This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/58178d-377b-460a-94b1-4671f4baa9b1/1/8q97JD8tJUeeOn9fKUKNm7YiLwU.roa File: 8q97JD8tJUeeOn9fKUKNm7YiLwU.roa (raw, json) Hash identifier: +XZNxuku4QOLJPqFzFk8t0v4pn8/FyRgMW7pvdNX3CU= Subject key identifier: F2:AF:7B:24:3F:2D:25:47:9E:3A:7F:5F:29:42:8D:9B:B6:22:2F:05 Certificate issuer: /CN=cc6077e004e88eff8f13b7740df254d9e48dd574 Certificate serial: 019B7A5A71CA0B2C69D8FCBB440CD02EA0A8 Authority key identifier: CC:60:77:E0:04:E8:8E:FF:8F:13:B7:74:0D:F2:54:D9:E4:8D:D5:74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zGB34ATojv-PE7d0DfJU2eSN1XQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/58178d-377b-460a-94b1-4671f4baa9b1/1/8q97JD8tJUeeOn9fKUKNm7YiLwU.roa Signing time: Thu 01 Jan 2026 16:18:26 +0000 ROA not before: Thu 01 Jan 2026 16:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 45.10.120.0/22 maxlen: 24 2a0e:3d80:beaf::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/58178d-377b-460a-94b1-4671f4baa9b1/1/zGB34ATojv-PE7d0DfJU2eSN1XQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/58178d-377b-460a-94b1-4671f4baa9b1/1/zGB34ATojv-PE7d0DfJU2eSN1XQ.mft rsync://rpki.ripe.net/repository/DEFAULT/zGB34ATojv-PE7d0DfJU2eSN1XQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:09:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:71:ca:0b:2c:69:d8:fc:bb:44:0c:d0:2e:a0:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cc6077e004e88eff8f13b7740df254d9e48dd574 Validity Not Before: Jan 1 16:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f2af7b243f2d25479e3a7f5f29428d9bb6222f05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:5f:1b:6b:d5:5e:ac:b5:a0:9b:2e:e5:da:c2: 73:84:bb:3a:4b:10:5f:39:f4:21:d8:3c:45:30:d6: 86:05:9f:5e:7e:da:c2:ce:e9:bc:f6:8a:e7:72:87: 8b:25:d5:2c:db:e6:4d:f2:87:15:0c:22:91:05:62: 56:a2:72:dd:94:5a:60:aa:ef:ca:91:11:50:33:47: c8:69:82:52:52:78:98:b0:a2:cf:05:79:cf:db:04: 09:fc:e4:c7:2b:21:39:63:35:c9:0d:52:1f:0d:68: ee:a8:07:c8:12:3b:78:b5:18:d2:7a:bb:c0:c6:30: 3e:21:4b:06:93:cd:99:f3:20:73:e0:0d:43:0d:2f: 34:4f:45:fa:28:c7:57:17:7d:fa:c6:e7:64:bd:89: a6:50:99:05:63:03:f3:08:74:f6:69:4b:ed:d1:25: cb:e4:1c:1e:26:49:78:e2:9d:fc:1d:31:16:2b:e9: 21:e7:e0:6a:75:94:e2:da:b5:1a:24:ef:a2:57:16: 5e:73:b0:39:18:ef:0d:a8:61:23:dd:be:66:65:37: 8b:a7:c3:e7:73:da:d8:86:94:bb:50:17:9e:86:d7: 1d:73:05:f5:b2:b0:fc:bf:36:4d:53:2b:a5:6d:5f: 83:0f:3b:c7:9c:68:9d:c2:36:1c:96:47:00:67:a5: a5:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:AF:7B:24:3F:2D:25:47:9E:3A:7F:5F:29:42:8D:9B:B6:22:2F:05 X509v3 Authority Key Identifier: keyid:CC:60:77:E0:04:E8:8E:FF:8F:13:B7:74:0D:F2:54:D9:E4:8D:D5:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zGB34ATojv-PE7d0DfJU2eSN1XQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/58178d-377b-460a-94b1-4671f4baa9b1/1/8q97JD8tJUeeOn9fKUKNm7YiLwU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/58178d-377b-460a-94b1-4671f4baa9b1/1/zGB34ATojv-PE7d0DfJU2eSN1XQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.10.120.0/22 