This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/ceff1a-ec66-4d45-ba9f-488a22299ca1/1/09kUsc8xVsHQfG22SiNr4dqPF4E.roa File: 09kUsc8xVsHQfG22SiNr4dqPF4E.roa (raw, json) Hash identifier: ysqhE++XuPh/xw2jA2E/+Gvhp8/HFy9qw2ro2jCSjO0= Subject key identifier: D3:D9:14:B1:CF:31:56:C1:D0:7C:6D:B6:4A:23:6B:E1:DA:8F:17:81 Certificate issuer: /CN=65ab51e8e58cc14ed9cb35731af1d011dbe2e12e Certificate serial: 019B7C7F2012E8BE3AC7224A24BDDB31441D Authority key identifier: 65:AB:51:E8:E5:8C:C1:4E:D9:CB:35:73:1A:F1:D0:11:DB:E2:E1:2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZatR6OWMwU7ZyzVzGvHQEdvi4S4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/ceff1a-ec66-4d45-ba9f-488a22299ca1/1/09kUsc8xVsHQfG22SiNr4dqPF4E.roa Signing time: Fri 02 Jan 2026 02:17:44 +0000 ROA not before: Fri 02 Jan 2026 02:17:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207822 IP address blocks: 94.142.128.0/24 maxlen: 24 2001:678:b98::/48 maxlen: 48 2a0a:f00::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/ceff1a-ec66-4d45-ba9f-488a22299ca1/1/ZatR6OWMwU7ZyzVzGvHQEdvi4S4.crl rsync://rpki.ripe.net/repository/DEFAULT/22/ceff1a-ec66-4d45-ba9f-488a22299ca1/1/ZatR6OWMwU7ZyzVzGvHQEdvi4S4.mft rsync://rpki.ripe.net/repository/DEFAULT/ZatR6OWMwU7ZyzVzGvHQEdvi4S4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:20:12:e8:be:3a:c7:22:4a:24:bd:db:31:44:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=65ab51e8e58cc14ed9cb35731af1d011dbe2e12e Validity Not Before: Jan 2 02:17:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d3d914b1cf3156c1d07c6db64a236be1da8f1781 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:2c:6e:7d:f6:ed:14:50:28:4e:95:56:63:85: 38:34:2f:92:fc:9d:a2:0e:e9:f1:8f:d8:21:1e:e1: e1:71:5a:d2:8c:17:7e:6c:30:49:b7:16:39:49:4c: 55:32:84:7c:a1:5e:0e:2b:e2:90:d6:d5:fa:7a:05: 28:99:10:97:b7:83:f1:e3:6e:20:62:39:07:75:30: a9:0e:1e:06:f3:e7:ed:7a:8f:6e:b2:f9:72:42:b6: 0d:c7:14:4d:26:e5:5e:53:40:0b:c6:20:7c:15:d5: ea:c6:01:65:27:a4:22:e3:b1:90:c2:5b:98:e7:75: f2:20:c0:82:7f:75:70:87:7d:9e:56:8b:00:ca:98: 12:a1:e7:38:d7:43:3b:cc:13:ab:cf:e1:af:4e:3c: 5f:86:47:12:42:52:e9:b2:bb:5a:75:9d:9e:03:87: 1f:6f:85:39:08:06:33:e8:f1:8a:16:b3:4e:d5:98: 63:d4:5e:f6:ca:24:4b:7a:bf:40:96:8d:09:3a:88: 9f:ce:7c:3e:c1:a5:1a:88:6f:e2:e7:94:89:6f:98: f3:24:4e:84:0c:c1:25:ec:00:8a:13:65:d5:68:28: 18:45:6a:ce:4c:fd:5c:72:4e:64:5d:fe:fa:80:47: 55:97:3b:1c:be:d6:1d:83:b3:39:ca:b9:97:76:7f: 84:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:D9:14:B1:CF:31:56:C1:D0:7C:6D:B6:4A:23:6B:E1:DA:8F:17:81 X509v3 Authority Key Identifier: keyid:65:AB:51:E8:E5:8C:C1:4E:D9:CB:35:73:1A:F1:D0:11:DB:E2:E1:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZatR6OWMwU7ZyzVzGvHQEdvi4S4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ceff1a-ec66-4d45-ba9f-488a22299ca1/1/09kUsc8xVsHQfG22SiNr4dqPF4E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/ceff1a-ec66-4d45-ba9f-488a22299ca1/1/ZatR6OWMwU7ZyzVzGvHQEdvi4S4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.142.128.0/24 