This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bec41a-d9f8-4545-8e48-673640233665/1/i8xykzfXObXiYe0nF3-u7FcaSaM.roa File: i8xykzfXObXiYe0nF3-u7FcaSaM.roa (raw, json) Hash identifier: 7kAYFe+z6uJVDL+1WvFsLbVtFfckz0T9S9Vl/sKw0KE= Subject key identifier: 8B:CC:72:93:37:D7:39:B5:E2:61:ED:27:17:7F:AE:EC:57:1A:49:A3 Certificate issuer: /CN=717f55f3c6007b1cbdd7e820890569006757b366 Certificate serial: 019B7DC9A2D549BEB20F521E93031956EB7C Authority key identifier: 71:7F:55:F3:C6:00:7B:1C:BD:D7:E8:20:89:05:69:00:67:57:B3:66 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cX9V88YAexy91-ggiQVpAGdXs2Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bec41a-d9f8-4545-8e48-673640233665/1/i8xykzfXObXiYe0nF3-u7FcaSaM.roa Signing time: Fri 02 Jan 2026 08:18:44 +0000 ROA not before: Fri 02 Jan 2026 08:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43638 IP address blocks: 91.197.152.0/22 maxlen: 22 91.197.152.0/23 maxlen: 23 91.197.154.0/23 maxlen: 23 141.138.160.0/21 maxlen: 21 141.138.160.0/22 maxlen: 22 141.138.164.0/22 maxlen: 22 2a01:9380::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/bec41a-d9f8-4545-8e48-673640233665/1/cX9V88YAexy91-ggiQVpAGdXs2Y.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/bec41a-d9f8-4545-8e48-673640233665/1/cX9V88YAexy91-ggiQVpAGdXs2Y.mft rsync://rpki.ripe.net/repository/DEFAULT/cX9V88YAexy91-ggiQVpAGdXs2Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:a2:d5:49:be:b2:0f:52:1e:93:03:19:56:eb:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=717f55f3c6007b1cbdd7e820890569006757b366 Validity Not Before: Jan 2 08:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8bcc729337d739b5e261ed27177faeec571a49a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:ac:ee:91:a0:f7:6d:74:03:4f:3d:66:61:1a: 7a:ee:3f:f4:0c:03:72:5d:49:18:73:97:1e:7b:51: 72:d5:93:56:51:f6:c2:5e:4f:17:09:35:db:a4:0f: a3:f5:f0:20:5e:d3:e3:13:92:c4:86:c1:4b:ae:44: 76:6c:40:35:51:2a:c2:1d:68:35:40:47:3a:77:7c: d2:fb:d3:09:36:29:8c:13:59:02:6c:c4:1f:68:18: a9:c7:7e:95:ab:e5:0d:97:da:fa:55:89:bb:ec:ac: a9:38:ca:0a:69:78:46:0d:ba:b1:2f:74:e6:68:ba: 49:e7:80:bb:a3:15:6d:ce:79:c7:55:f9:98:2d:a6: 09:78:9d:ef:a6:20:a2:67:40:8f:a0:99:60:9f:0b: cf:3b:b3:81:47:c4:61:27:a3:9e:1f:2e:e5:2a:5c: 6a:de:8b:20:1f:b7:07:d5:ad:2a:17:f5:d7:74:85: 52:3c:f7:24:ef:2a:2a:54:1c:5e:15:b4:24:db:38: 35:88:5c:aa:74:40:df:1e:e3:b3:3e:21:57:92:9b: f0:67:71:cc:a9:00:7c:29:23:69:d7:1b:94:c5:46: a4:b5:f4:dd:e5:e1:22:29:70:fd:32:37:30:70:ed: 50:de:22:1c:9b:88:22:ea:67:4c:01:88:08:4a:71: d7:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:CC:72:93:37:D7:39:B5:E2:61:ED:27:17:7F:AE:EC:57:1A:49:A3 X509v3 Authority Key Identifier: keyid:71:7F:55:F3:C6:00:7B:1C:BD:D7:E8:20:89:05:69:00:67:57:B3:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cX9V88YAexy91-ggiQVpAGdXs2Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bec41a-d9f8-4545-8e48-673640233665/1/i8xykzfXObXiYe0nF3-u7FcaSaM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bec41a-d9f8-4545-8e48-673640233665/1/cX9V88YAexy91-ggiQVpAGdXs2Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.197.152.0/22 141.138.160.0/21 IPv6: 2a01:9380::/32 Signature Algorithm: sha256WithRSAEncryption 2f:3a:65:b8:6a:bc:d1:f5:33:ae:41:25:e2:40:71:87:df:99: 12:5b:68:d6:bb:8d:45:81:cc:15:7b:d5:61:31:31:df:05:91: bc:29:35:ff:8e:93:3e:88:b6:74:83:20:22:08:e7:20:c6:d1: 7b:21:ec:f6:61:80:00:c6:8d:07:13:21:40:1c:5e:9a:c4:b3: 11:3e:7a:76:a6:27:a9:c2:8a:45:7f:2b:34:62:da:0f:e5:0c: 8f:9b:97:4d:fa:ff:0d:55:68:e3:22:af:5e:fc:10:45:b8:ec: 8d:54:5e:33:42:ca:6f:2a:67:ce:ad:a5:4d:ee:af:b1:1b:86: 6e:17:1c:af:50:67:e0:a8:00:6b:76:8b:08:d0:fc:c2:2c:2e: f8:ad:4b:af:7b:3e:41:ca:44:7c:d2:1c:7d:bd:cf:59:4d:40: 2f:06:db:51:a5:a0:c1:05:6e:1a:6a:13:44:11:0a:7c:57:c4: 8c:cd:57:44:0c:2b:6a:7f:e8:29:df:d1:7e:77:22:62:fe:9b: d9:72:b1:ed:4a:f2:c3:91:f5:63:49:30:b0:b8:e2:52:b3:dc: 98:2c:01:f5:f5:60:1b:00:86:0f:87:e3:5c:e5:35:3a:42:fc: 71:2b:29:0a:db:3e:1d:c3:ab:f8:95:20:d6:ea:d6:64:27:6c: 9e:7f:7a:af -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt9yaLVSb6yD1IekwMZVut8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxN2Y1NWYzYzYwMDdiMWNiZGQ3ZTgyMDg5MDU2OTAwNjc1 N2IzNjYwHhcNMjYwMTAyMDgxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YmNjNzI5MzM3ZDczOWI1ZTI2MWVkMjcxNzdmYWVlYzU3MWE0OWEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qzukaD3bXQDTz1mYRp67j/0DANy XUkYc5cee1Fy1ZNWUfbCXk8XCTXbpA+j9fAgXtPjE5LEhsFLrkR2bEA1USrCHWg1 QEc6d3zS+9MJNimME1kCbMQfaBipx36Vq+UNl9r6VYm77KypOMoKaXhGDbqxL3Tm aLpJ54C7oxVtznnHVfmYLaYJeJ3vpiCiZ0CPoJlgnwvPO7OBR8RhJ6OeHy7lKlxq 3osgH7cH1a0qF/XXdIVSPPck7yoqVBxeFbQk2zg1iFyqdEDfHuOzPiFXkpvwZ3HM qQB8KSNp1xuUxUaktfTd5eEiKXD9MjcwcO1Q3iIcm4gi6mdMAYgISnHXCQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFIvMcpM31zm14mHtJxd/ruxXGkmjMB8GA1UdIwQY MBaAFHF/VfPGAHscvdfoIIkFaQBnV7NmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY1g5Vjg4WUFleHk5MS1nZ2lRVnBBR2RYczJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iZWM0MWEtZDlmOC00NTQ1LThlNDgt NjczNjQwMjMzNjY1LzEvaTh4eWt6ZlhPYlhpWWUwbkYzLXU3RmNhU2FNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy9iZWM0MWEtZDlmOC00NTQ1LThlNDgtNjczNjQwMjMzNjY1 LzEvY1g5Vjg4WUFleHk5MS1nZ2lRVnBBR2RYczJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8WYAwQD jYqgMA0EAgACMAcDBQAqAZOAMA0GCSqGSIb3DQEBCwUAA4IBAQAvOmW4arzR9TOu QSXiQHGH35kSW2jWu41FgcwVe9VhMTHfBZG8KTX/jpM+iLZ0gyAiCOcgxtF7Iez2 YYAAxo0HEyFAHF6axLMRPnp2piepwopFfys0YtoP5QyPm5dN+v8NVWjjIq9e/BBF uOyNVF4zQspvKmfOraVN7q+xG4ZuFxyvUGfgqABrdosI0PzCLC74rUuvez5BykR8 0hx9vc9ZTUAvBttRpaDBBW4aahNEEQp8V8SMzVdEDCtqf+gp39F+dyJi/pvZcrHt SvLDkfVjSTCwuOJSs9yYLAH19WAbAIYPh+Nc5TU6QvxxKykK2z4dw6v4lSDW6tZk J2yef3qv -----END CERTIFICATE-----Generated at Mon Feb 9 22:35:48 2026 by rpki-client