IPv6: 2a0e:3d80:beaf::/48 Signature Algorithm: sha256WithRSAEncryption 79:d1:ea:17:32:52:35:97:e9:33:03:a1:5a:4e:49:27:1a:c4: 98:13:74:3d:cc:6e:22:e3:37:b0:2b:b6:79:ef:90:9f:c1:f2: 1c:b0:7a:25:0e:39:77:9f:1c:e8:df:7d:5b:15:0b:5a:14:b2: 5b:6d:2f:f4:f2:20:11:6d:a4:ab:e1:4c:0f:78:e3:54:e7:2d: 70:f9:c3:86:36:2f:3d:8c:65:60:35:76:e6:5a:d9:2b:7b:0a: 64:55:8e:eb:34:57:e2:6c:27:cc:f9:68:54:bf:10:c1:66:a6: 7a:a1:a0:2e:cb:f2:91:3b:de:f0:c5:ce:64:91:91:84:74:47: 91:da:fc:cf:fe:17:72:b0:50:b9:b2:ca:7c:99:46:b2:c0:84: 6d:b4:a6:55:89:79:b4:eb:a8:d9:ff:c3:f9:25:0d:af:44:9e: af:56:69:11:5d:26:e4:a5:f2:a0:a8:20:03:72:df:3d:3f:9a: 1d:f5:4b:e6:d6:c0:39:eb:e2:41:b5:83:2f:1f:cf:a9:72:3a: f2:d4:08:48:4e:1c:f4:25:30:85:6a:26:27:7e:5c:d6:68:6b: 23:2e:05:d0:33:b8:f2:b4:3d:49:79:44:04:2c:7a:d2:76:59: 4d:c1:ad:44:66:98:fa:16:72:65:e5:12:8b:a6:ad:90:1f:22: 8c:93:0e:1c -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt6WnHKCyxp2Py7RAzQLqCoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjNjA3N2UwMDRlODhlZmY4ZjEzYjc3NDBkZjI1NGQ5ZTQ4 ZGQ1NzQwHhcNMjYwMTAxMTYxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMmFmN2IyNDNmMmQyNTQ3OWUzYTdmNWYyOTQyOGQ5YmI2MjIyZjA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu18ba9VerLWgmy7l2sJzhLs6SxBf OfQh2DxFMNaGBZ9eftrCzum89orncoeLJdUs2+ZN8ocVDCKRBWJWonLdlFpgqu/K kRFQM0fIaYJSUniYsKLPBXnP2wQJ/OTHKyE5YzXJDVIfDWjuqAfIEjt4tRjServA xjA+IUsGk82Z8yBz4A1DDS80T0X6KMdXF336xudkvYmmUJkFYwPzCHT2aUvt0SXL 5BweJkl44p38HTEWK+kh5+BqdZTi2rUaJO+iVxZec7A5GO8NqGEj3b5mZTeLp8Pn c9rYhpS7UBeehtcdcwX1srD8vzZNUyulbV+DDzvHnGidwjYclkcAZ6WlswIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFPKveyQ/LSVHnjp/XylCjZu2Ii8FMB8GA1UdIwQY MBaAFMxgd+AE6I7/jxO3dA3yVNnkjdV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvekdCMzRBVG9qdi1QRTdkMERmSlUyZVNOMVhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS81ODE3OGQtMzc3Yi00NjBhLTk0YjEt NDY3MWY0YmFhOWIxLzEvOHE5N0pEOHRKVWVlT245ZktVS05tN1lpTHdVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS81ODE3OGQtMzc3Yi00NjBhLTk0YjEtNDY3MWY0YmFhOWIx LzEvekdCMzRBVG9qdi1QRTdkMERmSlUyZVNOMVhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCLQp4MA8E AgACMAkDBwAqDj2Avq8wDQYJKoZIhvcNAQELBQADggEBAHnR6hcyUjWX6TMDoVpO SScaxJgTdD3MbiLjN7ArtnnvkJ/B8hyweiUOOXefHOjffVsVC1oUslttL/TyIBFt pKvhTA9441TnLXD5w4Y2Lz2MZWA1duZa2St7CmRVjus0V+JsJ8z5aFS/EMFmpnqh oC7L8pE73vDFzmSRkYR0R5Ha/M/+F3KwULmyynyZRrLAhG20plWJebTrqNn/w/kl Da9Enq9WaRFdJuSl8qCoIANy3z0/mh31S+bWwDnr4kG1gy8fz6lyOvLUCEhOHPQl MIVqJid+XNZoayMuBdAzuPK0PUl5RAQsetJ2WU3BrURmmPoWcmXlEoumrZAfIoyT Dhw= -----END CERTIFICATE-----Generated at Wed Jan 7 23:48:07 2026 by rpki-client