This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/cBfzvfjBZ9QzsbzNAqBanT3PAEQ.roa File: cBfzvfjBZ9QzsbzNAqBanT3PAEQ.roa (raw, json) Hash identifier: 9GQHIoCRbaLBWwe64oMJBck16pra3GUNikVKVTlABGQ= Subject key identifier: 70:17:F3:BD:F8:C1:67:D4:33:B1:BC:CD:02:A0:5A:9D:3D:CF:00:44 Certificate issuer: /CN=9a717ed1dc488044e5e2ab0075433558cfde8c85 Certificate serial: 019B7F8333C90E7656EE5456B5DD0BD12244 Authority key identifier: 9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/cBfzvfjBZ9QzsbzNAqBanT3PAEQ.roa Signing time: Fri 02 Jan 2026 16:21:03 +0000 ROA not before: Fri 02 Jan 2026 16:21:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15425 IP address blocks: 5.53.8.0/21 maxlen: 21 31.28.128.0/19 maxlen: 19 84.16.96.0/19 maxlen: 19 84.21.96.0/19 maxlen: 19 86.61.128.0/17 maxlen: 17 93.181.64.0/18 maxlen: 18 176.227.248.0/21 maxlen: 21 188.134.128.0/17 maxlen: 17 2a03:6e80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.mft rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:33:c9:0e:76:56:ee:54:56:b5:dd:0b:d1:22:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9a717ed1dc488044e5e2ab0075433558cfde8c85 Validity Not Before: Jan 2 16:21:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7017f3bdf8c167d433b1bccd02a05a9d3dcf0044 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b0:25:aa:de:17:66:46:cd:f8:14:b7:6a:8c: eb:ed:c5:45:a4:65:d6:8e:c1:3b:65:41:81:65:3f: cc:e8:ae:b7:c7:4b:70:8e:16:42:75:46:10:fc:fb: f9:d3:05:33:1c:64:4c:94:c0:cc:21:fc:ef:49:8e: 4d:e2:c3:33:76:9f:8a:68:eb:ff:fd:bf:bc:e1:38: 6c:d5:e7:d6:b4:f0:11:ea:72:a4:07:92:e6:b9:db: 4c:d6:b0:e1:7b:eb:d6:0b:f1:8b:7e:2e:ef:30:bc: 97:a3:21:8f:19:31:45:82:07:d0:56:09:15:4b:34: a3:d2:88:a4:ca:2a:53:19:91:90:90:73:5a:c8:41: 4c:7c:59:9a:9f:0b:2a:a3:c0:e4:d2:ba:3a:b7:b5: e8:20:b3:4c:ce:9b:f9:29:5b:ad:50:7a:f5:5f:49: 0c:aa:8c:e7:f8:82:1b:c0:cb:7b:1c:23:60:e9:db: 98:dc:b9:8c:81:8a:55:bb:86:f8:ce:53:d4:1e:12: ec:5d:dd:7f:f2:4c:8f:c3:ff:29:3e:39:f5:2d:2e: 48:cd:4a:96:f8:aa:5f:b7:cb:9a:d6:43:fd:d5:ac: 8f:cf:59:db:2a:a6:8a:63:14:51:56:17:c4:77:72: e1:4d:be:3f:a2:0b:67:b5:16:b6:9f:a7:79:f0:f5: dd:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:17:F3:BD:F8:C1:67:D4:33:B1:BC:CD:02:A0:5A:9D:3D:CF:00:44 X509v3 Authority Key Identifier: keyid:9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/cBfzvfjBZ9QzsbzNAqBanT3PAEQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.53.8.0/21 31.28.128.0/19 84.16.96.0/19 84.21.96.0/19 86.61.128.0/17 93.181.64.0/18 176.227.248.0/21 188.134.128.0/17 IPv6: 2a03:6e80::/32 Signature Algorithm: sha256WithRSAEncryption 