This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/65LDhkWiOsePvay_daaS19w9IrU.roa File: 65LDhkWiOsePvay_daaS19w9IrU.roa (raw, json) Hash identifier: RDR1Bk3idKoyL2q+z5ptGPj51Bc2Dh1ei6t9SnrsQKk= Subject key identifier: EB:92:C3:86:45:A2:3A:C7:8F:BD:AC:BF:75:A6:92:D7:DC:3D:22:B5 Certificate issuer: /CN=42f9a96952777f1074338303ecb65025c4e2b8b5 Certificate serial: 019B7F15E792C11004E49EB8237BBE37825F Authority key identifier: 42:F9:A9:69:52:77:7F:10:74:33:83:03:EC:B6:50:25:C4:E2:B8:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/65LDhkWiOsePvay_daaS19w9IrU.roa Signing time: Fri 02 Jan 2026 14:21:40 +0000 ROA not before: Fri 02 Jan 2026 14:21:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206260 IP address blocks: 83.223.208.0/20 maxlen: 24 83.223.216.0/22 maxlen: 24 141.0.128.0/20 maxlen: 24 143.110.96.0/19 maxlen: 24 185.13.124.0/22 maxlen: 24 195.18.0.0/22 maxlen: 22 2a02:f300::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.mft rsync://rpki.ripe.net/repository/DEFAULT/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:e7:92:c1:10:04:e4:9e:b8:23:7b:be:37:82:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=42f9a96952777f1074338303ecb65025c4e2b8b5 Validity Not Before: Jan 2 14:21:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=eb92c38645a23ac78fbdacbf75a692d7dc3d22b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e6:92:86:a3:15:60:f7:8e:ec:81:80:a1:8c: f3:9f:09:ae:56:8e:53:13:f8:87:ce:da:94:26:47: f6:f5:9e:76:32:67:32:eb:ba:15:7c:ed:92:db:1b: a9:9d:07:19:7f:88:ac:5f:7b:fa:35:9e:52:1d:6e: 47:eb:9e:5b:d2:ac:da:4a:bb:7c:ab:01:c6:3f:49: 6c:0f:87:a5:93:4f:96:e5:64:f9:57:cc:7a:27:ee: 50:8d:92:27:da:e8:99:c1:da:85:5d:8b:ea:6c:6c: f2:a9:7d:a5:5c:34:ef:77:d3:0d:1b:bc:3e:9d:b7: d5:2a:1c:fd:af:3e:a9:3e:c7:c2:de:70:2e:96:1c: 27:ed:77:21:72:1b:4e:a5:32:2e:98:fc:6c:1b:74: d8:34:07:bc:f9:8c:49:09:ac:6f:44:8a:82:0b:56: e2:f0:09:b4:c3:ba:b6:b9:27:9b:ca:70:20:56:f7: b8:b6:fe:90:64:68:72:b2:45:be:e9:b5:86:b6:e5: 1b:b3:37:e6:17:1a:e3:a1:49:a4:ca:59:40:a0:b0: 5f:e4:26:bc:18:e7:a0:6c:08:48:2a:05:4f:fd:a7: 74:23:e2:c3:af:b3:b2:ba:e6:bc:2f:a7:fc:7b:6a: 11:61:25:84:35:a5:00:0b:e1:cd:e1:23:7a:a8:2a: 9a:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:92:C3:86:45:A2:3A:C7:8F:BD:AC:BF:75:A6:92:D7:DC:3D:22:B5 X509v3 Authority Key Identifier: keyid:42:F9:A9:69:52:77:7F:10:74:33:83:03:EC:B6:50:25:C4:E2:B8:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/65LDhkWiOsePvay_daaS19w9IrU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/2f7bc5-a036-4219-ad8e-77fa2912994d/1/QvmpaVJ3fxB0M4MD7LZQJcTiuLU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.223.208.0/20 141.0.128.0/20 143.110.96.0/19 