This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/a08748-8622-4e86-82ef-3bdaacb9d08d/1/U9Itz99IoB0xO9lb2uXbc5d6ObU.roa File: U9Itz99IoB0xO9lb2uXbc5d6ObU.roa (raw, json) Hash identifier: Rq7o3WK0ubMoL9EbUwbev5XnPrwCebIUGmPBM831UuA= Subject key identifier: 53:D2:2D:CF:DF:48:A0:1D:31:3B:D9:5B:DA:E5:DB:73:97:7A:39:B5 Certificate issuer: /CN=d05581472b92a85a90caa1e47d7223d788ae0148 Certificate serial: 019B7CEDB40B3EEDC376337F64C5AC92D42C Authority key identifier: D0:55:81:47:2B:92:A8:5A:90:CA:A1:E4:7D:72:23:D7:88:AE:01:48 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0FWBRyuSqFqQyqHkfXIj14iuAUg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/a08748-8622-4e86-82ef-3bdaacb9d08d/1/U9Itz99IoB0xO9lb2uXbc5d6ObU.roa Signing time: Fri 02 Jan 2026 04:18:31 +0000 ROA not before: Fri 02 Jan 2026 04:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13237 IP address blocks: 85.8.154.0/24 maxlen: 24 91.217.134.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/a08748-8622-4e86-82ef-3bdaacb9d08d/1/0FWBRyuSqFqQyqHkfXIj14iuAUg.crl rsync://rpki.ripe.net/repository/DEFAULT/11/a08748-8622-4e86-82ef-3bdaacb9d08d/1/0FWBRyuSqFqQyqHkfXIj14iuAUg.mft rsync://rpki.ripe.net/repository/DEFAULT/0FWBRyuSqFqQyqHkfXIj14iuAUg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:b4:0b:3e:ed:c3:76:33:7f:64:c5:ac:92:d4:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d05581472b92a85a90caa1e47d7223d788ae0148 Validity Not Before: Jan 2 04:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=53d22dcfdf48a01d313bd95bdae5db73977a39b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:a1:fb:e4:67:97:dc:71:00:36:c0:48:b1:c6: cf:cd:c0:ea:41:c6:ab:0c:2f:a0:ab:ea:a2:21:e1: fe:45:ce:62:dd:23:c9:d8:04:e6:9b:4d:49:e4:da: f4:02:15:f2:3d:ce:d2:73:72:2e:45:e4:3c:52:73: 04:32:33:8c:71:2e:f4:6a:7b:d4:77:1b:01:92:8f: 13:11:b2:3a:3d:25:15:04:de:b2:61:96:e9:3b:66: 15:44:b5:37:24:7d:b7:1c:ea:4e:8a:27:fd:a0:7f: 0b:13:ca:e2:33:7f:13:94:21:49:cc:b1:c4:44:d4: 09:fe:01:a3:3c:6b:92:7b:36:ff:89:46:51:92:b2: ba:ce:cf:ea:7a:18:ca:ca:54:c3:6f:ee:af:be:aa: 62:b6:ca:82:1a:8d:1a:46:0b:e7:86:99:76:5c:37: 0f:ae:6d:15:75:8e:21:d4:18:0b:17:13:8d:c4:1c: a5:f1:18:0b:8e:78:9a:52:56:8c:c1:27:27:1a:1a: e0:2b:9b:fd:20:18:ba:ac:e9:7d:25:5a:d3:5a:7d: 8f:f0:55:05:09:33:9b:80:e8:0c:a8:b2:50:84:af: a2:31:cd:65:c1:78:90:11:1b:d0:58:86:26:7b:f7: df:5c:a6:8d:21:ec:8e:a5:ab:f7:c9:50:1d:bc:9c: 93:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:D2:2D:CF:DF:48:A0:1D:31:3B:D9:5B:DA:E5:DB:73:97:7A:39:B5 X509v3 Authority Key Identifier: keyid:D0:55:81:47:2B:92:A8:5A:90:CA:A1:E4:7D:72:23:D7:88:AE:01:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0FWBRyuSqFqQyqHkfXIj14iuAUg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a08748-8622-4e86-82ef-3bdaacb9d08d/1/U9Itz99IoB0xO9lb2uXbc5d6ObU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a08748-8622-4e86-82ef-3bdaacb9d08d/1/0FWBRyuSqFqQyqHkfXIj14iuAUg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.8.154.0/24 