This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/l9fT_tPQilc8kDDpXdmC63EbBTU.roa File: l9fT_tPQilc8kDDpXdmC63EbBTU.roa (raw, json) Hash identifier: e0hhcAS9+zmOEL/7aF5yJ1rOw5m87GlUo2fUEzHI/tc= Subject key identifier: 97:D7:D3:FE:D3:D0:8A:57:3C:90:30:E9:5D:D9:82:EB:71:1B:05:35 Certificate issuer: /CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa Certificate serial: 019B7CEDD6D4F347325F84DC04E8670DFD21 Authority key identifier: D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/l9fT_tPQilc8kDDpXdmC63EbBTU.roa Signing time: Fri 02 Jan 2026 04:18:40 +0000 ROA not before: Fri 02 Jan 2026 04:18:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8339 IP address blocks: 62.40.128.0/17 maxlen: 24 62.40.128.0/24 maxlen: 24 81.217.0.0/16 maxlen: 24 82.149.96.0/19 maxlen: 24 82.218.0.0/16 maxlen: 24 89.104.0.0/19 maxlen: 24 92.62.16.0/20 maxlen: 24 92.62.30.0/24 maxlen: 24 94.16.32.0/19 maxlen: 24 95.143.224.0/20 maxlen: 24 176.120.160.0/21 maxlen: 21 178.18.160.0/20 maxlen: 24 185.100.96.0/22 maxlen: 24 194.106.224.0/19 maxlen: 24 195.202.128.0/19 maxlen: 24 195.202.128.0/24 maxlen: 24 195.202.138.0/24 maxlen: 24 195.202.160.0/19 maxlen: 24 195.202.160.0/24 maxlen: 24 195.230.160.0/19 maxlen: 24 195.230.160.0/24 maxlen: 24 202.170.80.0/21 maxlen: 24 2a00:1b38::/32 maxlen: 32 2a02:e200::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.crl rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.mft rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 19:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:d6:d4:f3:47:32:5f:84:dc:04:e8:67:0d:fd:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa Validity Not Before: Jan 2 04:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=97d7d3fed3d08a573c9030e95dd982eb711b0535 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:4e:d3:4c:70:e7:2e:4a:cc:49:a7:38:1a:b7: ac:3b:2c:4d:49:83:b8:32:d4:50:98:b0:d7:80:f6: 6c:23:96:e9:b5:76:71:fa:40:2f:1a:e7:0d:54:96: 05:b5:f9:b1:cb:5a:25:0b:b4:64:1d:90:f3:6e:d3: 0e:a9:a2:59:5c:a9:e0:52:93:1a:b7:5e:c0:30:c1: 0a:0f:b4:3d:dc:c0:32:d6:30:96:7e:30:f9:cb:bc: 31:cf:3f:fd:4b:f3:13:1c:55:26:2c:b3:0b:ed:b6: 41:02:11:ca:a4:37:d3:6b:60:04:93:5f:f1:8a:51: c7:79:e7:97:e9:fa:d4:ba:66:22:ce:3c:3a:ec:32: b4:32:d5:58:b7:d1:47:bb:75:5a:02:26:cb:8e:7d: 8b:60:c1:fc:9d:7f:b4:c7:2e:28:cf:42:23:10:b2: dd:a1:c4:ba:d6:46:c0:6e:a9:86:dd:24:9c:b9:8f: 7c:f7:c5:e4:79:60:28:aa:0d:cc:38:2f:90:6e:e7: 26:18:a8:69:1f:73:f3:a9:ba:46:77:fb:fd:77:3d: a9:9b:a9:3c:c4:87:31:51:33:7a:d5:8a:1c:fd:6e: 5b:01:f7:9e:c8:1b:d4:3e:6a:16:6d:11:08:40:f6: 2d:97:05:dd:c5:59:6b:36:96:e8:8e:27:91:c2:c2: 0b:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:D7:D3:FE:D3:D0:8A:57:3C:90:30:E9:5D:D9:82:EB:71:1B:05:35 X509v3 Authority Key Identifier: keyid:D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/l9fT_tPQilc8kDDpXdmC63EbBTU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.40.128.0/17 