This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/CIsoBMnJ1HH2_kjCOniPyHt_zdo.roa File: CIsoBMnJ1HH2_kjCOniPyHt_zdo.roa (raw, json) Hash identifier: rIsVKuNDzl7s31Uqv2wlQw7E8fHntXl7uQadNq2LiGk= Subject key identifier: 08:8B:28:04:C9:C9:D4:71:F6:FE:48:C2:3A:78:8F:C8:7B:7F:CD:DA Certificate issuer: /CN=320b24a740f2e61632050adc146c1ee6a3e686c5 Certificate serial: 019B7C12186481C349AEF09D4A8ACBE81855 Authority key identifier: 32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/CIsoBMnJ1HH2_kjCOniPyHt_zdo.roa Signing time: Fri 02 Jan 2026 00:18:39 +0000 ROA not before: Fri 02 Jan 2026 00:18:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13242 IP address blocks: 85.254.200.0/22 maxlen: 22 85.254.204.0/23 maxlen: 23 85.254.238.0/23 maxlen: 23 85.254.240.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.mft rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 00:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:18:64:81:c3:49:ae:f0:9d:4a:8a:cb:e8:18:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=320b24a740f2e61632050adc146c1ee6a3e686c5 Validity Not Before: Jan 2 00:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=088b2804c9c9d471f6fe48c23a788fc87b7fcdda Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:78:74:78:f3:c7:4b:bb:c1:23:1e:a5:2d:d5: 5c:9e:27:8b:a6:99:8d:eb:65:21:d2:ed:6c:b7:b3: e8:19:15:18:7b:7c:64:72:4f:7e:06:56:1d:ce:f7: c7:b2:e7:04:16:53:8d:0a:13:de:98:b1:d2:d9:e1: 75:31:53:22:fb:80:f0:47:62:ce:80:c1:2b:a3:dd: b8:23:13:b2:79:d7:6f:3d:3b:a2:a8:2d:63:d6:34: 1e:11:ac:a1:5d:0c:d5:2e:63:b5:7e:49:f6:8d:30: 69:e3:1f:65:67:36:82:23:66:71:a1:1b:62:5a:56: c8:de:b4:53:23:39:30:5c:84:f9:8b:29:8b:00:f5: 44:01:f8:08:72:90:cd:b9:d2:29:e3:38:83:82:53: 8d:09:e9:ce:3d:7c:99:50:a2:a4:49:5e:5a:c3:ed: 50:ee:a5:f8:a6:25:10:8c:37:bf:1a:11:7d:2c:0c: 4f:59:1a:5a:cb:6e:99:aa:28:1d:c4:af:39:68:ae: 0e:7b:8e:06:5a:30:44:be:ad:15:69:3b:2c:76:64: eb:4e:32:d5:5f:5a:6d:57:97:7b:b3:e2:61:2e:3a: 98:0a:4b:4b:3e:fa:f9:c2:a8:ce:2b:b8:fd:73:c7: a1:ca:95:9a:31:c4:2b:69:2f:be:33:08:f1:6e:9c: d5:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:8B:28:04:C9:C9:D4:71:F6:FE:48:C2:3A:78:8F:C8:7B:7F:CD:DA X509v3 Authority Key Identifier: keyid:32:0B:24:A7:40:F2:E6:16:32:05:0A:DC:14:6C:1E:E6:A3:E6:86:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/CIsoBMnJ1HH2_kjCOniPyHt_zdo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/9c27e4-d7b1-43c1-a38f-94914f5ddb3c/1/Mgskp0Dy5hYyBQrcFGwe5qPmhsU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.254.200.0-85.254.205.255 