This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/9H2Cao4L9seLn80FxSiOGYvYmbE.roa File: 9H2Cao4L9seLn80FxSiOGYvYmbE.roa (raw, json) Hash identifier: 6fh3UPrvbfpSC3IgcyXg2AEmgPfBi1rjETuQ8TwnWs8= Subject key identifier: F4:7D:82:6A:8E:0B:F6:C7:8B:9F:CD:05:C5:28:8E:19:8B:D8:99:B1 Certificate issuer: /CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8 Certificate serial: 019B7DCB0F7F766D970D7B12C315BB6EC239 Authority key identifier: A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/9H2Cao4L9seLn80FxSiOGYvYmbE.roa Signing time: Fri 02 Jan 2026 08:20:18 +0000 ROA not before: Fri 02 Jan 2026 08:20:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199541 IP address blocks: 147.196.0.0/16 maxlen: 16 153.98.1.0/24 maxlen: 24 153.98.5.0/24 maxlen: 24 153.98.9.0/24 maxlen: 24 153.98.13.0/24 maxlen: 24 153.98.36.0/24 maxlen: 24 153.98.37.0/24 maxlen: 24 153.98.68.0/24 maxlen: 24 153.98.70.0/24 maxlen: 24 153.98.71.0/24 maxlen: 24 153.98.83.0/24 maxlen: 24 153.98.100.0/24 maxlen: 24 153.98.105.0/24 maxlen: 24 153.98.106.0/24 maxlen: 24 153.98.107.0/24 maxlen: 24 153.98.108.0/24 maxlen: 24 153.98.109.0/24 maxlen: 24 153.98.110.0/24 maxlen: 24 153.98.111.0/24 maxlen: 24 153.98.112.0/24 maxlen: 24 153.98.113.0/24 maxlen: 24 153.98.114.0/24 maxlen: 24 153.98.115.0/24 maxlen: 24 153.98.116.0/24 maxlen: 24 153.98.117.0/24 maxlen: 24 153.98.118.0/24 maxlen: 24 153.98.119.0/24 maxlen: 24 153.98.120.0/24 maxlen: 24 153.98.121.0/24 maxlen: 24 153.98.122.0/24 maxlen: 24 153.98.123.0/24 maxlen: 24 192.70.89.0/24 maxlen: 24 192.70.90.0/24 maxlen: 24 192.93.20.0/22 maxlen: 22 193.58.19.0/24 maxlen: 24 193.58.21.0/24 maxlen: 24 193.58.31.0/24 maxlen: 24 193.221.2.0/24 maxlen: 24 193.221.14.0/24 maxlen: 24 193.221.170.0/24 maxlen: 24 193.221.181.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.crl rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.mft rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:0f:7f:76:6d:97:0d:7b:12:c3:15:bb:6e:c2:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8 Validity Not Before: Jan 2 08:20:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f47d826a8e0bf6c78b9fcd05c5288e198bd899b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:b2:9d:f3:9d:f9:0f:a2:b4:39:20:95:29:3f: 51:49:49:9e:fa:0d:a6:ee:f1:a5:4c:a4:6c:c7:e6: 78:b8:b6:50:6f:5e:d5:06:29:79:50:93:80:97:2b: 71:17:af:a8:bc:fb:30:eb:a8:0a:13:b1:a3:b0:a6: 43:55:90:32:32:5a:a4:ee:20:43:bf:d7:9c:39:eb: 42:64:f9:4c:3b:a0:a6:d9:40:7b:d6:b2:33:6e:0d: 75:8f:78:4e:21:c8:2a:0e:34:5f:a5:9d:5f:ca:bb: d5:60:f3:a1:ef:7d:23:76:51:0b:4b:77:f6:96:ee: 26:f3:c5:54:dc:79:4f:c4:09:ab:31:27:47:47:ac: 8c:54:71:bd:4a:75:c5:b3:84:ef:dd:56:f4:33:f1: de:2d:53:93:32:cc:8a:c6:a2:77:76:be:bf:fd:1b: 6e:d7:24:76:7f:98:34:54:d3:d1:9b:5b:6b:27:2a: f8:bf:47:17:09:1b:37:66:16:08:7c:9b:54:7b:98: b0:d5:7d:47:56:11:9b:e4:2b:47:f6:8b:b0:10:9e: 18:d9:5e:3b:68:0c:04:4b:7d:58:d9:62:e1:ad:07: cb:a9:0e:c2:f0:96:5d:dc:7b:56:2f:3d:4a:93:dd: 18:fe:4e:f9:a1:e8:02:f6:7f:c1:f9:30:39:24:31: 55:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:7D:82:6A:8E:0B:F6:C7:8B:9F:CD:05:C5:28:8E:19:8B:D8:99:B1 