This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/aIB-U74XOsh4LFFeV56dHmApdhA.roa File: aIB-U74XOsh4LFFeV56dHmApdhA.roa (raw, json) Hash identifier: n4BldvZSrWCDo/is34Mdq/Joj399xGxxHCi8O5qGXUc= Subject key identifier: 68:80:7E:53:BE:17:3A:C8:78:2C:51:5E:57:9E:9D:1E:60:29:76:10 Certificate issuer: /CN=8c060040ef3a0823aa973f0d0592b1dda808f782 Certificate serial: 019B7BA3E6745B446F4D385D9C9ED6C62724 Authority key identifier: 8C:06:00:40:EF:3A:08:23:AA:97:3F:0D:05:92:B1:DD:A8:08:F7:82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jAYAQO86CCOqlz8NBZKx3agI94I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/aIB-U74XOsh4LFFeV56dHmApdhA.roa Signing time: Thu 01 Jan 2026 22:18:17 +0000 ROA not before: Thu 01 Jan 2026 22:18:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20900 IP address blocks: 31.217.232.0/21 maxlen: 24 45.11.208.0/22 maxlen: 22 78.159.132.0/22 maxlen: 22 78.159.148.0/24 maxlen: 24 91.214.114.0/23 maxlen: 23 91.214.114.0/24 maxlen: 24 91.214.115.0/24 maxlen: 24 185.182.252.0/22 maxlen: 24 213.190.64.0/19 maxlen: 24 2001:1b08::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/jAYAQO86CCOqlz8NBZKx3agI94I.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/jAYAQO86CCOqlz8NBZKx3agI94I.mft rsync://rpki.ripe.net/repository/DEFAULT/jAYAQO86CCOqlz8NBZKx3agI94I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:e6:74:5b:44:6f:4d:38:5d:9c:9e:d6:c6:27:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8c060040ef3a0823aa973f0d0592b1dda808f782 Validity Not Before: Jan 1 22:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=68807e53be173ac8782c515e579e9d1e60297610 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:08:03:c3:44:43:c0:7b:79:a5:68:d2:ba:32: c5:bb:5d:bd:ea:4d:4c:a9:0d:82:fb:85:6d:c4:82: c8:81:14:b6:85:3f:ab:d1:8e:dc:a4:aa:b9:b8:0c: 26:79:c1:ae:f5:1b:c3:51:54:82:d6:12:d4:95:a8: 92:11:e5:f5:62:94:06:b0:58:a6:79:fc:06:fa:4d: 83:30:02:c6:69:27:be:02:45:0c:5d:57:ca:bf:4c: 1b:80:be:b8:b1:f5:3d:c9:31:70:ac:c2:b6:52:58: a6:18:4d:4d:92:fa:f7:d5:fb:04:d0:11:fd:6b:83: 50:cb:29:2d:e9:19:ee:d1:32:9c:08:60:cb:9d:0f: 3b:43:2e:d4:29:c4:2b:83:42:92:5a:ed:42:b9:db: 76:96:a2:dc:92:4e:3f:c4:36:a8:44:4f:c8:fd:e5: af:a9:a9:1f:a2:3b:7c:b2:19:a1:95:34:38:d8:5b: ba:b0:bc:2d:cb:63:91:d6:fe:45:e3:cb:b2:a4:6f: 55:46:35:84:d3:b0:3d:eb:2f:3f:92:1c:67:f8:8c: 27:c8:29:d7:a0:74:51:59:6b:c1:e7:ab:93:2d:1e: 25:2b:1a:ab:65:72:98:15:20:a2:8c:d8:51:a0:17: cd:4b:05:8f:78:28:7e:b1:13:1e:30:50:1a:33:3d: 8f:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:80:7E:53:BE:17:3A:C8:78:2C:51:5E:57:9E:9D:1E:60:29:76:10 X509v3 Authority Key Identifier: keyid:8C:06:00:40:EF:3A:08:23:AA:97:3F:0D:05:92:B1:DD:A8:08:F7:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jAYAQO86CCOqlz8NBZKx3agI94I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/aIB-U74XOsh4LFFeV56dHmApdhA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e7549e-5b25-4200-88b9-4e4a35dd3677/1/jAYAQO86CCOqlz8NBZKx3agI94I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.217.232.0/21 