This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/cA7qo8b7Nox5Eg3ETDI0GHB8bQo.roa File: cA7qo8b7Nox5Eg3ETDI0GHB8bQo.roa (raw, json) Hash identifier: hqs/XnPjGsbh3NQlfcv5MT/Lsf4omMXxdpDxcmlIJnY= Subject key identifier: 70:0E:EA:A3:C6:FB:36:8C:79:12:0D:C4:4C:32:34:18:70:7C:6D:0A Certificate issuer: /CN=7ec65a1dcf8225e7f10be20ddde1e216e800b67c Certificate serial: 019B7F15D07D99619F1982676BBFC6FB5D37 Authority key identifier: 7E:C6:5A:1D:CF:82:25:E7:F1:0B:E2:0D:DD:E1:E2:16:E8:00:B6:7C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fsZaHc-CJefxC-IN3eHiFugAtnw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/cA7qo8b7Nox5Eg3ETDI0GHB8bQo.roa Signing time: Fri 02 Jan 2026 14:21:34 +0000 ROA not before: Fri 02 Jan 2026 14:21:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34984 IP address blocks: 86.108.204.0/24 maxlen: 24 86.108.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/fsZaHc-CJefxC-IN3eHiFugAtnw.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/fsZaHc-CJefxC-IN3eHiFugAtnw.mft rsync://rpki.ripe.net/repository/DEFAULT/fsZaHc-CJefxC-IN3eHiFugAtnw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 08:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:d0:7d:99:61:9f:19:82:67:6b:bf:c6:fb:5d:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7ec65a1dcf8225e7f10be20ddde1e216e800b67c Validity Not Before: Jan 2 14:21:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=700eeaa3c6fb368c79120dc44c323418707c6d0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:7d:0c:b0:2a:de:68:6d:58:ce:3a:65:3f:82: 76:67:ab:19:67:10:e8:d0:40:e6:35:29:85:00:44: 86:1a:99:96:37:5c:3c:5f:cc:db:4a:ac:07:52:d1: 87:2c:43:c4:0c:f1:27:c4:ea:76:e5:a6:6d:2e:7a: 3d:e6:fe:59:6c:56:bc:f4:d7:47:20:31:7e:a3:5e: 96:1c:64:c6:6a:cf:9b:20:85:05:7b:53:51:6e:66: 90:a3:dd:4d:3c:8c:28:af:24:de:ba:c7:d6:ec:65: f4:5d:75:f8:6d:7e:b1:a0:93:0b:44:22:4f:ee:80: af:c8:bb:86:99:48:a0:00:6d:15:72:77:4a:11:ac: 38:93:bf:64:4c:4d:5d:d0:d2:63:a0:08:e2:48:4d: a4:09:2d:bd:b8:b1:9d:d1:ea:77:ee:d9:97:62:26: fa:f4:f0:4f:bb:ee:29:e3:97:69:69:d8:5c:e7:bf: 91:99:16:ec:c2:4e:1f:52:08:ab:97:0e:2c:90:da: 15:17:52:6c:6d:e6:da:58:52:86:51:10:59:dd:92: 4e:52:4e:52:c8:be:d9:49:70:35:dc:94:d6:07:4e: ad:bf:0c:e2:72:3b:8b:3c:47:4e:b5:62:f2:4e:c0: 8d:9b:94:26:bc:1a:57:06:4c:b3:fd:a6:e2:76:70: 98:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:0E:EA:A3:C6:FB:36:8C:79:12:0D:C4:4C:32:34:18:70:7C:6D:0A X509v3 Authority Key Identifier: keyid:7E:C6:5A:1D:CF:82:25:E7:F1:0B:E2:0D:DD:E1:E2:16:E8:00:B6:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fsZaHc-CJefxC-IN3eHiFugAtnw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/cA7qo8b7Nox5Eg3ETDI0GHB8bQo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/fsZaHc-CJefxC-IN3eHiFugAtnw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.108.204.0/24 