This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/8qb7is-70E9dj-o9_8PxzbNaKok.roa File: 8qb7is-70E9dj-o9_8PxzbNaKok.roa (raw, json) Hash identifier: ntmFVBgeMY1YHl9mapyZ0JtoFD5u9bcJiinosw2nNwQ= Subject key identifier: F2:A6:FB:8A:CF:BB:D0:4F:5D:8F:EA:3D:FF:C3:F1:CD:B3:5A:2A:89 Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Certificate serial: 019B77C741E90659081A3AD7DEB8B65CF872 Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/8qb7is-70E9dj-o9_8PxzbNaKok.roa Signing time: Thu 01 Jan 2026 04:18:25 +0000 ROA not before: Thu 01 Jan 2026 04:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7029 IP address blocks: 66.9.96.0/20 maxlen: 24 66.117.8.0/22 maxlen: 24 74.124.204.0/22 maxlen: 24 77.223.192.0/21 maxlen: 24 77.223.200.0/23 maxlen: 24 79.139.64.0/23 maxlen: 24 83.142.200.0/21 maxlen: 24 88.135.100.0/22 maxlen: 24 88.135.104.0/21 maxlen: 24 89.34.171.0/24 maxlen: 24 93.119.184.0/21 maxlen: 24 94.26.110.0/23 maxlen: 24 94.101.103.0/24 maxlen: 24 95.178.8.0/21 maxlen: 24 116.50.16.0/21 maxlen: 24 121.127.56.0/21 maxlen: 24 176.222.48.0/22 maxlen: 24 178.216.184.0/21 maxlen: 24 195.133.202.0/23 maxlen: 24 198.145.112.0/22 maxlen: 24 205.134.244.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 13:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:41:e9:06:59:08:1a:3a:d7:de:b8:b6:5c:f8:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Validity Not Before: Jan 1 04:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f2a6fb8acfbbd04f5d8fea3dffc3f1cdb35a2a89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:78:96:01:69:a4:f5:7f:36:75:82:51:77:09: 6b:2d:ed:ec:47:18:db:02:e6:8b:68:1c:76:49:94: ed:d8:4e:e9:16:07:c3:1c:8d:8a:39:57:82:85:a6: b5:64:99:57:27:34:39:dd:1b:ec:c8:09:e7:f4:a8: eb:e2:35:87:4c:fb:93:8e:9d:41:3f:06:c6:e9:ed: 34:81:cb:df:6e:43:9e:3c:84:83:88:ce:d1:d2:60: 5f:c3:d0:6e:37:82:09:06:73:b5:f1:d9:2a:79:a9: 6b:9c:39:20:42:ab:e3:9e:a6:c4:27:49:b2:f8:ee: 6c:50:18:c5:d8:6a:53:33:c8:74:ee:fe:5d:fe:39: 94:0e:b4:b8:72:89:1e:19:bc:b4:30:91:45:59:80: 6e:6a:33:b8:ba:97:ac:11:dd:d2:64:a2:c4:21:a2: 41:91:bb:98:2f:71:26:5d:95:40:61:0b:90:52:9f: 6a:69:26:bb:dc:e2:b5:d2:0a:0a:de:21:21:14:1e: bf:65:d0:aa:ed:f2:19:46:29:54:36:f5:89:a7:e1: 9a:e6:70:29:09:6d:3c:4d:05:ef:7a:07:50:ea:18: f3:40:c8:09:29:0f:6a:c7:83:59:c6:a7:a9:12:39: 8b:75:ad:5e:78:7d:c9:48:cc:bc:ae:18:4d:4d:69: b7:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:A6:FB:8A:CF:BB:D0:4F:5D:8F:EA:3D:FF:C3:F1:CD:B3:5A:2A:89 X509v3 Authority Key Identifier: keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/8qb7is-70E9dj-o9_8PxzbNaKok.