This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/drBhV9alP4OW6ofNZOxW9TLw2f0.roa File: drBhV9alP4OW6ofNZOxW9TLw2f0.roa (raw, json) Hash identifier: lbZ8swZRlTMR5bgvRpyD4YhMPyncb/ksvL8xrpAMysA= Subject key identifier: 76:B0:61:57:D6:A5:3F:83:96:EA:87:CD:64:EC:56:F5:32:F0:D9:FD Certificate issuer: /CN=a2e606c7e93fed36ef90d42ce4a97260bb8aa9c1 Certificate serial: 019B7B35D3ED36BC0AA610A25E57B543B02B Authority key identifier: A2:E6:06:C7:E9:3F:ED:36:EF:90:D4:2C:E4:A9:72:60:BB:8A:A9:C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ouYGx-k_7TbvkNQs5KlyYLuKqcE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/drBhV9alP4OW6ofNZOxW9TLw2f0.roa Signing time: Thu 01 Jan 2026 20:18:03 +0000 ROA not before: Thu 01 Jan 2026 20:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60733 IP address blocks: 88.218.136.0/22 maxlen: 24 2a09:ab80::/29 maxlen: 60 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/ouYGx-k_7TbvkNQs5KlyYLuKqcE.crl rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/ouYGx-k_7TbvkNQs5KlyYLuKqcE.mft rsync://rpki.ripe.net/repository/DEFAULT/ouYGx-k_7TbvkNQs5KlyYLuKqcE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:d3:ed:36:bc:0a:a6:10:a2:5e:57:b5:43:b0:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2e606c7e93fed36ef90d42ce4a97260bb8aa9c1 Validity Not Before: Jan 1 20:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=76b06157d6a53f8396ea87cd64ec56f532f0d9fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:99:95:c6:b3:63:41:51:b2:4d:7e:60:f2:0c: 33:03:e5:fd:e0:0d:75:84:7c:32:85:86:6e:d0:e2: 56:f5:00:dc:71:f4:9f:13:43:56:59:31:cb:5b:2a: fa:43:07:7f:59:77:71:84:d0:14:ed:fd:f4:e5:76: cc:e9:8f:37:4c:6c:5c:2c:a9:e6:91:3a:b0:fe:1d: d4:19:05:bd:15:68:e8:e3:bb:31:48:38:c5:31:81: 6d:87:97:50:ac:0c:51:14:38:e9:40:a3:e2:48:22: 61:cb:39:0a:c2:d2:50:74:2f:4f:3d:2a:bb:5c:d4: 31:9e:e0:8e:b6:08:01:a6:74:f7:68:29:02:86:5a: 6c:c0:2d:74:1f:8e:9d:4d:9a:3c:57:d8:80:a1:93: 0f:71:b3:50:7f:47:0c:35:41:9e:95:3b:72:bf:0a: d0:78:e9:fc:04:f1:90:a1:72:eb:88:97:63:99:fc: db:cd:d8:51:2c:60:62:aa:57:b8:b6:02:3f:ac:29: 6a:94:8e:4a:a7:ae:60:5b:28:fb:df:3f:c1:8d:5e: fe:0d:c1:ec:19:3d:e6:6f:48:48:83:a6:30:73:49: 4e:ab:9b:3d:e9:05:84:68:1c:f2:75:e5:df:1a:17: 95:bd:aa:10:2a:b2:99:a5:bb:b6:89:2d:56:22:30: 69:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:B0:61:57:D6:A5:3F:83:96:EA:87:CD:64:EC:56:F5:32:F0:D9:FD X509v3 Authority Key Identifier: keyid:A2:E6:06:C7:E9:3F:ED:36:EF:90:D4:2C:E4:A9:72:60:BB:8A:A9:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ouYGx-k_7TbvkNQs5KlyYLuKqcE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/drBhV9alP4OW6ofNZOxW9TLw2f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/d3e23f-0e5a-4923-ab2f-a9ea2057042b/1/ouYGx-k_7TbvkNQs5KlyYLuKqcE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.218.136.0/22 