This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/9p7dGXDhhIMjMpnYQ1dR4KNOndM.roa File: 9p7dGXDhhIMjMpnYQ1dR4KNOndM.roa (raw, json) Hash identifier: v32tTh04pVTtA27giNDJzrAPLcEj/C1fD9RHh94I4MU= Subject key identifier: F6:9E:DD:19:70:E1:84:83:23:32:99:D8:43:57:51:E0:A3:4E:9D:D3 Certificate issuer: /CN=428e828829846f63465a37447ece3a746a48dd6c Certificate serial: 019B7C111F05E544F5E3D0B210F60399D09C Authority key identifier: 42:8E:82:88:29:84:6F:63:46:5A:37:44:7E:CE:3A:74:6A:48:DD:6C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qo6CiCmEb2NGWjdEfs46dGpI3Ww.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/9p7dGXDhhIMjMpnYQ1dR4KNOndM.roa Signing time: Fri 02 Jan 2026 00:17:35 +0000 ROA not before: Fri 02 Jan 2026 00:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59962 IP address blocks: 185.64.176.0/23 maxlen: 23 185.64.178.0/23 maxlen: 23 2a04:fb40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/Qo6CiCmEb2NGWjdEfs46dGpI3Ww.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/Qo6CiCmEb2NGWjdEfs46dGpI3Ww.mft rsync://rpki.ripe.net/repository/DEFAULT/Qo6CiCmEb2NGWjdEfs46dGpI3Ww.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:1f:05:e5:44:f5:e3:d0:b2:10:f6:03:99:d0:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=428e828829846f63465a37447ece3a746a48dd6c Validity Not Before: Jan 2 00:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f69edd1970e18483233299d8435751e0a34e9dd3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:60:62:d6:4d:75:a1:67:de:40:1d:2e:fe:0d: a0:16:e3:02:11:0f:fb:cd:c7:39:a2:c9:67:3a:64: da:3c:fa:5e:44:22:6a:47:66:a4:d7:35:85:9f:14: c4:b1:7d:6b:29:30:f9:d5:c4:94:5e:af:0b:58:d3: a9:21:e2:9d:ae:6b:d3:a4:1f:60:29:61:05:af:31: 1c:1e:90:d4:bc:7d:4c:c7:a0:16:9b:ba:eb:fd:d9: 3e:72:f1:bb:4e:99:a7:97:7b:6e:8f:6f:cc:98:54: ec:aa:cc:71:bf:a1:59:73:ef:ab:8a:70:e9:ba:1b: e4:b6:e3:22:5d:53:84:cd:6e:b5:ad:75:7f:e6:e7: dd:bb:a9:ce:82:e6:d2:d0:4d:80:24:4e:74:d2:eb: 5e:b1:dc:21:8f:aa:ff:ea:f8:76:a1:8d:13:fd:65: 63:87:82:9b:7d:53:39:62:a4:0e:1c:73:46:8f:3c: 68:07:e6:6f:6e:86:59:a9:cc:2c:94:f5:e1:4d:3c: 1f:20:65:b0:5f:79:9a:6c:e5:7f:d4:ca:cd:9c:7e: 54:da:35:ed:2c:fa:17:78:66:1d:4d:da:9c:35:2e: fc:81:50:ac:dc:46:18:67:5a:80:49:74:76:d0:a9: dc:41:b6:dc:e7:75:86:8f:43:b1:ff:a8:f0:71:b5: 29:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:9E:DD:19:70:E1:84:83:23:32:99:D8:43:57:51:E0:A3:4E:9D:D3 X509v3 Authority Key Identifier: keyid:42:8E:82:88:29:84:6F:63:46:5A:37:44:7E:CE:3A:74:6A:48:DD:6C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qo6CiCmEb2NGWjdEfs46dGpI3Ww.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/9p7dGXDhhIMjMpnYQ1dR4KNOndM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/Qo6CiCmEb2NGWjdEfs46dGpI3Ww.