This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/9a72e0-fb9c-4e72-af34-dc48cecd1545/1/IdBqw0A4TK6uyYCMeFPtnqsmeRc.roa File: IdBqw0A4TK6uyYCMeFPtnqsmeRc.roa (raw, json) Hash identifier: 5nFwsjED/xvOkZjCNJO1OpoEyT7doRuSAQWm9AMMmaE= Subject key identifier: 21:D0:6A:C3:40:38:4C:AE:AE:C9:80:8C:78:53:ED:9E:AB:26:79:17 Certificate issuer: /CN=b3a4714a695c63cf2e9c4adea6171827d866e298 Certificate serial: 019B7BA51A58A70F383FA237EFED8F070280 Authority key identifier: B3:A4:71:4A:69:5C:63:CF:2E:9C:4A:DE:A6:17:18:27:D8:66:E2:98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6RxSmlcY88unErephcYJ9hm4pg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/9a72e0-fb9c-4e72-af34-dc48cecd1545/1/IdBqw0A4TK6uyYCMeFPtnqsmeRc.roa Signing time: Thu 01 Jan 2026 22:19:36 +0000 ROA not before: Thu 01 Jan 2026 22:19:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59545 IP address blocks: 195.177.214.0/23 maxlen: 23 195.177.214.0/24 maxlen: 24 195.177.215.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/9a72e0-fb9c-4e72-af34-dc48cecd1545/1/s6RxSmlcY88unErephcYJ9hm4pg.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/9a72e0-fb9c-4e72-af34-dc48cecd1545/1/s6RxSmlcY88unErephcYJ9hm4pg.mft rsync://rpki.ripe.net/repository/DEFAULT/s6RxSmlcY88unErephcYJ9hm4pg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:1a:58:a7:0f:38:3f:a2:37:ef:ed:8f:07:02:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3a4714a695c63cf2e9c4adea6171827d866e298 Validity Not Before: Jan 1 22:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21d06ac340384caeaec9808c7853ed9eab267917 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:66:ce:bf:5c:57:df:6a:4f:ea:08:bd:16:6a: 32:7d:18:e3:66:f1:11:3b:de:f6:2c:4b:49:21:26: 32:33:9a:1a:9d:f8:88:ea:73:ec:e4:68:75:a4:0e: ee:34:0d:04:59:af:01:54:e6:bd:e1:13:69:5f:e8: ab:b9:ee:6d:0e:c0:84:5d:66:fa:8c:a8:46:4a:bb: 63:b6:35:7a:b1:2a:c3:29:1c:d4:dc:27:8f:4e:9d: 7f:91:a4:d3:cd:e6:87:b8:05:0a:95:da:30:2e:7c: 3e:28:9f:c8:52:2c:1b:8b:e0:a2:b8:1d:b5:0d:6e: 85:e4:98:19:64:bf:ee:41:b5:bf:f8:2e:a8:c6:97: 98:e9:fa:4f:9b:e6:bb:e6:22:b7:37:0b:9d:25:e1: ff:0f:d1:8b:7b:bb:bd:23:51:db:b2:80:0f:9d:d8: 66:bf:76:37:bc:f8:35:71:92:d3:b3:32:8c:bd:36: ac:4b:1c:3a:5a:17:8c:d2:02:8b:55:c7:2e:f8:99: 86:ef:85:1c:36:97:82:7d:5a:7a:5d:29:26:4c:fe: fc:f2:89:e0:76:a9:16:b2:7d:6e:5d:66:4b:2b:dd: c9:fd:e2:96:0e:50:d5:33:ac:2d:97:c2:6c:02:3d: 2b:5b:06:ee:33:42:ed:3c:64:15:f0:e1:1f:88:32: 9d:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:D0:6A:C3:40:38:4C:AE:AE:C9:80:8C:78:53:ED:9E:AB:26:79:17 X509v3 Authority Key Identifier: keyid:B3:A4:71:4A:69:5C:63:CF:2E:9C:4A:DE:A6:17:18:27:D8:66:E2:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6RxSmlcY88unErephcYJ9hm4pg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9a72e0-fb9c-4e72-af34-dc48cecd1545/1/IdBqw0A4TK6uyYCMeFPtnqsmeRc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/9a72e0-fb9c-4e72-af34-dc48cecd1545/1/s6RxSmlcY88unErephcYJ9hm4pg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.177.214.0/23 Signature Algorithm: sha256WithRSAEncryption 36:02:7f:ab:ef:d1:b1:1d:26:dd:d4:d2:75:60:a5:be:36:e7: 2c:0c:96:fa:63:13:d0:89:54:4e:eb:de:23:a0:de:a7:a1:e4: 6c:a9:fe:cc:96:c7:1c:4d:e7:06:fc:54:83:eb:43:27:9e:d1: ea:0d:33:4c:e0:ac:e9:23:82:26:30:e8:72:d4:e3:6b:85:85: e4:d7:06:4b:c0:04:f3:83:88:9a:b9:c3:fd:f9:2a:9d:9f:ec: db:c9:73:4d:e0:7d:4b:6c:7f:bf:09:20:d3:07:9a:89:c1:98: f6:57:d5:d8:5f:66:c7:d9:8e:93:2e:0a:f0:18:cb:b4:39:4f: f3:94:17:bf:ea:56:b4:de:da:8b:65:e3:6f:54:1e:17:f3:da: c9:ab:a0:53:2c:9b:ce:f3:32:85:aa:2a:8b:c1:59:a3:aa:24: 6a:e8:be:0c:30:6f:5c:02:16:71:56:32:33:7f:30:08:69:86: 89:30:b0:f6:08:80:bc:25:39:4a:b6:ae:06:d0:4c:4e:76:5e: 07:d3:7b:24:b1:8a:24:d0:4d:15:00:91:ae:04:3b:bf:5f:dc: 77:81:e9:27:cf:b8:1d:e8:a7:33:c7:b6:79:80:c3:f7:f2:56: 91:9e:87:df:8a:40:fa:91:f6:d0:5a:1c:72:0a:6b:a0:71:d3: b6:5b:21:37 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7pRpYpw84P6I37+2PBwKAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYTQ3MTRhNjk1YzYzY2YyZTljNGFkZWE2MTcxODI3ZDg2 NmUyOTgwHhcNMjYwMTAxMjIxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWQwNmFjMzQwMzg0Y2FlYWVjOTgwOGM3ODUzZWQ5ZWFiMjY3OTE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWbOv1xX32pP6gi9FmoyfRjjZvER O972LEtJISYyM5oanfiI6nPs5Gh1pA7uNA0EWa8BVOa94RNpX+irue5tDsCEXWb6 jKhGSrtjtjV6sSrDKRzU3CePTp1/kaTTzeaHuAUKldowLnw+KJ/IUiwbi+CiuB21 DW6F5JgZZL/uQbW/+C6oxpeY6fpPm+a75iK3NwudJeH/D9GLe7u9I1HbsoAPndhm v3Y3vPg1cZLTszKMvTasSxw6WheM0gKLVccu+JmG74UcNpeCfVp6XSkmTP788ong dqkWsn1uXWZLK93J/eKWDlDVM6wtl8JsAj0rWwbuM0LtPGQV8OEfiDKd8wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCHQasNAOEyursmAjHhT7Z6rJnkXMB8GA1UdIwQY MBaAFLOkcUppXGPPLpxK3qYXGCfYZuKYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZSeFNtbGNZODh1bkVyZXBoY1lKOWhtNHBnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy85YTcyZTAtZmI5Yy00ZTcyLWFmMzQt ZGM0OGNlY2QxNTQ1LzEvSWRCcXcwQTRUSzZ1eVlDTWVGUHRucXNtZVJjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy85YTcyZTAtZmI5Yy00ZTcyLWFmMzQtZGM0OGNlY2QxNTQ1 LzEvczZSeFNtbGNZODh1bkVyZXBoY1lKOWhtNHBnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7HWMA0G CSqGSIb3DQEBCwUAA4IBAQA2An+r79GxHSbd1NJ1YKW+NucsDJb6YxPQiVRO694j oN6noeRsqf7MlsccTecG/FSD60MnntHqDTNM4KzpI4ImMOhy1ONrhYXk1wZLwATz g4iaucP9+Sqdn+zbyXNN4H1LbH+/CSDTB5qJwZj2V9XYX2bH2Y6TLgrwGMu0OU/z lBe/6la03tqLZeNvVB4X89rJq6BTLJvO8zKFqiqLwVmjqiRq6L4MMG9cAhZxVjIz fzAIaYaJMLD2CIC8JTlKtq4G0ExOdl4H03sksYok0E0VAJGuBDu/X9x3geknz7gd 6Kczx7Z5gMP38laRnoffikD6kfbQWhxyCmugcdO2WyE3 -----END CERTIFICATE-----Generated at Mon Feb 9 23:47:28 2026 by rpki-client