This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/f406c3-2789-43a5-b1d6-ddddef241216/1/m8pcNIGfAGz5wiEeCJ9aji1_KSY.roa File: m8pcNIGfAGz5wiEeCJ9aji1_KSY.roa (raw, json) Hash identifier: SgAuRkWCSoQK2KWjI4kALGTvsxbiGO3Jz/Xs4XRVN3A= Subject key identifier: 9B:CA:5C:34:81:9F:00:6C:F9:C2:21:1E:08:9F:5A:8E:2D:7F:29:26 Certificate issuer: /CN=dfec5c945d03535d9673095110546b1c98e61860 Certificate serial: 019B7B36EC4309E81D74DE838669AA9E0EF9 Authority key identifier: DF:EC:5C:94:5D:03:53:5D:96:73:09:51:10:54:6B:1C:98:E6:18:60 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-xclF0DU12WcwlREFRrHJjmGGA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/f406c3-2789-43a5-b1d6-ddddef241216/1/m8pcNIGfAGz5wiEeCJ9aji1_KSY.roa Signing time: Thu 01 Jan 2026 20:19:15 +0000 ROA not before: Thu 01 Jan 2026 20:19:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197799 IP address blocks: 31.193.200.0/21 maxlen: 21 2a03:1e40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/f406c3-2789-43a5-b1d6-ddddef241216/1/3-xclF0DU12WcwlREFRrHJjmGGA.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/f406c3-2789-43a5-b1d6-ddddef241216/1/3-xclF0DU12WcwlREFRrHJjmGGA.mft rsync://rpki.ripe.net/repository/DEFAULT/3-xclF0DU12WcwlREFRrHJjmGGA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:ec:43:09:e8:1d:74:de:83:86:69:aa:9e:0e:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dfec5c945d03535d9673095110546b1c98e61860 Validity Not Before: Jan 1 20:19:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9bca5c34819f006cf9c2211e089f5a8e2d7f2926 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:b2:15:bb:9a:8d:be:4b:de:2e:23:00:13:af: d3:7c:5f:a6:fd:fa:b0:c5:fb:59:73:a2:b5:6b:7f: 1f:c2:96:cd:9d:f8:5f:1d:d7:de:24:53:47:84:85: 70:6c:6f:4f:3d:44:d4:08:84:8f:ec:34:17:dd:a5: c9:4a:a6:28:de:e5:59:b3:d1:26:fb:b7:3e:09:c9: 1a:58:f3:f1:b3:ff:89:e1:a6:8e:20:8c:68:20:e9: ed:cb:2b:40:e4:4a:18:68:0b:b4:a2:16:81:70:f7: c8:d9:8b:89:ed:4f:40:77:ec:6e:ac:bc:8f:2f:ac: 89:ea:46:d1:4d:d4:94:2a:ea:e8:50:60:5b:88:02: 13:10:65:50:dd:df:2e:4b:36:12:c2:89:0b:80:dc: 3e:32:a4:99:bb:84:4b:c9:ba:0f:1a:35:58:bb:99: 8d:11:a9:61:1e:70:99:75:8c:c6:9e:d8:f7:15:e1: 3a:44:c1:93:b4:40:44:ec:01:03:e7:2d:50:c8:65: 78:33:50:0c:e5:45:fc:9b:10:46:66:ae:84:2f:af: 98:bb:66:61:2b:1b:8a:74:ea:2d:58:0d:89:31:7e: 96:e3:d3:ae:77:69:47:3a:8d:28:09:0c:5b:2b:3e: 27:d0:1e:bd:64:2b:41:f4:d7:67:83:8d:af:cc:aa: f2:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:CA:5C:34:81:9F:00:6C:F9:C2:21:1E:08:9F:5A:8E:2D:7F:29:26 X509v3 Authority Key Identifier: keyid:DF:EC:5C:94:5D:03:53:5D:96:73:09:51:10:54:6B:1C:98:E6:18:60 