This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/f9BVLAip7ndiLMIkBamn3zQu3IA.roa File: f9BVLAip7ndiLMIkBamn3zQu3IA.roa (raw, json) Hash identifier: 67NYj05lmXLMB7WB8zJUBcnZzB3Nm/KReJjNyPG8c+o= Subject key identifier: 7F:D0:55:2C:08:A9:EE:77:62:2C:C2:24:05:A9:A7:DF:34:2E:DC:80 Certificate issuer: /CN=76ef0a0ee8fa154d7ada438af1212269ce0acc41 Certificate serial: 019B7A5ABBA01A36B4721141FF4729482C4C Authority key identifier: 76:EF:0A:0E:E8:FA:15:4D:7A:DA:43:8A:F1:21:22:69:CE:0A:CC:41 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/du8KDuj6FU162kOK8SEiac4KzEE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/f9BVLAip7ndiLMIkBamn3zQu3IA.roa Signing time: Thu 01 Jan 2026 16:18:45 +0000 ROA not before: Thu 01 Jan 2026 16:18:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43152 IP address blocks: 77.95.203.0/24 maxlen: 24 109.71.242.0/24 maxlen: 24 109.71.243.0/24 maxlen: 24 109.71.245.0/24 maxlen: 24 109.71.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/du8KDuj6FU162kOK8SEiac4KzEE.crl rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/du8KDuj6FU162kOK8SEiac4KzEE.mft rsync://rpki.ripe.net/repository/DEFAULT/du8KDuj6FU162kOK8SEiac4KzEE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:bb:a0:1a:36:b4:72:11:41:ff:47:29:48:2c:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=76ef0a0ee8fa154d7ada438af1212269ce0acc41 Validity Not Before: Jan 1 16:18:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7fd0552c08a9ee77622cc22405a9a7df342edc80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:4f:d3:c4:a0:54:41:37:0d:f6:bc:f0:08:1e: c2:29:ec:e9:0a:de:0b:da:7d:7a:c8:80:bb:3d:9f: 71:5f:74:e3:ac:98:b2:ed:bd:3f:fc:e6:41:fa:ae: 8a:c6:a1:6a:48:d9:cd:7e:ca:77:39:48:7a:d7:23: b8:7d:5e:ae:7e:e7:70:22:4b:9d:98:76:bc:9f:dc: 46:1c:8b:ea:2e:3b:2c:fc:84:83:f3:51:40:b3:7d: 53:4e:6d:8c:d6:46:92:af:5c:c4:d7:2a:2d:7c:fc: 68:03:2e:7d:4b:b6:0c:17:ee:74:ba:17:9f:30:a9: 0f:e4:1c:f2:ef:44:4a:8b:68:aa:6d:db:50:74:00: e4:9c:3f:6c:50:57:68:92:d4:29:b1:5b:a0:13:63: 48:b6:6f:8e:7b:eb:43:5c:27:a9:f7:4d:60:8b:3c: 40:43:e5:95:50:e1:24:8c:2d:0c:25:d0:cf:c2:c6: d5:74:41:52:8b:19:df:ac:43:49:95:1f:35:65:34: 4b:9e:f2:ed:27:cf:0b:1f:b1:a4:94:1d:33:f3:3b: 2b:d2:35:e6:e7:52:77:2e:39:a7:10:ab:b4:78:d1: 36:19:f4:75:a3:f0:de:9c:55:90:f7:67:ac:1f:9e: 34:d5:e2:b4:02:61:41:cc:60:23:21:c1:5d:4f:ed: b5:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:D0:55:2C:08:A9:EE:77:62:2C:C2:24:05:A9:A7:DF:34:2E:DC:80 X509v3 Authority Key Identifier: keyid:76:EF:0A:0E:E8:FA:15:4D:7A:DA:43:8A:F1:21:22:69:CE:0A:CC:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/du8KDuj6FU162kOK8SEiac4KzEE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/f9BVLAip7ndiLMIkBamn3zQu3IA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/du8KDuj6FU162kOK8SEiac4KzEE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.95.203.0/24 109.71.242.0/23 109.71.245.0/24 109.71.247.