This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/_8f64H6kLzJHWcOIk3oSyh4YXRM.roa File: _8f64H6kLzJHWcOIk3oSyh4YXRM.roa (raw, json) Hash identifier: n4LZZXz9oD2l4x9qTuFFYxB9HvtLZ63oNauDlgkiRcY= Subject key identifier: FF:C7:FA:E0:7E:A4:2F:32:47:59:C3:88:93:7A:12:CA:1E:18:5D:13 Certificate issuer: /CN=528d5814c7156420dec3a3f7e526ef0f8333eef6 Certificate serial: 019B797E4C0D6D7AB7AC150246F56F126655 Authority key identifier: 52:8D:58:14:C7:15:64:20:DE:C3:A3:F7:E5:26:EF:0F:83:33:EE:F6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/_8f64H6kLzJHWcOIk3oSyh4YXRM.roa Signing time: Thu 01 Jan 2026 12:17:58 +0000 ROA not before: Thu 01 Jan 2026 12:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209609 IP address blocks: 109.71.76.0/24 maxlen: 24 195.210.38.0/23 maxlen: 23 195.210.38.0/24 maxlen: 24 195.210.39.0/24 maxlen: 24 2001:678:900::/48 maxlen: 48 2a0c:3340::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/Uo1YFMcVZCDew6P35SbvD4Mz7vY.crl rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/Uo1YFMcVZCDew6P35SbvD4Mz7vY.mft rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:4c:0d:6d:7a:b7:ac:15:02:46:f5:6f:12:66:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=528d5814c7156420dec3a3f7e526ef0f8333eef6 Validity Not Before: Jan 1 12:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ffc7fae07ea42f324759c388937a12ca1e185d13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:9a:2c:0c:0c:a1:38:3c:69:3f:eb:1d:db:f1: 6e:13:ef:2b:ca:ad:a0:66:5c:b5:23:fe:ce:17:b3: b7:a6:a0:ca:6c:f3:c2:f1:56:4f:8a:36:4e:f4:f9: 12:a4:0b:77:6a:9d:4f:5d:d9:fa:99:c2:90:d3:3b: db:ab:1e:f7:37:58:48:31:5d:41:ab:fb:24:45:42: e2:ba:e1:59:19:f5:15:29:07:e1:73:ee:34:35:b8: 9d:5c:2c:dc:db:03:ca:21:53:24:0c:55:f3:c4:a2: 7d:f6:ad:90:93:5d:26:4e:9c:c5:de:92:be:49:12: fe:c5:4b:d7:bb:03:46:43:50:4c:2a:bd:73:50:01: 66:37:f0:c9:e3:f5:99:02:0c:35:e5:9c:15:bc:34: f2:14:ee:92:fe:92:47:86:7e:25:d9:39:d8:be:7a: 2b:0b:b5:7a:68:a8:86:97:79:06:a0:c1:e9:44:6c: af:fa:13:fb:37:eb:6b:1a:56:91:c3:00:3f:bd:96: e1:be:2e:2b:80:ce:91:30:4b:66:34:31:4c:3c:92: 0f:11:76:c0:21:90:76:c3:0c:5a:79:44:eb:74:dc: 19:7d:04:8f:98:b0:80:34:f5:91:07:8a:8a:00:9c: a6:94:00:1b:31:55:73:fa:2d:b4:49:b7:1e:3b:d1: 30:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:C7:FA:E0:7E:A4:2F:32:47:59:C3:88:93:7A:12:CA:1E:18:5D:13 X509v3 Authority Key Identifier: keyid:52:8D:58:14:C7:15:64:20:DE:C3:A3:F7:E5:26:EF:0F:83:33:EE:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uo1YFMcVZCDew6P35SbvD4Mz7vY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/_8f64H6kLzJHWcOIk3oSyh4YXRM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/beac09-c49f-4c70-9818-431c39bb7b38/1/Uo1YFMcVZCDew6P35SbvD4Mz7vY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.71.76.0/24 