45.11.208.0/22 78.159.132.0/22 78.159.148.0/24 91.214.114.0/23 185.182.252.0/22 213.190.64.0/19 IPv6: 2001:1b08::/32 Signature Algorithm: sha256WithRSAEncryption 8f:d5:9a:20:3b:d7:f6:b1:03:af:aa:f8:e1:6c:1f:07:06:a3: 3c:b0:7b:ea:9a:d9:4b:dc:d6:2e:5b:38:24:94:ef:36:52:1c: fe:d0:29:f1:3b:87:ed:48:4b:61:51:23:3a:78:c9:94:fa:cf: 23:ae:cd:bd:31:62:70:36:44:56:25:59:2f:a5:b2:a7:fb:c0: 5e:02:f2:88:8e:97:1a:54:8f:2d:2a:d3:9e:61:63:33:87:17: c2:84:af:f5:33:98:4c:fd:58:bf:3e:bf:99:e1:5c:56:c2:51: 8f:2a:e0:bd:27:81:b5:b5:42:40:bb:d8:a5:7e:e5:16:64:38: d3:3f:cd:60:47:4f:83:8c:3b:fc:17:ee:30:fb:fb:2d:7c:fd: a2:27:d9:b5:d7:9b:a3:b4:54:59:76:8d:9c:5e:9f:fd:08:fa: dc:58:6d:2e:41:2f:78:66:37:70:a7:76:43:33:77:28:bc:9b: 2a:67:c2:59:15:44:ea:35:bb:5b:0d:23:23:13:54:49:b3:d7: b1:3a:2e:03:21:37:75:91:88:1c:96:16:4e:91:fa:70:43:be: b5:f6:6d:70:c7:84:f0:8f:16:b4:f2:75:60:11:ea:4a:af:ec: e8:ae:76:33:4a:d0:af:3e:08:47:7f:c5:1e:66:dc:83:2f:c6: 55:7b:35:5a -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISAZt7o+Z0W0RvTThdnJ7WxickMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhjMDYwMDQwZWYzYTA4MjNhYTk3M2YwZDA1OTJiMWRkYTgw OGY3ODIwHhcNMjYwMTAxMjIxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODgwN2U1M2JlMTczYWM4NzgyYzUxNWU1NzllOWQxZTYwMjk3NjEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwgDw0RDwHt5pWjSujLFu1296k1M qQ2C+4VtxILIgRS2hT+r0Y7cpKq5uAwmecGu9RvDUVSC1hLUlaiSEeX1YpQGsFim efwG+k2DMALGaSe+AkUMXVfKv0wbgL64sfU9yTFwrMK2UlimGE1Nkvr31fsE0BH9 a4NQyykt6Rnu0TKcCGDLnQ87Qy7UKcQrg0KSWu1Cudt2lqLckk4/xDaoRE/I/eWv qakfojt8shmhlTQ42Fu6sLwty2OR1v5F48uypG9VRjWE07A96y8/khxn+IwnyCnX oHRRWWvB56uTLR4lKxqrZXKYFSCijNhRoBfNSwWPeCh+sRMeMFAaMz2PUwIDAQAB o4ICPDCCAjgwHQYDVR0OBBYEFGiAflO+FzrIeCxRXleenR5gKXYQMB8GA1UdIwQY MBaAFIwGAEDvOggjqpc/DQWSsd2oCPeCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvakFZQVFPODZDQ09xbHo4TkJaS3gzYWdJOTRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lNzU0OWUtNWIyNS00MjAwLTg4Yjkt NGU0YTM1ZGQzNjc3LzEvYUlCLVU3NFhPc2g0TEZGZVY1NmRIbUFwZGhBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS9lNzU0OWUtNWIyNS00MjAwLTg4YjktNGU0YTM1ZGQzNjc3 LzEvakFZQVFPODZDQ09xbHo4TkJaS3gzYWdJOTRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDH9noAwQC LQvQAwQCTp+EAwQATp+UAwQBW9ZyAwQCubb8AwQF1b5AMA0EAgACMAcDBQAgARsI MA0GCSqGSIb3DQEBCwUAA4IBAQCP1ZogO9f2sQOvqvjhbB8HBqM8sHvqmtlL3NYu WzgklO82Uhz+0CnxO4ftSEthUSM6eMmU+s8jrs29MWJwNkRWJVkvpbKn+8BeAvKI jpcaVI8tKtOeYWMzhxfChK/1M5hM/Vi/Pr+Z4VxWwlGPKuC9J4G1tUJAu9ilfuUW ZDjTP81gR0+DjDv8F+4w+/stfP2iJ9m115ujtFRZdo2cXp/9CPrcWG0uQS94Zjdw p3ZDM3covJsqZ8JZFUTqNbtbDSMjE1RJs9exOi4DITd1kYgclhZOkfpwQ7619m1w x4Twjxa08nVgEepKr+zornYzStCvPghHf8UeZtyDL8ZVezVa -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:23 2026 by rpki-client