This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/9xaM71e9BMRFYv27V5xbMjdqOgI.roa File: 9xaM71e9BMRFYv27V5xbMjdqOgI.roa (raw, json) Hash identifier: D9u9E0DcXMocRKo5Wg6KGFp6zb0+RH3c9pC/yeH8pSY= Subject key identifier: F7:16:8C:EF:57:BD:04:C4:45:62:FD:BB:57:9C:5B:32:37:6A:3A:02 Certificate issuer: /CN=0eb8bc44e36fae16d37102fd0d519f284d663d90 Certificate serial: 019B7E387EE697CCC2B024E3FD2423551DDD Authority key identifier: 0E:B8:BC:44:E3:6F:AE:16:D3:71:02:FD:0D:51:9F:28:4D:66:3D:90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dri8RONvrhbTcQL9DVGfKE1mPZA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/9xaM71e9BMRFYv27V5xbMjdqOgI.roa Signing time: Fri 02 Jan 2026 10:19:50 +0000 ROA not before: Fri 02 Jan 2026 10:19:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209680 IP address blocks: 91.132.204.0/24 maxlen: 24 2a09:d880::/48 maxlen: 48 2a09:d881::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/Dri8RONvrhbTcQL9DVGfKE1mPZA.crl rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/Dri8RONvrhbTcQL9DVGfKE1mPZA.mft rsync://rpki.ripe.net/repository/DEFAULT/Dri8RONvrhbTcQL9DVGfKE1mPZA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 11 Feb 2026 00:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:7e:e6:97:cc:c2:b0:24:e3:fd:24:23:55:1d:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0eb8bc44e36fae16d37102fd0d519f284d663d90 Validity Not Before: Jan 2 10:19:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f7168cef57bd04c44562fdbb579c5b32376a3a02 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:8d:95:5d:f7:f5:f6:df:a6:bb:e5:c0:89:b9: fa:24:16:e2:5c:6a:1f:e6:49:33:18:71:b1:3a:73: 30:42:e7:0a:92:0b:1e:e2:71:d4:ae:29:09:76:e4: 8d:da:9c:18:db:79:0c:48:55:b0:60:1a:60:b8:27: 34:ea:4b:85:a5:0f:0c:73:d0:34:1c:0b:ca:25:b0: 61:7e:61:c6:78:f1:31:d8:93:04:3f:5a:33:32:89: 0d:3f:8e:8d:6a:ea:18:55:de:e4:bc:5b:ee:67:e3: 57:fb:54:40:59:17:50:20:fe:b6:86:ff:5a:63:d7: 39:ee:21:8e:6c:34:09:c2:33:23:b1:68:16:50:14: cc:a3:9b:aa:96:b3:d9:f4:28:f2:d2:21:b7:3a:9c: 47:92:81:82:14:99:f8:c7:86:50:61:08:21:fa:64: 11:4c:9e:d6:c7:5d:29:cc:58:5c:f3:d9:aa:dc:a2: 1f:33:99:12:84:89:c9:d3:9c:6b:12:1d:db:85:5d: 9f:d5:93:f2:37:76:d8:83:f8:fe:d7:38:80:36:bd: 7b:23:84:c1:52:3f:2b:2c:14:5f:9f:24:59:29:ae: c7:d3:1e:9e:82:61:03:25:ed:bb:fb:00:7b:e5:c6: c6:0e:b9:f4:4c:08:92:ce:75:cd:4d:36:2c:26:f1: 5e:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:16:8C:EF:57:BD:04:C4:45:62:FD:BB:57:9C:5B:32:37:6A:3A:02 X509v3 Authority Key Identifier: keyid:0E:B8:BC:44:E3:6F:AE:16:D3:71:02:FD:0D:51:9F:28:4D:66:3D:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dri8RONvrhbTcQL9DVGfKE1mPZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/9xaM71e9BMRFYv27V5xbMjdqOgI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/61d1ce-cd80-429d-bfe1-89b3a3f15df0/1/Dri8RONvrhbTcQL9DVGfKE1mPZA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.132.204.0/24 