This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/sL9_3JSSE2xT5n7OAXMAHMxKq1g.roa File: sL9_3JSSE2xT5n7OAXMAHMxKq1g.roa (raw, json) Hash identifier: vGCCVcEYQcDBKDtRD4+hEi2hrb6nrXfbvM90L9lRcO0= Subject key identifier: B0:BF:7F:DC:94:92:13:6C:53:E6:7E:CE:01:73:00:1C:CC:4A:AB:58 Certificate issuer: /CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a Certificate serial: 019B76EAE3A527A00AECB81AA1F05D393CEE Authority key identifier: 12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/sL9_3JSSE2xT5n7OAXMAHMxKq1g.roa Signing time: Thu 01 Jan 2026 00:17:43 +0000 ROA not before: Thu 01 Jan 2026 00:17:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 19905 IP address blocks: 86.117.18.0/23 maxlen: 23 86.117.18.0/24 maxlen: 24 86.117.19.0/24 maxlen: 24 86.117.47.0/24 maxlen: 24 86.117.140.0/23 maxlen: 23 86.117.140.0/24 maxlen: 24 86.117.141.0/24 maxlen: 24 160.61.168.0/23 maxlen: 23 160.61.168.0/24 maxlen: 24 160.61.169.0/24 maxlen: 24 160.61.170.0/23 maxlen: 23 160.61.170.0/24 maxlen: 24 160.61.171.0/24 maxlen: 24 160.61.208.0/24 maxlen: 24 160.62.0.0/23 maxlen: 23 160.62.0.0/24 maxlen: 24 160.62.1.0/24 maxlen: 24 160.62.2.0/24 maxlen: 24 160.62.3.0/24 maxlen: 24 160.62.4.0/24 maxlen: 24 160.62.5.0/24 maxlen: 24 160.62.6.0/24 maxlen: 24 160.62.7.0/24 maxlen: 24 160.62.9.0/24 maxlen: 24 160.62.12.0/24 maxlen: 24 160.62.13.0/24 maxlen: 24 160.62.14.0/24 maxlen: 24 160.62.15.0/24 maxlen: 24 160.62.21.0/24 maxlen: 24 160.62.22.0/24 maxlen: 24 160.62.23.0/24 maxlen: 24 160.62.140.0/23 maxlen: 23 160.62.140.0/24 maxlen: 24 160.62.141.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.mft rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:e3:a5:27:a0:0a:ec:b8:1a:a1:f0:5d:39:3c:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1224e5eff1abc0e6d8bf029e4f732e0ab71bc16a Validity Not Before: Jan 1 00:17:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b0bf7fdc9492136c53e67ece0173001ccc4aab58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:47:41:17:a4:00:16:3a:a3:6a:a4:bc:9c:9f: 8b:21:d1:ce:f1:85:3c:9c:60:3b:1e:4b:15:a6:0e: 56:5b:98:ab:aa:4a:46:c2:e7:14:48:d9:a7:1a:b3: f5:74:99:b8:de:bd:7f:ea:35:2c:11:05:bd:2b:62: 92:7e:cd:f3:72:1d:5e:26:69:38:43:8a:30:7a:b9: 2b:06:73:a6:7c:b7:56:fe:16:3c:28:45:2d:f4:ce: 34:82:86:17:7f:3e:ae:1c:ec:3d:64:dc:1d:fc:f8: 82:43:b6:ef:59:e2:93:11:bd:a8:58:dc:6a:69:f5: 4c:c3:89:70:ca:41:4b:d1:8b:39:60:f9:21:c1:04: 00:31:70:4c:93:2b:a6:72:6f:0a:e3:8d:d3:bb:fb: ea:93:d8:d7:86:a3:24:3a:15:b7:58:b9:62:21:1b: dd:0d:b7:2a:18:8f:17:fe:e2:45:aa:b5:e4:29:c6: 35:ab:03:08:52:55:8d:63:3d:f9:28:09:72:db:e9: 91:ea:4e:3c:d3:92:bb:1f:42:5d:27:4e:b1:91:e4: 53:4c:8d:32:fe:b7:d6:aa:1a:dd:6d:f2:ca:4d:73: 8a:dc:40:f2:0a:8a:4f:26:66:93:35:f8:e4:20:df: b6:0d:9c:7d:f6:a8:b7:af:5c:a7:b8:ff:16:27:20: ff:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:BF:7F:DC:94:92:13:6C:53:E6:7E:CE:01:73:00:1C:CC:4A:AB:58 X509v3 Authority Key Identifier: keyid:12:24:E5:EF:F1:AB:C0:E6:D8:BF:02:9E:4F:73:2E:0A:B7:1B:C1:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EiTl7_GrwObYvwKeT3MuCrcbwWo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/sL9_3JSSE2xT5n7OAXMAHMxKq1g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/11be23-3be6-4881-a3d1-5386b1d963bc/1/EiTl7_GrwObYvwKeT3MuCrcbwWo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.117.18.0/23 86.117.47.0/24 86.117.140.0/23 160.61.168.0/22 160.61.208.0/24 160.62.0.0/21 160.62.9.0/24 160.62.12.0/22 160.62.21.0-160.62.23.255 160.62.140.0/23 Signature Algorithm: sha256WithRSAEncryption 79:be:ba:b1:94:94:a8:70:10:5c:ad:d7:40:d7:37:3c:80:b6: d9:80:82:2a:69:f0:5c:7e:ae:c9:25:51:93:c1:27:d9:8f:1f: a2:9b:d2:58:16:eb:30:2c:43:6a:8f:15:84:6d:7c:18:25:12: 16:45:55:9d:47:cc:fa:c8:ac:69:5e:e3:aa:90:22:84:89:34: f8:e4:60:f7:3c:ec:97:bd:6e:ae:d9:5a:6d:5e:cb:e4:8b:ae: 76:2c:b8:2f:d7:f4:58:85:fe:e7:ab:59:85:31:f1:2c:1c:65: ae:39:c0:6f:66:a0:e1:84:a2:66:11:09:64:e2:87:70:ff:fe: 48:fb:3d:07:ec:fc:61:1d:02:85:7b:bc:1a:93:c8:73:9a:c5: 3c:6f:e7:20:f3:af:54:52:05:87:5b:ca:1e:42:b2:b7:fa:b2: e3:3f:ee:6d:4e:d0:df:f3:7b:3c:30:b9:ac:69:b5:c7:5c:07: ce:66:e3:5c:05:fe:5d:d7:26:11:f7:ad:d8:10:0d:aa:34:e0: 3d:d9:8a:3f:4a:55:3b:40:bb:ef:96:7a:de:3e:79:85:7c:5d: e0:be:93:a8:06:08:6d:46:72:05:ec:32:6e:6c:14:47:21:b9: 9c:20:00:46:fc:64:25:e1:67:b4:4e:4c:f0:19:ad:bd:23:16: 9d:81:29:c4 -----BEGIN CERTIFICATE----- MIIFOzCCBCOgAwIBAgISAZt26uOlJ6AK7LgaofBdOTzuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyMjRlNWVmZjFhYmMwZTZkOGJmMDI5ZTRmNzMyZTBhYjcx YmMxNmEwHhcNMjYwMTAxMDAxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMGJmN2ZkYzk0OTIxMzZjNTNlNjdlY2UwMTczMDAxY2NjNGFhYjU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0dBF6QAFjqjaqS8nJ+LIdHO8YU8 nGA7HksVpg5WW5irqkpGwucUSNmnGrP1dJm43r1/6jUsEQW9K2KSfs3zch1eJmk4 Q4owerkrBnOmfLdW/hY8KEUt9M40goYXfz6uHOw9ZNwd/PiCQ7bvWeKTEb2oWNxq afVMw4lwykFL0Ys5YPkhwQQAMXBMkyumcm8K443Tu/vqk9jXhqMkOhW3WLliIRvd DbcqGI8X/uJFqrXkKcY1qwMIUlWNYz35KAly2+mR6k4805K7H0JdJ06xkeRTTI0y /rfWqhrdbfLKTXOK3EDyCopPJmaTNfjkIN+2DZx99qi3r1ynuP8WJyD/YQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFLC/f9yUkhNsU+Z+zgFzABzMSqtYMB8GA1UdIwQY MBaAFBIk5e/xq8Dm2L8Cnk9zLgq3G8FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEt NTM4NmIxZDk2M2JjLzEvc0w5XzNKU1NFMnhUNW43T0FYTUFITXhLcTFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi8xMWJlMjMtM2JlNi00ODgxLWEzZDEtNTM4NmIxZDk2M2Jj LzEvRWlUbDdfR3J3T2JZdndLZVQzTXVDcmNid1dvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBVnUSAwQA VnUvAwQBVnWMAwQCoD2oAwQAoD3QAwQDoD4AAwQAoD4JAwQCoD4MMAwDBACgPhUD BAOgPhADBAGgPowwDQYJKoZIhvcNAQELBQADggEBAHm+urGUlKhwEFyt10DXNzyA ttmAgipp8Fx+rsklUZPBJ9mPH6Kb0lgW6zAsQ2qPFYRtfBglEhZFVZ1HzPrIrGle 46qQIoSJNPjkYPc87Je9bq7ZWm1ey+SLrnYsuC/X9FiF/uerWYUx8SwcZa45wG9m oOGEomYRCWTih3D//kj7PQfs/GEdAoV7vBqTyHOaxTxv5yDzr1RSBYdbyh5Csrf6 suM/7m1O0N/zezwwuaxptcdcB85m41wF/l3XJhH3rdgQDao04D3Zij9KVTtAu++W et4+eYV8XeC+k6gGCG1GcgXsMm5sFEchuZwgAEb8ZCXhZ7ROTPAZrb0jFp2BKcQ= -----END CERTIFICATE-----Generated at Tue Jan 20 01:19:48 2026 by rpki-client