This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/kOj1s5oO7oSiq_7ZjXoN1j2kTnE.roa File: kOj1s5oO7oSiq_7ZjXoN1j2kTnE.roa (raw, json) Hash identifier: Y6xric3ra7rVJoctwp2vvhl14A8o24GxxC7BIDvBIlU= Subject key identifier: 90:E8:F5:B3:9A:0E:EE:84:A2:AB:FE:D9:8D:7A:0D:D6:3D:A4:4E:71 Certificate issuer: /CN=d9d0318f2685e32d2dba923f6662771427359738 Certificate serial: 019B797E94F20C53B22BE4F8D5C4CF0E2A96 Authority key identifier: D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/kOj1s5oO7oSiq_7ZjXoN1j2kTnE.roa Signing time: Thu 01 Jan 2026 12:18:17 +0000 ROA not before: Thu 01 Jan 2026 12:18:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8728 IP address blocks: 82.147.160.0/19 maxlen: 32 82.147.160.0/21 maxlen: 32 82.147.168.0/21 maxlen: 32 84.52.0.0/18 maxlen: 32 89.235.192.0/18 maxlen: 32 109.235.240.0/21 maxlen: 32 185.200.68.0/22 maxlen: 32 212.7.0.0/19 maxlen: 32 212.7.30.0/24 maxlen: 32 2001:1b28::/32 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.crl rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.mft rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:94:f2:0c:53:b2:2b:e4:f8:d5:c4:cf:0e:2a:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d9d0318f2685e32d2dba923f6662771427359738 Validity Not Before: Jan 1 12:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=90e8f5b39a0eee84a2abfed98d7a0dd63da44e71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:8e:ef:25:6e:fc:45:a6:1b:fe:0a:8f:11:2d: f1:ae:1a:a8:2c:44:1b:f4:33:55:a5:da:e1:16:29: 3c:80:be:3b:0b:c6:2d:23:14:4d:01:55:b0:b4:79: c8:41:31:a7:2d:58:93:7c:16:f3:b6:c9:92:2e:97: cb:e5:5f:d0:0c:9f:0e:47:2e:32:d5:76:77:00:62: ee:30:13:ea:66:9b:de:bc:e4:7d:e3:e8:64:3d:cf: c4:5b:b7:58:e5:bb:a2:e3:24:47:62:a5:4d:c3:5d: c6:48:d6:4f:e1:e6:df:ba:62:e6:e3:2c:7b:c6:03: 18:37:fb:59:33:95:ed:cb:81:88:54:2d:76:e6:42: 67:25:ea:46:61:7f:16:ac:09:b7:43:18:7d:a0:a6: 53:ca:96:ee:07:7b:13:d5:96:26:32:3b:1b:47:20: 7d:20:b0:8f:29:0b:fc:c1:c4:6e:38:af:b9:32:f4: 92:a8:fd:0b:a0:22:c6:ac:a2:43:a7:fd:eb:ea:58: 2c:f8:ed:1d:44:09:00:cb:9c:40:dd:9a:f5:fa:24: d7:84:ed:1e:b6:b2:3b:8f:b9:4d:6c:dd:60:90:bd: fd:44:32:67:4e:70:f3:1d:44:a8:2e:89:eb:e5:d0: d6:34:1d:d2:e6:90:2a:e3:75:ce:7f:76:3d:d9:e3: fa:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:E8:F5:B3:9A:0E:EE:84:A2:AB:FE:D9:8D:7A:0D:D6:3D:A4:4E:71 X509v3 Authority Key Identifier: keyid:D9:D0:31:8F:26:85:E3:2D:2D:BA:92:3F:66:62:77:14:27:35:97:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/kOj1s5oO7oSiq_7ZjXoN1j2kTnE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/8ce609-db1d-4997-9d8a-96ddd5a0239d/1/2dAxjyaF4y0tupI_ZmJ3FCc1lzg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.147.160.0/19 84.52.0.0/18 