This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/hd9T290l9-jHLUiUH3HH4qi2O7I.roa File: hd9T290l9-jHLUiUH3HH4qi2O7I.roa (raw, json) Hash identifier: rAF0LfiVukBYBVIh0Nvpjz0FYhd2D9fxtYrnzVkyP/o= Subject key identifier: 85:DF:53:DB:DD:25:F7:E8:C7:2D:48:94:1F:71:C7:E2:A8:B6:3B:B2 Certificate issuer: /CN=79a295c80b54c2dbe77ba47de7daec6b986021b4 Certificate serial: 019B7DCA749318F3F5173255068DC88BD55A Authority key identifier: 79:A2:95:C8:0B:54:C2:DB:E7:7B:A4:7D:E7:DA:EC:6B:98:60:21:B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eaKVyAtUwtvne6R959rsa5hgIbQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/hd9T290l9-jHLUiUH3HH4qi2O7I.roa Signing time: Fri 02 Jan 2026 08:19:38 +0000 ROA not before: Fri 02 Jan 2026 08:19:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201675 IP address blocks: 91.234.236.0/24 maxlen: 24 185.103.118.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/eaKVyAtUwtvne6R959rsa5hgIbQ.crl rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/eaKVyAtUwtvne6R959rsa5hgIbQ.mft rsync://rpki.ripe.net/repository/DEFAULT/eaKVyAtUwtvne6R959rsa5hgIbQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:74:93:18:f3:f5:17:32:55:06:8d:c8:8b:d5:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=79a295c80b54c2dbe77ba47de7daec6b986021b4 Validity Not Before: Jan 2 08:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=85df53dbdd25f7e8c72d48941f71c7e2a8b63bb2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:3f:2a:8f:4f:44:22:c9:5a:9b:93:6c:c4:fa: 44:03:87:bf:c7:68:58:bc:51:d2:f3:1e:18:a3:cc: 30:16:c9:84:e2:33:03:ec:93:e2:3f:ab:db:a4:5c: 17:fa:23:51:d6:58:57:f3:13:fd:8c:ec:56:93:97: 42:ef:bb:8b:1d:43:d2:b0:fd:8c:50:00:48:91:d5: b4:86:db:91:9a:2a:69:f7:b5:29:6c:6e:79:ce:9c: 9d:96:48:26:63:6b:ba:e8:f3:ef:29:fe:fb:27:f5: aa:be:3a:50:17:ea:ca:03:dd:38:d7:96:35:21:f2: e6:cf:50:c0:4d:9f:25:68:f2:9c:4d:59:b3:83:32: 65:b3:1e:66:20:57:39:cf:91:44:61:01:f9:01:72: 23:23:05:6a:60:4b:92:c4:9e:10:e1:eb:6b:73:b0: 89:cc:3e:3f:6f:f1:62:9d:bd:5d:d4:dc:aa:34:83: 4e:9c:eb:83:bf:73:f7:87:cb:71:b5:79:d5:53:23: 23:3b:c7:59:f3:3e:b0:40:18:92:f0:85:bc:bd:9f: a4:8c:0c:3f:e6:0c:c5:f1:4e:8f:63:16:3d:e4:15: 87:97:0e:3a:09:77:ec:37:b1:5e:80:90:80:72:8c: b7:12:af:84:ca:51:65:90:79:32:d3:0e:78:dc:47: 51:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:DF:53:DB:DD:25:F7:E8:C7:2D:48:94:1F:71:C7:E2:A8:B6:3B:B2 X509v3 Authority Key Identifier: keyid:79:A2:95:C8:0B:54:C2:DB:E7:7B:A4:7D:E7:DA:EC:6B:98:60:21:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eaKVyAtUwtvne6R959rsa5hgIbQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/hd9T290l9-jHLUiUH3HH4qi2O7I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d1da6a-4919-499a-9a41-2bbb48efb0ed/1/eaKVyAtUwtvne6R959rsa5hgIbQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.234.236.0/24 