This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/908956-c5e6-4a3e-9f17-a14ca0ec1c1a/1/m8AA96uOHjGk-TGHS6ELVd8Zd-8.roa File: m8AA96uOHjGk-TGHS6ELVd8Zd-8.roa (raw, json) Hash identifier: KzO3KLMfqTnrwpPiduDo1bAht73kSS22uwNrZN+bB0Q= Subject key identifier: 9B:C0:00:F7:AB:8E:1E:31:A4:F9:31:87:4B:A1:0B:55:DF:19:77:EF Certificate issuer: /CN=9d5a17271d99cf15b73ecc658673143c28e207ed Certificate serial: 019B7DCB3DB7E9661304D1E9A77A5BA421DE Authority key identifier: 9D:5A:17:27:1D:99:CF:15:B7:3E:CC:65:86:73:14:3C:28:E2:07:ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nVoXJx2ZzxW3PsxlhnMUPCjiB-0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/908956-c5e6-4a3e-9f17-a14ca0ec1c1a/1/m8AA96uOHjGk-TGHS6ELVd8Zd-8.roa Signing time: Fri 02 Jan 2026 08:20:30 +0000 ROA not before: Fri 02 Jan 2026 08:20:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59597 IP address blocks: 5.179.72.0/21 maxlen: 24 185.14.140.0/22 maxlen: 24 2a01:9540::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/908956-c5e6-4a3e-9f17-a14ca0ec1c1a/1/nVoXJx2ZzxW3PsxlhnMUPCjiB-0.crl rsync://rpki.ripe.net/repository/DEFAULT/53/908956-c5e6-4a3e-9f17-a14ca0ec1c1a/1/nVoXJx2ZzxW3PsxlhnMUPCjiB-0.mft rsync://rpki.ripe.net/repository/DEFAULT/nVoXJx2ZzxW3PsxlhnMUPCjiB-0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:3d:b7:e9:66:13:04:d1:e9:a7:7a:5b:a4:21:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d5a17271d99cf15b73ecc658673143c28e207ed Validity Not Before: Jan 2 08:20:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9bc000f7ab8e1e31a4f931874ba10b55df1977ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b5:41:8a:c3:c3:c6:82:cc:1c:a3:45:cd:e4: 3d:b1:bb:44:b2:01:7a:c9:98:f2:c3:da:62:62:9c: 07:79:07:b2:62:bc:20:83:e0:59:77:d0:fd:bb:93: 58:91:93:d2:46:52:6b:4a:57:cb:b4:24:8f:61:87: db:f4:a3:13:89:ef:e8:ac:1f:3e:c0:2e:a9:e8:20: 68:52:7f:81:6a:e8:22:61:60:15:f1:be:87:72:7e: e4:50:32:3f:8c:38:7c:94:85:f7:7c:b2:b5:8d:11: 75:2f:16:92:65:d3:f9:73:1d:e7:77:32:64:d3:65: 0a:25:04:4c:8c:6e:17:ef:12:3f:ea:48:2d:0a:bc: 4c:94:20:81:09:60:77:83:5a:a7:90:b9:7e:02:c3: 43:ac:93:76:05:5d:55:55:d6:20:2a:bb:35:dd:c5: 5f:cf:5e:d7:c4:6f:ba:24:fb:58:3b:7d:f6:26:f0: b1:77:e5:b7:68:79:f9:d7:f3:ac:8e:54:29:db:6c: 9a:9b:77:39:fc:e6:10:75:5e:dd:4b:4a:76:e3:87: b9:5c:bd:d9:b8:57:da:49:6e:c8:1f:2e:87:d9:e9: 65:c7:8a:20:76:b8:60:72:88:70:58:dc:13:ba:53: 72:28:ce:1c:6d:04:d9:1f:84:c7:c5:dc:18:fd:48: 8d:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:C0:00:F7:AB:8E:1E:31:A4:F9:31:87:4B:A1:0B:55:DF:19:77:EF X509v3 Authority Key Identifier: keyid:9D:5A:17:27:1D:99:CF:15:B7:3E:CC:65:86:73:14:3C:28:E2:07:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVoXJx2ZzxW3PsxlhnMUPCjiB-0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/908956-c5e6-4a3e-9f17-a14ca0ec1c1a/1/m8AA96uOHjGk-TGHS6ELVd8Zd-8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/908956-c5e6-4a3e-9f17-a14ca0ec1c1a/1/nVoXJx2ZzxW3PsxlhnMUPCjiB-0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.179.72.0/21 