89.235.192.0/18 109.235.240.0/21 185.200.68.0/22 212.7.0.0/19 IPv6: 2001:1b28::/32 Signature Algorithm: sha256WithRSAEncryption a8:c1:8a:8d:25:aa:88:ff:54:c1:14:32:80:33:ab:dc:06:57: 04:c0:8f:e1:76:09:84:17:28:73:aa:bf:87:0a:99:e0:d4:c8: c3:db:50:98:d7:d3:64:8a:c6:a3:29:66:d5:08:46:8d:63:f8: 9e:4a:ab:b9:c9:75:86:3c:ad:76:9e:f3:b3:c4:6a:2f:65:4f: a3:d9:40:40:50:38:39:6a:35:bb:b9:da:db:42:4f:4d:f3:ca: 33:74:56:69:45:44:02:f3:79:a5:e1:74:dc:bf:1a:11:f5:38: 67:09:76:ef:49:61:7a:49:31:8a:42:b0:dd:3c:c7:a1:1f:4c: e9:3e:a0:47:86:9f:ed:94:c8:41:01:b3:8d:3a:80:cc:34:39: 9e:91:de:ae:98:82:a3:a5:e9:1d:30:73:eb:cf:01:9e:07:8c: 78:a5:c3:90:83:99:61:dd:29:12:1d:0d:7b:c9:dc:5e:5b:71: ec:81:15:ed:19:25:8b:dc:54:64:2b:b1:9e:a3:de:26:8a:32: d6:1d:6f:f5:b3:32:86:a6:11:59:d0:85:8f:09:99:a2:7e:e0: db:f1:01:f8:9f:19:dc:fc:96:ec:a6:ab:04:98:38:26:49:48: 29:51:93:7c:59:f2:ab:e4:19:2c:ec:6c:b8:55:84:a3:93:49: e5:d2:12:48 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt5fpTyDFOyK+T41cTPDiqWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5ZDAzMThmMjY4NWUzMmQyZGJhOTIzZjY2NjI3NzE0Mjcz NTk3MzgwHhcNMjYwMTAxMTIxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MGU4ZjViMzlhMGVlZTg0YTJhYmZlZDk4ZDdhMGRkNjNkYTQ0ZTcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApI7vJW78RaYb/gqPES3xrhqoLEQb 9DNVpdrhFik8gL47C8YtIxRNAVWwtHnIQTGnLViTfBbztsmSLpfL5V/QDJ8ORy4y 1XZ3AGLuMBPqZpvevOR94+hkPc/EW7dY5bui4yRHYqVNw13GSNZP4ebfumLm4yx7 xgMYN/tZM5Xty4GIVC125kJnJepGYX8WrAm3Qxh9oKZTypbuB3sT1ZYmMjsbRyB9 ILCPKQv8wcRuOK+5MvSSqP0LoCLGrKJDp/3r6lgs+O0dRAkAy5xA3Zr1+iTXhO0e trI7j7lNbN1gkL39RDJnTnDzHUSoLonr5dDWNB3S5pAq43XOf3Y92eP6WQIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFJDo9bOaDu6Eoqv+2Y16DdY9pE5xMB8GA1UdIwQY MBaAFNnQMY8mheMtLbqSP2ZidxQnNZc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMmRBeGp5YUY0eTB0dXBJX1ptSjNGQ2MxbHpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi84Y2U2MDktZGIxZC00OTk3LTlkOGEt OTZkZGQ1YTAyMzlkLzEva09qMXM1b083b1NpcV83WmpYb04xajJrVG5FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Zi84Y2U2MDktZGIxZC00OTk3LTlkOGEtOTZkZGQ1YTAyMzlk LzEvMmRBeGp5YUY0eTB0dXBJX1ptSjNGQ2MxbHpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFUpOgAwQG VDQAAwQGWevAAwQDbevwAwQCuchEAwQF1AcAMA0EAgACMAcDBQAgARsoMA0GCSqG SIb3DQEBCwUAA4IBAQCowYqNJaqI/1TBFDKAM6vcBlcEwI/hdgmEFyhzqr+HCpng 1MjD21CY19NkisajKWbVCEaNY/ieSqu5yXWGPK12nvOzxGovZU+j2UBAUDg5ajW7 udrbQk9N88ozdFZpRUQC83ml4XTcvxoR9ThnCXbvSWF6STGKQrDdPMehH0zpPqBH hp/tlMhBAbONOoDMNDmekd6umIKjpekdMHPrzwGeB4x4pcOQg5lh3SkSHQ17ydxe W3HsgRXtGSWL3FRkK7Geo94mijLWHW/1szKGphFZ0IWPCZmifuDb8QH4nxnc/Jbs pqsEmDgmSUgpUZN8WfKr5Bks7Gy4VYSjk0nl0hJI -----END CERTIFICATE-----Generated at Tue Feb 10 04:26:33 2026 by rpki-client