This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/9zHOxpyIXqRlDC726eMkIL_3in8.roa File: 9zHOxpyIXqRlDC726eMkIL_3in8.roa (raw, json) Hash identifier: 5IwHDdTrqf8yPsGKKg1ULI3+RzopP4UflBbqS3upMps= Subject key identifier: F7:31:CE:C6:9C:88:5E:A4:65:0C:2E:F6:E9:E3:24:20:BF:F7:8A:7F Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa Certificate serial: 019B7E37993975EFB26BB0B08633638B1877 Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/9zHOxpyIXqRlDC726eMkIL_3in8.roa Signing time: Fri 02 Jan 2026 10:18:51 +0000 ROA not before: Fri 02 Jan 2026 10:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5650 IP address blocks: 64.43.104.0/22 maxlen: 22 64.43.112.0/22 maxlen: 22 64.43.124.0/22 maxlen: 22 77.36.120.0/22 maxlen: 22 91.245.184.0/22 maxlen: 22 176.102.124.0/22 maxlen: 22 176.116.232.0/22 maxlen: 22 178.212.184.0/21 maxlen: 21 178.212.184.0/22 maxlen: 22 178.212.188.0/22 maxlen: 22 185.55.4.0/22 maxlen: 22 185.55.4.0/23 maxlen: 23 185.55.6.0/23 maxlen: 23 185.55.140.0/22 maxlen: 22 185.55.140.0/23 maxlen: 23 185.55.142.0/23 maxlen: 23 193.36.204.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 04:01:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:99:39:75:ef:b2:6b:b0:b0:86:33:63:8b:18:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa Validity Not Before: Jan 2 10:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f731cec69c885ea4650c2ef6e9e32420bff78a7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:d8:79:81:d6:8b:22:b4:e2:4f:2b:58:97:1c: 7b:18:b1:5d:fb:91:58:3b:11:88:ff:8c:33:2e:76: 99:74:36:de:26:b0:f6:88:cb:02:64:6c:91:38:f3: ce:75:3a:f6:15:55:54:6c:65:48:e9:ad:33:ab:94: c9:33:6f:91:29:9d:8f:7c:95:66:17:71:a1:92:28: 0c:72:d0:47:d8:55:1f:ad:42:65:f4:a3:b6:6d:6b: 04:21:e3:07:d8:c8:48:8e:db:1d:41:e1:b1:39:ac: ed:a8:d9:28:44:89:51:e8:34:08:09:a2:9d:3c:27: 81:84:c0:26:95:ad:ae:02:17:55:5c:1b:3e:73:07: 06:2a:ee:ce:3e:6b:bc:50:95:c0:60:35:6b:eb:04: 28:d2:57:f4:9a:99:fe:c7:70:85:87:06:9c:34:b2: d8:68:36:69:ef:0b:5f:8a:47:fc:2b:98:b6:34:fb: b5:37:51:2c:39:6e:c7:37:e0:26:5f:62:dc:81:4f: 75:49:d9:79:a0:d7:cd:4e:69:12:a9:9c:81:11:42: 50:5a:d7:fb:54:33:bd:f7:80:5e:81:36:69:1b:b0: 79:92:ea:41:cd:09:42:e6:34:a7:21:b0:16:7b:1f: 8d:6d:95:01:0f:26:4b:8e:60:bc:90:7b:64:35:e2: 31:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:31:CE:C6:9C:88:5E:A4:65:0C:2E:F6:E9:E3:24:20:BF:F7:8A:7F X509v3 Authority Key Identifier: keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/9zHOxpyIXqRlDC726eMkIL_3in8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 