This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/ik9bQHA3wdhcXWdy4pApX4ViEtA.roa File: ik9bQHA3wdhcXWdy4pApX4ViEtA.roa (raw, json) Hash identifier: YUhchzwns71ZrkZmZzkm82sDpa46jMSA30HHNbNFaao= Subject key identifier: 8A:4F:5B:40:70:37:C1:D8:5C:5D:67:72:E2:90:29:5F:85:62:12:D0 Certificate issuer: /CN=d2a4452602c9df977c9d5dd8dc13b6661df40136 Certificate serial: 019B7AC9589A0B123B18F7B584E390EEC96E Authority key identifier: D2:A4:45:26:02:C9:DF:97:7C:9D:5D:D8:DC:13:B6:66:1D:F4:01:36 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/ik9bQHA3wdhcXWdy4pApX4ViEtA.roa Signing time: Thu 01 Jan 2026 18:19:34 +0000 ROA not before: Thu 01 Jan 2026 18:19:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21448 IP address blocks: 193.110.88.0/24 maxlen: 24 194.28.136.0/22 maxlen: 24 195.69.92.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.crl rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.mft rsync://rpki.ripe.net/repository/DEFAULT/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 19:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:58:9a:0b:12:3b:18:f7:b5:84:e3:90:ee:c9:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2a4452602c9df977c9d5dd8dc13b6661df40136 Validity Not Before: Jan 1 18:19:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8a4f5b407037c1d85c5d6772e290295f856212d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:18:4c:6f:f2:bd:4a:46:65:7b:e2:c9:7d:ac: 24:92:d4:50:29:ac:6c:13:35:04:b3:a0:47:75:1b: 65:ae:cc:83:fc:48:66:3d:3f:04:1c:ba:41:a1:e1: 94:68:94:a9:e2:9f:99:01:25:28:ff:65:2a:1b:ab: 2f:eb:5c:c4:0f:58:31:77:11:25:ec:e9:11:e4:f2: 72:2a:8b:32:05:16:02:3d:4e:47:f2:f4:93:40:d5: b1:d7:4d:cb:27:c1:bb:80:8d:a1:a3:e3:87:03:b3: cb:13:28:04:a3:0f:cd:37:30:29:18:75:13:ec:a1: 12:4f:67:8d:80:8c:a1:29:09:1d:d8:04:06:67:2e: b1:5e:16:5d:5f:95:8a:a9:a0:1c:7f:d6:e6:5f:2c: 9f:9a:d4:22:4c:19:67:34:00:4e:46:9e:c8:4a:e9: 8f:30:20:55:f1:85:ee:ba:c4:d6:94:d8:de:bc:71: f3:1a:15:3a:ca:ad:5a:dd:52:49:1a:0f:8a:58:ee: 11:a0:be:47:4e:bf:85:81:80:da:e1:45:5c:9b:6f: 88:d9:6c:f0:8f:50:ed:18:71:3c:ca:f1:70:af:dd: 47:1e:77:49:c1:30:c3:1e:b8:4d:d4:4f:10:4a:40: 28:05:0e:d0:b5:62:31:5c:69:1a:ce:75:fc:a7:1d: 55:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:4F:5B:40:70:37:C1:D8:5C:5D:67:72:E2:90:29:5F:85:62:12:D0 X509v3 Authority Key Identifier: keyid:D2:A4:45:26:02:C9:DF:97:7C:9D:5D:D8:DC:13:B6:66:1D:F4:01:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/ik9bQHA3wdhcXWdy4pApX4ViEtA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d5fd99-8ae0-4ae0-b6b4-fe74ef7aac95/1/0qRFJgLJ35d8nV3Y3BO2Zh30ATY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.110.88.0/24 