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.64.176.0/22 IPv6: 2a04:fb40::/29 Signature Algorithm: sha256WithRSAEncryption c0:da:c2:35:3a:4c:e4:13:ce:1d:43:95:46:20:f0:2e:07:aa: 49:fc:66:66:fe:31:ad:d3:64:41:71:14:9b:85:2d:44:ae:33: 2c:6e:39:bc:df:d7:d7:b2:1d:71:4e:63:87:0b:a4:7a:30:c1: 00:ce:78:16:69:ef:6f:64:d8:b8:6b:96:1b:6e:24:ae:f9:a9: 2f:f4:12:51:de:82:c7:29:26:c6:4a:ba:df:cf:c9:f4:55:db: c3:26:a6:45:80:5c:25:66:87:7e:35:1b:97:4a:54:e0:ef:c8: 28:69:83:05:1a:6d:90:a9:fb:d9:d7:07:1d:c7:69:ae:2d:ac: 71:45:5a:04:ac:5a:2a:1f:9b:bf:37:35:b1:07:79:8e:95:73: 31:3a:9c:84:28:bc:0d:94:77:0a:4a:f1:ae:b9:dd:bc:6d:77: 2c:e6:44:1f:fd:fc:f0:93:aa:72:34:fd:5a:0e:55:78:0a:ad: e3:d1:42:7b:ff:9c:5a:64:c9:fd:fb:47:78:71:1c:0f:1e:88: 51:2b:89:09:62:c9:13:32:be:2e:cf:60:cb:b2:0a:40:d7:d6: e1:47:a8:c6:43:9a:46:a8:8f:39:6c:07:1c:e8:ee:a7:b9:fd: 70:e6:f6:92:9e:70:37:5d:0f:5e:28:3d:0f:4e:42:20:5d:f8: 7f:70:3f:00 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8ER8F5UT149CyEPYDmdCcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQyOGU4Mjg4Mjk4NDZmNjM0NjVhMzc0NDdlY2UzYTc0NmE0 OGRkNmMwHhcNMjYwMTAyMDAxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNjllZGQxOTcwZTE4NDgzMjMzMjk5ZDg0MzU3NTFlMGEzNGU5ZGQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWBi1k11oWfeQB0u/g2gFuMCEQ/7 zcc5oslnOmTaPPpeRCJqR2ak1zWFnxTEsX1rKTD51cSUXq8LWNOpIeKdrmvTpB9g KWEFrzEcHpDUvH1Mx6AWm7rr/dk+cvG7Tpmnl3tuj2/MmFTsqsxxv6FZc++rinDp uhvktuMiXVOEzW61rXV/5ufdu6nOgubS0E2AJE500utesdwhj6r/6vh2oY0T/WVj h4KbfVM5YqQOHHNGjzxoB+ZvboZZqcwslPXhTTwfIGWwX3mabOV/1MrNnH5U2jXt LPoXeGYdTdqcNS78gVCs3EYYZ1qASXR20KncQbbc53WGj0Ox/6jwcbUpBwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFPae3Rlw4YSDIzKZ2ENXUeCjTp3TMB8GA1UdIwQY MBaAFEKOgogphG9jRlo3RH7OOnRqSN1sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUW82Q2lDbUViMk5HV2pkRWZzNDZkR3BJM1d3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9jNWJiNjMtMzBiZi00OGM4LWE0MzMt YTJmNjdmMmJmOTUwLzEvOXA3ZEdYRGhoSU1qTXBuWVExZFI0S05PbmRNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy9jNWJiNjMtMzBiZi00OGM4LWE0MzMtYTJmNjdmMmJmOTUw LzEvUW82Q2lDbUViMk5HV2pkRWZzNDZkR3BJM1d3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuUCwMA0E AgACMAcDBQMqBPtAMA0GCSqGSIb3DQEBCwUAA4IBAQDA2sI1OkzkE84dQ5VGIPAu B6pJ/GZm/jGt02RBcRSbhS1ErjMsbjm839fXsh1xTmOHC6R6MMEAzngWae9vZNi4 a5YbbiSu+akv9BJR3oLHKSbGSrrfz8n0VdvDJqZFgFwlZod+NRuXSlTg78goaYMF Gm2QqfvZ1wcdx2muLaxxRVoErFoqH5u/NzWxB3mOlXMxOpyEKLwNlHcKSvGuud28 bXcs5kQf/fzwk6pyNP1aDlV4Cq3j0UJ7/5xaZMn9+0d4cRwPHohRK4kJYskTMr4u z2DLsgpA19bhR6jGQ5pGqI85bAcc6O6nuf1w5vaSnnA3XQ9eKD0PTkIgXfh/cD8A -----END CERTIFICATE-----Generated at Mon Jan 26 20:41:25 2026 by rpki-client