64.43.104.0/22 64.43.112.0/22 64.43.124.0/22 77.36.120.0/22 91.245.184.0/22 176.102.124.0/22 176.116.232.0/22 178.212.184.0/21 185.55.4.0/22 185.55.140.0/22 193.36.204.0/22 Signature Algorithm: sha256WithRSAEncryption 6c:56:33:f5:6a:d4:3d:ec:68:58:23:46:94:52:07:b3:1d:b0: 2d:d6:ed:62:7b:4e:b1:eb:c1:67:6c:7e:04:ab:57:a7:18:68: f9:05:fc:48:50:f5:61:03:5e:0b:11:3e:1c:4e:33:80:c1:d1: 70:f0:ac:56:76:85:42:40:d5:34:10:87:45:da:bf:87:ba:5e: 8e:02:7a:56:62:03:1c:ce:2d:94:03:dd:6f:e1:df:49:c2:05: 3b:a9:75:b8:e8:2c:cc:44:57:c3:e4:f4:d6:98:c7:fe:9e:57: 94:be:4a:40:a6:59:31:ba:6c:98:ac:fd:0b:35:f4:4f:ea:e3: e8:5a:72:e8:01:4e:a3:24:47:49:05:d9:ad:f1:1d:0c:b4:61: ac:b6:13:79:f9:36:a2:ae:d1:97:91:9b:2a:de:21:d3:54:c3: 7b:08:e1:90:86:6d:1b:f6:a0:aa:36:7e:42:68:ac:97:15:1d: 0a:b9:88:cc:82:ac:ad:ac:ea:6b:58:d0:91:76:91:d3:3b:b0: d7:ed:a8:02:73:02:a8:29:19:53:71:d2:fd:35:8d:27:9c:0f: b2:34:9f:72:ab:54:90:a4:0e:4f:80:6b:73:90:7b:9c:0e:f7: f8:60:d2:34:18:70:0b:11:4a:0a:a6:bf:6f:cd:01:e8:8e:02: 80:12:b7:2e -----BEGIN CERTIFICATE----- MIIFOTCCBCGgAwIBAgISAZt+N5k5de+ya7CwhjNjixh3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy MjRkYWEwHhcNMjYwMTAyMTAxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNzMxY2VjNjljODg1ZWE0NjUwYzJlZjZlOWUzMjQyMGJmZjc4YTdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNh5gdaLIrTiTytYlxx7GLFd+5FY OxGI/4wzLnaZdDbeJrD2iMsCZGyROPPOdTr2FVVUbGVI6a0zq5TJM2+RKZ2PfJVm F3GhkigMctBH2FUfrUJl9KO2bWsEIeMH2MhIjtsdQeGxOaztqNkoRIlR6DQICaKd PCeBhMAmla2uAhdVXBs+cwcGKu7OPmu8UJXAYDVr6wQo0lf0mpn+x3CFhwacNLLY aDZp7wtfikf8K5i2NPu1N1EsOW7HN+AmX2LcgU91Sdl5oNfNTmkSqZyBEUJQWtf7 VDO994BegTZpG7B5kupBzQlC5jSnIbAWex+NbZUBDyZLjmC8kHtkNeIxwwIDAQAB o4ICRTCCAkEwHQYDVR0OBBYEFPcxzsaciF6kZQwu9unjJCC/94p/MB8GA1UdIwQY MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt ZGMwNmRkODA1OTYwLzEvOXpIT3hweUlYcVJsREM3MjZlTWtJTF8zaW44LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCQCtoAwQC QCtwAwQCQCt8AwQCTSR4AwQCW/W4AwQCsGZ8AwQCsHToAwQDstS4AwQCuTcEAwQC uTeMAwQCwSTMMA0GCSqGSIb3DQEBCwUAA4IBAQBsVjP1atQ97GhYI0aUUgezHbAt 1u1ie06x68FnbH4Eq1enGGj5BfxIUPVhA14LET4cTjOAwdFw8KxWdoVCQNU0EIdF 2r+Hul6OAnpWYgMczi2UA91v4d9JwgU7qXW46CzMRFfD5PTWmMf+nleUvkpAplkx umyYrP0LNfRP6uPoWnLoAU6jJEdJBdmt8R0MtGGsthN5+TairtGXkZsq3iHTVMN7 COGQhm0b9qCqNn5CaKyXFR0KuYjMgqytrOprWNCRdpHTO7DX7agCcwKoKRlTcdL9 NY0nnA+yNJ9yq1SQpA5PgGtzkHucDvf4YNI0GHALEUoKpr9vzQHojgKAErcu -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:17 2026 by rpki-client