This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/db4526-e0ef-4e22-8ff9-5030d0ae6ebc/1/9PmCAKMM7Gx59ZxoYK2IciFfbIk.roa File: 9PmCAKMM7Gx59ZxoYK2IciFfbIk.roa (raw, json) Hash identifier: 3XM8c/6mZWGuvlojek43syl+Uho1Ahf7pi/fCF9cLlI= Subject key identifier: F4:F9:82:00:A3:0C:EC:6C:79:F5:9C:68:60:AD:88:72:21:5F:6C:89 Certificate issuer: /CN=97de85c684fcff83ec4148ab5f6f67cd1504f93d Certificate serial: 019B775965529CEAD5E06E91A8174B696925 Authority key identifier: 97:DE:85:C6:84:FC:FF:83:EC:41:48:AB:5F:6F:67:CD:15:04:F9:3D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l96FxoT8_4PsQUirX29nzRUE-T0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/db4526-e0ef-4e22-8ff9-5030d0ae6ebc/1/9PmCAKMM7Gx59ZxoYK2IciFfbIk.roa Signing time: Thu 01 Jan 2026 02:18:25 +0000 ROA not before: Thu 01 Jan 2026 02:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200698 IP address blocks: 45.156.248.0/22 maxlen: 22 45.156.248.0/24 maxlen: 24 45.156.249.0/24 maxlen: 24 45.156.250.0/24 maxlen: 24 45.156.251.0/24 maxlen: 24 185.99.0.0/22 maxlen: 22 185.99.0.0/24 maxlen: 24 185.99.1.0/24 maxlen: 24 185.99.2.0/24 maxlen: 24 185.99.3.0/24 maxlen: 24 185.164.32.0/22 maxlen: 22 185.164.32.0/24 maxlen: 24 185.164.33.0/24 maxlen: 24 185.164.34.0/24 maxlen: 24 185.164.35.0/24 maxlen: 24 185.212.108.0/22 maxlen: 22 185.212.108.0/24 maxlen: 24 185.212.109.0/24 maxlen: 24 185.212.110.0/24 maxlen: 24 185.212.111.0/24 maxlen: 24 2a00:8620::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/db4526-e0ef-4e22-8ff9-5030d0ae6ebc/1/l96FxoT8_4PsQUirX29nzRUE-T0.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/db4526-e0ef-4e22-8ff9-5030d0ae6ebc/1/l96FxoT8_4PsQUirX29nzRUE-T0.mft rsync://rpki.ripe.net/repository/DEFAULT/l96FxoT8_4PsQUirX29nzRUE-T0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:65:52:9c:ea:d5:e0:6e:91:a8:17:4b:69:69:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=97de85c684fcff83ec4148ab5f6f67cd1504f93d Validity Not Before: Jan 1 02:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f4f98200a30cec6c79f59c6860ad8872215f6c89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:43:52:65:48:48:86:c4:2d:1b:7a:d8:7b:71: 3b:f9:4a:81:b1:e6:27:0e:ab:c0:83:20:40:80:b4: cf:63:b3:82:7e:1e:ee:6e:bd:d7:f8:ec:d5:49:9a: c9:dc:38:e5:ea:9a:ce:33:e3:fc:fd:7b:50:1f:56: 8e:c6:f8:92:fd:a1:ea:6f:8e:50:a0:36:ca:ec:ed: a3:79:c7:2d:f6:7e:81:9b:0d:7b:37:5d:27:a9:66: 1c:52:c8:45:3e:d6:8d:e0:03:1b:ed:ca:da:56:43: bc:e5:9a:a5:ff:55:f7:7b:d5:c0:cb:0d:3e:91:c4: fa:34:09:a9:48:fb:ce:f0:44:c5:c1:45:29:5b:93: 80:42:7f:d0:04:6d:0c:d7:96:fc:9b:8c:98:ec:a8: 19:34:ee:d2:82:b7:ef:9b:2c:c5:27:bd:3e:6e:ce: e4:a9:34:5f:a8:40:2b:82:63:6e:7a:fb:f6:66:cf: 12:2c:83:a2:e1:63:70:ab:87:72:e1:c3:17:ca:cc: d5:1f:03:b5:b7:3b:54:aa:03:9f:4a:35:2f:09:89: 22:b5:b7:34:0f:15:b6:00:4d:03:c8:73:2f:30:19: ec:a9:54:67:1b:5d:75:3d:6b:2d:04:57:38:9b:4c: 7b:fe:4f:84:5b:85:d0:45:b1:81:aa:65:bc:13:38: a7:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:F9:82:00:A3:0C:EC:6C:79:F5:9C:68:60:AD:88:72:21:5F:6C:89 X509v3 Authority Key Identifier: keyid:97:DE:85:C6:84:FC:FF:83:EC:41:48:AB:5F:6F:67:CD:15:04:F9:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l96FxoT8_4PsQUirX29nzRUE-T0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/db4526-e0ef-4e22-8ff9-5030d0ae6ebc/1/9PmCAKMM7Gx59ZxoYK2IciFfbIk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/db4526-e0ef-4e22-8ff9-5030d0ae6ebc/1/l96FxoT8_4PsQUirX29nzRUE-T0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.156.248.0/22 185.99.0.0/22 185.164.32.0/22 185.212.108.0/22 IPv6: 2a00:8620::/32 Signature Algorithm: sha256WithRSAEncryption 64:42:7d:4e:69:6a:61:dc:6a:4d:06:fd:43:94:76:4a:55:c2: b9:6f:77:41:14:b7:ad:08:c2:5d:e9:df:22:7a:24:b0:8b:84: 35:d8:7d:3f:e7:80:30:3b:30:fd:8c:24:59:75:ed:37:72:de: f7:76:75:4e:97:5a:45:06:5c:73:2d:c1:61:23:9f:4f:be:d7: 78:2d:a2:37:af:0f:bf:99:55:4e:2f:20:32:1c:f2:8c:5f:eb: 41:7d:66:a7:1f:2d:ef:06:22:13:9a:75:36:6b:33:ba:05:de: bd:8f:05:b1:63:6e:b4:c2:e6:59:53:93:5e:5d:1a:68:95:11: dd:01:75:1e:ca:d4:d7:86:7a:6c:f6:6e:0d:a1:90:81:77:31: b3:ba:39:f1:83:b8:7d:d9:67:b7:41:a8:e7:01:b6:1b:92:62: db:b3:0a:36:47:61:07:0d:b8:65:71:33:1b:a4:af:3c:e4:4d: 02:57:13:61:a2:35:71:f0:48:e0:51:14:3b:07:e0:a0:63:5a: ff:c9:c1:c7:29:bc:5f:34:1b:b0:a0:78:ad:69:e7:90:e1:ca: 08:30:59:81:cd:9d:2a:1a:3c:26:f9:cf:db:48:f4:73:76:d1: 94:b5:c9:e2:5b:ce:6f:3c:ff:c8:90:8b:f1:2d:f4:82:76:6e: f0:12:80:58 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt3WWVSnOrV4G6RqBdLaWklMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3ZGU4NWM2ODRmY2ZmODNlYzQxNDhhYjVmNmY2N2NkMTUw NGY5M2QwHhcNMjYwMTAxMDIxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNGY5ODIwMGEzMGNlYzZjNzlmNTljNjg2MGFkODg3MjIxNWY2Yzg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUNSZUhIhsQtG3rYe3E7+UqBseYn DqvAgyBAgLTPY7OCfh7ubr3X+OzVSZrJ3Djl6prOM+P8/XtQH1aOxviS/aHqb45Q oDbK7O2jecct9n6Bmw17N10nqWYcUshFPtaN4AMb7craVkO85Zql/1X3e9XAyw0+ kcT6NAmpSPvO8ETFwUUpW5OAQn/QBG0M15b8m4yY7KgZNO7SgrfvmyzFJ70+bs7k qTRfqEArgmNuevv2Zs8SLIOi4WNwq4dy4cMXyszVHwO1tztUqgOfSjUvCYkitbc0 DxW2AE0DyHMvMBnsqVRnG111PWstBFc4m0x7/k+EW4XQRbGBqmW8EzinoQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFPT5ggCjDOxsefWcaGCtiHIhX2yJMB8GA1UdIwQY MBaAFJfehcaE/P+D7EFIq19vZ80VBPk9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbDk2RnhvVDhfNFBzUVVpclgyOW56UlVFLVQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kYjQ1MjYtZTBlZi00ZTIyLThmZjkt NTAzMGQwYWU2ZWJjLzEvOVBtQ0FLTU03R3g1OVp4b1lLMkljaUZmYklrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS9kYjQ1MjYtZTBlZi00ZTIyLThmZjktNTAzMGQwYWU2ZWJj LzEvbDk2RnhvVDhfNFBzUVVpclgyOW56UlVFLVQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLZz4AwQC uWMAAwQCuaQgAwQCudRsMA0EAgACMAcDBQAqAIYgMA0GCSqGSIb3DQEBCwUAA4IB AQBkQn1OaWph3GpNBv1DlHZKVcK5b3dBFLetCMJd6d8ieiSwi4Q12H0/54AwOzD9 jCRZde03ct73dnVOl1pFBlxzLcFhI59Pvtd4LaI3rw+/mVVOLyAyHPKMX+tBfWan Hy3vBiITmnU2azO6Bd69jwWxY260wuZZU5NeXRpolRHdAXUeytTXhnps9m4NoZCB dzGzujnxg7h92We3QajnAbYbkmLbswo2R2EHDbhlcTMbpK885E0CVxNhojVx8Ejg URQ7B+CgY1r/ycHHKbxfNBuwoHitaeeQ4coIMFmBzZ0qGjwm+c/bSPRzdtGUtcni W85vPP/IkIvxLfSCdm7wEoBY -----END CERTIFICATE-----Generated at Tue Feb 10 03:02:11 2026 by rpki-client