This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/bdd1e7-b79a-4c21-9ba9-f157c3294d40/1/9BzFpLnLB1lQperfgmv4qrzYH0o.roa File: 9BzFpLnLB1lQperfgmv4qrzYH0o.roa (raw, json) Hash identifier: SqfjtbEZOdrWLg54xvBk/hWboyrJmqo9/XjbAhZrvws= Subject key identifier: F4:1C:C5:A4:B9:CB:07:59:50:A5:EA:DF:82:6B:F8:AA:BC:D8:1F:4A Certificate issuer: /CN=63b842254bbd6bf33e09d05a458f00a0484cf16f Certificate serial: 019B78A297759D7E638091639C378F9EB664 Authority key identifier: 63:B8:42:25:4B:BD:6B:F3:3E:09:D0:5A:45:8F:00:A0:48:4C:F1:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y7hCJUu9a_M-CdBaRY8AoEhM8W8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/bdd1e7-b79a-4c21-9ba9-f157c3294d40/1/9BzFpLnLB1lQperfgmv4qrzYH0o.roa Signing time: Thu 01 Jan 2026 08:18:00 +0000 ROA not before: Thu 01 Jan 2026 08:18:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58269 IP address blocks: 91.220.43.0/24 maxlen: 24 185.8.60.0/22 maxlen: 22 2a03:3440::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/bdd1e7-b79a-4c21-9ba9-f157c3294d40/1/Y7hCJUu9a_M-CdBaRY8AoEhM8W8.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/bdd1e7-b79a-4c21-9ba9-f157c3294d40/1/Y7hCJUu9a_M-CdBaRY8AoEhM8W8.mft rsync://rpki.ripe.net/repository/DEFAULT/Y7hCJUu9a_M-CdBaRY8AoEhM8W8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:97:75:9d:7e:63:80:91:63:9c:37:8f:9e:b6:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=63b842254bbd6bf33e09d05a458f00a0484cf16f Validity Not Before: Jan 1 08:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f41cc5a4b9cb075950a5eadf826bf8aabcd81f4a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:22:79:f6:20:2b:cb:96:64:aa:6a:7d:87:38: 28:c9:18:a4:87:54:1b:79:b0:9b:86:17:ce:20:95: ea:ea:14:da:8c:57:da:23:55:a2:43:b4:51:8c:31: a3:20:1c:89:66:23:1c:78:f1:45:f8:95:15:4a:60: e8:fe:48:00:13:7a:f7:84:ae:b7:58:6f:b0:45:c3: 41:61:db:41:a8:18:85:85:d3:9d:ef:a7:f7:3d:06: 30:6f:75:c7:86:2e:e5:10:c5:2e:92:dc:29:c3:b2: 4f:2f:06:20:26:ba:54:f4:02:1a:88:ea:61:bb:3d: b9:b5:42:f4:df:b8:02:c7:53:f5:19:b1:d9:9f:de: 62:c4:1a:3c:96:e8:db:e7:21:c9:b6:72:45:b5:a5: d6:b0:a9:14:72:7a:1d:81:78:5a:ee:73:1f:a5:43: 7e:5d:5e:aa:13:ed:c3:60:fc:d2:ac:3d:4d:09:cd: 2d:63:05:00:2d:31:44:d2:63:2e:fa:18:a1:85:20: 7d:f6:2e:03:b8:59:18:36:b5:0f:83:94:fc:4e:95: a7:ae:33:b2:56:f9:a1:06:c8:b3:e9:82:e8:c2:15: c7:51:96:06:e6:f4:cd:e2:52:1d:93:38:f4:1d:79: 0c:ab:c8:66:a1:34:84:bb:86:6a:4c:72:b1:3f:e7: 62:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:1C:C5:A4:B9:CB:07:59:50:A5:EA:DF:82:6B:F8:AA:BC:D8:1F:4A X509v3 Authority Key Identifier: keyid:63:B8:42:25:4B:BD:6B:F3:3E:09:D0:5A:45:8F:00:A0:48:4C:F1:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y7hCJUu9a_M-CdBaRY8AoEhM8W8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/bdd1e7-b79a-4c21-9ba9-f157c3294d40/1/9BzFpLnLB1lQperfgmv4qrzYH0o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/bdd1e7-b79a-4c21-9ba9-f157c3294d40/1/Y7hCJUu9a_M-CdBaRY8AoEhM8W8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.220.43.0/24 