This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/1E8AiSnlYGPXbOfAXqZEBvdti0Q.roa File: 1E8AiSnlYGPXbOfAXqZEBvdti0Q.roa (raw, json) Hash identifier: zg4/KmKPBBnWqoo6XqmqqOeEWKX38ZMsmowwS7V3CsY= Subject key identifier: D4:4F:00:89:29:E5:60:63:D7:6C:E7:C0:5E:A6:44:06:F7:6D:8B:44 Certificate issuer: /CN=f73425724cae273f2963060dc865c6f0b0425cad Certificate serial: 019C040337EBA362F2D5DC9F58A1BDEC76E4 Authority key identifier: F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/1E8AiSnlYGPXbOfAXqZEBvdti0Q.roa Signing time: Wed 28 Jan 2026 09:50:45 +0000 ROA not before: Wed 28 Jan 2026 09:50:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 63023 IP address blocks: 72.56.149.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.mft rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 07 Feb 2026 00:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:04:03:37:eb:a3:62:f2:d5:dc:9f:58:a1:bd:ec:76:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f73425724cae273f2963060dc865c6f0b0425cad Validity Not Before: Jan 28 09:50:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d44f008929e56063d76ce7c05ea64406f76d8b44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:b1:fe:68:3e:83:bd:b1:00:e8:04:80:39:8b: 12:df:07:9e:2f:64:10:56:60:fd:22:8f:4f:dc:fa: 73:60:37:da:17:be:68:19:6a:1a:56:f1:64:f6:ed: d6:ac:d4:b3:9e:2b:d7:92:30:4f:f8:09:d0:54:bf: 32:6a:25:b0:5f:8e:67:3f:3a:10:b7:fe:29:a0:9b: 9e:dd:eb:8b:2e:e4:ba:43:d9:6f:34:cf:e5:51:72: 7e:d9:d6:21:fe:55:e2:62:88:1e:6f:7f:3a:a0:bf: 22:41:ed:a5:5d:01:f0:08:a7:42:69:fc:dc:1f:ed: 1e:06:23:c2:3d:85:50:a9:3e:cd:33:04:ed:7f:f7: 86:56:d7:79:e3:d7:75:79:4b:99:83:ec:7c:60:e2: b6:e5:4c:55:d0:b3:a0:cd:59:4c:a9:b3:b5:95:66: ed:38:a9:18:95:06:e3:e3:a9:67:d0:52:86:56:50: df:00:1d:88:16:8a:09:3c:6e:5f:d1:ba:a5:83:a6: 02:19:70:25:9e:34:9f:47:99:23:ca:7a:ba:82:cc: 84:de:1e:6c:b4:42:57:6a:85:f5:6f:a6:11:1f:e3: f0:a3:d7:f4:cf:08:9b:98:a3:16:5f:b5:13:c1:14: b5:be:7e:b7:10:42:90:9b:af:c5:ad:dc:84:be:e5: 4f:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:4F:00:89:29:E5:60:63:D7:6C:E7:C0:5E:A6:44:06:F7:6D:8B:44 X509v3 Authority Key Identifier: keyid:F7:34:25:72:4C:AE:27:3F:29:63:06:0D:C8:65:C6:F0:B0:42:5C:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zQlckyuJz8pYwYNyGXG8LBCXK0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/1E8AiSnlYGPXbOfAXqZEBvdti0Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9f09aa-dd5e-4e06-b28e-e871b21790de/1/9zQlckyuJz8pYwYNyGXG8LBCXK0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 