185.13.124.0/22 195.18.0.0/22 IPv6: 2a02:f300::/29 Signature Algorithm: sha256WithRSAEncryption 76:d1:a9:1c:7f:0f:da:da:21:fd:9a:a3:31:95:65:e5:21:bf: 60:ed:2e:40:d1:23:4f:64:ca:6e:88:e8:bc:4e:66:5e:a2:d1: c6:d0:98:2c:03:0c:ff:f4:8c:ed:d9:e8:4e:73:72:5e:b8:f2: 0a:62:23:c6:7d:db:b1:0a:b6:c3:9b:60:6c:eb:09:4d:a3:5d: bc:31:1e:3c:ae:a7:7d:a8:a1:db:05:51:96:67:3c:c8:cd:e0: 5e:38:cf:4c:01:22:1d:c3:61:08:be:1b:1a:09:95:06:ee:f3: 8f:9f:bb:f4:4a:4c:37:00:91:ab:05:8a:ef:2f:db:8b:4b:99: a4:13:1f:db:56:15:1a:8f:1e:19:18:71:ae:38:81:03:fc:79: 3c:7b:03:d2:7f:7b:05:e3:43:f0:d3:e1:f8:71:d9:0b:d1:a8: 60:86:2a:34:de:69:bb:0e:3b:24:c7:5d:12:17:53:c1:cd:46: 98:42:5e:ab:46:8c:a1:15:80:bc:80:98:c1:65:ad:0f:a6:d6: 50:40:23:da:0c:55:ba:53:e3:a9:5a:3a:38:7d:21:ca:ca:76: d8:08:be:73:56:9c:bf:9d:04:71:4c:3c:cf:fa:9d:25:42:26: 49:d6:b7:1b:60:21:e6:42:7c:b8:23:40:2e:b0:73:27:4d:6f: 33:11:a1:b9 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt/FeeSwRAE5J64I3u+N4JfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyZjlhOTY5NTI3NzdmMTA3NDMzODMwM2VjYjY1MDI1YzRl MmI4YjUwHhcNMjYwMTAyMTQyMTQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlYjkyYzM4NjQ1YTIzYWM3OGZiZGFjYmY3NWE2OTJkN2RjM2QyMmI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+aShqMVYPeO7IGAoYzznwmuVo5T E/iHztqUJkf29Z52Mmcy67oVfO2S2xupnQcZf4isX3v6NZ5SHW5H655b0qzaSrt8 qwHGP0lsD4elk0+W5WT5V8x6J+5QjZIn2uiZwdqFXYvqbGzyqX2lXDTvd9MNG7w+ nbfVKhz9rz6pPsfC3nAulhwn7XchchtOpTIumPxsG3TYNAe8+YxJCaxvRIqCC1bi 8Am0w7q2uSebynAgVve4tv6QZGhyskW+6bWGtuUbszfmFxrjoUmkyllAoLBf5Ca8 GOegbAhIKgVP/ad0I+LDr7Oyuua8L6f8e2oRYSWENaUAC+HN4SN6qCqaAQIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFOuSw4ZFojrHj72sv3WmktfcPSK1MB8GA1UdIwQY MBaAFEL5qWlSd38QdDODA+y2UCXE4ri1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUXZtcGFWSjNmeEIwTTRNRDdMWlFKY1RpdUxVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8yZjdiYzUtYTAzNi00MjE5LWFkOGUt NzdmYTI5MTI5OTRkLzEvNjVMRGhrV2lPc2VQdmF5X2RhYVMxOXc5SXJVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi8yZjdiYzUtYTAzNi00MjE5LWFkOGUtNzdmYTI5MTI5OTRk LzEvUXZtcGFWSjNmeEIwTTRNRDdMWlFKY1RpdUxVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEU9/QAwQE jQCAAwQFj25gAwQCuQ18AwQCwxIAMA0EAgACMAcDBQMqAvMAMA0GCSqGSIb3DQEB CwUAA4IBAQB20akcfw/a2iH9mqMxlWXlIb9g7S5A0SNPZMpuiOi8TmZeotHG0Jgs Awz/9Izt2ehOc3JeuPIKYiPGfduxCrbDm2Bs6wlNo128MR48rqd9qKHbBVGWZzzI zeBeOM9MASIdw2EIvhsaCZUG7vOPn7v0Skw3AJGrBYrvL9uLS5mkEx/bVhUajx4Z GHGuOIED/Hk8ewPSf3sF40Pw0+H4cdkL0ahghio03mm7Djskx10SF1PBzUaYQl6r RoyhFYC8gJjBZa0PptZQQCPaDFW6U+OpWjo4fSHKynbYCL5zVpy/nQRxTDzP+p0l QiZJ1rcbYCHmQny4I0AusHMnTW8zEaG5 -----END CERTIFICATE-----Generated at Mon Jan 26 22:36:11 2026 by rpki-client