This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/3ebce5-73e3-4e3e-83b0-a788fdc70948/1/CFs9QijMQZXft1qyL9GnWPO1GTU.roa File: CFs9QijMQZXft1qyL9GnWPO1GTU.roa (raw, json) Hash identifier: oKwOUscI0w8VVSNnLxFijPy/YKPFlOCw7H1bV/hxHVM= Subject key identifier: 08:5B:3D:42:28:CC:41:95:DF:B7:5A:B2:2F:D1:A7:58:F3:B5:19:35 Certificate issuer: /CN=26cf4d53ed5c0a4bd3fe242201a966655c80cc0e Certificate serial: 019B7C7FED8C908FBFAC5BD458AFE799C506 Authority key identifier: 26:CF:4D:53:ED:5C:0A:4B:D3:FE:24:22:01:A9:66:65:5C:80:CC:0E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Js9NU-1cCkvT_iQiAalmZVyAzA4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/3ebce5-73e3-4e3e-83b0-a788fdc70948/1/CFs9QijMQZXft1qyL9GnWPO1GTU.roa Signing time: Fri 02 Jan 2026 02:18:37 +0000 ROA not before: Fri 02 Jan 2026 02:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202173 IP address blocks: 91.220.120.0/24 maxlen: 24 185.79.100.0/22 maxlen: 24 2a05:7280::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/3ebce5-73e3-4e3e-83b0-a788fdc70948/1/Js9NU-1cCkvT_iQiAalmZVyAzA4.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/3ebce5-73e3-4e3e-83b0-a788fdc70948/1/Js9NU-1cCkvT_iQiAalmZVyAzA4.mft rsync://rpki.ripe.net/repository/DEFAULT/Js9NU-1cCkvT_iQiAalmZVyAzA4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:ed:8c:90:8f:bf:ac:5b:d4:58:af:e7:99:c5:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=26cf4d53ed5c0a4bd3fe242201a966655c80cc0e Validity Not Before: Jan 2 02:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=085b3d4228cc4195dfb75ab22fd1a758f3b51935 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:bb:ce:e1:15:7c:f1:2f:66:28:42:29:22:28: cf:e7:ae:39:39:df:68:12:ef:e3:c5:74:c4:cf:82: b6:55:86:d4:42:f5:47:de:36:52:5d:d6:b9:6a:56: be:22:1c:ed:5d:62:76:d0:ac:94:ab:82:c5:72:f6: f2:c8:5c:1f:38:33:30:41:75:a9:9f:c7:4e:88:a3: c4:7b:fc:44:56:41:ac:7b:91:17:b4:04:1b:eb:9a: c8:ed:a1:3b:f0:16:aa:9e:e7:e7:a0:10:c0:54:fb: f9:44:d7:dd:ce:0f:28:f6:5e:36:d6:4e:59:10:e6: 0c:1b:71:0c:2d:50:81:aa:09:9e:60:3e:69:33:5b: f4:cb:50:a1:e2:76:55:9b:0d:ce:91:ec:69:6a:1e: f5:23:4e:32:ee:8b:5f:73:f5:e6:7b:df:68:50:29: e8:a9:03:12:7e:75:99:9c:6d:a7:a0:0e:1d:60:9f: 68:24:ab:63:a1:58:35:db:d9:d0:3b:65:34:e9:63: 96:5c:eb:46:76:76:c1:bf:a1:ca:82:52:10:82:ee: d0:d4:54:81:bb:44:72:b2:64:f8:31:5c:b5:36:5b: 29:34:e3:e5:1a:55:f3:33:d1:3f:26:4e:92:cc:3c: a5:94:63:c2:38:f7:0f:2a:a0:10:15:89:80:40:bf: 80:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:5B:3D:42:28:CC:41:95:DF:B7:5A:B2:2F:D1:A7:58:F3:B5:19:35 X509v3 Authority Key Identifier: keyid:26:CF:4D:53:ED:5C:0A:4B:D3:FE:24:22:01:A9:66:65:5C:80:CC:0E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Js9NU-1cCkvT_iQiAalmZVyAzA4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/3ebce5-73e3-4e3e-83b0-a788fdc70948/1/CFs9QijMQZXft1qyL9GnWPO1GTU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/3ebce5-73e3-4e3e-83b0-a788fdc70948/1/Js9NU-1cCkvT_iQiAalmZVyAzA4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.220.120.0/24 