This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/229d3d-c0ea-4e11-9509-5eb4a55f0119/1/pOa9KIHkvR1N9UVxd0Y5yCq1Nbk.roa File: pOa9KIHkvR1N9UVxd0Y5yCq1Nbk.roa (raw, json) Hash identifier: 1RmAXKNphGOVS4U4lNBANNahDEgoMen7DHDul6xwB5s= Subject key identifier: A4:E6:BD:28:81:E4:BD:1D:4D:F5:45:71:77:46:39:C8:2A:B5:35:B9 Certificate issuer: /CN=11ab177e4a4ffeeb9ea1fd35766c3b8a87311de8 Certificate serial: 019B7DCA1EF1FC355B30270EB4B07260A9B2 Authority key identifier: 11:AB:17:7E:4A:4F:FE:EB:9E:A1:FD:35:76:6C:3B:8A:87:31:1D:E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EasXfkpP_uueof01dmw7iocxHeg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/229d3d-c0ea-4e11-9509-5eb4a55f0119/1/pOa9KIHkvR1N9UVxd0Y5yCq1Nbk.roa Signing time: Fri 02 Jan 2026 08:19:16 +0000 ROA not before: Fri 02 Jan 2026 08:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209429 IP address blocks: 45.66.72.0/22 maxlen: 22 2a09:6540::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/229d3d-c0ea-4e11-9509-5eb4a55f0119/1/EasXfkpP_uueof01dmw7iocxHeg.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/229d3d-c0ea-4e11-9509-5eb4a55f0119/1/EasXfkpP_uueof01dmw7iocxHeg.mft rsync://rpki.ripe.net/repository/DEFAULT/EasXfkpP_uueof01dmw7iocxHeg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:1e:f1:fc:35:5b:30:27:0e:b4:b0:72:60:a9:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=11ab177e4a4ffeeb9ea1fd35766c3b8a87311de8 Validity Not Before: Jan 2 08:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a4e6bd2881e4bd1d4df54571774639c82ab535b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:be:97:37:3b:3c:77:8f:2a:89:99:eb:67:98: f4:48:c4:bd:ce:b5:22:f7:da:05:2a:73:52:96:e3: 02:a0:5f:6e:4d:60:fd:43:10:62:43:4a:3b:99:96: 68:d0:40:5e:d9:70:5c:a0:e2:66:04:7d:11:a7:9b: 51:63:18:b8:34:d3:9d:e5:a6:9b:df:dc:fd:ab:03: d8:4f:4a:cf:2d:b0:1b:be:bc:11:ba:97:a0:e8:6b: d9:88:6f:28:dc:2a:2b:dd:d2:7f:4a:7d:cd:57:ce: e4:88:08:33:92:f9:e3:0d:18:96:63:0d:b8:e6:c7: 68:9c:2e:cc:dc:d4:2a:c5:74:78:50:e2:f7:12:55: 11:e2:3b:e7:49:22:46:ec:dc:43:a6:5c:fd:e2:23: 98:6a:23:f8:6b:89:83:f4:07:e3:b2:7d:68:39:1a: 02:49:38:7d:bb:b9:65:77:a8:4d:a0:2a:a0:12:ef: c7:ec:68:a8:58:6d:9c:31:79:3b:6c:ed:f6:89:54: 83:48:ba:2f:d8:80:43:9b:04:21:6c:69:1b:d2:60: 16:be:55:9e:5e:c8:f8:9d:18:41:de:3d:a0:9e:0d: 40:23:bb:aa:5d:c6:20:49:93:12:25:0b:1d:15:3b: c1:79:52:b8:4f:cd:2d:cb:b2:65:13:55:a2:cd:5e: 94:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:E6:BD:28:81:E4:BD:1D:4D:F5:45:71:77:46:39:C8:2A:B5:35:B9 X509v3 Authority Key Identifier: keyid:11:AB:17:7E:4A:4F:FE:EB:9E:A1:FD:35:76:6C:3B:8A:87:31:1D:E8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EasXfkpP_uueof01dmw7iocxHeg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/229d3d-c0ea-4e11-9509-5eb4a55f0119/1/pOa9KIHkvR1N9UVxd0Y5yCq1Nbk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/229d3d-c0ea-4e11-9509-5eb4a55f0119/1/EasXfkpP_uueof01dmw7iocxHeg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.66.72.0/22 