This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/I0VG7HCBd1Osh567bGFIZjy7Y8k.roa File: I0VG7HCBd1Osh567bGFIZjy7Y8k.roa (raw, json) Hash identifier: dzX+qdW4OYoKn79MivAqWA+FWh3cN8TTDqbC+ueR/Po= Subject key identifier: 23:45:46:EC:70:81:77:53:AC:87:9E:BB:6C:61:48:66:3C:BB:63:C9 Certificate issuer: /CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363 Certificate serial: 019B7F84699DD326C3FE2CF863352F2D82D6 Authority key identifier: 17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/I0VG7HCBd1Osh567bGFIZjy7Y8k.roa Signing time: Fri 02 Jan 2026 16:22:22 +0000 ROA not before: Fri 02 Jan 2026 16:22:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25156 IP address blocks: 85.89.128.0/19 maxlen: 19 85.89.128.0/21 maxlen: 21 2a00:65c0::/32 maxlen: 32 2a00:65c0:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/F9vVrPH5x10YofdQMRFMSPCyM2M.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/F9vVrPH5x10YofdQMRFMSPCyM2M.mft rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:69:9d:d3:26:c3:fe:2c:f8:63:35:2f:2d:82:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363 Validity Not Before: Jan 2 16:22:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=234546ec70817753ac879ebb6c6148663cbb63c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:58:71:b1:3f:2e:ab:4f:45:49:7e:1e:d1:36: 79:5c:bf:5c:0b:da:4e:a3:a7:45:76:17:8e:36:69: dc:f5:bd:20:c7:2c:4f:df:25:b9:e8:b1:8f:04:d1: cb:1c:22:0f:a2:d7:ec:26:24:ed:42:96:6d:b3:77: 79:51:68:67:b5:e2:03:5b:64:e5:8d:7a:2a:08:5d: 4b:9f:fc:92:ef:24:b6:fe:e1:28:13:11:57:1c:60: 91:02:11:3e:81:b3:96:12:d7:a2:d0:34:f9:e0:c4: b0:df:0b:de:c6:83:d2:3f:b1:44:03:18:94:52:32: 13:a7:66:aa:e6:5d:79:90:4d:1d:ce:e4:8c:66:1b: b5:01:65:87:ff:f5:4b:b7:9b:7d:d8:a8:7a:1a:c7: 20:bb:e2:a6:4d:ed:31:d2:8b:04:85:7c:81:d9:43: 51:6e:c4:e9:e6:73:5e:ef:20:5d:10:e7:75:76:43: 59:24:34:49:73:c4:63:9b:c7:9d:1a:7a:d7:65:31: 2f:4d:46:cf:08:28:61:8c:8d:ab:9f:f2:c5:12:67: 16:c8:d0:8e:1c:57:ec:3a:73:52:82:7b:95:d6:b7: 54:b1:5b:0d:88:53:f1:6d:4f:9d:a3:3a:76:26:80: 2b:85:27:4b:a0:94:e1:ca:78:02:0d:b0:8f:e9:93: 59:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:45:46:EC:70:81:77:53:AC:87:9E:BB:6C:61:48:66:3C:BB:63:C9 X509v3 Authority Key Identifier: keyid:17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/I0VG7HCBd1Osh567bGFIZjy7Y8k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/F9vVrPH5x10YofdQMRFMSPCyM2M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.89.128.0/19 IPv6: 2a00:65c0::/32 Signature Algorithm: sha256WithRSAEncryption 