19:6c:eb:7a:e2:dc:4f:c1:a6:45:97:cd:16:b7:2a:ec:91:9c: 4d:54:9a:7f:dc:0f:a3:eb:be:e2:8f:ab:f1:10:f6:df:50:a0: 53:8a:95:fc:55:fb:0d:de:c0:45:09:00:f2:89:66:47:43:b0: 8f:5a:0d:9b:6b:f2:e7:15:22:aa:2f:fc:ca:f6:2a:40:5c:cd: 8f:22:e8:37:1c:fa:e9:13:83:4e:5c:c0:cc:b9:ed:d0:0b:01: 23:71:c0:5a:29:71:5f:e2:37:12:10:81:d9:62:5c:92:60:60: c1:c2:d7:3f:5e:16:c6:e1:c9:ab:f1:10:17:57:ea:56:a9:b6: 61:b3:48:cb:8a:f1:ac:ae:36:f4:ce:f2:65:15:94:90:4b:37: 29:9b:10:62:6d:47:5e:0e:a2:71:15:93:ad:8c:06:79:07:1d: 86:20:91:1b:48:43:40:ba:27:61:23:d1:8c:19:bb:10:05:2b: cd:d3:03:1a:e3:2b:1a:94:91:d7:cb:da:d7:47:d2:98:7a:58: 5b:8a:c8:c3:a0:ea:e4:13:11:49:13:4e:b8:26:2f:b1:33:74: 8f:5e:dd:64:7b:19:43:28:e8:4f:88:81:a6:66:12:05:af:93: 42:32:fc:7a:e9:f3:ba:be:cf:71:4f:59:e6:86:60:46:86:14: ee:f0:b3:dc -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZt/gzPJDnZW7lRWtd0L0SJEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlhNzE3ZWQxZGM0ODgwNDRlNWUyYWIwMDc1NDMzNTU4Y2Zk ZThjODUwHhcNMjYwMTAyMTYyMTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MDE3ZjNiZGY4YzE2N2Q0MzNiMWJjY2QwMmEwNWE5ZDNkY2YwMDQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLAlqt4XZkbN+BS3aozr7cVFpGXW jsE7ZUGBZT/M6K63x0twjhZCdUYQ/Pv50wUzHGRMlMDMIfzvSY5N4sMzdp+KaOv/ /b+84Ths1efWtPAR6nKkB5LmudtM1rDhe+vWC/GLfi7vMLyXoyGPGTFFggfQVgkV SzSj0oikyipTGZGQkHNayEFMfFmanwsqo8Dk0ro6t7XoILNMzpv5KVutUHr1X0kM qozn+IIbwMt7HCNg6duY3LmMgYpVu4b4zlPUHhLsXd1/8kyPw/8pPjn1LS5IzUqW +Kpft8ua1kP91ayPz1nbKqaKYxRRVhfEd3LhTb4/ogtntRa2n6d58PXdWwIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFHAX8734wWfUM7G8zQKgWp09zwBEMB8GA1UdIwQY MBaAFJpxftHcSIBE5eKrAHVDNVjP3oyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbW5GLTBkeElnRVRsNHFzQWRVTTFXTV9laklVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kMjYxYzEtZDdmMy00ZmU4LWFiYzYt MTA5NDM5MTY2OWVmLzEvY0JmenZmakJaOVF6c2J6TkFxQmFuVDNQQUVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9kMjYxYzEtZDdmMy00ZmU4LWFiYzYtMTA5NDM5MTY2OWVm LzEvbW5GLTBkeElnRVRsNHFzQWRVTTFXTV9laklVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDBTUIAwQF HxyAAwQFVBBgAwQFVBVgAwQHVj2AAwQGXbVAAwQDsOP4AwQHvIaAMA0EAgACMAcD BQAqA26AMA0GCSqGSIb3DQEBCwUAA4IBAQAZbOt64txPwaZFl80WtyrskZxNVJp/ 3A+j677ij6vxEPbfUKBTipX8VfsN3sBFCQDyiWZHQ7CPWg2ba/LnFSKqL/zK9ipA XM2PIug3HPrpE4NOXMDMue3QCwEjccBaKXFf4jcSEIHZYlySYGDBwtc/XhbG4cmr 8RAXV+pWqbZhs0jLivGsrjb0zvJlFZSQSzcpmxBibUdeDqJxFZOtjAZ5Bx2GIJEb SENAuidhI9GMGbsQBSvN0wMa4ysalJHXy9rXR9KYelhbisjDoOrkExFJE064Ji+x M3SPXt1kexlDKOhPiIGmZhIFr5NCMvx66fO6vs9xT1nmhmBGhhTu8LPc -----END CERTIFICATE-----Generated at Mon Feb 9 23:51:24 2026 by rpki-client