This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/t87-StaNkWoIrvxpm-LKJGpGKeM.roa File: t87-StaNkWoIrvxpm-LKJGpGKeM.roa (raw, json) Hash identifier: r4gMZM/MRHYsjQV9QPuG6dWd9zz5OkmUPJF3gcNO56g= Subject key identifier: B7:CE:FE:4A:D6:8D:91:6A:08:AE:FC:69:9B:E2:CA:24:6A:46:29:E3 Certificate issuer: /CN=408c96b92b6c698fd34fac7d581d4c0908dcce99 Certificate serial: 019B7C8004624118D54DCD05D4575B8F31D5 Authority key identifier: 40:8C:96:B9:2B:6C:69:8F:D3:4F:AC:7D:58:1D:4C:09:08:DC:CE:99 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIyWuStsaY_TT6x9WB1MCQjczpk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/t87-StaNkWoIrvxpm-LKJGpGKeM.roa Signing time: Fri 02 Jan 2026 02:18:42 +0000 ROA not before: Fri 02 Jan 2026 02:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211892 IP address blocks: 91.196.232.0/22 maxlen: 22 91.196.232.0/23 maxlen: 23 91.196.234.0/23 maxlen: 23 185.116.61.0/24 maxlen: 24 2a04:6d00::/29 maxlen: 29 2a0c:8040::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/QIyWuStsaY_TT6x9WB1MCQjczpk.crl rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/QIyWuStsaY_TT6x9WB1MCQjczpk.mft rsync://rpki.ripe.net/repository/DEFAULT/QIyWuStsaY_TT6x9WB1MCQjczpk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:04:62:41:18:d5:4d:cd:05:d4:57:5b:8f:31:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=408c96b92b6c698fd34fac7d581d4c0908dcce99 Validity Not Before: Jan 2 02:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b7cefe4ad68d916a08aefc699be2ca246a4629e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:55:c3:49:b4:2f:5a:b4:28:7a:8d:b8:9e:41: 29:c3:b7:18:e3:49:e0:ef:39:78:af:a7:73:3c:13: ae:c1:61:f1:f7:00:37:f3:ac:30:52:8e:22:e3:89: 48:bd:38:8c:e1:08:b5:af:50:a5:04:96:f8:83:48: 0a:32:5c:0e:37:cb:4d:a8:34:9b:97:62:3d:96:a1: 8d:7a:77:24:f9:7c:2a:02:88:dd:bc:1e:ab:8d:12: b9:31:ba:4e:75:63:db:91:51:4c:3b:5c:14:f1:51: b2:d4:23:0d:37:0f:75:67:84:6e:db:b0:97:cc:a3: 1d:ff:d8:40:de:1a:e3:a5:a1:b7:7d:5a:79:07:7b: bb:e5:88:34:bc:98:bd:61:03:32:b2:52:d3:7d:b0: bf:8a:dd:9c:48:5d:e2:96:77:d9:f9:03:11:b7:56: cc:98:95:99:4a:9d:b2:12:6f:60:b6:83:ec:b2:65: b9:e6:19:c6:c4:1a:64:af:db:f9:90:ee:5d:49:6a: 32:88:cb:57:f9:89:b3:9f:c8:63:eb:6b:b9:35:7f: aa:7f:a9:df:52:8f:df:20:a2:e9:97:52:58:d8:96: 4e:36:fa:fb:3c:d1:9b:4a:6e:64:bd:1a:41:c8:4b: f0:30:6a:56:91:79:93:58:17:6a:a7:ed:e4:d8:c4: fd:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:CE:FE:4A:D6:8D:91:6A:08:AE:FC:69:9B:E2:CA:24:6A:46:29:E3 X509v3 Authority Key Identifier: keyid:40:8C:96:B9:2B:6C:69:8F:D3:4F:AC:7D:58:1D:4C:09:08:DC:CE:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIyWuStsaY_TT6x9WB1MCQjczpk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/t87-StaNkWoIrvxpm-LKJGpGKeM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/229fa2-32cc-4b59-9377-56bbf0beaf47/1/QIyWuStsaY_TT6x9WB1MCQjczpk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.196.232.0/22 