86.108.235.0/24 Signature Algorithm: sha256WithRSAEncryption 9d:b0:e8:1b:7c:ae:91:3a:89:13:6d:1d:16:bf:37:26:55:80: 88:a2:a5:e0:e9:e1:9d:64:28:ef:67:df:14:ea:48:59:40:48: 82:af:97:85:a0:39:75:78:f6:dc:2c:45:59:53:30:7e:ba:cc: b7:2b:b0:26:92:ab:bf:14:f1:95:e0:04:b2:11:32:24:8b:ab: 3d:92:a4:ba:78:30:8c:32:13:c7:76:0d:21:8e:83:ec:f6:2c: fe:e5:78:42:c5:63:97:18:5b:b6:0e:b8:7c:c0:d3:3f:d5:cf: f5:8e:12:b0:b9:10:ac:e5:cc:85:f7:03:c3:8e:a1:0f:a8:e2: ea:6b:11:1a:cb:ed:09:0f:02:2b:00:a0:f8:55:46:f0:65:df: cf:8b:fe:3a:b5:ce:0a:fb:8b:0f:56:d4:00:09:25:e2:00:72: 30:2a:20:5a:e7:18:72:0a:af:3b:83:20:c0:0f:a1:13:19:58: 58:76:65:31:f2:7e:9f:c9:55:ff:ab:39:38:f6:b3:c7:83:50: 32:f6:8d:aa:e1:1b:ca:d0:b4:99:d8:2a:62:e5:42:8d:af:a4: 71:b3:4e:fd:fb:7a:d7:df:36:58:ba:b9:c3:fc:b6:5a:d5:50: 8f:ca:40:0f:0b:ca:97:7e:6e:01:23:d4:02:86:ef:f4:b9:84: 2a:dd:a6:32 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/FdB9mWGfGYJna7/G+103MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdlYzY1YTFkY2Y4MjI1ZTdmMTBiZTIwZGRkZTFlMjE2ZTgw MGI2N2MwHhcNMjYwMTAyMTQyMTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MDBlZWFhM2M2ZmIzNjhjNzkxMjBkYzQ0YzMyMzQxODcwN2M2ZDBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX0MsCreaG1YzjplP4J2Z6sZZxDo 0EDmNSmFAESGGpmWN1w8X8zbSqwHUtGHLEPEDPEnxOp25aZtLno95v5ZbFa89NdH IDF+o16WHGTGas+bIIUFe1NRbmaQo91NPIworyTeusfW7GX0XXX4bX6xoJMLRCJP 7oCvyLuGmUigAG0VcndKEaw4k79kTE1d0NJjoAjiSE2kCS29uLGd0ep37tmXYib6 9PBPu+4p45dpadhc57+RmRbswk4fUgirlw4skNoVF1JsbebaWFKGURBZ3ZJOUk5S yL7ZSXA13JTWB06tvwzicjuLPEdOtWLyTsCNm5QmvBpXBkyz/abidnCY6wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHAO6qPG+zaMeRINxEwyNBhwfG0KMB8GA1UdIwQY MBaAFH7GWh3PgiXn8QviDd3h4hboALZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZnNaYUhjLUNKZWZ4Qy1JTjNlSGlGdWdBdG53LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi84ZTc3ODUtOTQ1MS00NmZiLWIyNDQt N2Q5YjgyMzA1MzdlLzEvY0E3cW84YjdOb3g1RWczRVRESTBHSEI4YlFvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi84ZTc3ODUtOTQ1MS00NmZiLWIyNDQtN2Q5YjgyMzA1Mzdl LzEvZnNaYUhjLUNKZWZ4Qy1JTjNlSGlGdWdBdG53LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVmzMAwQA VmzrMA0GCSqGSIb3DQEBCwUAA4IBAQCdsOgbfK6ROokTbR0WvzcmVYCIoqXg6eGd ZCjvZ98U6khZQEiCr5eFoDl1ePbcLEVZUzB+usy3K7Amkqu/FPGV4ASyETIki6s9 kqS6eDCMMhPHdg0hjoPs9iz+5XhCxWOXGFu2Drh8wNM/1c/1jhKwuRCs5cyF9wPD jqEPqOLqaxEay+0JDwIrAKD4VUbwZd/Pi/46tc4K+4sPVtQACSXiAHIwKiBa5xhy Cq87gyDAD6ETGVhYdmUx8n6fyVX/qzk49rPHg1Ay9o2q4RvK0LSZ2Cpi5UKNr6Rx s079+3rX3zZYurnD/LZa1VCPykAPC8qXfm4BI9QChu/0uYQq3aYy -----END CERTIFICATE-----Generated at Wed Jan 21 16:15:38 2026 by rpki-client