This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/j8BCdYiQ_67ATYFHPKfffD1u2xo.roa File: j8BCdYiQ_67ATYFHPKfffD1u2xo.roa (raw, json) Hash identifier: GLAbtmkKsyJcTcB7QC4FgMb+NJZzC1QoILdu2duEs9o= Subject key identifier: 8F:C0:42:75:88:90:FF:AE:C0:4D:81:47:3C:A7:DF:7C:3D:6E:DB:1A Certificate issuer: /CN=9af9d0d4befda09e999eabd0c8724e217364de10 Certificate serial: 019B7CEE0DC177613BDB798935D3F7C39365 Authority key identifier: 9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/j8BCdYiQ_67ATYFHPKfffD1u2xo.roa Signing time: Fri 02 Jan 2026 04:18:54 +0000 ROA not before: Fri 02 Jan 2026 04:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208722 IP address blocks: 45.87.132.0/22 maxlen: 22 100.43.64.0/19 maxlen: 19 199.36.240.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.mft rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 21:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:0d:c1:77:61:3b:db:79:89:35:d3:f7:c3:93:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9af9d0d4befda09e999eabd0c8724e217364de10 Validity Not Before: Jan 2 04:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8fc042758890ffaec04d81473ca7df7c3d6edb1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:ce:0c:5a:d4:3d:cf:d2:b9:b5:5b:e9:09:f3: 6c:f1:97:f9:8c:2f:49:db:61:b6:11:39:dc:5c:9e: ba:2c:9e:32:4a:8a:a3:8b:1c:60:50:29:3b:0d:75: 81:83:8e:89:1d:9f:ca:b1:28:f2:e3:97:1e:c1:83: bc:d5:ae:8e:6f:9d:f0:31:89:26:75:73:8f:85:77: c6:53:e4:4a:80:29:39:e5:7d:06:92:6d:7e:c0:83: 39:25:b5:d8:74:74:e7:cf:75:63:aa:94:c4:78:cd: 86:80:11:c6:ac:2b:af:ba:9a:0c:b1:1c:99:0b:55: 34:fb:67:1b:77:80:35:e6:c8:f7:9f:85:b8:28:01: 57:24:e9:4d:56:d0:15:f9:9b:2b:ab:66:96:66:9c: 6f:af:09:ed:07:88:d2:c2:31:93:47:33:06:09:b2: f9:46:85:86:a6:4e:01:5c:42:40:da:f1:0c:a5:b9: c9:02:65:3b:a0:67:c7:08:fe:9c:a6:40:e8:5f:6a: 2e:0b:93:7e:20:5b:c0:b8:2b:76:32:99:34:4e:a0: cf:97:41:4e:b2:6b:32:94:27:40:6d:29:b6:7d:1a: 02:01:09:00:a2:bf:82:f8:01:4b:fc:bb:7b:a8:13: a9:f3:0c:db:12:57:fe:8f:06:39:8e:45:b6:d3:87: 08:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:C0:42:75:88:90:FF:AE:C0:4D:81:47:3C:A7:DF:7C:3D:6E:DB:1A X509v3 Authority Key Identifier: keyid:9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/j8BCdYiQ_67ATYFHPKfffD1u2xo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.87.132.0/22 100.43.64.0/19 199.36.240.0/22 Signature Algorithm: sha256WithRSAEncryption 94:39:91:ac:7a:8b:61:d3:7d:9f:db:bb:50:39:1c:8a:5d:2b: f3:b6:40:34:8d:46:70:93:71:ff:7e:86:79:7b:e7:58:9d:79: 1f:5f:34:08:c1:c1:63:7c:2f:87:c5:a6:80:4d:26:90:99:d1: 8a:58:b5:d0:4a:86:b8:5d:61:6e:0f:4a:21:18:00:55:02:5f: a1:0b:5a:83:59:02:b9:86:6d:ba:7d:bd:f0:42:b7:0e:c8:ba: 2a:2e:0f:7b:48:3c:12:27:69:bd:d7:bb:d9:82:7c:d4:00:14: 7a:0f:da:70:b3:11:6b:07:54:01:d6:30:4e:10:87:ff:b3:74: 91:a0:65:6a:03:78:cb:75:50:c4:45:40:81:b2:ac:0a:c2:83: d3:3c:30:dc:5f:e1:da:14:1f:78:9f:70:6e:f4:77:7e:ae:bf: 3d:59:06:5b:ad:b6:44:34:ed:80:b9:84:48:4b:e1:3f:c3:48: e1:03:73:3c:ba:58:ea:aa:78:c7:de:ee:9d:00:3b:d7:12:c9: d9:1a:df:61:1c:9f:26:ae:cb:f4:3c:d6:ab:88:c1:10:2c:25: e1:22:71:cf:7c:72:fb:2e:cb:b7:c1:86:44:56:40:e8:4b:f4: 0f:2d:62:be:4c:41:f2:4e:87:ec:bd:90:75:37:90:30:b9:f7: 25:e3:a3:94 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt87g3Bd2E723mJNdP3w5NlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlhZjlkMGQ0YmVmZGEwOWU5OTllYWJkMGM4NzI0ZTIxNzM2 NGRlMTAwHhcNMjYwMTAyMDQxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZmMwNDI3NTg4OTBmZmFlYzA0ZDgxNDczY2E3ZGY3YzNkNmVkYjFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps4MWtQ9z9K5tVvpCfNs8Zf5jC9J 22G2ETncXJ66LJ4ySoqjixxgUCk7DXWBg46JHZ/KsSjy45cewYO81a6Ob53wMYkm dXOPhXfGU+RKgCk55X0Gkm1+wIM5JbXYdHTnz3VjqpTEeM2GgBHGrCuvupoMsRyZ C1U0+2cbd4A15sj3n4W4KAFXJOlNVtAV+Zsrq2aWZpxvrwntB4jSwjGTRzMGCbL5 RoWGpk4BXEJA2vEMpbnJAmU7oGfHCP6cpkDoX2ouC5N+IFvAuCt2Mpk0TqDPl0FO smsylCdAbSm2fRoCAQkAor+C+AFL/Lt7qBOp8wzbElf+jwY5jkW204cI7wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFI/AQnWIkP+uwE2BRzyn33w9btsaMB8GA1UdIwQY MBaAFJr50NS+/aCemZ6r0MhyTiFzZN4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgt MjY3MDFiMTYyZmMzLzEvajhCQ2RZaVFfNjdBVFlGSFBLZmZmRDF1MnhvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgtMjY3MDFiMTYyZmMz LzEvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVeEAwQF ZCtAAwQCxyTwMA0GCSqGSIb3DQEBCwUAA4IBAQCUOZGseoth032f27tQORyKXSvz tkA0jUZwk3H/foZ5e+dYnXkfXzQIwcFjfC+HxaaATSaQmdGKWLXQSoa4XWFuD0oh GABVAl+hC1qDWQK5hm26fb3wQrcOyLoqLg97SDwSJ2m917vZgnzUABR6D9pwsxFr B1QB1jBOEIf/s3SRoGVqA3jLdVDERUCBsqwKwoPTPDDcX+HaFB94n3Bu9Hd+rr89 WQZbrbZENO2AuYRIS+E/w0jhA3M8uljqqnjH3u6dADvXEsnZGt9hHJ8mrsv0PNar iMEQLCXhInHPfHL7Lsu3wYZEVkDoS/QPLWK+TEHyTofsvZB1N5Awufcl46OU -----END CERTIFICATE-----Generated at Sat Jan 10 06:59:45 2026 by rpki-client