This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/Pk0nYBXMibYGfeTa8KuAnDZqEJA.roa File: Pk0nYBXMibYGfeTa8KuAnDZqEJA.roa (raw, json) Hash identifier: hjjTFQRkGi+Q5QO7W0JHJgrLPllKcASVVsrIkHritU0= Subject key identifier: 3E:4D:27:60:15:CC:89:B6:06:7D:E4:DA:F0:AB:80:9C:36:6A:10:90 Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40 Certificate serial: 019B7F13B9ABF0B3E0CEFA1D92E93A02C173 Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/Pk0nYBXMibYGfeTa8KuAnDZqEJA.roa Signing time: Fri 02 Jan 2026 14:19:17 +0000 ROA not before: Fri 02 Jan 2026 14:19:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 52000 IP address blocks: 74.119.192.0/24 maxlen: 24 74.119.194.0/24 maxlen: 24 80.92.204.0/24 maxlen: 24 80.92.205.0/24 maxlen: 24 185.250.151.0/24 maxlen: 24 195.149.87.0/24 maxlen: 24 2a09:7c41::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.mft rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 14:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:b9:ab:f0:b3:e0:ce:fa:1d:92:e9:3a:02:c1:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40 Validity Not Before: Jan 2 14:19:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3e4d276015cc89b6067de4daf0ab809c366a1090 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:0b:5d:67:fa:c9:14:70:ac:5e:4f:33:cc:1b: 39:a3:17:d5:c6:3e:87:af:36:7a:32:46:55:20:a8: e8:83:4e:9d:2d:ac:f9:92:e9:40:33:d2:a4:b7:47: c2:86:29:30:a7:e5:98:5f:32:b8:ff:ba:33:c1:06: 90:42:72:ea:55:e0:42:89:9e:9b:c1:55:5a:69:76: d6:ba:1d:d8:df:d8:f5:4e:75:68:b9:78:21:47:bb: 16:65:e9:30:1a:6e:8c:1a:90:5d:49:db:3b:53:aa: 0b:4c:65:d2:8c:7c:fd:bd:fa:74:55:0f:6a:30:66: f4:a2:c8:5c:04:50:03:ac:98:10:51:4d:1d:90:a3: a2:d2:f5:b7:f2:10:97:77:82:f2:82:a2:2f:06:7d: 8e:f5:73:b5:2c:47:38:d5:69:a8:d5:2c:35:b2:24: 64:d7:c3:a0:b7:3c:4c:4a:18:c1:52:ae:e9:f8:d0: 9a:f0:db:0a:b1:21:c0:b0:57:2d:6c:2d:e3:80:d6: 83:a7:57:f4:6e:06:ba:94:09:08:79:2f:52:05:fa: 0e:ae:87:fb:a3:ae:60:17:8d:77:cd:5d:42:bb:46: 54:64:c4:3e:4b:fa:53:09:62:c4:8d:d3:b8:53:4f: 7a:8d:48:23:98:2e:f7:4f:43:1d:ea:9d:de:87:0d: ab:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:4D:27:60:15:CC:89:B6:06:7D:E4:DA:F0:AB:80:9C:36:6A:10:90 X509v3 Authority Key Identifier: keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/Pk0nYBXMibYGfeTa8KuAnDZqEJA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 74.119.192.0/24 74.119.194.0/24 80.92.204.0/23 185.250.151.0/24 195.149.87.0/24 IPv6: 2a09:7c41::/32 Signature Algorithm: sha256WithRSAEncryption 01:1a:86:59:5f:32:b9:21:25:39:bf:54:88:96:5d:af:80:32: 1a:9d:9e:03:9f:a3:07:a3:8d:97:74:dc:5d:93:39:2d:a8:0e: 15:ad:30:13:8a:b5:5a:2a:b4:ef:fd:d6:74:ae:bc:55:2c:0c: 98:32:88:e4:b5:0c:eb:ca:5a:73:e9:25:88:97:b0:12:84:77: 9c:78:87:fc:8d:2c:ea:41:dd:d7:27:7a:2d:07:be:6b:e4:4d: 97:b7:60:c6:c8:fd:72:ea:8f:37:63:dd:fc:fa:06:4f:1d:b3: c9:fe:b5:13:96:2a:9a:14:13:00:ee:7b:f1:e7:59:1a:cb:b3: af:e4:41:02:f9:7a:5b:be:1d:e0:13:8c:32:c6:62:f4:b6:01: c5:3b:66:87:63:d6:18:ed:ea:7a:ba:53:c2:04:34:0f:90:e9: e9:ec:a1:f7:30:97:07:9c:ba:42:3d:2c:5f:e7:a6:46:b9:5b: 47:0e:39:0e:dc:9e:0a:a3:7d:50:59:10:28:8f:5d:03:82:90: 91:6d:20:f3:7b:59:45:9f:7d:5e:55:1f:b2:15:f4:f6:c1:5a: 15:37:80:ac:57:3d:b2:e3:75:ec:a0:0c:eb:3c:c1:3c:f7:fb: e8:14:3e:5d:f5:cd:e1:ee:ef:52:43:62:bc:96:a6:3a:e3:8b: dc:bb:eb:4c -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt/E7mr8LPgzvodkuk6AsFzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl YWNkNDAwHhcNMjYwMTAyMTQxOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZTRkMjc2MDE1Y2M4OWI2MDY3ZGU0ZGFmMGFiODA5YzM2NmExMDkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwtdZ/rJFHCsXk8zzBs5oxfVxj6H rzZ6MkZVIKjog06dLaz5kulAM9Kkt0fChikwp+WYXzK4/7ozwQaQQnLqVeBCiZ6b wVVaaXbWuh3Y39j1TnVouXghR7sWZekwGm6MGpBdSds7U6oLTGXSjHz9vfp0VQ9q MGb0oshcBFADrJgQUU0dkKOi0vW38hCXd4LygqIvBn2O9XO1LEc41Wmo1Sw1siRk 18OgtzxMShjBUq7p+NCa8NsKsSHAsFctbC3jgNaDp1f0bga6lAkIeS9SBfoOrof7 o65gF413zV1Cu0ZUZMQ+S/pTCWLEjdO4U096jUgjmC73T0Md6p3ehw2r6wIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFD5NJ2AVzIm2Bn3k2vCrgJw2ahCQMB8GA1UdIwQY MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt MTE5ZWZjYmIyMDIzLzEvUGswbllCWE1pYllHZmVUYThLdUFuRFpxRUpBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQASnfAAwQA SnfCAwQBUFzMAwQAufqXAwQAw5VXMA0EAgACMAcDBQAqCXxBMA0GCSqGSIb3DQEB CwUAA4IBAQABGoZZXzK5ISU5v1SIll2vgDIanZ4Dn6MHo42XdNxdkzktqA4VrTAT irVaKrTv/dZ0rrxVLAyYMojktQzrylpz6SWIl7AShHeceIf8jSzqQd3XJ3otB75r 5E2Xt2DGyP1y6o83Y938+gZPHbPJ/rUTliqaFBMA7nvx51kay7Ov5EEC+Xpbvh3g E4wyxmL0tgHFO2aHY9YY7ep6ulPCBDQPkOnp7KH3MJcHnLpCPSxf56ZGuVtHDjkO 3J4Ko31QWRAoj10DgpCRbSDze1lFn31eVR+yFfT2wVoVN4CsVz2y43XsoAzrPME8 9/voFD5d9c3h7u9SQ2K8lqY644vcu+tM -----END CERTIFICATE-----Generated at Thu Jan 8 23:54:39 2026 by rpki-client