This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/502ecd-e6fe-4298-8054-1385871a909d/1/9faIgb6vdUmIyTVjibJSuOHDYNk.roa File: 9faIgb6vdUmIyTVjibJSuOHDYNk.roa (raw, json) Hash identifier: X64msVLgNRC3fKw+NLkotQNPw2VyPcVaP4QnP3a/6nk= Subject key identifier: F5:F6:88:81:BE:AF:75:49:88:C9:35:63:89:B2:52:B8:E1:C3:60:D9 Certificate issuer: /CN=23a3482e1d66d87f5b9a5eeb9c8afd6b5ec23224 Certificate serial: 019B7A5A9C7C39BFFF8234F4A75A4757C78C Authority key identifier: 23:A3:48:2E:1D:66:D8:7F:5B:9A:5E:EB:9C:8A:FD:6B:5E:C2:32:24 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I6NILh1m2H9bml7rnIr9a17CMiQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/502ecd-e6fe-4298-8054-1385871a909d/1/9faIgb6vdUmIyTVjibJSuOHDYNk.roa Signing time: Thu 01 Jan 2026 16:18:37 +0000 ROA not before: Thu 01 Jan 2026 16:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201411 IP address blocks: 185.70.140.0/22 maxlen: 23 185.70.142.0/24 maxlen: 24 185.70.143.0/24 maxlen: 24 2a05:2a40::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/502ecd-e6fe-4298-8054-1385871a909d/1/I6NILh1m2H9bml7rnIr9a17CMiQ.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/502ecd-e6fe-4298-8054-1385871a909d/1/I6NILh1m2H9bml7rnIr9a17CMiQ.mft rsync://rpki.ripe.net/repository/DEFAULT/I6NILh1m2H9bml7rnIr9a17CMiQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:9c:7c:39:bf:ff:82:34:f4:a7:5a:47:57:c7:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23a3482e1d66d87f5b9a5eeb9c8afd6b5ec23224 Validity Not Before: Jan 1 16:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f5f68881beaf754988c9356389b252b8e1c360d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:74:e6:38:6c:f9:cd:93:fb:30:fb:2e:1d:a3: 06:7b:f4:13:cb:de:3b:8f:01:c6:20:7d:76:81:6f: 21:a5:40:2a:1e:fd:7b:c8:d3:79:34:f1:61:75:9f: 65:83:d1:43:8e:09:b1:39:be:0f:bc:8e:0d:69:fd: 87:0c:03:2a:41:3f:95:5b:0a:7c:93:b3:78:d0:06: 9d:60:cb:ea:46:bd:4e:25:47:9f:fb:36:74:e3:6c: 07:10:87:86:5d:85:28:75:96:a6:52:d3:b4:22:84: 26:82:33:1d:42:64:7c:fc:34:dc:49:4d:ef:ed:1f: da:9c:76:3b:4b:92:8a:cd:36:3b:c5:3f:9f:7f:64: 7f:a2:13:2b:bb:df:80:78:f1:2f:54:b7:6c:7e:c3: 7f:1d:91:fe:ec:71:e1:84:97:9f:71:29:66:ee:79: d6:01:3c:46:fa:d3:72:bf:a0:be:9e:f9:e1:d3:3a: 97:69:a0:8b:02:63:80:ca:78:02:b1:7e:e9:1c:2e: 46:8d:f5:37:73:a1:1e:07:84:df:ad:f6:85:c8:66: e2:5d:2d:a5:76:3a:ab:cf:49:52:f5:65:6b:2c:9e: 58:2d:f0:ec:0b:4d:d0:63:68:10:4a:f4:75:70:c7: 17:f3:de:f5:80:e2:90:da:20:fd:9f:fa:bb:4f:cb: f3:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:F6:88:81:BE:AF:75:49:88:C9:35:63:89:B2:52:B8:E1:C3:60:D9 X509v3 Authority Key Identifier: keyid:23:A3:48:2E:1D:66:D8:7F:5B:9A:5E:EB:9C:8A:FD:6B:5E:C2:32:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I6NILh1m2H9bml7rnIr9a17CMiQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/502ecd-e6fe-4298-8054-1385871a909d/1/9faIgb6vdUmIyTVjibJSuOHDYNk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/502ecd-e6fe-4298-8054-1385871a909d/1/I6NILh1m2H9bml7rnIr9a17CMiQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.70.140.0/22 IPv6: 2a05:2a40::/29 Signature Algorithm: sha256WithRSAEncryption 82:a7:83:98:da:f2:0b:79:90:a5:11:02:d0:57:3d:0f:26:be: 42:e5:ee:3d:3b:f1:37:47:55:30:13:63:80:3a:dc:82:8b:20: 50:b1:1b:3d:df:fa:b2:8e:ef:6f:96:c6:d7:2f:27:0b:c9:1d: 24:46:ff:57:af:dd:30:ba:48:ea:72:c5:d3:99:c4:ea:96:69: 75:ce:2f:f6:34:e8:15:cc:21:00:dd:29:e1:7b:a1:8f:d6:23: 5f:ca:7c:4d:44:bb:8b:c8:2e:22:eb:a9:38:0f:b6:20:ac:58: 05:5e:31:39:66:f4:40:c8:fe:0b:82:b1:c9:c6:11:f8:4c:a5: 34:91:23:83:ea:0b:c2:29:dc:fb:81:83:d0:0b:08:55:95:7c: 86:df:8e:df:c4:37:12:39:68:13:a0:d1:56:11:e2:d4:ad:cc: 20:ea:b4:40:5f:5e:d8:5b:c3:8d:49:f8:54:f8:fd:66:2d:c4: de:35:16:a1:ce:2d:db:d9:5c:c4:89:39:d5:80:ae:2f:7f:bb: 51:7a:ab:11:e5:7b:a1:e3:ea:ae:b0:4d:98:bd:8d:5c:84:4a: ad:f7:b4:aa:9c:57:7d:06:b0:1b:1b:19:40:59:b4:de:5b:a7: 72:36:d6:d8:65:5f:ae:28:2b:12:93:d2:f1:e4:9c:6b:9b:e6: a9:09:a3:57 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6Wpx8Ob//gjT0p1pHV8eMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzYTM0ODJlMWQ2NmQ4N2Y1YjlhNWVlYjljOGFmZDZiNWVj MjMyMjQwHhcNMjYwMTAxMTYxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNWY2ODg4MWJlYWY3NTQ5ODhjOTM1NjM4OWIyNTJiOGUxYzM2MGQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHTmOGz5zZP7MPsuHaMGe/QTy947 jwHGIH12gW8hpUAqHv17yNN5NPFhdZ9lg9FDjgmxOb4PvI4Naf2HDAMqQT+VWwp8 k7N40AadYMvqRr1OJUef+zZ042wHEIeGXYUodZamUtO0IoQmgjMdQmR8/DTcSU3v 7R/anHY7S5KKzTY7xT+ff2R/ohMru9+AePEvVLdsfsN/HZH+7HHhhJefcSlm7nnW ATxG+tNyv6C+nvnh0zqXaaCLAmOAyngCsX7pHC5GjfU3c6EeB4TfrfaFyGbiXS2l djqrz0lS9WVrLJ5YLfDsC03QY2gQSvR1cMcX8971gOKQ2iD9n/q7T8vzKQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFPX2iIG+r3VJiMk1Y4myUrjhw2DZMB8GA1UdIwQY MBaAFCOjSC4dZth/W5pe65yK/WtewjIkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSTZOSUxoMW0ySDlibWw3cm5JcjlhMTdDTWlRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC81MDJlY2QtZTZmZS00Mjk4LTgwNTQt MTM4NTg3MWE5MDlkLzEvOWZhSWdiNnZkVW1JeVRWamliSlN1T0hEWU5rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC81MDJlY2QtZTZmZS00Mjk4LTgwNTQtMTM4NTg3MWE5MDlk LzEvSTZOSUxoMW0ySDlibWw3cm5JcjlhMTdDTWlRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUaMMA0E AgACMAcDBQMqBSpAMA0GCSqGSIb3DQEBCwUAA4IBAQCCp4OY2vILeZClEQLQVz0P Jr5C5e49O/E3R1UwE2OAOtyCiyBQsRs93/qyju9vlsbXLycLyR0kRv9Xr90wukjq csXTmcTqlml1zi/2NOgVzCEA3Snhe6GP1iNfynxNRLuLyC4i66k4D7YgrFgFXjE5 ZvRAyP4LgrHJxhH4TKU0kSOD6gvCKdz7gYPQCwhVlXyG347fxDcSOWgToNFWEeLU rcwg6rRAX17YW8ONSfhU+P1mLcTeNRahzi3b2VzEiTnVgK4vf7tReqsR5Xuh4+qu sE2YvY1chEqt97SqnFd9BrAbGxlAWbTeW6dyNtbYZV+uKCsSk9Lx5Jxrm+apCaNX -----END CERTIFICATE-----Generated at Mon Jan 26 07:40:50 2026 by rpki-client