85.254.238.0-85.254.247.255 Signature Algorithm: sha256WithRSAEncryption 46:81:ae:42:4c:89:8e:d3:26:1f:d1:ed:01:fc:e9:ef:ca:f0: f1:41:fe:67:33:90:0d:69:70:a7:ca:c1:79:b8:99:81:c8:06: a3:98:87:f8:56:3d:b5:e0:bd:b3:4a:23:b3:5b:b0:d0:b5:34: e6:d1:72:30:3f:43:ec:ba:89:29:50:7d:f6:c6:5f:c0:eb:78: 6d:83:92:3e:52:f0:7d:c8:06:7f:bd:b6:9f:17:ff:56:1a:10: 55:83:7d:f4:66:48:56:46:73:77:a6:2f:eb:ef:b1:1b:e2:22: d4:00:66:79:34:92:4b:23:68:07:d5:7e:5d:90:72:77:7b:91: ca:8f:71:2a:fa:2f:85:a0:27:92:74:9f:e5:bc:92:e4:20:08: 61:74:d7:4a:bc:76:95:a7:64:05:14:14:54:5a:30:9b:11:3a: a4:de:08:eb:05:af:d7:f9:4f:ed:55:cb:c2:1a:49:9f:ca:c3: ed:af:4d:17:b9:32:77:d7:0e:20:83:cf:a7:1f:99:b4:2d:07: 33:c0:5f:83:82:4f:29:9e:87:fd:94:af:1c:6c:a5:9b:b7:2d: 8e:c4:dc:9f:78:45:a7:35:cd:58:69:05:c3:ae:37:5c:d6:cd: dc:6b:84:6a:ae:8a:ae:c5:df:13:a1:2d:35:f3:43:69:41:4d: 15:ec:73:d4 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt8EhhkgcNJrvCdSorL6BhVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyMGIyNGE3NDBmMmU2MTYzMjA1MGFkYzE0NmMxZWU2YTNl Njg2YzUwHhcNMjYwMTAyMDAxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODhiMjgwNGM5YzlkNDcxZjZmZTQ4YzIzYTc4OGZjODdiN2ZjZGRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Xh0ePPHS7vBIx6lLdVcnieLppmN 62Uh0u1st7PoGRUYe3xkck9+BlYdzvfHsucEFlONChPemLHS2eF1MVMi+4DwR2LO gMEro924IxOyeddvPTuiqC1j1jQeEayhXQzVLmO1fkn2jTBp4x9lZzaCI2ZxoRti WlbI3rRTIzkwXIT5iymLAPVEAfgIcpDNudIp4ziDglONCenOPXyZUKKkSV5aw+1Q 7qX4piUQjDe/GhF9LAxPWRpay26ZqigdxK85aK4Oe44GWjBEvq0VaTssdmTrTjLV X1ptV5d7s+JhLjqYCktLPvr5wqjOK7j9c8ehypWaMcQraS++MwjxbpzVJwIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFAiLKATJydRx9v5Iwjp4j8h7f83aMB8GA1UdIwQY MBaAFDILJKdA8uYWMgUK3BRsHuaj5obFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYt OTQ5MTRmNWRkYjNjLzEvQ0lzb0JNbkoxSEgyX2tqQ09uaVB5SHRfemRvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy85YzI3ZTQtZDdiMS00M2MxLWEzOGYtOTQ5MTRmNWRkYjNj LzEvTWdza3AwRHk1aFl5QlFyY0ZHd2U1cVBtaHNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBANV/sgD BAFV/swwDAMEAVX+7gMEA1X+8DANBgkqhkiG9w0BAQsFAAOCAQEARoGuQkyJjtMm H9HtAfzp78rw8UH+ZzOQDWlwp8rBebiZgcgGo5iH+FY9teC9s0ojs1uw0LU05tFy MD9D7LqJKVB99sZfwOt4bYOSPlLwfcgGf722nxf/VhoQVYN99GZIVkZzd6Yv6++x G+Ii1ABmeTSSSyNoB9V+XZByd3uRyo9xKvovhaAnknSf5byS5CAIYXTXSrx2ladk BRQUVFowmxE6pN4I6wWv1/lP7VXLwhpJn8rD7a9NF7kyd9cOIIPPpx+ZtC0HM8Bf g4JPKZ6H/ZSvHGylm7ctjsTcn3hFpzXNWGkFw643XNbN3GuEaq6KrsXfE6EtNfND aUFNFexz1A== -----END CERTIFICATE-----Generated at Tue Jan 20 09:41:06 2026 by rpki-client