IPv6: 2a09:6540::/29 Signature Algorithm: sha256WithRSAEncryption b1:1b:ea:d5:48:29:67:13:c4:47:e0:7d:a2:76:e2:d0:c0:55: 56:e5:16:06:12:08:40:e8:4c:bd:12:66:c1:76:b4:60:3a:6f: 45:ba:f2:88:cb:63:35:0c:8f:34:ff:19:81:f8:16:68:11:e1: a4:31:57:67:d7:b6:0a:9b:a5:bb:a1:f7:7f:fa:9f:63:8f:d6: 99:8c:3a:7f:b3:1c:2a:82:ad:0a:4b:3c:44:d0:38:96:89:da: c9:a0:fa:fd:7d:30:79:60:43:93:3a:9b:25:26:7c:a7:65:aa: 60:5a:9b:2d:a6:d1:a3:82:9f:d1:54:74:74:80:89:c1:04:29: e3:a9:34:d5:25:6d:b0:74:e4:cb:3e:70:63:05:f4:50:88:52: 7d:4d:4d:69:3b:de:25:5f:06:66:f5:c1:75:74:4d:4d:cf:34: 8b:ec:25:8f:50:3b:d2:ff:2a:37:83:73:31:86:de:88:b7:8f: 7a:04:78:d2:7e:ce:5a:c4:4d:10:3e:cc:60:48:8f:46:cb:41: 49:3f:fc:a0:68:da:2c:27:f3:2d:55:78:6b:9f:9a:eb:3c:ce: cc:47:e2:f2:dc:a3:55:91:82:86:ef:c9:ab:c5:5c:bf:26:a2: 24:9b:30:bd:8f:a7:39:f4:f1:8c:9b:18:70:a7:f2:ef:36:1e: 83:42:11:86 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9yh7x/DVbMCcOtLByYKmyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExYWIxNzdlNGE0ZmZlZWI5ZWExZmQzNTc2NmMzYjhhODcz MTFkZTgwHhcNMjYwMTAyMDgxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNGU2YmQyODgxZTRiZDFkNGRmNTQ1NzE3NzQ2MzljODJhYjUzNWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz76XNzs8d48qiZnrZ5j0SMS9zrUi 99oFKnNSluMCoF9uTWD9QxBiQ0o7mZZo0EBe2XBcoOJmBH0Rp5tRYxi4NNOd5aab 39z9qwPYT0rPLbAbvrwRupeg6GvZiG8o3Cor3dJ/Sn3NV87kiAgzkvnjDRiWYw24 5sdonC7M3NQqxXR4UOL3ElUR4jvnSSJG7NxDplz94iOYaiP4a4mD9Afjsn1oORoC STh9u7lld6hNoCqgEu/H7GioWG2cMXk7bO32iVSDSLov2IBDmwQhbGkb0mAWvlWe Xsj4nRhB3j2gng1AI7uqXcYgSZMSJQsdFTvBeVK4T80ty7JlE1WizV6UrwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFKTmvSiB5L0dTfVFcXdGOcgqtTW5MB8GA1UdIwQY MBaAFBGrF35KT/7rnqH9NXZsO4qHMR3oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRWFzWGZrcFBfdXVlb2YwMWRtdzdpb2N4SGVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yMjlkM2QtYzBlYS00ZTExLTk1MDkt NWViNGE1NWYwMTE5LzEvcE9hOUtJSGt2UjFOOVVWeGQwWTV5Q3ExTmJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC8yMjlkM2QtYzBlYS00ZTExLTk1MDktNWViNGE1NWYwMTE5 LzEvRWFzWGZrcFBfdXVlb2YwMWRtdzdpb2N4SGVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUJIMA0E AgACMAcDBQMqCWVAMA0GCSqGSIb3DQEBCwUAA4IBAQCxG+rVSClnE8RH4H2iduLQ wFVW5RYGEghA6Ey9EmbBdrRgOm9FuvKIy2M1DI80/xmB+BZoEeGkMVdn17YKm6W7 ofd/+p9jj9aZjDp/sxwqgq0KSzxE0DiWidrJoPr9fTB5YEOTOpslJnynZapgWpst ptGjgp/RVHR0gInBBCnjqTTVJW2wdOTLPnBjBfRQiFJ9TU1pO94lXwZm9cF1dE1N zzSL7CWPUDvS/yo3g3Mxht6It496BHjSfs5axE0QPsxgSI9Gy0FJP/ygaNosJ/Mt VXhrn5rrPM7MR+Ly3KNVkYKG78mrxVy/JqIkmzC9j6c59PGMmxhwp/LvNh6DQhGG -----END CERTIFICATE-----Generated at Tue Feb 10 03:10:12 2026 by rpki-client