X509v3 Authority Key Identifier: keyid:A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/9H2Cao4L9seLn80FxSiOGYvYmbE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 147.196.0.0/16 153.98.1.0/24 153.98.5.0/24 153.98.9.0/24 153.98.13.0/24 153.98.36.0/23 153.98.68.0/24 153.98.70.0/23 153.98.83.0/24 153.98.100.0/24 153.98.105.0-153.98.123.255 192.70.89.0-192.70.90.255 192.93.20.0/22 193.58.19.0/24 193.58.21.0/24 193.58.31.0/24 193.221.2.0/24 193.221.14.0/24 193.221.170.0/24 193.221.181.0/24 Signature Algorithm: sha256WithRSAEncryption 28:fc:bf:fc:7d:b4:42:ec:5b:de:02:bd:06:c7:3f:06:b8:fa: 42:e8:13:cf:f5:00:f4:44:78:df:8f:8f:c9:6c:af:37:65:21: 89:83:f2:49:e6:a4:af:eb:e8:2f:05:f3:cf:bc:c5:ad:93:4a: 14:58:97:ef:36:e6:4e:d1:60:bf:a3:a7:d4:4b:e1:e5:9f:fe: 5c:d5:45:af:38:17:b0:18:05:93:77:17:0e:48:7d:1a:83:c4: b3:f8:e3:85:6b:7b:20:d8:9a:bf:66:a4:1a:f4:f9:5f:81:52: 47:e9:ba:5a:aa:06:9b:ee:d2:40:a3:13:30:d4:21:95:c1:0f: d4:bf:55:ed:40:ac:98:68:55:91:e4:db:22:f1:75:09:a7:81: 93:50:eb:d5:43:f6:9e:66:ab:0b:cc:a4:97:fb:b3:32:0a:df: f5:de:b8:e0:93:a5:7c:c3:51:3f:83:c3:ed:19:88:86:6a:51: 56:89:46:54:88:f9:2f:6f:51:3a:86:1d:15:df:a6:a8:45:a7: 63:32:7c:e4:5e:82:8b:e9:72:86:df:3c:6e:6b:19:00:5c:a1: e3:46:2e:23:c2:11:fe:da:80:ab:d5:6f:72:cc:4e:a8:3d:9e: 0b:9d:e6:fa:fd:87:db:99:8e:ee:2f:26:50:d2:2c:88:ef:25: 73:77:f5:e4 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgISAZt9yw9/dm2XDXsSwxW7bsI5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3NmZjZmFkOTY2YWU3ZTgxNzFjZmNlMjZkYjNmNjU3NzZk MjZmZTgwHhcNMjYwMTAyMDgyMDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNDdkODI2YThlMGJmNmM3OGI5ZmNkMDVjNTI4OGUxOThiZDg5OWIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7Kd8535D6K0OSCVKT9RSUme+g2m 7vGlTKRsx+Z4uLZQb17VBil5UJOAlytxF6+ovPsw66gKE7GjsKZDVZAyMlqk7iBD v9ecOetCZPlMO6Cm2UB71rIzbg11j3hOIcgqDjRfpZ1fyrvVYPOh730jdlELS3f2 lu4m88VU3HlPxAmrMSdHR6yMVHG9SnXFs4Tv3Vb0M/HeLVOTMsyKxqJ3dr6//Rtu 1yR2f5g0VNPRm1trJyr4v0cXCRs3ZhYIfJtUe5iw1X1HVhGb5CtH9ouwEJ4Y2V47 aAwES31Y2WLhrQfLqQ7C8JZd3HtWLz1Kk90Y/k75oegC9n/B+TA5JDFV9wIDAQAB o4ICjzCCAoswHQYDVR0OBBYEFPR9gmqOC/bHi5/NBcUojhmL2JmxMB8GA1UdIwQY MBaAFKdvz62WaufoFxz84m2z9ld20m/oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEt YzU0MDFmNmQ5MWQxLzEvOUgyQ2FvNEw5c2VMbjgwRnhTaU9HWXZZbWJFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEtYzU0MDFmNmQ5MWQx LzEvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTCBjgQCAAEwgYcDAwCT xAMEAJliAQMEAJliBQMEAJliCQMEAJliDQMEAZliJAMEAJliRAMEAZliRgMEAJli UwMEAJliZDAMAwQAmWJpAwQCmWJ4MAwDBADARlkDBADARloDBALAXRQDBADBOhMD BADBOhUDBADBOh8DBADB3QIDBADB3Q4DBADB3aoDBADB3bUwDQYJKoZIhvcNAQEL BQADggEBACj8v/x9tELsW94CvQbHPwa4+kLoE8/1APREeN+Pj8lsrzdlIYmD8knm pK/r6C8F88+8xa2TShRYl+825k7RYL+jp9RL4eWf/lzVRa84F7AYBZN3Fw5IfRqD xLP444VreyDYmr9mpBr0+V+BUkfpulqqBpvu0kCjEzDUIZXBD9S/Ve1ArJhoVZHk 2yLxdQmngZNQ69VD9p5mqwvMpJf7szIK3/XeuOCTpXzDUT+Dw+0ZiIZqUVaJRlSI +S9vUTqGHRXfpqhFp2MyfORegovpcobfPG5rGQBcoeNGLiPCEf7agKvVb3LMTqg9 ngud5vr9h9uZju4vJlDSLIjvJXN39eQ= -----END CERTIFICATE-----Generated at Sun Jan 25 20:00:04 2026 by rpki-client