This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/s9bHtYw6qGInBE6Pd4y6dDNszho.roa File: s9bHtYw6qGInBE6Pd4y6dDNszho.roa (raw, json) Hash identifier: DuL4nvwJ3GhqWQoioLF44KGKjnyU3aqouWmY/jU6w4Q= Subject key identifier: B3:D6:C7:B5:8C:3A:A8:62:27:04:4E:8F:77:8C:BA:74:33:6C:CE:1A Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019B7F84ECB103FDE1E8E7F8A89F5CC0DDBC Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/s9bHtYw6qGInBE6Pd4y6dDNszho.roa Signing time: Fri 02 Jan 2026 16:22:56 +0000 ROA not before: Fri 02 Jan 2026 16:22:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208708 IP address blocks: 88.209.236.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 03:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:ec:b1:03:fd:e1:e8:e7:f8:a8:9f:5c:c0:dd:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Jan 2 16:22:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b3d6c7b58c3aa86227044e8f778cba74336cce1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:3e:41:80:f4:36:20:34:b6:a5:a3:13:b6:2a: 93:5c:18:15:58:d2:8c:e7:b1:b6:a9:04:f7:6d:4b: 36:23:35:3d:0c:28:8c:7d:3e:9f:68:70:a6:11:e9: 97:78:c4:8f:5e:f5:fb:0f:5c:77:16:54:a7:54:6f: e6:5e:17:85:c3:84:25:86:77:71:af:36:a8:d6:e5: bd:55:96:14:f7:53:1c:a6:c4:72:c0:6f:39:d3:2e: 68:22:aa:ab:69:7c:06:e7:7e:d4:1c:3b:f4:85:03: 08:d1:fd:a3:91:79:c9:88:a8:07:36:95:52:ba:db: bd:9d:68:29:d7:eb:2a:e0:21:32:0a:70:5a:a9:3b: 6b:cc:6b:d2:3b:3b:b8:de:0c:36:71:dc:30:d5:8e: 02:11:b0:cb:a5:52:71:5a:40:93:39:44:a0:b9:89: 4d:d4:2d:d2:c3:95:4a:83:e6:03:f1:09:75:23:97: 16:30:a3:8f:f4:f4:21:c9:bc:89:ec:1a:f8:07:95: a3:97:a4:0e:a5:dc:64:f1:e8:fd:67:31:26:73:1b: 81:7d:d1:86:8a:c2:f5:7b:75:04:79:37:7e:39:72: 9b:93:87:1b:e9:2c:af:64:be:46:9e:9e:1a:90:c7: da:f2:43:e3:31:c8:63:35:54:21:c3:e9:68:cd:46: 10:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:D6:C7:B5:8C:3A:A8:62:27:04:4E:8F:77:8C:BA:74:33:6C:CE:1A X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/s9bHtYw6qGInBE6Pd4y6dDNszho.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.209.236.0/22 Signature Algorithm: sha256WithRSAEncryption 0c:e7:a3:f7:bf:f1:8f:9e:09:f5:98:20:62:c0:42:ac:a5:81: e8:84:ce:8a:dc:6a:91:c9:5a:52:26:f2:d6:de:68:23:bb:f0: 29:4b:d6:bd:78:3f:c9:2d:70:6e:07:43:0b:3e:4f:f4:33:14: a9:c0:a0:8e:b4:a3:9d:d7:39:e4:44:36:3a:1a:15:07:5e:b8: 00:e8:bf:21:e2:aa:1e:27:48:88:71:a6:2d:d5:bf:26:4b:14: 22:af:14:63:89:e1:57:4c:92:31:01:68:a7:0b:b8:82:05:bf: 92:a0:ec:88:49:a4:9c:5e:09:5d:88:4a:08:37:b1:95:5b:e0: 93:3f:84:b4:b6:82:52:29:4e:df:27:48:db:24:12:fd:53:ae: ac:e9:c0:7b:3d:69:ad:0a:a9:23:78:eb:e5:a1:c3:24:07:c9: e9:0f:20:bb:4c:27:1d:b1:20:98:16:eb:f7:08:5f:ec:50:13: 7d:e3:fc:92:da:ad:9f:59:2b:a8:a4:7c:c3:c3:09:4a:5b:f4: 02:bf:47:17:b5:70:0a:10:e5:48:92:3a:64:ac:bc:af:b8:0f: 17:92:8b:db:0c:33:57:14:aa:c9:23:85:f0:73:06:16:bb:86: cc:a4:bb:c0:5b:15:0d:f0:7b:a8:93:b8:46:51:eb:36:92:da: 7c:38:dc:27 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hOyxA/3h6Of4qJ9cwN28MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjYwMTAyMTYyMjU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiM2Q2YzdiNThjM2FhODYyMjcwNDRlOGY3NzhjYmE3NDMzNmNjZTFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxj5BgPQ2IDS2paMTtiqTXBgVWNKM 57G2qQT3bUs2IzU9DCiMfT6faHCmEemXeMSPXvX7D1x3FlSnVG/mXheFw4Qlhndx rzao1uW9VZYU91McpsRywG850y5oIqqraXwG537UHDv0hQMI0f2jkXnJiKgHNpVS utu9nWgp1+sq4CEyCnBaqTtrzGvSOzu43gw2cdww1Y4CEbDLpVJxWkCTOUSguYlN 1C3Sw5VKg+YD8Ql1I5cWMKOP9PQhybyJ7Br4B5Wjl6QOpdxk8ej9ZzEmcxuBfdGG isL1e3UEeTd+OXKbk4cb6SyvZL5Gnp4akMfa8kPjMchjNVQhw+lozUYQpQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLPWx7WMOqhiJwROj3eMunQzbM4aMB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEvczliSHRZdzZxR0luQkU2UGQ0eTZkRE5zemhvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNHsMA0G CSqGSIb3DQEBCwUAA4IBAQAM56P3v/GPngn1mCBiwEKspYHohM6K3GqRyVpSJvLW 3mgju/ApS9a9eD/JLXBuB0MLPk/0MxSpwKCOtKOd1znkRDY6GhUHXrgA6L8h4qoe J0iIcaYt1b8mSxQirxRjieFXTJIxAWinC7iCBb+SoOyISaScXgldiEoIN7GVW+CT P4S0toJSKU7fJ0jbJBL9U66s6cB7PWmtCqkjeOvlocMkB8npDyC7TCcdsSCYFuv3 CF/sUBN94/yS2q2fWSuopHzDwwlKW/QCv0cXtXAKEOVIkjpkrLyvuA8XkovbDDNX FKrJI4XwcwYWu4bMpLvAWxUN8Huok7hGUes2ktp8ONwn -----END CERTIFICATE-----Generated at Mon Jan 12 07:36:09 2026 by rpki-client