185.103.118.0/24 Signature Algorithm: sha256WithRSAEncryption 62:b7:43:87:f8:85:17:4b:b5:59:d4:68:e8:9f:e5:e2:6e:53: f9:75:40:8f:ac:7a:ce:1a:00:3a:7c:63:1d:cd:c6:7f:d5:b7: 5a:fa:40:41:90:d3:4e:16:aa:b7:47:a5:f3:31:9c:b9:6b:84: 82:0f:9c:10:4a:67:64:8b:de:5d:7d:57:de:6d:c7:4d:6d:0c: 1c:14:1b:bb:f5:88:1d:76:cc:85:a1:8a:66:19:34:40:3e:1b: 1b:03:93:b2:20:33:db:9a:ab:ce:2c:9f:f7:77:19:95:4b:c7: 41:68:d8:64:09:33:d6:87:57:f9:1f:99:b5:88:25:0d:a5:a3: 75:3c:f2:52:48:cc:f6:c1:b7:5a:1f:fb:6c:08:63:24:4b:85: 45:87:d3:03:6f:ff:2b:9b:70:cb:25:e6:15:3d:74:45:c5:d3: 5a:79:a3:48:2f:90:e2:e5:fc:99:8c:bc:fa:2c:e5:ff:23:d1: 30:9e:20:c0:56:05:12:18:e7:39:cb:04:6d:21:f3:31:ae:5d: 9a:57:f9:dc:91:eb:7f:a4:aa:bb:53:15:51:cb:ca:f5:9e:7b: 0b:e4:0b:97:f8:fc:42:53:65:e6:57:64:b7:8d:a1:9c:7c:f3: 8c:6c:e4:54:4b:59:93:bb:2d:95:47:26:12:a1:57:61:aa:89: cd:80:fa:49 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9ynSTGPP1FzJVBo3Ii9VaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc5YTI5NWM4MGI1NGMyZGJlNzdiYTQ3ZGU3ZGFlYzZiOTg2 MDIxYjQwHhcNMjYwMTAyMDgxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NWRmNTNkYmRkMjVmN2U4YzcyZDQ4OTQxZjcxYzdlMmE4YjYzYmIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxj8qj09EIslam5NsxPpEA4e/x2hY vFHS8x4Yo8wwFsmE4jMD7JPiP6vbpFwX+iNR1lhX8xP9jOxWk5dC77uLHUPSsP2M UABIkdW0htuRmipp97UpbG55zpydlkgmY2u66PPvKf77J/WqvjpQF+rKA90415Y1 IfLmz1DATZ8laPKcTVmzgzJlsx5mIFc5z5FEYQH5AXIjIwVqYEuSxJ4Q4etrc7CJ zD4/b/Finb1d1NyqNINOnOuDv3P3h8txtXnVUyMjO8dZ8z6wQBiS8IW8vZ+kjAw/ 5gzF8U6PYxY95BWHlw46CXfsN7FegJCAcoy3Eq+EylFlkHky0w543EdRkQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIXfU9vdJffoxy1IlB9xx+KotjuyMB8GA1UdIwQY MBaAFHmilcgLVMLb53ukfefa7GuYYCG0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZWFLVnlBdFV3dHZuZTZSOTU5cnNhNWhnSWJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kMWRhNmEtNDkxOS00OTlhLTlhNDEt MmJiYjQ4ZWZiMGVkLzEvaGQ5VDI5MGw5LWpITFVpVUgzSEg0cWkyTzdJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS9kMWRhNmEtNDkxOS00OTlhLTlhNDEtMmJiYjQ4ZWZiMGVk LzEvZWFLVnlBdFV3dHZuZTZSOTU5cnNhNWhnSWJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+rsAwQA uWd2MA0GCSqGSIb3DQEBCwUAA4IBAQBit0OH+IUXS7VZ1Gjon+XiblP5dUCPrHrO GgA6fGMdzcZ/1bda+kBBkNNOFqq3R6XzMZy5a4SCD5wQSmdki95dfVfebcdNbQwc FBu79YgddsyFoYpmGTRAPhsbA5OyIDPbmqvOLJ/3dxmVS8dBaNhkCTPWh1f5H5m1 iCUNpaN1PPJSSMz2wbdaH/tsCGMkS4VFh9MDb/8rm3DLJeYVPXRFxdNaeaNIL5Di 5fyZjLz6LOX/I9EwniDAVgUSGOc5ywRtIfMxrl2aV/ncket/pKq7UxVRy8r1nnsL 5AuX+PxCU2XmV2S3jaGcfPOMbORUS1mTuy2VRyYSoVdhqonNgPpJ -----END CERTIFICATE-----Generated at Mon Feb 9 22:27:22 2026 by rpki-client