194.28.136.0/22 195.69.92.0/22 Signature Algorithm: sha256WithRSAEncryption 07:0f:d3:31:cf:60:77:6a:3a:34:44:f3:e4:9b:07:3a:fe:31: 19:f0:fa:a0:a8:ae:3a:b1:57:6b:c5:f7:47:df:26:3e:17:3c: d2:d5:7b:41:b9:96:a2:20:2a:9a:e5:73:bd:e8:6a:39:fb:0d: d3:60:9d:66:71:2a:47:7d:32:f8:6c:fe:25:f6:fe:fc:9e:6f: b0:3d:a8:47:2e:55:8f:83:66:a2:01:27:22:fd:0c:05:6e:83: 03:21:bc:e7:28:04:46:0c:77:b6:6c:3b:76:11:bc:ec:5a:79: 7f:8d:9e:d5:50:03:fb:0c:72:8b:10:dc:f0:aa:32:53:05:fc: 8b:24:63:09:f3:df:52:56:21:73:73:cb:10:96:ed:a6:aa:9a: 70:b0:a3:9e:f2:97:1d:9e:1d:f1:58:11:ae:f5:fa:75:87:21: dc:e4:07:ff:ab:3c:e7:95:e8:bb:3e:f1:40:eb:0a:2f:c0:dc: 2b:c9:c9:3a:95:1e:f1:c3:13:2c:d2:ad:0c:a2:a0:29:19:be: 64:14:85:00:f1:33:49:8b:86:3b:f3:0f:7b:6b:9f:de:ba:27: 70:41:5a:15:a7:76:84:2b:cb:f0:8e:20:be:70:a9:82:9c:e6: fe:aa:2f:b3:80:79:5c:6e:f0:6d:2f:1d:31:42:46:64:c4:cd: a6:b9:cf:a3 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt6yViaCxI7GPe1hOOQ7sluMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyYTQ0NTI2MDJjOWRmOTc3YzlkNWRkOGRjMTNiNjY2MWRm NDAxMzYwHhcNMjYwMTAxMTgxOTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YTRmNWI0MDcwMzdjMWQ4NWM1ZDY3NzJlMjkwMjk1Zjg1NjIxMmQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxRhMb/K9SkZle+LJfawkktRQKaxs EzUEs6BHdRtlrsyD/EhmPT8EHLpBoeGUaJSp4p+ZASUo/2UqG6sv61zED1gxdxEl 7OkR5PJyKosyBRYCPU5H8vSTQNWx103LJ8G7gI2ho+OHA7PLEygEow/NNzApGHUT 7KEST2eNgIyhKQkd2AQGZy6xXhZdX5WKqaAcf9bmXyyfmtQiTBlnNABORp7ISumP MCBV8YXuusTWlNjevHHzGhU6yq1a3VJJGg+KWO4RoL5HTr+FgYDa4UVcm2+I2Wzw j1DtGHE8yvFwr91HHndJwTDDHrhN1E8QSkAoBQ7QtWIxXGkaznX8px1V5wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFIpPW0BwN8HYXF1ncuKQKV+FYhLQMB8GA1UdIwQY MBaAFNKkRSYCyd+XfJ1d2NwTtmYd9AE2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHFSRkpnTEozNWQ4blYzWTNCTzJaaDMwQVRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9kNWZkOTktOGFlMC00YWUwLWI2YjQt ZmU3NGVmN2FhYzk1LzEvaWs5YlFIQTN3ZGhjWFdkeTRwQXBYNFZpRXRBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYy9kNWZkOTktOGFlMC00YWUwLWI2YjQtZmU3NGVmN2FhYzk1 LzEvMHFSRkpnTEozNWQ4blYzWTNCTzJaaDMwQVRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwW5YAwQC whyIAwQCw0VcMA0GCSqGSIb3DQEBCwUAA4IBAQAHD9Mxz2B3ajo0RPPkmwc6/jEZ 8PqgqK46sVdrxfdH3yY+FzzS1XtBuZaiICqa5XO96Go5+w3TYJ1mcSpHfTL4bP4l 9v78nm+wPahHLlWPg2aiASci/QwFboMDIbznKARGDHe2bDt2EbzsWnl/jZ7VUAP7 DHKLENzwqjJTBfyLJGMJ899SViFzc8sQlu2mqppwsKOe8pcdnh3xWBGu9fp1hyHc 5Af/qzznlei7PvFA6wovwNwryck6lR7xwxMs0q0MoqApGb5kFIUA8TNJi4Y78w97 a5/euidwQVoVp3aEK8vwjiC+cKmCnOb+qi+zgHlcbvBtLx0xQkZkxM2muc+j -----END CERTIFICATE-----Generated at Tue Feb 3 03:43:32 2026 by rpki-client