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 66.9.96.0/20 66.117.8.0/22 74.124.204.0/22 77.223.192.0-77.223.201.255 79.139.64.0/23 83.142.200.0/21 88.135.100.0-88.135.111.255 89.34.171.0/24 93.119.184.0/21 94.26.110.0/23 94.101.103.0/24 95.178.8.0/21 116.50.16.0/21 121.127.56.0/21 176.222.48.0/22 178.216.184.0/21 195.133.202.0/23 198.145.112.0/22 205.134.244.0/22 Signature Algorithm: sha256WithRSAEncryption 47:52:cd:a7:1f:6b:a1:15:2d:8b:5e:02:0c:50:a3:1b:19:77: 8f:d2:50:71:5e:4f:41:9e:4b:8c:4d:9c:c6:53:06:0b:92:4a: 0c:b3:34:b3:7b:fd:8f:f3:86:e0:80:50:d2:ee:17:eb:c8:44: 37:7a:c7:a6:4b:bc:01:3c:17:b7:a6:b4:ea:70:3d:e7:9f:17: 4d:b7:d1:84:94:58:4d:91:2f:9a:06:49:8e:1c:4f:64:a1:6d: c2:42:41:2d:77:8b:79:3c:67:e6:69:10:a9:9e:10:58:9d:2d: 38:40:6e:7d:cf:80:cc:10:f8:d5:9b:a4:0c:d2:47:6b:f2:58: f9:60:cf:3e:84:14:6d:0c:f6:98:94:f7:2f:60:de:f9:57:30: 49:a4:6d:cc:1c:cd:95:0c:ac:6e:e7:4a:8d:c5:99:43:99:82: 49:d1:c1:86:e8:b3:52:02:74:2b:ed:b1:b0:2b:1c:55:72:b3: 9e:99:44:02:f8:9b:e8:e2:77:8f:46:0f:3a:ac:5d:0f:f7:f0: 04:22:83:69:55:6e:84:9b:f9:a8:2c:cf:71:3e:53:b6:82:f9: 45:12:6d:38:ca:c9:34:51:10:16:95:71:e0:bf:ca:03:55:76: 88:d7:ec:a4:03:1c:37:ea:8c:51:39:9b:d6:86:e3:6b:79:fb: 3b:4f:5a:39 -----BEGIN CERTIFICATE----- MIIFfjCCBGagAwIBAgISAZt3x0HpBlkIGjrX3ri2XPhyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi NWRlZTQwHhcNMjYwMTAxMDQxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMmE2ZmI4YWNmYmJkMDRmNWQ4ZmVhM2RmZmMzZjFjZGIzNWEyYTg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoniWAWmk9X82dYJRdwlrLe3sRxjb AuaLaBx2SZTt2E7pFgfDHI2KOVeChaa1ZJlXJzQ53RvsyAnn9Kjr4jWHTPuTjp1B PwbG6e00gcvfbkOePISDiM7R0mBfw9BuN4IJBnO18dkqealrnDkgQqvjnqbEJ0my +O5sUBjF2GpTM8h07v5d/jmUDrS4cokeGby0MJFFWYBuajO4upesEd3SZKLEIaJB kbuYL3EmXZVAYQuQUp9qaSa73OK10goK3iEhFB6/ZdCq7fIZRilUNvWJp+Ga5nAp CW08TQXvegdQ6hjzQMgJKQ9qx4NZxqepEjmLda1eeH3JSMy8rhhNTWm35wIDAQAB o4ICijCCAoYwHQYDVR0OBBYEFPKm+4rPu9BPXY/qPf/D8c2zWiqJMB8GA1UdIwQY MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt NTlmNTk4NGI2NGVhLzEvOHFiN2lzLTcwRTlkai1vOV84UHh6Yk5hS29rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBARC CWADBAJCdQgDBAJKfMwwDAMEBk3fwAMEAU3fyAMEAU+LQAMEA1OOyDAMAwQCWIdk AwQEWIdgAwQAWSKrAwQDXXe4AwQBXhpuAwQAXmVnAwQDX7IIAwQDdDIQAwQDeX84 AwQCsN4wAwQDsti4AwQBw4XKAwQCxpFwAwQCzYb0MA0GCSqGSIb3DQEBCwUAA4IB AQBHUs2nH2uhFS2LXgIMUKMbGXeP0lBxXk9BnkuMTZzGUwYLkkoMszSze/2P84bg gFDS7hfryEQ3esemS7wBPBe3prTqcD3nnxdNt9GElFhNkS+aBkmOHE9koW3CQkEt d4t5PGfmaRCpnhBYnS04QG59z4DMEPjVm6QM0kdr8lj5YM8+hBRtDPaYlPcvYN75 VzBJpG3MHM2VDKxu50qNxZlDmYJJ0cGG6LNSAnQr7bGwKxxVcrOemUQC+Jvo4neP Rg86rF0P9/AEIoNpVW6Em/moLM9xPlO2gvlFEm04ysk0URAWlXHgv8oDVXaI1+yk Axw36oxROZvWhuNrefs7T1o5 -----END CERTIFICATE-----Generated at Thu Jan 1 20:30:06 2026 by rpki-client