72.56.149.0/24 Signature Algorithm: sha256WithRSAEncryption 99:2e:df:63:81:92:3c:3f:19:3e:e7:8a:bb:86:40:01:2d:c3: fb:49:38:12:55:ab:32:04:47:6e:c2:eb:d6:48:3b:7b:ff:2d: d0:50:55:3f:d7:a5:28:ef:ad:c3:74:4c:c4:ce:a2:88:2a:c6: ac:f2:44:46:2e:b2:19:07:66:9a:ef:80:91:9d:8e:98:3e:87: 50:87:7c:03:41:07:9a:ba:b8:68:d5:28:81:0a:75:ce:9c:38: c3:1a:1a:36:0d:26:ef:ea:66:e4:8a:96:31:16:4c:d1:df:1a: dc:09:15:47:a2:f8:16:62:dd:db:6f:51:99:3f:db:70:32:26: 19:00:4d:2e:87:cc:bf:d4:25:cf:23:be:40:9e:90:fb:10:b0: a5:d6:d5:28:0f:fc:43:6d:69:60:50:ee:e7:37:39:c4:d9:03: 08:aa:35:28:78:0e:87:38:37:71:32:a1:ee:47:af:84:34:ed: d8:61:e5:0f:03:c6:c4:6b:3a:8c:93:d7:68:61:df:8d:06:26: a4:67:29:e5:a0:59:c9:25:b0:85:32:40:0c:f1:8e:f6:cb:ca: 3f:d3:45:0a:b8:2e:c2:fe:34:f1:23:7d:2d:68:2e:99:27:cd: 57:4a:ca:a5:79:2b:1d:cb:f9:8c:d8:51:10:97:cd:95:cc:85: 29:e6:3a:3c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZwEAzfro2Ly1dyfWKG97HbkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY3MzQyNTcyNGNhZTI3M2YyOTYzMDYwZGM4NjVjNmYwYjA0 MjVjYWQwHhcNMjYwMTI4MDk1MDQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNDRmMDA4OTI5ZTU2MDYzZDc2Y2U3YzA1ZWE2NDQwNmY3NmQ4YjQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrH+aD6DvbEA6ASAOYsS3weeL2QQ VmD9Io9P3PpzYDfaF75oGWoaVvFk9u3WrNSznivXkjBP+AnQVL8yaiWwX45nPzoQ t/4poJue3euLLuS6Q9lvNM/lUXJ+2dYh/lXiYogeb386oL8iQe2lXQHwCKdCafzc H+0eBiPCPYVQqT7NMwTtf/eGVtd549d1eUuZg+x8YOK25UxV0LOgzVlMqbO1lWbt OKkYlQbj46ln0FKGVlDfAB2IFooJPG5f0bqlg6YCGXAlnjSfR5kjynq6gsyE3h5s tEJXaoX1b6YRH+Pwo9f0zwibmKMWX7UTwRS1vn63EEKQm6/FrdyEvuVPEQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNRPAIkp5WBj12znwF6mRAb3bYtEMB8GA1UdIwQY MBaAFPc0JXJMric/KWMGDchlxvCwQlytMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUt ZTg3MWIyMTc5MGRlLzEvMUU4QWlTbmxZR1BYYk9mQVhxWkVCdmR0aTBRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC85ZjA5YWEtZGQ1ZS00ZTA2LWIyOGUtZTg3MWIyMTc5MGRl LzEvOXpRbGNreXVKejhwWXdZTnlHWEc4TEJDWEswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQASDiVMA0G CSqGSIb3DQEBCwUAA4IBAQCZLt9jgZI8Pxk+54q7hkABLcP7STgSVasyBEduwuvW SDt7/y3QUFU/16Uo763DdEzEzqKIKsas8kRGLrIZB2aa74CRnY6YPodQh3wDQQea urho1SiBCnXOnDjDGho2DSbv6mbkipYxFkzR3xrcCRVHovgWYt3bb1GZP9twMiYZ AE0uh8y/1CXPI75AnpD7ELCl1tUoD/xDbWlgUO7nNznE2QMIqjUoeA6HODdxMqHu R6+ENO3YYeUPA8bEazqMk9doYd+NBiakZynloFnJJbCFMkAM8Y72y8o/00UKuC7C /jTxI30taC6ZJ81XSsqleSsdy/mM2FEQl82VzIUp5jo8 -----END CERTIFICATE-----Generated at Fri Feb 6 11:12:27 2026 by rpki-client