This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/9ZWmW7O-KUcnYms6KVGgedV7Spc.roa File: 9ZWmW7O-KUcnYms6KVGgedV7Spc.roa (raw, json) Hash identifier: bmb6Wj5ZVAMQDodHsUEWFxaagxJI3FYmAMxoZWG5qPE= Subject key identifier: F5:95:A6:5B:B3:BE:29:47:27:62:6B:3A:29:51:A0:79:D5:7B:4A:97 Certificate issuer: /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3 Certificate serial: 019B7CED96E6CD850453BFAC2221190997FD Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/9ZWmW7O-KUcnYms6KVGgedV7Spc.roa Signing time: Fri 02 Jan 2026 04:18:23 +0000 ROA not before: Fri 02 Jan 2026 04:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203761 IP address blocks: 134.97.128.0/17 maxlen: 17 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.mft rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:96:e6:cd:85:04:53:bf:ac:22:21:19:09:97:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3 Validity Not Before: Jan 2 04:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f595a65bb3be294727626b3a2951a079d57b4a97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:ba:9d:d8:2e:64:db:f5:c9:0f:53:3b:57:6b: b6:c6:1b:b4:a3:23:03:17:25:c5:49:0b:52:dc:c5: f6:4f:e1:30:96:1e:91:2e:db:17:de:9f:1b:33:48: 80:2b:a0:ee:08:90:cf:88:ae:02:96:4e:f6:01:39: 7e:c4:18:ee:f5:3b:99:67:b0:f3:f3:1b:84:9e:0b: c7:38:9a:be:9d:7c:02:a2:ad:86:d5:5c:59:3b:b6: fd:45:c7:9c:56:79:f1:48:2a:5b:5a:66:36:43:d8: 57:5b:0b:17:43:74:e8:27:4a:1b:23:db:f5:12:d3: f8:70:8a:09:52:22:2f:e4:77:73:32:8a:3c:ea:87: 1c:77:ca:da:a4:85:d3:66:d9:fb:99:79:95:0f:9f: 8d:66:d6:25:24:00:22:ce:84:b6:08:c3:00:9f:62: 60:2b:dd:2d:b4:87:88:66:61:14:5a:85:c5:ef:22: 18:3d:2c:c2:0c:dc:3a:75:33:42:ec:1d:7b:b7:1a: 14:6b:21:5a:2f:d2:38:44:30:e3:7b:93:7f:65:a4: 56:2f:2a:b3:f1:cb:67:66:85:eb:34:e5:89:30:d9: 6f:ec:4c:34:5b:69:1b:02:d2:40:41:b7:eb:4d:30: 64:e5:5f:b8:f4:70:e1:02:5d:17:db:0b:5f:4f:38: 20:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:95:A6:5B:B3:BE:29:47:27:62:6B:3A:29:51:A0:79:D5:7B:4A:97 X509v3 Authority Key Identifier: keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/9ZWmW7O-KUcnYms6KVGgedV7Spc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 134.97.128.0/17 Signature Algorithm: sha256WithRSAEncryption 5f:09:4b:87:cc:10:a4:31:30:3e:15:9c:0c:b8:79:8d:e3:1c: 9d:6f:62:b0:05:32:69:20:88:ec:bc:2c:3e:ee:35:c2:fb:6a: 77:cf:f0:b0:1e:41:da:5f:d7:aa:79:21:ce:4d:d4:e4:40:fe: 01:58:88:c1:8c:d4:1d:56:f5:5a:76:e0:1c:e6:46:63:e0:ce: f5:b9:14:54:d9:1d:1c:bb:73:d5:de:39:e5:f4:f9:36:11:d1: 5c:fd:78:ef:f2:94:34:d9:1d:44:eb:da:11:0a:ce:17:18:af: e9:33:33:05:82:85:b1:b7:d7:28:29:61:a5:42:bd:1f:26:a9: 9f:47:d8:73:c8:a5:63:06:11:4d:e1:61:c5:24:3d:9a:bd:80: 67:00:f6:49:4d:c7:eb:89:97:a8:29:b7:30:79:8a:0e:ff:92: c5:bf:4c:ca:06:86:68:0e:bc:19:a9:99:15:f7:47:a8:37:72: 97:5f:5e:de:c7:0f:5d:9c:ca:ef:23:d0:a4:cc:ea:f6:67:bd: 42:c5:b4:f8:7f:71:73:a6:79:8e:bb:99:0a:05:0d:30:e5:b4: 2d:58:43:eb:d0:0f:82:dc:d1:b2:d1:d9:df:e6:ca:0a:43:ce: 85:b3:c3:7c:39:22:2b:fa:1e:82:43:02:24:3b:03:97:f5:e6: 92:cc:42:77 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87ZbmzYUEU7+sIiEZCZf9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2OTk0OGQwZmU0ZDdmOTlkNTRiYThiZmZjZDk5YTFhNjA4 YWUwZDMwHhcNMjYwMTAyMDQxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNTk1YTY1YmIzYmUyOTQ3Mjc2MjZiM2EyOTUxYTA3OWQ1N2I0YTk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbqd2C5k2/XJD1M7V2u2xhu0oyMD FyXFSQtS3MX2T+Ewlh6RLtsX3p8bM0iAK6DuCJDPiK4Clk72ATl+xBju9TuZZ7Dz 8xuEngvHOJq+nXwCoq2G1VxZO7b9RcecVnnxSCpbWmY2Q9hXWwsXQ3ToJ0obI9v1 EtP4cIoJUiIv5HdzMoo86occd8rapIXTZtn7mXmVD5+NZtYlJAAizoS2CMMAn2Jg K90ttIeIZmEUWoXF7yIYPSzCDNw6dTNC7B17txoUayFaL9I4RDDje5N/ZaRWLyqz 8ctnZoXrNOWJMNlv7Ew0W2kbAtJAQbfrTTBk5V+49HDhAl0X2wtfTzggawIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFPWVpluzvilHJ2JrOilRoHnVe0qXMB8GA1UdIwQY MBaAFJaZSND+TX+Z1Uuov/zZmhpgiuDTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAt NTNjYzVkYWY1MmNmLzEvOVpXbVc3Ty1LVWNuWW1zNktWR2dlZFY3U3BjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8xYTJmYTItZWViMy00MzEyLTkxMzAtNTNjYzVkYWY1MmNm LzEvbHBsSTBQNU5mNW5WUzZpX19ObWFHbUNLNE5NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHhmGAMA0G CSqGSIb3DQEBCwUAA4IBAQBfCUuHzBCkMTA+FZwMuHmN4xydb2KwBTJpIIjsvCw+ 7jXC+2p3z/CwHkHaX9eqeSHOTdTkQP4BWIjBjNQdVvVaduAc5kZj4M71uRRU2R0c u3PV3jnl9Pk2EdFc/Xjv8pQ02R1E69oRCs4XGK/pMzMFgoWxt9coKWGlQr0fJqmf R9hzyKVjBhFN4WHFJD2avYBnAPZJTcfriZeoKbcweYoO/5LFv0zKBoZoDrwZqZkV 90eoN3KXX17exw9dnMrvI9CkzOr2Z71CxbT4f3FzpnmOu5kKBQ0w5bQtWEPr0A+C 3NGy0dnf5soKQ86Fs8N8OSIr+h6CQwIkOwOX9eaSzEJ3 -----END CERTIFICATE-----Generated at Mon Feb 9 20:59:36 2026 by rpki-client