This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/pnnIhpP38neAWfse9VRoQKiOKmY.roa File: pnnIhpP38neAWfse9VRoQKiOKmY.roa (raw, json) Hash identifier: 0a6BLWSRUU/g3QRVLjCg3wl3FgGiERJdF4i+BbucZF8= Subject key identifier: A6:79:C8:86:93:F7:F2:77:80:59:FB:1E:F5:54:68:40:A8:8E:2A:66 Certificate issuer: /CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34 Certificate serial: 019B7B35DE63E4F3299EA7DE5A1D39D9F29A Authority key identifier: 5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/pnnIhpP38neAWfse9VRoQKiOKmY.roa Signing time: Thu 01 Jan 2026 20:18:06 +0000 ROA not before: Thu 01 Jan 2026 20:18:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25682 IP address blocks: 193.57.173.0/24 maxlen: 24 2a0f:8640::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.mft rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 30 Jan 2026 03:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:de:63:e4:f3:29:9e:a7:de:5a:1d:39:d9:f2:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5bcd40d10b56f3b532fa0dfd01d817ef93da1a34 Validity Not Before: Jan 1 20:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a679c88693f7f2778059fb1ef5546840a88e2a66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:d4:7d:22:51:00:ab:ef:14:fd:26:1b:76:9f: 29:b2:6b:10:d0:e9:51:49:5b:eb:bc:41:b5:73:78: 72:d0:0a:d9:99:a5:1d:ba:7d:8a:cd:d2:e5:bc:28: d7:af:79:f5:17:1c:79:47:af:b2:08:38:99:26:14: 64:27:89:24:6c:e1:d4:76:47:3d:fc:c1:df:1f:16: ce:25:d8:dc:c6:3c:73:8b:d1:a3:82:d8:97:5b:e9: b0:02:86:39:29:e8:ec:bd:3b:38:9b:8e:72:ac:68: eb:93:72:3b:ee:a6:c3:e1:18:ee:3e:56:2b:cb:40: a7:77:59:29:ed:98:1d:af:a8:ad:e6:9e:b8:84:cf: 3f:23:27:64:18:69:0e:44:64:c7:c6:b7:b7:ea:b8: 0a:b8:d4:e0:a8:38:ad:d5:51:fc:0c:0f:c9:f4:75: 43:e7:d9:c1:d5:8c:4d:63:ea:a3:1a:3f:be:4b:93: 3b:28:57:03:69:f8:d8:01:b1:57:ca:9b:b7:da:9a: 99:ee:a4:bc:28:80:55:02:5c:ae:92:ac:12:6f:cc: 4d:8a:6d:04:19:88:c5:b5:37:53:f7:86:d1:28:d7: 5f:2e:f4:ae:63:62:82:a2:bc:8f:89:ee:fe:a8:cf: 72:72:3c:6c:1b:5e:6b:04:59:1a:2a:7e:1c:a0:7f: 09:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:79:C8:86:93:F7:F2:77:80:59:FB:1E:F5:54:68:40:A8:8E:2A:66 X509v3 Authority Key Identifier: keyid:5B:CD:40:D1:0B:56:F3:B5:32:FA:0D:FD:01:D8:17:EF:93:DA:1A:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W81A0QtW87Uy-g39AdgX75PaGjQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/pnnIhpP38neAWfse9VRoQKiOKmY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bff758-4b83-473d-b072-a2ce1cc8b87f/1/W81A0QtW87Uy-g39AdgX75PaGjQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.57.173.0/24 