This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/9zo09ix2zYPkPjtRWCZtUQY7Hx8.roa File: 9zo09ix2zYPkPjtRWCZtUQY7Hx8.roa (raw, json) Hash identifier: 1YGiPxIeRO9HzGHWmN+x5SsxEkq0m2RwsZb+NYZ3A1U= Subject key identifier: F7:3A:34:F6:2C:76:CD:83:E4:3E:3B:51:58:26:6D:51:06:3B:1F:1F Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda Certificate serial: 019B7BA35766E5EBDFFC57A7525148EA7782 Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/9zo09ix2zYPkPjtRWCZtUQY7Hx8.roa Signing time: Thu 01 Jan 2026 22:17:40 +0000 ROA not before: Thu 01 Jan 2026 22:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6461 IP address blocks: 5.63.24.0/21 maxlen: 21 91.190.168.0/21 maxlen: 21 185.85.76.0/22 maxlen: 22 2a02:798::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.mft rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:57:66:e5:eb:df:fc:57:a7:52:51:48:ea:77:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda Validity Not Before: Jan 1 22:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f73a34f62c76cd83e43e3b5158266d51063b1f1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:4d:0e:14:be:6c:ea:46:66:75:19:ed:ee:7b: 1d:4c:fa:da:c7:c9:82:84:a5:4a:54:9f:8e:cf:81: 60:15:14:32:5e:43:ed:2d:f9:20:6d:18:5d:72:34: 05:22:1f:88:87:20:86:2e:82:b6:6f:ed:5a:de:c8: 00:67:5f:d3:73:72:5a:ea:39:6f:0a:29:79:3c:aa: d8:e8:72:1f:13:50:89:e2:3d:23:04:7f:a5:47:3c: 91:1b:bb:fd:4f:86:6d:46:c2:92:96:f9:af:d8:1a: 5f:e3:32:3e:21:19:a6:af:1c:61:82:dc:1f:52:d5: 29:00:c6:a5:9e:c4:3c:da:07:1a:9f:04:c3:ed:c0: 7d:97:ab:93:05:a5:24:04:06:83:db:e2:b4:ea:c1: e2:ad:72:f0:41:7a:ad:2f:13:0b:7f:f1:c1:70:65: 69:e6:04:d9:a8:17:ce:c9:dc:80:7b:fc:38:c1:7c: 72:b6:5d:d7:27:3c:23:72:aa:05:04:db:d8:5a:1f: ad:8d:b6:89:b7:12:23:8a:c8:16:57:2b:54:c2:5a: f0:54:54:da:89:ad:ad:95:92:0d:95:ee:bd:a4:c6: 11:e4:f8:1b:7d:0a:76:d7:31:72:da:ee:b6:65:94: 2a:93:0f:85:22:91:ea:7f:b7:bc:be:24:6d:97:5a: 79:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:3A:34:F6:2C:76:CD:83:E4:3E:3B:51:58:26:6D:51:06:3B:1F:1F X509v3 Authority Key Identifier: keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/9zo09ix2zYPkPjtRWCZtUQY7Hx8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.63.24.0/21 91.190.168.0/21 185.85.76.0/22 IPv6: 2a02:798::/32 Signature Algorithm: sha256WithRSAEncryption 16:fe:2d:c6:27:8b:c4:69:d6:ac:3c:2a:cb:c8:e7:78:a2:c4: 11:df:66:da:af:4b:55:27:8f:22:c5:6e:4e:92:9c:ca:59:76: 24:b3:0e:5e:20:64:e4:75:6b:b1:31:0d:ce:7b:8b:bb:9d:d8: 56:f9:1f:f0:be:ee:08:9c:e4:2a:19:2d:93:e4:54:22:03:97: 2d:95:81:ce:c5:74:bc:95:e5:08:9c:6d:b2:95:ed:e1:7f:e3: 5c:34:a9:0d:99:1f:03:c8:7b:91:cf:7e:7a:5c:a4:dd:a1:5f: 93:7d:67:87:0f:5f:e7:63:7c:c1:a0:07:85:fe:1a:01:1e:ef: 2b:a9:2e:54:ad:40:a1:9c:12:41:e3:21:77:7d:83:7f:c2:36: 92:4e:d3:29:30:00:6c:b6:81:64:c0:ee:24:ca:71:c6:0f:b7: 0e:24:34:5b:3d:1a:ec:97:1e:42:23:ef:cf:c6:3d:d0:b6:82: f2:84:3a:19:b5:f3:ee:a0:ec:bf:c9:e4:84:2f:11:1c:e6:19: 38:38:6b:7d:49:22:db:63:13:32:dd:a9:b5:28:0c:ec:b0:ad: 1c:5c:14:b4:19:8c:3d:3a:61:36:36:72:35:5f:68:de:cb:6e: 38:b0:a5:48:17:f8:a4:e8:df:b0:e9:cc:b0:90:7d:46:88:29: 58:4e:00:4a -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt7o1dm5evf/FenUlFI6neCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhMTQxYzUwOTA4MjRkMGExN2MyOWVjNDA1MGUyMTAwNzEx M2ZiZGEwHhcNMjYwMTAxMjIxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNzNhMzRmNjJjNzZjZDgzZTQzZTNiNTE1ODI2NmQ1MTA2M2IxZjFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz00OFL5s6kZmdRnt7nsdTPrax8mC hKVKVJ+Oz4FgFRQyXkPtLfkgbRhdcjQFIh+IhyCGLoK2b+1a3sgAZ1/Tc3Ja6jlv Cil5PKrY6HIfE1CJ4j0jBH+lRzyRG7v9T4ZtRsKSlvmv2Bpf4zI+IRmmrxxhgtwf UtUpAMalnsQ82gcanwTD7cB9l6uTBaUkBAaD2+K06sHirXLwQXqtLxMLf/HBcGVp 5gTZqBfOydyAe/w4wXxytl3XJzwjcqoFBNvYWh+tjbaJtxIjisgWVytUwlrwVFTa ia2tlZINle69pMYR5PgbfQp21zFy2u62ZZQqkw+FIpHqf7e8viRtl1p5ewIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFPc6NPYsds2D5D47UVgmbVEGOx8fMB8GA1UdIwQY MBaAFFoUHFCQgk0KF8KexAUOIQBxE/vaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUt ZWNlZWZmOGU4NGUwLzEvOXpvMDlpeDJ6WVBrUGp0UldDWnRVUVk3SHg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUtZWNlZWZmOGU4NGUw LzEvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBT8YAwQD W76oAwQCuVVMMA0EAgACMAcDBQAqAgeYMA0GCSqGSIb3DQEBCwUAA4IBAQAW/i3G J4vEadasPCrLyOd4osQR32bar0tVJ48ixW5OkpzKWXYksw5eIGTkdWuxMQ3Oe4u7 ndhW+R/wvu4InOQqGS2T5FQiA5ctlYHOxXS8leUInG2yle3hf+NcNKkNmR8DyHuR z356XKTdoV+TfWeHD1/nY3zBoAeF/hoBHu8rqS5UrUChnBJB4yF3fYN/wjaSTtMp MABstoFkwO4kynHGD7cOJDRbPRrslx5CI+/Pxj3QtoLyhDoZtfPuoOy/yeSELxEc 5hk4OGt9SSLbYxMy3am1KAzssK0cXBS0GYw9OmE2NnI1X2jey244sKVIF/ik6N+w 6cywkH1GiClYTgBK -----END CERTIFICATE-----Generated at Fri Jan 2 13:02:06 2026 by rpki-client