91.217.134.0/24 Signature Algorithm: sha256WithRSAEncryption 19:a1:b0:e5:10:23:86:48:2a:c6:b7:94:c5:89:e0:45:24:df: 6c:8d:86:0e:1c:ec:3d:10:79:88:d7:d8:21:34:7c:2f:05:04: fa:77:e8:38:e4:23:df:90:9a:a9:79:4c:36:1f:6c:18:9b:8b: c0:3a:91:8e:f4:2d:c5:af:e0:89:22:6a:f1:78:52:4c:10:37: db:e8:73:09:34:e3:e1:73:89:57:c6:09:b3:3b:1c:83:92:df: 54:42:b1:56:e8:d2:e7:3d:dc:6f:c1:ff:25:29:59:00:b8:bf: b5:2e:3d:93:82:3c:8b:fd:31:16:9b:ce:64:32:3d:0a:5f:b0: 55:cd:91:15:52:b2:f9:25:c1:71:39:77:52:4a:37:cc:52:14: 77:61:25:55:25:8a:2a:23:d4:cb:f5:a2:db:60:63:a6:0b:c6: 97:1b:cf:c2:6b:64:57:38:b1:c8:e2:43:ba:d6:70:f6:34:8b: 81:36:df:56:93:e4:7b:d7:aa:de:24:83:64:4f:5b:52:e5:a5: ed:3a:ae:c5:38:7c:6e:6f:43:07:c7:5a:f8:29:e9:ae:e8:8e: 0b:c7:18:d1:b0:dd:fb:34:05:73:21:29:d2:79:84:aa:1a:8c: 92:47:3f:68:5a:d2:4a:5b:24:b3:14:b2:0a:db:a7:d4:81:d8: 64:59:91:9f -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt87bQLPu3DdjN/ZMWsktQsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwNTU4MTQ3MmI5MmE4NWE5MGNhYTFlNDdkNzIyM2Q3ODhh ZTAxNDgwHhcNMjYwMTAyMDQxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1M2QyMmRjZmRmNDhhMDFkMzEzYmQ5NWJkYWU1ZGI3Mzk3N2EzOWI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16H75GeX3HEANsBIscbPzcDqQcar DC+gq+qiIeH+Rc5i3SPJ2ATmm01J5Nr0AhXyPc7Sc3IuReQ8UnMEMjOMcS70anvU dxsBko8TEbI6PSUVBN6yYZbpO2YVRLU3JH23HOpOiif9oH8LE8riM38TlCFJzLHE RNQJ/gGjPGuSezb/iUZRkrK6zs/qehjKylTDb+6vvqpitsqCGo0aRgvnhpl2XDcP rm0VdY4h1BgLFxONxByl8RgLjniaUlaMwScnGhrgK5v9IBi6rOl9JVrTWn2P8FUF CTObgOgMqLJQhK+iMc1lwXiQERvQWIYme/ffXKaNIeyOpav3yVAdvJyTsQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFFPSLc/fSKAdMTvZW9rl23OXejm1MB8GA1UdIwQY MBaAFNBVgUcrkqhakMqh5H1yI9eIrgFIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEZXQlJ5dVNxRnFReXFIa2ZYSWoxNGl1QVVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9hMDg3NDgtODYyMi00ZTg2LTgyZWYt M2JkYWFjYjlkMDhkLzEvVTlJdHo5OUlvQjB4TzlsYjJ1WGJjNWQ2T2JVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS9hMDg3NDgtODYyMi00ZTg2LTgyZWYtM2JkYWFjYjlkMDhk LzEvMEZXQlJ5dVNxRnFReXFIa2ZYSWoxNGl1QVVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVQiaAwQA W9mGMA0GCSqGSIb3DQEBCwUAA4IBAQAZobDlECOGSCrGt5TFieBFJN9sjYYOHOw9 EHmI19ghNHwvBQT6d+g45CPfkJqpeUw2H2wYm4vAOpGO9C3Fr+CJImrxeFJMEDfb 6HMJNOPhc4lXxgmzOxyDkt9UQrFW6NLnPdxvwf8lKVkAuL+1Lj2TgjyL/TEWm85k Mj0KX7BVzZEVUrL5JcFxOXdSSjfMUhR3YSVVJYoqI9TL9aLbYGOmC8aXG8/Ca2RX OLHI4kO61nD2NIuBNt9Wk+R716reJINkT1tS5aXtOq7FOHxub0MHx1r4Kemu6I4L xxjRsN37NAVzISnSeYSqGoySRz9oWtJKWySzFLIK26fUgdhkWZGf -----END CERTIFICATE-----Generated at Sun Jan 25 23:48:19 2026 by rpki-client