IPv6: 2a0f:8640::/29 Signature Algorithm: sha256WithRSAEncryption a3:95:ca:38:5e:27:94:73:41:87:ac:14:2c:86:93:39:fc:eb: 3a:39:89:df:5b:86:50:2e:3e:c5:da:da:54:4a:61:96:3a:c3: c8:81:b2:c3:f6:b6:9b:0a:eb:df:cb:33:b0:7f:19:ca:71:49: 38:d4:46:e8:f4:bc:09:76:52:bc:d0:05:24:07:72:a3:c0:72: 77:a7:53:61:4c:2d:b2:ed:c0:22:3b:54:cf:93:02:50:ba:f5: 59:8e:49:35:ad:a3:87:a7:aa:9d:4d:89:c9:3b:17:e1:ac:2d: e1:76:72:f7:ae:fd:e4:f6:f5:40:94:6c:e6:d6:4e:ec:e3:80: 09:b8:40:8c:54:ea:c2:f0:b8:23:e0:37:37:b8:84:eb:1c:21: 3f:0e:70:4a:5c:d5:03:bd:43:38:16:6e:e9:25:6b:98:00:53: 2a:94:8b:e0:ae:64:72:d1:49:58:ef:5d:eb:ec:e1:3f:be:3b: 21:e7:c2:17:fd:80:e9:42:ed:b3:ce:ca:29:44:f8:e8:1b:b4: a7:39:8f:1b:f5:2c:ce:6d:26:d7:7f:45:fb:00:73:ec:79:dc: c9:48:f2:c9:cc:7b:71:2b:21:15:46:06:75:46:a5:a1:c0:a7: 17:f7:4b:a2:a3:b6:28:cc:c0:2c:f2:88:d1:4d:78:a2:13:43: 1a:a4:5d:1f -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7Nd5j5PMpnqfeWh052fKaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDViY2Q0MGQxMGI1NmYzYjUzMmZhMGRmZDAxZDgxN2VmOTNk YTFhMzQwHhcNMjYwMTAxMjAxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNjc5Yzg4NjkzZjdmMjc3ODA1OWZiMWVmNTU0Njg0MGE4OGUyYTY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dR9IlEAq+8U/SYbdp8psmsQ0OlR SVvrvEG1c3hy0ArZmaUdun2KzdLlvCjXr3n1Fxx5R6+yCDiZJhRkJ4kkbOHUdkc9 /MHfHxbOJdjcxjxzi9GjgtiXW+mwAoY5KejsvTs4m45yrGjrk3I77qbD4RjuPlYr y0Cnd1kp7Zgdr6it5p64hM8/IydkGGkORGTHxre36rgKuNTgqDit1VH8DA/J9HVD 59nB1YxNY+qjGj++S5M7KFcDafjYAbFXypu32pqZ7qS8KIBVAlyukqwSb8xNim0E GYjFtTdT94bRKNdfLvSuY2KCoryPie7+qM9ycjxsG15rBFkaKn4coH8JuwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFKZ5yIaT9/J3gFn7HvVUaECojipmMB8GA1UdIwQY MBaAFFvNQNELVvO1MvoN/QHYF++T2ho0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzIt YTJjZTFjYzhiODdmLzEvcG5uSWhwUDM4bmVBV2ZzZTlWUm9RS2lPS21ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy9iZmY3NTgtNGI4My00NzNkLWIwNzItYTJjZTFjYzhiODdm LzEvVzgxQTBRdFc4N1V5LWczOUFkZ1g3NVBhR2pRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwTmtMA0E AgACMAcDBQMqD4ZAMA0GCSqGSIb3DQEBCwUAA4IBAQCjlco4XieUc0GHrBQshpM5 /Os6OYnfW4ZQLj7F2tpUSmGWOsPIgbLD9rabCuvfyzOwfxnKcUk41Ebo9LwJdlK8 0AUkB3KjwHJ3p1NhTC2y7cAiO1TPkwJQuvVZjkk1raOHp6qdTYnJOxfhrC3hdnL3 rv3k9vVAlGzm1k7s44AJuECMVOrC8Lgj4Dc3uITrHCE/DnBKXNUDvUM4Fm7pJWuY AFMqlIvgrmRy0UlY713r7OE/vjsh58IX/YDpQu2zzsopRPjoG7SnOY8b9SzObSbX f0X7AHPsedzJSPLJzHtxKyEVRgZ1RqWhwKcX90uio7YozMAs8ojRTXiiE0MapF0f -----END CERTIFICATE-----Generated at Thu Jan 29 09:58:02 2026 by rpki-client