b:e8:94:c2:64:2d:59:ba:0a:66: 32:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:9F:3E:A3:49:93:B0:DC:B6:EB:B9:7D:C9:60:A5:11:E7:A7:FB:D5 X509v3 Authority Key Identifier: keyid:A5:D9:54:D6:DB:2A:11:78:EF:BE:C0:D5:D9:59:07:64:07:CF:96:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pdlU1tsqEXjvvsDV2VkHZAfPlso.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/D58-o0mTsNy267l9yWClEeen-9U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/fbf39d-9247-4e07-9e15-39f4ab6ec7e6/1/pdlU1tsqEXjvvsDV2VkHZAfPlso.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.117.241.0/24 91.209.220.0/24 IPv6: 2a0b:53c0::/32 Signature Algorithm: sha256WithRSAEncryption 10:46:2e:be:8e:32:f5:5d:c8:e6:5d:be:33:35:3f:3d:d3:0d: 58:c8:45:f6:67:c0:96:88:4b:6d:a0:d9:33:c5:74:c5:8d:03: f7:be:5a:c3:17:70:9e:e9:e8:40:78:a4:f3:82:f2:99:4d:5f: da:5a:d3:7f:dd:97:8c:70:f3:18:19:75:01:ca:42:2f:fa:a9: c9:65:9f:17:f5:7d:c9:64:a7:ce:65:28:c0:46:ac:d2:2b:0f: f7:40:57:05:57:58:ef:9c:e5:9c:90:5f:a5:23:ba:ad:03:1f: c7:35:90:17:61:db:bd:fe:23:d2:d0:37:d2:a2:9e:7b:36:93: 24:a9:eb:72:2a:1d:31:23:9d:0c:15:03:a5:9f:46:11:a4:76: 9e:bc:6b:47:c2:63:9c:bb:0e:ed:92:75:48:67:16:45:1a:c0: f5:49:ce:68:3a:dd:5e:c4:d4:85:2b:28:c7:c5:55:ff:4a:d5: 6e:ea:93:bf:d2:06:77:46:50:2a:58:74:80:e8:ab:d6:1f:c4: dc:86:c8:e7:c0:c7:ad:89:eb:31:f3:d4:af:6c:ba:f0:87:4e: 7d:6a:7f:90:f1:e7:a5:36:92:4c:88:c1:18:56:aa:c6:bd:8c: c5:52:b7:75:f4:d5:9a:f5:62:87:14:63:17:e8:c9:99:fa:bc: 08:be:37:eb -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/g8VWV8x9sPofe0psMTrcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1ZDk1NGQ2ZGIyYTExNzhlZmJlYzBkNWQ5NTkwNzY0MDdj Zjk2Y2EwHhcNMjYwMTAyMTYyMTQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZjlmM2VhMzQ5OTNiMGRjYjZlYmI5N2RjOTYwYTUxMWU3YTdmYmQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDV4WxcOxRPP8Fxkqblx5yG3JNlr ynppDKtJZUJ0clekXc7UzeAquABkWpAJf9ivEpXCe7LjAvdxA4EjFhnYI5E/z7Qi fqZpA6DfLBAtabZA0o9XH4zbheNew77RxfiDM7O/wzaSfvZfvo0DBPxmFmx2SrZw 5xrPQxuTZEd1jHri8Rl+XKnEcF/4XI3tbS5X4g9CHHHOFEzKw5YcU/sUjrjnVbL+ thuiuFT0I0GUganLcOe88GR0MnxhDV6swQyEVlmnZKkHylNd1IMAY04DNHHxy4e1 G3B9PRJrc/rtfrkZNFtjJHGMa4MqnLI+Q5LPXXyDqFvolMJkLVm6CmYyFwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFA+fPqNJk7Dctuu5fclgpRHnp/vVMB8GA1UdIwQY MBaAFKXZVNbbKhF4777A1dlZB2QHz5bKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGRsVTF0c3FFWGp2dnNEVjJWa0haQWZQbHNvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9mYmYzOWQtOTI0Ny00ZTA3LTllMTUt MzlmNGFiNmVjN2U2LzEvRDU4LW8wbVRzTnkyNjdsOXlXQ2xFZWVuLTlVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS9mYmYzOWQtOTI0Ny00ZTA3LTllMTUtMzlmNGFiNmVjN2U2 LzEvcGRsVTF0c3FFWGp2dnNEVjJWa0haQWZQbHNvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUnXxAwQA W9HcMA0EAgACMAcDBQAqC1PAMA0GCSqGSIb3DQEBCwUAA4IBAQAQRi6+jjL1Xcjm Xb4zNT890w1YyEX2Z8CWiEttoNkzxXTFjQP3vlrDF3Ce6ehAeKTzgvKZTV/aWtN/ 3ZeMcPMYGXUBykIv+qnJZZ8X9X3JZKfOZSjARqzSKw/3QFcFV1jvnOWckF+lI7qt Ax/HNZAXYdu9/iPS0DfSop57NpMkqetyKh0xI50MFQOln0YRpHaevGtHwmOcuw7t knVIZxZFGsD1Sc5oOt1exNSFKyjHxVX/StVu6pO/0gZ3RlAqWHSA6KvWH8Tchsjn wMetiesx89SvbLrwh059an+Q8eelNpJMiMEYVqrGvYzFUrd19NWa9WKHFGMX6MmZ +rwIvjfr -----END CERTIFICATE-----Generated at Mon Jan 12 09:21:22 2026 by rpki-client