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-xclF0DU12WcwlREFRrHJjmGGA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f406c3-2789-43a5-b1d6-ddddef241216/1/m8pcNIGfAGz5wiEeCJ9aji1_KSY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/f406c3-2789-43a5-b1d6-ddddef241216/1/3-xclF0DU12WcwlREFRrHJjmGGA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.193.200.0/21 IPv6: 2a03:1e40::/32 Signature Algorithm: sha256WithRSAEncryption 49:0a:ea:af:b6:85:42:c5:4c:ba:19:d0:75:fa:e9:81:dc:9b: b8:04:82:6f:dd:5f:42:e7:91:7d:3e:f5:02:93:2f:1a:d0:14: 83:d7:f0:64:60:f0:e4:75:10:4e:18:c9:77:1a:5a:4e:00:b3: 0b:21:3e:55:60:cd:63:94:06:60:1e:f4:2a:d5:ce:3e:33:a4: 66:1a:5c:df:ea:20:59:f2:13:3b:79:87:ff:0a:15:b4:c1:41: 14:01:7d:34:38:00:55:a8:22:c3:ae:f8:24:2b:18:ca:68:ab: 60:fd:4c:41:d0:c1:fc:58:85:88:dc:90:b2:c6:3b:65:18:e5: 76:95:44:85:6e:8d:39:10:31:5c:23:25:c0:56:a8:e2:34:c8: 8c:c2:69:df:17:b7:0a:99:02:24:44:be:66:56:66:71:c8:2e: c0:4f:cb:57:48:1a:68:45:87:57:ed:9a:70:e4:c3:2f:fe:82: 5c:c9:7a:9e:d9:c4:c3:51:16:9d:aa:c9:fe:0d:50:fe:79:e6: cc:6b:d8:bf:ba:80:21:75:57:1b:b2:fa:5a:2e:ef:ee:a2:89: 82:b6:58:27:2e:c0:48:24:ee:4f:94:5e:84:e4:3e:70:10:65: f9:a5:d5:0b:3f:d1:7a:36:45:84:80:fb:46:60:46:1a:75:6a: 55:d5:c8:37 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7NuxDCegddN6Dhmmqng75MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmZWM1Yzk0NWQwMzUzNWQ5NjczMDk1MTEwNTQ2YjFjOThl NjE4NjAwHhcNMjYwMTAxMjAxOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5YmNhNWMzNDgxOWYwMDZjZjljMjIxMWUwODlmNWE4ZTJkN2YyOTI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7IVu5qNvkveLiMAE6/TfF+m/fqw xftZc6K1a38fwpbNnfhfHdfeJFNHhIVwbG9PPUTUCISP7DQX3aXJSqYo3uVZs9Em +7c+CckaWPPxs/+J4aaOIIxoIOntyytA5EoYaAu0ohaBcPfI2YuJ7U9Ad+xurLyP L6yJ6kbRTdSUKuroUGBbiAITEGVQ3d8uSzYSwokLgNw+MqSZu4RLyboPGjVYu5mN EalhHnCZdYzGntj3FeE6RMGTtEBE7AED5y1QyGV4M1AM5UX8mxBGZq6EL6+Yu2Zh KxuKdOotWA2JMX6W49Oud2lHOo0oCQxbKz4n0B69ZCtB9Ndng42vzKryywIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJvKXDSBnwBs+cIhHgifWo4tfykmMB8GA1UdIwQY MBaAFN/sXJRdA1NdlnMJURBUaxyY5hhgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMy14Y2xGMERVMTJXY3dsUkVGUnJISmptR0dBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mNDA2YzMtMjc4OS00M2E1LWIxZDYt ZGRkZGVmMjQxMjE2LzEvbThwY05JR2ZBR3o1d2lFZUNKOWFqaTFfS1NZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC9mNDA2YzMtMjc4OS00M2E1LWIxZDYtZGRkZGVmMjQxMjE2 LzEvMy14Y2xGMERVMTJXY3dsUkVGUnJISmptR0dBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDH8HIMA0E AgACMAcDBQAqAx5AMA0GCSqGSIb3DQEBCwUAA4IBAQBJCuqvtoVCxUy6GdB1+umB 3Ju4BIJv3V9C55F9PvUCky8a0BSD1/BkYPDkdRBOGMl3GlpOALMLIT5VYM1jlAZg HvQq1c4+M6RmGlzf6iBZ8hM7eYf/ChW0wUEUAX00OABVqCLDrvgkKxjKaKtg/UxB 0MH8WIWI3JCyxjtlGOV2lUSFbo05EDFcIyXAVqjiNMiMwmnfF7cKmQIkRL5mVmZx yC7AT8tXSBpoRYdX7Zpw5MMv/oJcyXqe2cTDURadqsn+DVD+eebMa9i/uoAhdVcb svpaLu/uoomCtlgnLsBIJO5PlF6E5D5wEGX5pdULP9F6NkWEgPtGYEYadWpV1cg3 -----END CERTIFICATE-----Generated at Mon Feb 9 22:36:14 2026 by rpki-client