185.8.60.0/22 IPv6: 2a03:3440::/32 Signature Algorithm: sha256WithRSAEncryption 98:2d:8c:5f:e6:bb:73:cc:d0:9f:7a:24:21:c0:e7:c0:31:48: ba:49:34:1b:d3:ed:ee:79:06:e9:d4:b9:6d:d9:25:eb:b4:14: bf:2f:1e:73:9a:97:3b:70:81:8c:d0:60:e8:df:6c:db:38:32: 06:16:18:3d:ca:ee:e0:fa:4a:6d:55:da:91:15:63:83:44:00: a5:3b:d7:d3:87:e0:62:77:23:eb:d2:d5:1a:58:92:15:c4:1c: 5a:f8:6a:a1:44:59:97:46:1e:2f:13:0c:35:fb:64:2d:80:7e: 92:ce:e2:82:3b:ed:2b:92:06:e9:9d:a7:c3:77:2f:b9:03:7d: 56:48:62:00:7b:59:27:56:28:8f:57:ad:87:97:e7:71:eb:e2: fa:92:cd:4a:b7:71:77:4e:ef:f6:bd:c8:47:4f:b5:48:cf:ba: 20:95:ee:8e:94:db:a4:f0:db:18:27:bd:7e:17:d8:1b:25:74: b5:1d:ab:fa:bf:2e:62:fd:33:1c:1a:3b:ba:6a:df:c7:4b:dc: 93:97:65:6b:80:4b:b5:b3:ac:c9:bb:d4:80:0e:fe:c2:96:b8: e6:3d:09:5b:eb:87:b1:33:c8:6e:ba:77:a5:e8:8e:d8:d4:d5: 1d:e3:bb:56:ee:26:35:c0:e9:40:7d:17:ba:8d:18:16:8b:97: 9f:2b:22:89 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt4opd1nX5jgJFjnDePnrZkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzYjg0MjI1NGJiZDZiZjMzZTA5ZDA1YTQ1OGYwMGEwNDg0 Y2YxNmYwHhcNMjYwMTAxMDgxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNDFjYzVhNGI5Y2IwNzU5NTBhNWVhZGY4MjZiZjhhYWJjZDgxZjRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCJ59iAry5Zkqmp9hzgoyRikh1Qb ebCbhhfOIJXq6hTajFfaI1WiQ7RRjDGjIByJZiMcePFF+JUVSmDo/kgAE3r3hK63 WG+wRcNBYdtBqBiFhdOd76f3PQYwb3XHhi7lEMUuktwpw7JPLwYgJrpU9AIaiOph uz25tUL037gCx1P1GbHZn95ixBo8lujb5yHJtnJFtaXWsKkUcnodgXha7nMfpUN+ XV6qE+3DYPzSrD1NCc0tYwUALTFE0mMu+hihhSB99i4DuFkYNrUPg5T8TpWnrjOy VvmhBsiz6YLowhXHUZYG5vTN4lIdkzj0HXkMq8hmoTSEu4ZqTHKxP+diZQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFPQcxaS5ywdZUKXq34Jr+Kq82B9KMB8GA1UdIwQY MBaAFGO4QiVLvWvzPgnQWkWPAKBITPFvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWTdoQ0pVdTlhX00tQ2RCYVJZOEFvRWhNOFc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9iZGQxZTctYjc5YS00YzIxLTliYTkt ZjE1N2MzMjk0ZDQwLzEvOUJ6RnBMbkxCMWxRcGVyZmdtdjRxcnpZSDBvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9iZGQxZTctYjc5YS00YzIxLTliYTktZjE1N2MzMjk0ZDQw LzEvWTdoQ0pVdTlhX00tQ2RCYVJZOEFvRWhNOFc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9wrAwQC uQg8MA0EAgACMAcDBQAqAzRAMA0GCSqGSIb3DQEBCwUAA4IBAQCYLYxf5rtzzNCf eiQhwOfAMUi6STQb0+3ueQbp1Llt2SXrtBS/Lx5zmpc7cIGM0GDo32zbODIGFhg9 yu7g+kptVdqRFWODRAClO9fTh+BidyPr0tUaWJIVxBxa+GqhRFmXRh4vEww1+2Qt gH6SzuKCO+0rkgbpnafDdy+5A31WSGIAe1knViiPV62Hl+dx6+L6ks1Kt3F3Tu/2 vchHT7VIz7ogle6OlNuk8NsYJ71+F9gbJXS1Hav6vy5i/TMcGju6at/HS9yTl2Vr gEu1s6zJu9SADv7ClrjmPQlb64exM8huunel6I7Y1NUd47tW7iY1wOlAfRe6jRgW i5efKyKJ -----END CERTIFICATE-----Generated at Sun Jan 25 20:49:54 2026 by rpki-client