185.79.100.0/22 IPv6: 2a05:7280::/32 Signature Algorithm: sha256WithRSAEncryption ac:07:ab:a5:92:81:73:40:7c:8b:89:13:21:5a:26:2c:f5:af: 78:ef:98:70:b1:09:aa:ff:07:3b:d0:dc:dd:dc:a0:03:9a:a4: 6c:f1:28:57:e5:b2:c1:93:7b:f9:58:84:ae:9f:dc:dd:3a:d0: 21:08:a6:28:6e:49:f6:87:ea:13:9e:bc:75:71:42:25:1e:36: 22:22:ab:04:a9:5d:3d:c9:ad:7c:9a:46:18:6b:ab:aa:d9:d5: 11:ac:4c:89:33:6a:92:fb:67:fd:25:6d:bc:95:8e:94:e7:9e: b8:7f:23:a3:c1:8c:80:d2:b7:a9:4b:1c:70:b9:b5:44:58:d0: eb:35:f6:30:75:cd:bc:3b:3f:47:a4:5e:6e:18:41:bc:aa:25: 1d:85:7a:87:47:95:c3:0d:41:30:7b:2e:21:21:16:38:30:48: be:5e:80:90:96:89:41:1e:20:c4:78:d5:64:15:0c:f2:a0:0a: 50:1f:b3:43:65:2b:8a:16:e6:76:d0:35:87:c7:ef:2d:c3:3a: 63:6a:66:64:30:6d:1f:57:c9:c9:84:58:87:47:ec:76:f7:58: 81:9d:3b:fb:7b:81:52:e5:6c:14:a9:03:22:b8:fa:ee:04:b2: 16:2e:8d:d8:bc:f8:98:eb:5a:28:f5:89:76:49:64:95:81:7f: e5:f5:d3:81 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8f+2MkI+/rFvUWK/nmcUGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI2Y2Y0ZDUzZWQ1YzBhNGJkM2ZlMjQyMjAxYTk2NjY1NWM4 MGNjMGUwHhcNMjYwMTAyMDIxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODViM2Q0MjI4Y2M0MTk1ZGZiNzVhYjIyZmQxYTc1OGYzYjUxOTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrvO4RV88S9mKEIpIijP5645Od9o Eu/jxXTEz4K2VYbUQvVH3jZSXda5ala+IhztXWJ20KyUq4LFcvbyyFwfODMwQXWp n8dOiKPEe/xEVkGse5EXtAQb65rI7aE78BaqnufnoBDAVPv5RNfdzg8o9l421k5Z EOYMG3EMLVCBqgmeYD5pM1v0y1Ch4nZVmw3Okexpah71I04y7otfc/Xme99oUCno qQMSfnWZnG2noA4dYJ9oJKtjoVg129nQO2U06WOWXOtGdnbBv6HKglIQgu7Q1FSB u0RysmT4MVy1NlspNOPlGlXzM9E/Jk6SzDyllGPCOPcPKqAQFYmAQL+A/QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFAhbPUIozEGV37dasi/Rp1jztRk1MB8GA1UdIwQY MBaAFCbPTVPtXApL0/4kIgGpZmVcgMwOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSnM5TlUtMWNDa3ZUX2lRaUFhbG1aVnlBekE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8zZWJjZTUtNzNlMy00ZTNlLTgzYjAt YTc4OGZkYzcwOTQ4LzEvQ0ZzOVFpak1RWlhmdDFxeUw5R25XUE8xR1RVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy8zZWJjZTUtNzNlMy00ZTNlLTgzYjAtYTc4OGZkYzcwOTQ4 LzEvSnM5TlUtMWNDa3ZUX2lRaUFhbG1aVnlBekE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9x4AwQC uU9kMA0EAgACMAcDBQAqBXKAMA0GCSqGSIb3DQEBCwUAA4IBAQCsB6ulkoFzQHyL iRMhWiYs9a9475hwsQmq/wc70Nzd3KADmqRs8ShX5bLBk3v5WISun9zdOtAhCKYo bkn2h+oTnrx1cUIlHjYiIqsEqV09ya18mkYYa6uq2dURrEyJM2qS+2f9JW28lY6U 5564fyOjwYyA0repSxxwubVEWNDrNfYwdc28Oz9HpF5uGEG8qiUdhXqHR5XDDUEw ey4hIRY4MEi+XoCQlolBHiDEeNVkFQzyoApQH7NDZSuKFuZ20DWHx+8twzpjamZk MG0fV8nJhFiHR+x291iBnTv7e4FS5WwUqQMiuPruBLIWLo3YvPiY61oo9Yl2SWSV gX/l9dOB -----END CERTIFICATE-----Generated at Mon Feb 9 23:46:23 2026 by rpki-client