IPv6: 2a09:ab80::/29 Signature Algorithm: sha256WithRSAEncryption 2c:76:69:08:b5:99:2d:34:79:3b:b0:c3:9d:3a:ff:d3:7f:f0: 96:bc:40:9a:97:47:6d:96:b7:6f:f5:fc:0a:28:ea:ac:b6:a5: 88:8a:9b:d1:1f:01:ac:2d:6f:dd:63:0b:94:07:3a:01:a5:88: b5:d3:cf:de:c9:71:2d:a8:53:cc:bb:bc:24:32:88:57:9b:dd: 8e:39:99:b4:39:09:d4:d3:b0:da:16:3e:5e:7b:df:48:4e:c6: e4:44:a5:97:72:19:64:37:12:c6:54:4d:f3:a7:b1:18:7e:ec: b5:4b:5f:ad:da:2f:d2:e2:ef:d1:48:8d:b0:10:80:db:d8:6b: 4f:a3:5b:02:83:b4:3b:ff:e9:f6:62:64:8b:0c:23:f5:4b:9e: 81:ac:f3:97:c9:02:75:6e:f3:c7:1b:98:c5:85:34:ed:64:2f: 42:c9:94:f4:1f:7e:68:f5:4e:6e:92:8b:b3:6e:8d:4a:6f:dd: 7d:fa:5d:82:3e:a6:47:93:d2:46:ca:66:16:b1:05:95:6d:27: ee:85:cb:0c:a4:9e:d8:40:88:eb:68:ef:25:c6:f6:4a:0e:23: c9:68:5c:18:f2:84:f2:22:0e:a8:e8:27:ce:16:51:9e:18:ec: db:83:9d:1c:25:e5:76:14:d3:3e:a1:78:72:7a:9b:97:6f:34: 3f:63:06:39 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7NdPtNrwKphCiXle1Q7ArMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyZTYwNmM3ZTkzZmVkMzZlZjkwZDQyY2U0YTk3MjYwYmI4 YWE5YzEwHhcNMjYwMTAxMjAxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NmIwNjE1N2Q2YTUzZjgzOTZlYTg3Y2Q2NGVjNTZmNTMyZjBkOWZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1pmVxrNjQVGyTX5g8gwzA+X94A11 hHwyhYZu0OJW9QDccfSfE0NWWTHLWyr6Qwd/WXdxhNAU7f305XbM6Y83TGxcLKnm kTqw/h3UGQW9FWjo47sxSDjFMYFth5dQrAxRFDjpQKPiSCJhyzkKwtJQdC9PPSq7 XNQxnuCOtggBpnT3aCkChlpswC10H46dTZo8V9iAoZMPcbNQf0cMNUGelTtyvwrQ eOn8BPGQoXLriJdjmfzbzdhRLGBiqle4tgI/rClqlI5Kp65gWyj73z/BjV7+DcHs GT3mb0hIg6Ywc0lOq5s96QWEaBzydeXfGheVvaoQKrKZpbu2iS1WIjBpVQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHawYVfWpT+DluqHzWTsVvUy8Nn9MB8GA1UdIwQY MBaAFKLmBsfpP+0275DULOSpcmC7iqnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3VZR3gta183VGJ2a05RczVLbHlZTHVLcWNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9kM2UyM2YtMGU1YS00OTIzLWFiMmYt YTllYTIwNTcwNDJiLzEvZHJCaFY5YWxQNE9XNm9mTlpPeFc5VEx3MmYwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYy9kM2UyM2YtMGU1YS00OTIzLWFiMmYtYTllYTIwNTcwNDJi LzEvb3VZR3gta183VGJ2a05RczVLbHlZTHVLcWNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCWNqIMA0E AgACMAcDBQMqCauAMA0GCSqGSIb3DQEBCwUAA4IBAQAsdmkItZktNHk7sMOdOv/T f/CWvECal0dtlrdv9fwKKOqstqWIipvRHwGsLW/dYwuUBzoBpYi108/eyXEtqFPM u7wkMohXm92OOZm0OQnU07DaFj5ee99ITsbkRKWXchlkNxLGVE3zp7EYfuy1S1+t 2i/S4u/RSI2wEIDb2GtPo1sCg7Q7/+n2YmSLDCP1S56BrPOXyQJ1bvPHG5jFhTTt ZC9CyZT0H35o9U5ukouzbo1Kb919+l2CPqZHk9JGymYWsQWVbSfuhcsMpJ7YQIjr aO8lxvZKDiPJaFwY8oTyIg6o6CfOFlGeGOzbg50cJeV2FNM+oXhyepuXbzQ/YwY5 -----END CERTIFICATE-----Generated at Mon Jan 12 13:29:01 2026 by rpki-client