71:1b:e7:28:a6:a5:1e:b1:8e:f4:d1:2b:83:a1:a8:de:3d:10: 49:08:3e:01:fe:f7:12:84:b3:e4:47:7c:fb:48:0f:3d:bb:75: a8:fd:43:a4:26:31:bc:71:b3:9d:1b:b0:a4:51:c1:d3:23:37: 09:0b:95:f7:3d:b8:e1:27:0b:32:41:dc:19:2e:86:4b:19:bb: 1d:b0:72:61:17:09:da:9d:25:a6:55:4d:ee:71:1e:e0:2a:71: 35:7c:ae:6e:de:11:a1:7b:4e:4e:f3:e6:2e:6b:a6:65:66:f1: 2b:7a:44:0a:36:d9:3b:ea:1a:32:7b:3b:2f:c0:a2:81:8f:d9: 94:75:1c:0b:e1:a3:dc:5b:4c:7d:ec:82:a7:65:15:9d:21:0a: 30:54:1f:01:c9:fb:74:96:53:a4:f9:fe:31:4d:6d:84:3d:b1: cd:cc:af:fa:9b:3a:e1:9f:3a:38:70:39:aa:6a:2b:8a:89:9d: bf:a7:86:5d:2d:29:54:0f:1d:c4:a3:9f:1d:b4:f0:fb:f0:4f: 5d:7f:bb:04:5e:e9:e0:16:fe:33:f4:16:4a:44:6d:34:54:b9: 66:7d:91:ca:65:aa:b3:1d:09:75:36:93:94:17:99:9d:36:0b: 9c:cf:2f:c3:94:6a:30:c0:30:f1:ad:f6:57:ca:3b:ae:5b:bc: f7:33:a5:99 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/hGmd0ybD/iz4YzUvLYLWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3ZGJkNWFjZjFmOWM3NWQxOGExZjc1MDMxMTE0YzQ4ZjBi MjMzNjMwHhcNMjYwMTAyMTYyMjIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMzQ1NDZlYzcwODE3NzUzYWM4NzllYmI2YzYxNDg2NjNjYmI2M2M5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVhxsT8uq09FSX4e0TZ5XL9cC9pO o6dFdheONmnc9b0gxyxP3yW56LGPBNHLHCIPotfsJiTtQpZts3d5UWhnteIDW2Tl jXoqCF1Ln/yS7yS2/uEoExFXHGCRAhE+gbOWEtei0DT54MSw3wvexoPSP7FEAxiU UjITp2aq5l15kE0dzuSMZhu1AWWH//VLt5t92Kh6Gscgu+KmTe0x0osEhXyB2UNR bsTp5nNe7yBdEOd1dkNZJDRJc8Rjm8edGnrXZTEvTUbPCChhjI2rn/LFEmcWyNCO HFfsOnNSgnuV1rdUsVsNiFPxbU+dozp2JoArhSdLoJThyngCDbCP6ZNZ3wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFCNFRuxwgXdTrIeeu2xhSGY8u2PJMB8GA1UdIwQY MBaAFBfb1azx+cddGKH3UDERTEjwsjNjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjl2VnJQSDV4MTBZb2ZkUU1SRk1TUEN5TTJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yOTE5OWYtZjZjYy00NDhhLWJmZDQt NTgxZGI4N2M4MjFlLzEvSTBWRzdIQ0JkMU9zaDU2N2JHRklaank3WThrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS8yOTE5OWYtZjZjYy00NDhhLWJmZDQtNTgxZGI4N2M4MjFl LzEvRjl2VnJQSDV4MTBZb2ZkUU1SRk1TUEN5TTJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFVVmAMA0E AgACMAcDBQAqAGXAMA0GCSqGSIb3DQEBCwUAA4IBAQBxG+copqUesY700SuDoaje PRBJCD4B/vcShLPkR3z7SA89u3Wo/UOkJjG8cbOdG7CkUcHTIzcJC5X3PbjhJwsy QdwZLoZLGbsdsHJhFwnanSWmVU3ucR7gKnE1fK5u3hGhe05O8+Yua6ZlZvErekQK Ntk76hoyezsvwKKBj9mUdRwL4aPcW0x97IKnZRWdIQowVB8Byft0llOk+f4xTW2E PbHNzK/6mzrhnzo4cDmqaiuKiZ2/p4ZdLSlUDx3Eo58dtPD78E9df7sEXungFv4z 9BZKRG00VLlmfZHKZaqzHQl1NpOUF5mdNguczy/DlGowwDDxrfZXyjuuW7z3M6WZ -----END CERTIFICATE-----Generated at Tue Feb 10 00:13:07 2026 by rpki-client