This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/1b7635-e6ff-4969-b2c0-89fb8fe69633/1/k9Qt8bd5mtUe8WkBxy0-PnZZYDQ.roa File: k9Qt8bd5mtUe8WkBxy0-PnZZYDQ.roa (raw, json) Hash identifier: 4cUGdQJG54wz4ImSZGhzke5tGudVY4frq/07PWJo/ug= Subject key identifier: 93:D4:2D:F1:B7:79:9A:D5:1E:F1:69:01:C7:2D:3E:3E:76:59:60:34 Certificate issuer: /CN=9ba90d66d2ddeb646a61406912ffddfa14e39910 Certificate serial: 019B7F80EF556D18877FF600D84342F59C68 Authority key identifier: 9B:A9:0D:66:D2:DD:EB:64:6A:61:40:69:12:FF:DD:FA:14:E3:99:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m6kNZtLd62RqYUBpEv_d-hTjmRA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/1b7635-e6ff-4969-b2c0-89fb8fe69633/1/k9Qt8bd5mtUe8WkBxy0-PnZZYDQ.roa Signing time: Fri 02 Jan 2026 16:18:34 +0000 ROA not before: Fri 02 Jan 2026 16:18:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197540 IP address blocks: 5.182.200.0/23 maxlen: 24 5.182.200.0/24 maxlen: 24 5.182.202.0/23 maxlen: 24 2a0f:5b00::/32 maxlen: 32 2a0f:5b01::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/1b7635-e6ff-4969-b2c0-89fb8fe69633/1/m6kNZtLd62RqYUBpEv_d-hTjmRA.crl rsync://rpki.ripe.net/repository/DEFAULT/08/1b7635-e6ff-4969-b2c0-89fb8fe69633/1/m6kNZtLd62RqYUBpEv_d-hTjmRA.mft rsync://rpki.ripe.net/repository/DEFAULT/m6kNZtLd62RqYUBpEv_d-hTjmRA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:80:ef:55:6d:18:87:7f:f6:00:d8:43:42:f5:9c:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ba90d66d2ddeb646a61406912ffddfa14e39910 Validity Not Before: Jan 2 16:18:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=93d42df1b7799ad51ef16901c72d3e3e76596034 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:c4:2d:a4:12:6d:6e:ec:86:6b:d8:c7:a4:0d: d7:6e:f7:fb:22:fd:12:22:32:58:49:ce:63:dc:f4: 8f:05:65:a3:30:fa:a4:71:aa:88:78:a5:b6:a4:69: 7a:91:0a:4c:5e:b0:b9:5e:5a:7d:e4:72:08:16:28: 82:45:26:81:d6:00:2b:81:4c:f1:48:ba:e6:73:15: b4:26:42:c6:52:7d:15:66:e7:c4:df:9a:79:bf:91: 42:ce:bc:ce:89:0d:e6:0a:28:11:41:ee:24:b1:f1: 95:25:1d:0c:d7:a0:f5:b0:b7:d9:68:c7:27:e0:00: 06:8d:dc:fb:99:a0:e2:d1:0b:a7:1a:cf:65:1e:a8: 4b:88:ef:b0:ee:76:34:eb:80:e6:10:48:eb:f3:ae: 8c:0b:f1:e1:6f:20:e0:d3:a2:e3:23:97:83:f6:b6: 04:6e:63:af:31:9e:08:de:5a:2b:c0:2c:3b:15:34: ba:b3:b0:b3:92:b6:f8:eb:14:e1:bf:56:62:a3:c7: de:dd:6a:2f:f9:8f:82:40:79:2d:44:53:dd:eb:6a: f2:c7:9a:3e:34:cd:df:2d:3e:b1:41:ba:b5:4a:cd: 26:5b:0c:5c:60:1f:cc:77:b0:a2:dc:75:b6:1b:5f: 8b:b8:d8:8d:4c:e8:10:b4:7c:52:06:17:58:bb:57: 6b:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:D4:2D:F1:B7:79:9A:D5:1E:F1:69:01:C7:2D:3E:3E:76:59:60:34 X509v3 Authority Key Identifier: keyid:9B:A9:0D:66:D2:DD:EB:64:6A:61:40:69:12:FF:DD:FA:14:E3:99:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m6kNZtLd62RqYUBpEv_d-hTjmRA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1b7635-e6ff-4969-b2c0-89fb8fe69633/1/k9Qt8bd5mtUe8WkBxy0-PnZZYDQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/08/1b7635-e6ff-4969-b2c0-89fb8fe69633/1/m6kNZtLd62RqYUBpEv_d-hTjmRA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.182.200.0/22 IPv6: 2a0f:5b00::/31 Signature Algorithm: sha256WithRSAEncryption 45:04:36:04:7b:18:b2:cd:e3:51:f2:83:4e:61:f1:18:5e:47: d9:51:b4:a2:43:d2:0c:5b:47:1d:31:24:a7:09:ea:dc:a7:ea: 00:48:96:7f:2c:34:61:d2:09:3e:97:bd:0d:e0:15:94:60:cc: 2a:3d:34:a7:f9:29:62:58:b3:99:35:c9:1a:08:d2:d6:32:bf: 02:2e:38:d0:87:41:c4:5c:fe:06:00:d5:18:9c:9f:29:8f:5a: f3:73:44:7f:99:cd:c9:bf:98:46:1c:5c:4e:2d:5d:39:72:f5: 03:21:f9:1e:33:49:06:6c:ab:9a:28:81:8a:f9:13:e8:76:02: 87:0a:ac:5f:96:34:31:d9:67:a0:5d:43:c0:00:00:01:ba:14: 19:3d:ab:10:88:31:90:59:74:c6:33:fd:2e:57:13:26:ed:11: b5:21:a4:4a:97:38:58:77:10:2a:53:1c:50:7c:5e:8f:a6:ac: ad:67:c0:9c:b3:25:cd:42:56:43:af:c0:8f:1d:92:a7:8a:a4: 66:6a:b5:59:2e:ad:ba:94:44:a2:13:02:02:53:ac:79:5f:13: 96:5b:20:0f:b8:69:b3:f5:78:4f:b2:ae:62:91:3b:3b:7b:5f: ba:3d:f7:e9:b7:18:8b:16:c7:21:3b:9a:9c:0a:ca:12:d7:2b: a1:d7:c5:c5 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/gO9VbRiHf/YA2ENC9ZxoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDliYTkwZDY2ZDJkZGViNjQ2YTYxNDA2OTEyZmZkZGZhMTRl Mzk5MTAwHhcNMjYwMTAyMTYxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5M2Q0MmRmMWI3Nzk5YWQ1MWVmMTY5MDFjNzJkM2UzZTc2NTk2MDM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcQtpBJtbuyGa9jHpA3Xbvf7Iv0S IjJYSc5j3PSPBWWjMPqkcaqIeKW2pGl6kQpMXrC5Xlp95HIIFiiCRSaB1gArgUzx SLrmcxW0JkLGUn0VZufE35p5v5FCzrzOiQ3mCigRQe4ksfGVJR0M16D1sLfZaMcn 4AAGjdz7maDi0QunGs9lHqhLiO+w7nY064DmEEjr866MC/HhbyDg06LjI5eD9rYE bmOvMZ4I3lorwCw7FTS6s7Czkrb46xThv1Zio8fe3Wov+Y+CQHktRFPd62ryx5o+ NM3fLT6xQbq1Ss0mWwxcYB/Md7Ci3HW2G1+LuNiNTOgQtHxSBhdYu1dr/QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJPULfG3eZrVHvFpAcctPj52WWA0MB8GA1UdIwQY MBaAFJupDWbS3etkamFAaRL/3foU45kQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbTZrTlp0TGQ2MlJxWVVCcEV2X2QtaFRqbVJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC8xYjc2MzUtZTZmZi00OTY5LWIyYzAt ODlmYjhmZTY5NjMzLzEvazlRdDhiZDVtdFVlOFdrQnh5MC1QblpaWURRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOC8xYjc2MzUtZTZmZi00OTY5LWIyYzAtODlmYjhmZTY5NjMz LzEvbTZrTlp0TGQ2MlJxWVVCcEV2X2QtaFRqbVJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCBbbIMA0E AgACMAcDBQEqD1sAMA0GCSqGSIb3DQEBCwUAA4IBAQBFBDYEexiyzeNR8oNOYfEY XkfZUbSiQ9IMW0cdMSSnCercp+oASJZ/LDRh0gk+l70N4BWUYMwqPTSn+SliWLOZ NckaCNLWMr8CLjjQh0HEXP4GANUYnJ8pj1rzc0R/mc3Jv5hGHFxOLV05cvUDIfke M0kGbKuaKIGK+RPodgKHCqxfljQx2WegXUPAAAABuhQZPasQiDGQWXTGM/0uVxMm 7RG1IaRKlzhYdxAqUxxQfF6PpqytZ8CcsyXNQlZDr8CPHZKniqRmarVZLq26lESi EwICU6x5XxOWWyAPuGmz9XhPsq5ikTs7e1+6PffptxiLFschO5qcCsoS1yuh18XF -----END CERTIFICATE-----Generated at Mon Jan 26 01:25:10 2026 by rpki-client