195.210.38.0/23 IPv6: 2001:678:900::/48 2a0c:3340::/29 Signature Algorithm: sha256WithRSAEncryption 54:d7:05:d1:b0:f9:46:e0:69:f2:26:c6:11:ee:2f:b5:9b:4e: 07:82:7b:53:34:8d:c9:15:69:0c:9d:a4:4c:9c:c4:21:c0:8b: ce:5f:94:76:6d:b8:66:d0:1b:c0:8c:d2:78:da:be:ab:3d:47: 4c:4d:53:41:8a:0b:9f:e8:78:17:81:d2:9d:e3:47:96:15:af: 10:4f:11:6c:02:0b:e7:9a:ca:7a:3c:01:12:15:52:a5:90:81: b9:e9:86:c3:7c:48:ef:0f:0a:ed:ed:c3:ee:15:71:37:48:ba: ca:7e:8b:f9:98:9a:6b:f3:f4:af:d2:ce:4d:25:b1:58:a4:20: 3e:4f:d3:d4:47:48:95:93:a7:76:c4:1b:96:19:b5:2c:33:44: 54:62:fc:d1:31:cd:2d:c5:ec:ae:c8:e4:08:06:3e:bd:f3:20: 6a:4e:0c:e9:37:be:36:dc:ce:58:cd:f7:ff:72:b7:c1:d1:db: f5:d7:89:ba:95:e3:3f:87:df:73:96:6f:a5:18:95:33:3b:a2: 0e:07:e1:78:16:a7:c0:cb:42:4c:81:46:99:4c:5d:15:e1:d4: 23:36:6a:0a:99:6b:d2:09:42:81:3a:f1:75:c0:9d:d3:d2:b9: ec:89:3b:60:cd:02:f1:b2:05:33:fe:5d:11:b8:08:02:df:ea: 01:46:27:8a -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt5fkwNbXq3rBUCRvVvEmZVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUyOGQ1ODE0YzcxNTY0MjBkZWMzYTNmN2U1MjZlZjBmODMz M2VlZjYwHhcNMjYwMTAxMTIxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZmM3ZmFlMDdlYTQyZjMyNDc1OWMzODg5MzdhMTJjYTFlMTg1ZDEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJosDAyhODxpP+sd2/FuE+8ryq2g Zly1I/7OF7O3pqDKbPPC8VZPijZO9PkSpAt3ap1PXdn6mcKQ0zvbqx73N1hIMV1B q/skRULiuuFZGfUVKQfhc+40NbidXCzc2wPKIVMkDFXzxKJ99q2Qk10mTpzF3pK+ SRL+xUvXuwNGQ1BMKr1zUAFmN/DJ4/WZAgw15ZwVvDTyFO6S/pJHhn4l2TnYvnor C7V6aKiGl3kGoMHpRGyv+hP7N+trGlaRwwA/vZbhvi4rgM6RMEtmNDFMPJIPEXbA IZB2wwxaeUTrdNwZfQSPmLCANPWRB4qKAJymlAAbMVVz+i20SbceO9Ew5QIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFP/H+uB+pC8yR1nDiJN6EsoeGF0TMB8GA1UdIwQY MBaAFFKNWBTHFWQg3sOj9+Um7w+DM+72MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVW8xWUZNY1ZaQ0RldzZQMzVTYnZENE16N3ZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9iZWFjMDktYzQ5Zi00YzcwLTk4MTgt NDMxYzM5YmI3YjM4LzEvXzhmNjRINmtMekpIV2NPSWszb1N5aDRZWFJNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny9iZWFjMDktYzQ5Zi00YzcwLTk4MTgtNDMxYzM5YmI3YjM4 LzEvVW8xWUZNY1ZaQ0RldzZQMzVTYnZENE16N3ZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAbUdMAwQB w9ImMBYEAgACMBADBwAgAQZ4CQADBQMqDDNAMA0GCSqGSIb3DQEBCwUAA4IBAQBU 1wXRsPlG4GnyJsYR7i+1m04HgntTNI3JFWkMnaRMnMQhwIvOX5R2bbhm0BvAjNJ4 2r6rPUdMTVNBiguf6HgXgdKd40eWFa8QTxFsAgvnmsp6PAESFVKlkIG56YbDfEjv Dwrt7cPuFXE3SLrKfov5mJpr8/Sv0s5NJbFYpCA+T9PUR0iVk6d2xBuWGbUsM0RU YvzRMc0txeyuyOQIBj698yBqTgzpN7423M5Yzff/crfB0dv114m6leM/h99zlm+l GJUzO6IOB+F4FqfAy0JMgUaZTF0V4dQjNmoKmWvSCUKBOvF1wJ3T0rnsiTtgzQLx sgUz/l0RuAgC3+oBRieK -----END CERTIFICATE-----Generated at Tue Feb 10 02:46:30 2026 by rpki-client