IPv6: 2001:678:b98::/48 2a0a:f00::/29 Signature Algorithm: sha256WithRSAEncryption 69:69:9b:fd:3f:08:26:8d:f7:7e:b4:e1:46:99:e4:ab:37:1c: 5d:7f:8e:67:c8:75:53:1a:35:ff:23:58:7c:42:7e:b9:1b:65: ea:93:35:4d:c5:8c:b1:ed:a9:ed:54:ac:a6:65:bd:22:4b:a8: 12:df:8a:dd:98:0f:83:6d:b8:e1:14:2f:67:c9:39:be:74:b4: 0a:ec:dc:ea:4b:51:b2:2a:7b:04:84:53:8f:ef:c6:a0:4c:39: 12:8a:fb:da:94:be:74:24:92:5b:4b:fa:11:b7:22:b3:7c:82: c4:5e:2e:68:2b:83:b4:c3:fc:85:47:17:2b:f5:21:71:07:97: 87:58:d9:79:90:ad:c7:55:a0:c2:71:0f:67:1e:7b:5a:2d:55: f8:c6:ee:81:9c:75:ba:7e:5a:38:45:bd:2c:e2:1a:51:5c:e0: 0f:81:df:e8:54:ab:4e:92:9e:95:8e:86:62:e1:9f:a4:3d:66: d3:95:89:6d:6e:d5:78:0c:87:ea:0e:78:a6:5c:6e:51:b4:c1: aa:2c:03:7a:a8:2c:b4:fb:e2:ca:cb:ea:fd:3d:cd:96:63:42: 5c:93:75:51:0a:0d:f4:95:00:9b:41:8e:51:ed:4d:8f:31:1b: fa:79:16:9a:e6:52:a9:2c:cc:92:24:96:0d:98:41:83:33:38: c9:41:fb:b6 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt8fyAS6L46xyJKJL3bMUQdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY1YWI1MWU4ZTU4Y2MxNGVkOWNiMzU3MzFhZjFkMDExZGJl MmUxMmUwHhcNMjYwMTAyMDIxNzQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkM2Q5MTRiMWNmMzE1NmMxZDA3YzZkYjY0YTIzNmJlMWRhOGYxNzgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9yxuffbtFFAoTpVWY4U4NC+S/J2i Dunxj9ghHuHhcVrSjBd+bDBJtxY5SUxVMoR8oV4OK+KQ1tX6egUomRCXt4Px424g YjkHdTCpDh4G8+fteo9usvlyQrYNxxRNJuVeU0ALxiB8FdXqxgFlJ6Qi47GQwluY 53XyIMCCf3Vwh32eVosAypgSoec410M7zBOrz+GvTjxfhkcSQlLpsrtadZ2eA4cf b4U5CAYz6PGKFrNO1Zhj1F72yiRLer9Alo0JOoifznw+waUaiG/i55SJb5jzJE6E DMEl7ACKE2XVaCgYRWrOTP1cck5kXf76gEdVlzscvtYdg7M5yrmXdn+E+wIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFNPZFLHPMVbB0Hxttkoja+HajxeBMB8GA1UdIwQY MBaAFGWrUejljMFO2cs1cxrx0BHb4uEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmF0UjZPV013VTdaeXpWekd2SFFFZHZpNFM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9jZWZmMWEtZWM2Ni00ZDQ1LWJhOWYt NDg4YTIyMjk5Y2ExLzEvMDlrVXNjOHhWc0hRZkcyMlNpTnI0ZHFQRjRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi9jZWZmMWEtZWM2Ni00ZDQ1LWJhOWYtNDg4YTIyMjk5Y2Ex LzEvWmF0UjZPV013VTdaeXpWekd2SFFFZHZpNFM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAXo6AMBYE AgACMBADBwAgAQZ4C5gDBQMqCg8AMA0GCSqGSIb3DQEBCwUAA4IBAQBpaZv9Pwgm jfd+tOFGmeSrNxxdf45nyHVTGjX/I1h8Qn65G2XqkzVNxYyx7antVKymZb0iS6gS 34rdmA+DbbjhFC9nyTm+dLQK7NzqS1GyKnsEhFOP78agTDkSivvalL50JJJbS/oR tyKzfILEXi5oK4O0w/yFRxcr9SFxB5eHWNl5kK3HVaDCcQ9nHntaLVX4xu6BnHW6 flo4Rb0s4hpRXOAPgd/oVKtOkp6VjoZi4Z+kPWbTlYltbtV4DIfqDnimXG5RtMGq LAN6qCy0++LKy+r9Pc2WY0Jck3VRCg30lQCbQY5R7U2PMRv6eRaa5lKpLMySJJYN mEGDMzjJQfu2 -----END CERTIFICATE-----Generated at Mon Feb 9 20:10:14 2026 by rpki-client