IPv6: 2a09:d880::/48 2a09:d881::/48 Signature Algorithm: sha256WithRSAEncryption 65:45:cc:46:2c:63:41:f5:a2:dc:8d:7e:81:aa:1c:e3:ba:52: 32:fd:71:11:d3:35:9a:e6:18:c8:28:f5:cd:89:b9:be:2a:c3: 0e:41:f0:cd:30:a4:e7:13:ca:d3:3b:87:ac:34:13:0d:ec:4c: 1d:fc:38:98:b3:aa:0a:50:ba:64:eb:eb:4f:d8:50:a4:3c:bc: f4:c7:91:62:ec:aa:84:13:71:7f:95:95:4f:20:1f:19:d1:b4: 42:e5:8b:df:4a:9f:ba:f1:8b:f0:d4:88:52:4c:46:26:fa:c5: d1:43:a4:f1:bd:b5:db:92:a4:34:c6:b9:c0:0c:c5:11:ea:31: 0d:6e:56:e9:8e:72:76:a0:ae:39:47:db:40:c7:58:87:c6:fa: 7c:8c:0e:a5:7c:82:ec:23:51:08:3f:2a:b6:79:c7:b3:2c:66: 11:56:85:d9:61:6c:1e:e1:eb:2f:9c:af:46:00:14:87:17:82: fe:f8:04:ca:99:1d:7d:85:70:e4:cb:e7:68:00:7f:98:86:1c: 42:93:ff:65:a1:c1:96:c2:49:8a:1e:bf:f7:9b:e6:c0:7f:b0: 92:7a:bf:6c:a5:ab:16:18:d0:1c:da:2b:a6:29:eb:5c:f9:e0: 63:87:47:f8:c6:17:28:6f:ae:8c:87:be:f6:a4:fc:e2:1e:50: 05:84:0b:33 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt+OH7ml8zCsCTj/SQjVR3dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlYjhiYzQ0ZTM2ZmFlMTZkMzcxMDJmZDBkNTE5ZjI4NGQ2 NjNkOTAwHhcNMjYwMTAyMTAxOTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNzE2OGNlZjU3YmQwNGM0NDU2MmZkYmI1NzljNWIzMjM3NmEzYTAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI2VXff19t+mu+XAibn6JBbiXGof 5kkzGHGxOnMwQucKkgse4nHUrikJduSN2pwY23kMSFWwYBpguCc06kuFpQ8Mc9A0 HAvKJbBhfmHGePEx2JMEP1ozMokNP46NauoYVd7kvFvuZ+NX+1RAWRdQIP62hv9a Y9c57iGObDQJwjMjsWgWUBTMo5uqlrPZ9Cjy0iG3OpxHkoGCFJn4x4ZQYQgh+mQR TJ7Wx10pzFhc89mq3KIfM5kShInJ05xrEh3bhV2f1ZPyN3bYg/j+1ziANr17I4TB Uj8rLBRfnyRZKa7H0x6egmEDJe27+wB75cbGDrn0TAiSznXNTTYsJvFeGwIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFPcWjO9XvQTERWL9u1ecWzI3ajoCMB8GA1UdIwQY MBaAFA64vETjb64W03EC/Q1RnyhNZj2QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRHJpOFJPTnZyaGJUY1FMOURWR2ZLRTFtUFpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS82MWQxY2UtY2Q4MC00MjlkLWJmZTEt ODliM2EzZjE1ZGYwLzEvOXhhTTcxZTlCTVJGWXYyN1Y1eGJNamRxT2dJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS82MWQxY2UtY2Q4MC00MjlkLWJmZTEtODliM2EzZjE1ZGYw LzEvRHJpOFJPTnZyaGJUY1FMOURWR2ZLRTFtUFpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAW4TMMBgE AgACMBIDBwAqCdiAAAADBwAqCdiBAAAwDQYJKoZIhvcNAQELBQADggEBAGVFzEYs Y0H1otyNfoGqHOO6UjL9cRHTNZrmGMgo9c2Jub4qww5B8M0wpOcTytM7h6w0Ew3s TB38OJizqgpQumTr60/YUKQ8vPTHkWLsqoQTcX+VlU8gHxnRtELli99Kn7rxi/DU iFJMRib6xdFDpPG9tduSpDTGucAMxRHqMQ1uVumOcnagrjlH20DHWIfG+nyMDqV8 guwjUQg/KrZ5x7MsZhFWhdlhbB7h6y+cr0YAFIcXgv74BMqZHX2FcOTL52gAf5iG HEKT/2WhwZbCSYoev/eb5sB/sJJ6v2ylqxYY0BzaK6Yp61z54GOHR/jGFyhvroyH vvak/OIeUAWECzM= -----END CERTIFICATE-----Generated at Tue Feb 10 08:38:26 2026 by rpki-client