185.116.61.0/24 IPv6: 2a04:6d00::/29 2a0c:8040::/29 Signature Algorithm: sha256WithRSAEncryption 24:fe:5e:94:e0:25:fc:2c:e9:1c:38:96:81:88:1f:63:21:e6: b4:a0:64:b2:1a:7b:e4:ff:73:5c:92:39:53:a2:b7:54:46:d7: 9c:c8:83:48:04:89:5c:a4:be:dc:9a:ae:25:0e:a1:a3:da:9a: 97:6c:25:f5:5e:2e:65:5e:9a:33:59:ad:ee:e2:b2:03:3e:a5: f9:33:b8:d3:5b:7d:7c:0a:0b:45:bb:fb:9e:81:27:eb:9e:8e: 35:4d:a6:55:68:e6:7b:c3:48:5c:e0:ec:20:22:44:1a:16:53: 99:b9:34:29:58:36:c6:f1:70:d8:3f:28:ee:d4:76:a7:62:bd: b5:9f:a8:aa:22:6a:c5:28:bc:d3:5c:03:e8:e2:d1:d4:5a:da: e6:51:ff:13:f4:94:dd:54:91:b9:23:71:51:1b:f1:7f:b6:d4: d2:6e:3a:30:35:71:17:33:92:4c:27:4f:c4:53:47:85:7d:3c: 6e:e5:7b:00:a8:06:c7:d2:af:25:5b:92:99:29:41:c7:02:a8: af:c9:19:31:37:c7:2b:06:b3:65:0d:f3:4d:8f:2d:a3:9d:40: b1:01:b5:e4:73:6a:70:24:e8:93:70:ef:c6:cd:88:9d:ed:f7: e4:f8:85:3b:63:0e:8c:c6:01:aa:63:7d:14:dd:d9:de:fe:f5: 75:ee:d6:4e -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZt8gARiQRjVTc0F1FdbjzHVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwOGM5NmI5MmI2YzY5OGZkMzRmYWM3ZDU4MWQ0YzA5MDhk Y2NlOTkwHhcNMjYwMTAyMDIxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiN2NlZmU0YWQ2OGQ5MTZhMDhhZWZjNjk5YmUyY2EyNDZhNDYyOWUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1XDSbQvWrQoeo24nkEpw7cY40ng 7zl4r6dzPBOuwWHx9wA386wwUo4i44lIvTiM4Qi1r1ClBJb4g0gKMlwON8tNqDSb l2I9lqGNenck+XwqAojdvB6rjRK5MbpOdWPbkVFMO1wU8VGy1CMNNw91Z4Ru27CX zKMd/9hA3hrjpaG3fVp5B3u75Yg0vJi9YQMyslLTfbC/it2cSF3ilnfZ+QMRt1bM mJWZSp2yEm9gtoPssmW55hnGxBpkr9v5kO5dSWoyiMtX+Ymzn8hj62u5NX+qf6nf Uo/fIKLpl1JY2JZONvr7PNGbSm5kvRpByEvwMGpWkXmTWBdqp+3k2MT9cQIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFLfO/krWjZFqCK78aZviyiRqRinjMB8GA1UdIwQY MBaAFECMlrkrbGmP00+sfVgdTAkI3M6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUUl5V3VTdHNhWV9UVDZ4OVdCMU1DUWpjenBrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8yMjlmYTItMzJjYy00YjU5LTkzNzct NTZiYmYwYmVhZjQ3LzEvdDg3LVN0YU5rV29JcnZ4cG0tTEtKR3BHS2VNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy8yMjlmYTItMzJjYy00YjU5LTkzNzctNTZiYmYwYmVhZjQ3 LzEvUUl5V3VTdHNhWV9UVDZ4OVdCMU1DUWpjenBrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCW8ToAwQA uXQ9MBQEAgACMA4DBQMqBG0AAwUDKgyAQDANBgkqhkiG9w0BAQsFAAOCAQEAJP5e lOAl/CzpHDiWgYgfYyHmtKBkshp75P9zXJI5U6K3VEbXnMiDSASJXKS+3JquJQ6h o9qal2wl9V4uZV6aM1mt7uKyAz6l+TO401t9fAoLRbv7noEn656ONU2mVWjme8NI XODsICJEGhZTmbk0KVg2xvFw2D8o7tR2p2K9tZ+oqiJqxSi801wD6OLR1Fra5lH/ E/SU3VSRuSNxURvxf7bU0m46MDVxFzOSTCdPxFNHhX08buV7AKgGx9KvJVuSmSlB xwKor8kZMTfHKwazZQ3zTY8to51AsQG15HNqcCTok3Dvxs2Ine335PiFO2MOjMYB qmN9FN3Z3v71de7WTg== -----END CERTIFICATE-----Generated at Mon Feb 9 20:05:17 2026 by rpki-client