81.217.0.0/16 82.149.96.0/19 82.218.0.0/16 89.104.0.0/19 92.62.16.0/20 94.16.32.0/19 95.143.224.0/20 176.120.160.0/21 178.18.160.0/20 185.100.96.0/22 194.106.224.0/19 195.202.128.0/18 195.230.160.0/19 202.170.80.0/21 IPv6: 2a00:1b38::/32 2a02:e200::/30 Signature Algorithm: sha256WithRSAEncryption 39:c6:51:71:48:89:41:f6:5b:e6:73:f7:1a:03:7f:b7:8b:da: a7:df:58:4f:43:0e:1d:16:96:20:0c:99:cc:63:a8:8c:a4:70: 6d:d4:0c:d3:c3:8e:6b:f0:b9:4e:07:98:e4:81:47:8c:f5:31: d7:1f:95:3a:08:77:13:6e:10:8a:f3:fb:1a:c8:6f:6d:c7:5b: ef:87:4a:f1:4a:20:66:f0:90:9c:23:76:ae:29:4e:32:50:4f: f6:91:9f:68:01:2d:24:d9:d1:bf:ad:41:9f:0e:c5:8a:d0:99: e6:61:b9:e3:6b:2b:f5:a2:51:7e:dd:25:9d:89:96:b5:95:e9: a4:7a:9e:eb:9e:ce:25:a9:b9:f5:d7:d1:7f:b9:65:a6:6f:2c: f0:1d:b1:0d:c4:31:a4:c6:17:ac:e7:11:ef:6e:d4:8c:34:27: b2:38:ea:28:1a:da:18:10:0c:d8:20:04:a3:e5:91:56:73:7b: e0:c1:63:1a:f7:44:33:79:14:6b:d7:e6:f8:d2:de:5b:58:d0: b8:a3:c9:24:11:d3:f0:e3:2a:53:2e:9d:3e:31:4b:42:2f:7c: d4:c7:e1:cc:2e:1e:49:c3:d9:1a:a1:7f:82:97:fd:73:90:33: 69:ad:75:7b:75:c1:b6:34:32:5a:80:5c:e6:25:bd:3a:db:bc: 37:00:f8:5e -----BEGIN CERTIFICATE----- MIIFZjCCBE6gAwIBAgISAZt87dbU80cyX4TcBOhnDf0hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyZjFjODg0MmU3Y2Y4OTFiMjM0ZDNhMWUwZTJlMGVmNzNl ODQyYWEwHhcNMjYwMTAyMDQxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5N2Q3ZDNmZWQzZDA4YTU3M2M5MDMwZTk1ZGQ5ODJlYjcxMWIwNTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjU7TTHDnLkrMSac4GresOyxNSYO4 MtRQmLDXgPZsI5bptXZx+kAvGucNVJYFtfmxy1olC7RkHZDzbtMOqaJZXKngUpMa t17AMMEKD7Q93MAy1jCWfjD5y7wxzz/9S/MTHFUmLLML7bZBAhHKpDfTa2AEk1/x ilHHeeeX6frUumYizjw67DK0MtVYt9FHu3VaAibLjn2LYMH8nX+0xy4oz0IjELLd ocS61kbAbqmG3SScuY9898XkeWAoqg3MOC+QbucmGKhpH3PzqbpGd/v9dz2pm6k8 xIcxUTN61Yoc/W5bAfeeyBvUPmoWbREIQPYtlwXdxVlrNpbojieRwsIL3QIDAQAB o4ICcjCCAm4wHQYDVR0OBBYEFJfX0/7T0IpXPJAw6V3ZgutxGwU1MB8GA1UdIwQY MBaAFNLxyIQufPiRsjTToeDi4O9z6EKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHZISWhDNTgtSkd5Tk5PaDRPTGc3M1BvUXFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOTlhZTctYjY3MS00MGI5LWJiMWUt YTE5NDQ0ZjdhMzM3LzEvbDlmVF90UFFpbGM4a0REcFhkbUM2M0ViQlRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS9jOTlhZTctYjY3MS00MGI5LWJiMWUtYTE5NDQ0ZjdhMzM3 LzEvMHZISWhDNTgtSkd5Tk5PaDRPTGc3M1BvUXFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXgQCAAEwWAMEBz4ogAMD AFHZAwQFUpVgAwMAUtoDBAVZaAADBARcPhADBAVeECADBARfj+ADBAOweKADBASy EqADBAK5ZGADBAXCauADBAbDyoADBAXD5qADBAPKqlAwFAQCAAIwDgMFACoAGzgD BQIqAuIAMA0GCSqGSIb3DQEBCwUAA4IBAQA5xlFxSIlB9lvmc/caA3+3i9qn31hP Qw4dFpYgDJnMY6iMpHBt1AzTw45r8LlOB5jkgUeM9THXH5U6CHcTbhCK8/sayG9t x1vvh0rxSiBm8JCcI3auKU4yUE/2kZ9oAS0k2dG/rUGfDsWK0JnmYbnjayv1olF+ 3SWdiZa1lemkep7rns4lqbn119F/uWWmbyzwHbENxDGkxhes5xHvbtSMNCeyOOoo GtoYEAzYIASj5ZFWc3vgwWMa90QzeRRr1+b40t5bWNC4o8kkEdPw4ypTLp0+MUtC L3zUx+HMLh5Jw9kaoX+Cl/1zkDNprXV7dcG2NDJagFzmJb0627w3APhe -----END CERTIFICATE-----Generated at Tue Feb 10 04:14:13 2026 by rpki-client