This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/g9D60eT4osY914CQ4MsZqD3p_Gw.roa File: g9D60eT4osY914CQ4MsZqD3p_Gw.roa (raw, json) Hash identifier: 9V83sePRPvQWxHMpiIJhpUEoLq1Krp0NLVKYoKzzAfU= Subject key identifier: 83:D0:FA:D1:E4:F8:A2:C6:3D:D7:80:90:E0:CB:19:A8:3D:E9:FC:6C Certificate issuer: /CN=3a3149da0a12bdbf1bef598b0463090780206ce0 Certificate serial: 019B79EC383BDF0D9A16AB650F68F32412FA Authority key identifier: 3A:31:49:DA:0A:12:BD:BF:1B:EF:59:8B:04:63:09:07:80:20:6C:E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OjFJ2goSvb8b71mLBGMJB4AgbOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/g9D60eT4osY914CQ4MsZqD3p_Gw.roa Signing time: Thu 01 Jan 2026 14:18:02 +0000 ROA not before: Thu 01 Jan 2026 14:18:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5404 IP address blocks: 185.69.160.0/22 maxlen: 22 185.69.160.0/24 maxlen: 24 185.69.161.0/24 maxlen: 24 185.69.162.0/24 maxlen: 24 185.69.163.0/24 maxlen: 24 185.174.204.0/22 maxlen: 22 185.174.204.0/24 maxlen: 24 185.174.205.0/24 maxlen: 24 185.174.206.0/24 maxlen: 24 185.174.207.0/24 maxlen: 24 195.192.208.0/21 maxlen: 21 195.192.208.0/24 maxlen: 24 195.192.209.0/24 maxlen: 24 195.192.210.0/24 maxlen: 24 195.192.211.0/24 maxlen: 24 195.192.212.0/24 maxlen: 24 195.192.213.0/24 maxlen: 24 195.192.214.0/24 maxlen: 24 195.192.215.0/24 maxlen: 24 217.196.144.0/20 maxlen: 20 217.196.144.0/24 maxlen: 24 217.196.145.0/24 maxlen: 24 217.196.146.0/24 maxlen: 24 217.196.147.0/24 maxlen: 24 217.196.148.0/24 maxlen: 24 217.196.149.0/24 maxlen: 24 217.196.150.0/24 maxlen: 24 217.196.151.0/24 maxlen: 24 217.196.152.0/24 maxlen: 24 217.196.153.0/24 maxlen: 24 217.196.154.0/24 maxlen: 24 217.196.155.0/24 maxlen: 24 217.196.156.0/24 maxlen: 24 217.196.157.0/24 maxlen: 24 217.196.158.0/24 maxlen: 24 217.196.159.0/24 maxlen: 24 2a02:16a8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/OjFJ2goSvb8b71mLBGMJB4AgbOA.crl rsync://rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/OjFJ2goSvb8b71mLBGMJB4AgbOA.mft rsync://rpki.ripe.net/repository/DEFAULT/OjFJ2goSvb8b71mLBGMJB4AgbOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:38:3b:df:0d:9a:16:ab:65:0f:68:f3:24:12:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a3149da0a12bdbf1bef598b0463090780206ce0 Validity Not Before: Jan 1 14:18:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=83d0fad1e4f8a2c63dd78090e0cb19a83de9fc6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:60:66:fa:d7:e3:dc:0e:d7:b4:7a:f7:43:38: d2:c0:3b:78:6e:7e:2c:24:37:8c:02:7d:b1:67:e2: 71:94:66:6b:39:86:a7:e7:36:b0:02:0e:08:22:9b: c6:ba:dc:9a:f3:17:5a:7b:ca:90:55:b7:52:d4:6a: f2:59:76:39:5a:2a:86:5a:7a:c1:ad:39:af:66:90: c5:3c:69:1d:e2:b1:bb:e5:a7:70:bc:4a:4f:77:d8: 61:12:40:3f:d1:a4:64:fd:67:76:c9:45:d2:96:18: 0e:51:cf:6c:27:75:bd:94:ac:4e:a1:6d:e6:23:4c: 55:9e:2f:69:da:5c:3e:d6:37:56:54:88:28:c5:25: 35:09:8b:8e:ec:50:fd:cf:28:b9:16:66:a2:63:f0: ad:cf:5c:f7:ad:72:b5:f7:bb:43:93:e3:ba:22:6a: 31:ad:7b:e8:7a:ed:49:a4:0d:54:f8:21:dc:bb:45: 16:71:b7:4d:af:48:71:e7:90:07:f8:ac:27:f9:f2: 62:9d:a8:b7:ec:1c:74:43:83:bc:ca:bc:1b:02:2a: 5f:03:c6:d4:22:aa:50:4a:92:bb:cf:0d:d4:1f:c4: d6:eb:ae:3a:ba:9b:a3:52:21:e9:8f:be:92:88:21: 0f:20:b7:de:c9:47:26:b5:31:49:50:4a:d3:b7:d9: 98:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:D0:FA:D1:E4:F8:A2:C6:3D:D7:80:90:E0:CB:19:A8:3D:E9:FC:6C X509v3 Authority Key Identifier: keyid:3A:31:49:DA:0A:12:BD:BF:1B:EF:59:8B:04:63:09:07:80:20:6C:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OjFJ2goSvb8b71mLBGMJB4AgbOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/g9D60eT4osY914CQ4MsZqD3p_Gw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d88aae-68c3-4909-9f8a-07e83cd5b60d/1/OjFJ2goSvb8b71mLBGMJB4AgbOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.69.160.0/22 185.174.204.0/22 195.192.208.0/21 217.196.144.0/20 IPv6: 2a02:16a8::/32 Signature Algorithm: sha256WithRSAEncryption 74:4f:53:68:0a:df:b7:61:75:37:90:c7:02:90:83:66:98:eb: cb:9d:5b:5f:88:d5:2e:eb:7f:8f:71:81:8b:0e:6f:2d:49:f3: 8f:55:1c:70:61:64:5b:96:72:1a:e5:ab:89:b0:e0:c0:f3:35: c3:74:71:b8:b9:79:f5:0a:3b:94:4c:f4:f3:89:72:11:dd:11: f3:45:90:5e:7b:9a:3a:45:cc:32:a3:54:50:6c:eb:72:cf:bf: 6f:c4:60:cc:ac:9c:b1:1e:ad:9b:7d:68:94:aa:86:7c:a3:ef: 8e:45:1f:90:7c:4c:c3:24:1c:85:87:6b:91:d4:da:45:42:91: ae:41:0a:fd:bf:cf:55:84:fc:73:a6:06:57:52:9b:df:88:05: 1a:84:68:a4:a2:e1:8a:db:c3:fd:5e:d9:9b:dc:e1:db:c3:fe: b2:9b:9b:5b:0e:7b:1f:61:ee:cc:91:4d:92:e9:a2:e7:31:5f: 00:9c:f0:81:88:dd:26:c0:9e:9a:0f:99:7a:74:91:a7:72:1a: 71:81:cd:41:6b:4b:34:19:7a:19:60:38:07:17:9e:3d:c2:e8: f8:a1:51:1f:4d:e4:45:84:44:8e:33:2e:21:5b:f2:6d:3a:40: cc:d6:04:d8:9d:18:26:7d:a8:74:dc:58:3c:fd:89:03:ad:63: c0:98:c4:46 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt57Dg73w2aFqtlD2jzJBL6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhMzE0OWRhMGExMmJkYmYxYmVmNTk4YjA0NjMwOTA3ODAy MDZjZTAwHhcNMjYwMTAxMTQxODAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4M2QwZmFkMWU0ZjhhMmM2M2RkNzgwOTBlMGNiMTlhODNkZTlmYzZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2Bm+tfj3A7XtHr3QzjSwDt4bn4s JDeMAn2xZ+JxlGZrOYan5zawAg4IIpvGutya8xdae8qQVbdS1GryWXY5WiqGWnrB rTmvZpDFPGkd4rG75adwvEpPd9hhEkA/0aRk/Wd2yUXSlhgOUc9sJ3W9lKxOoW3m I0xVni9p2lw+1jdWVIgoxSU1CYuO7FD9zyi5FmaiY/Ctz1z3rXK197tDk+O6Imox rXvoeu1JpA1U+CHcu0UWcbdNr0hx55AH+Kwn+fJinai37Bx0Q4O8yrwbAipfA8bU IqpQSpK7zw3UH8TW6646upujUiHpj76SiCEPILfeyUcmtTFJUErTt9mYYQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFIPQ+tHk+KLGPdeAkODLGag96fxsMB8GA1UdIwQY MBaAFDoxSdoKEr2/G+9ZiwRjCQeAIGzgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2pGSjJnb1N2YjhiNzFtTEJHTUpCNEFnYk9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9kODhhYWUtNjhjMy00OTA5LTlmOGEt MDdlODNjZDViNjBkLzEvZzlENjBlVDRvc1k5MTRDUTRNc1pxRDNwX0d3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYy9kODhhYWUtNjhjMy00OTA5LTlmOGEtMDdlODNjZDViNjBk LzEvT2pGSjJnb1N2YjhiNzFtTEJHTUpCNEFnYk9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuUWgAwQC ua7MAwQDw8DQAwQE2cSQMA0EAgACMAcDBQAqAhaoMA0GCSqGSIb3DQEBCwUAA4IB AQB0T1NoCt+3YXU3kMcCkINmmOvLnVtfiNUu63+PcYGLDm8tSfOPVRxwYWRblnIa 5auJsODA8zXDdHG4uXn1CjuUTPTziXIR3RHzRZBee5o6Rcwyo1RQbOtyz79vxGDM rJyxHq2bfWiUqoZ8o++ORR+QfEzDJByFh2uR1NpFQpGuQQr9v89VhPxzpgZXUpvf iAUahGikouGK28P9Xtmb3OHbw/6ym5tbDnsfYe7MkU2S6aLnMV8AnPCBiN0mwJ6a D5l6dJGnchpxgc1Ba0s0GXoZYDgHF549wuj4oVEfTeRFhESOMy4hW/JtOkDM1gTY nRgmfah03Fg8/YkDrWPAmMRG -----END CERTIFICATE-----Generated at Tue Feb 10 04:14:06 2026 by rpki-client