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:69:e4:52:f5:67:a8:f7:9e:a2:9c:85:fc:6e:92:57:15:5a: bc:5a:11:b8:92:b2:6d:08:61:d2:e4:0f:26:81:be:60:bc:a6: b5:cd:13:d6:13:76:85:96:52:9b:c8:4b:52:16:42:14:38:e6: 66:8a:8f:2f:6d:50:59:66:2a:ca:07:e6:9e:d1:66:f0:e1:0d: dd:46:2e:c9:cd:db:b8:21:8a:a2:02:07:e2:5c:46:8e:35:b0: f7:43:5b:ac:64:7c:14:27:7e:f9:cd:4c:b7:14:69:8f:07:c7: 09:66:63:50:47:19:a7:f4:a7:24:98:07:be:70:00:3e:e9:aa: 65:0e:b8:72:74:ef:bf:d4:77:d4:ac:08:58:4f:e2:4e:3c:2f: 75:b3:e8:a8:ad:70:a3:9e:c4:dd:cf:12:8f:55:13:65:82:2d: 7a:83:bc:bd:95:8f:67:bd:7e:bc:08:6e:02:8c:dc:84:44:13: 31:81:28:4c:61:5f:38:b0:86:d3:ff:40:b5:da:59:28:78:24: 52:f8:bb:0f:48:84:a1:d6:9c:84:e3:98:9e:e4:54:11:8d:c1: a2:ac:8b:a7:9d:9d:d2:48:6e:a2:a4:4f:cc:58:43:70:12:ff: 0e:90:48:b7:84:0c:a1:7c:b4:ff:d2:97:9e:ee:a3:ff:95:a2: cf:70:30:e0 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt6WrugGja0chFB/0cpSCxMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2ZWYwYTBlZThmYTE1NGQ3YWRhNDM4YWYxMjEyMjY5Y2Uw YWNjNDEwHhcNMjYwMTAxMTYxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZmQwNTUyYzA4YTllZTc3NjIyY2MyMjQwNWE5YTdkZjM0MmVkYzgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE/TxKBUQTcN9rzwCB7CKezpCt4L 2n16yIC7PZ9xX3TjrJiy7b0//OZB+q6KxqFqSNnNfsp3OUh61yO4fV6ufudwIkud mHa8n9xGHIvqLjss/ISD81FAs31TTm2M1kaSr1zE1yotfPxoAy59S7YMF+50uhef MKkP5Bzy70RKi2iqbdtQdADknD9sUFdoktQpsVugE2NItm+Oe+tDXCep901gizxA Q+WVUOEkjC0MJdDPwsbVdEFSixnfrENJlR81ZTRLnvLtJ88LH7GklB0z8zsr0jXm 51J3LjmnEKu0eNE2GfR1o/DenFWQ92esH5401eK0AmFBzGAjIcFdT+214QIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFH/QVSwIqe53YizCJAWpp980LtyAMB8GA1UdIwQY MBaAFHbvCg7o+hVNetpDivEhImnOCsxBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHU4S0R1ajZGVTE2MmtPSzhTRWlhYzRLekVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8xNjg2YzMtZGE3MC00YjU0LWFiMmIt M2JlOTk1ZDJiYmRhLzEvZjlCVkxBaXA3bmRpTE1Ja0JhbW4zelF1M0lBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS8xNjg2YzMtZGE3MC00YjU0LWFiMmItM2JlOTk1ZDJiYmRh LzEvZHU4S0R1ajZGVTE2MmtPSzhTRWlhYzRLekVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATV/LAwQB bUfyAwQAbUf1AwQAbUf3MA0GCSqGSIb3DQEBCwUAA4IBAQALaeRS9Weo956inIX8 bpJXFVq8WhG4krJtCGHS5A8mgb5gvKa1zRPWE3aFllKbyEtSFkIUOOZmio8vbVBZ ZirKB+ae0Wbw4Q3dRi7Jzdu4IYqiAgfiXEaONbD3Q1usZHwUJ375zUy3FGmPB8cJ ZmNQRxmn9KckmAe+cAA+6aplDrhydO+/1HfUrAhYT+JOPC91s+iorXCjnsTdzxKP VRNlgi16g7y9lY9nvX68CG4CjNyERBMxgShMYV84sIbT/0C12lkoeCRS+LsPSISh 1pyE45ie5FQRjcGirIunnZ3SSG6ipE/MWENwEv8OkEi3hAyhfLT/0pee7qP/laLP cDDg -----END CERTIFICATE-----Generated at Mon Jan 26 01:00:25 2026 by rpki-client