185.14.140.0/22 IPv6: 2a01:9540::/32 Signature Algorithm: sha256WithRSAEncryption 37:29:f0:42:00:8d:3d:bf:b0:6d:74:4c:a6:cf:4d:67:d4:52: be:be:a3:ac:ef:ab:54:ac:fe:41:ee:1d:6a:9d:06:1e:53:8a: 72:1e:22:7d:9b:4c:3e:bf:39:fa:37:fb:e9:6d:a0:7b:58:97: 65:e8:f0:28:4c:db:20:1f:c4:d1:dd:72:04:f9:5b:c7:1a:1e: 97:12:23:60:78:d5:d1:43:55:6f:e2:27:bc:05:90:fd:79:d7: 54:26:34:d1:e9:de:cf:32:09:ef:9f:4f:6b:79:25:59:dc:a7: 01:38:b9:11:bf:b7:c5:17:07:d9:20:b3:05:ed:61:ff:b6:08: 91:0e:bb:5e:e8:46:eb:eb:b1:ea:40:1d:6c:ee:94:c3:af:56: ef:a6:46:4f:1b:8a:c6:5d:59:8e:47:15:01:d2:ec:cf:e2:17: 02:2e:9a:c5:1f:78:93:c8:82:f0:d7:09:0a:c4:33:59:00:9d: 46:8e:11:77:a9:4f:ad:c9:19:ee:5b:b5:4e:06:c1:7a:fe:fa: 4d:ad:a6:cb:95:5a:5c:d5:23:0e:a8:32:4c:0e:54:06:c8:dc: ef:b0:8c:3f:e3:10:8f:93:93:74:a0:11:9c:48:39:aa:30:b1: a4:49:a8:9d:68:b6:3e:7d:fc:b8:1b:f4:57:47:d0:b5:e8:83: 6b:d6:68:83 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt9yz236WYTBNHpp3pbpCHeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkNWExNzI3MWQ5OWNmMTViNzNlY2M2NTg2NzMxNDNjMjhl MjA3ZWQwHhcNMjYwMTAyMDgyMDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YmMwMDBmN2FiOGUxZTMxYTRmOTMxODc0YmExMGI1NWRmMTk3N2VmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLVBisPDxoLMHKNFzeQ9sbtEsgF6 yZjyw9piYpwHeQeyYrwgg+BZd9D9u5NYkZPSRlJrSlfLtCSPYYfb9KMTie/orB8+ wC6p6CBoUn+BaugiYWAV8b6Hcn7kUDI/jDh8lIX3fLK1jRF1LxaSZdP5cx3ndzJk 02UKJQRMjG4X7xI/6kgtCrxMlCCBCWB3g1qnkLl+AsNDrJN2BV1VVdYgKrs13cVf z17XxG+6JPtYO332JvCxd+W3aHn51/OsjlQp22yam3c5/OYQdV7dS0p244e5XL3Z uFfaSW7IHy6H2ellx4ogdrhgcohwWNwTulNyKM4cbQTZH4THxdwY/UiNpQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFJvAAPerjh4xpPkxh0uhC1XfGXfvMB8GA1UdIwQY MBaAFJ1aFycdmc8Vtz7MZYZzFDwo4gftMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblZvWEp4Mlp6eFczUHN4bGhuTVVQQ2ppQi0wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My85MDg5NTYtYzVlNi00YTNlLTlmMTct YTE0Y2EwZWMxYzFhLzEvbThBQTk2dU9IakdrLVRHSFM2RUxWZDhaZC04LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My85MDg5NTYtYzVlNi00YTNlLTlmMTctYTE0Y2EwZWMxYzFh LzEvblZvWEp4Mlp6eFczUHN4bGhuTVVQQ2ppQi0wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBbNIAwQC uQ6MMA0EAgACMAcDBQAqAZVAMA0GCSqGSIb3DQEBCwUAA4IBAQA3KfBCAI09v7Bt dEymz01n1FK+vqOs76tUrP5B7h1qnQYeU4pyHiJ9m0w+vzn6N/vpbaB7WJdl6PAo TNsgH8TR3XIE+VvHGh6XEiNgeNXRQ1Vv4ie8BZD9eddUJjTR6d7PMgnvn09reSVZ 3KcBOLkRv7fFFwfZILMF7WH/tgiRDrte6Ebr67HqQB1s7pTDr1bvpkZPG4rGXVmO RxUB0uzP4hcCLprFH3iTyILw1wkKxDNZAJ1GjhF3qU+tyRnuW7VOBsF6/vpNrabL lVpc1SMOqDJMDlQGyNzvsIw/4xCPk5N0oBGcSDmqMLGkSaidaLY+ffy4G/RXR9C1 6INr1miD -----END CERTIFICATE-----Generated at Tue Jan 20 04:47:36 2026 by rpki-client