This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/F9fOaYPqb4gxUHFeWSAIKisXq8Q.roa File: F9fOaYPqb4gxUHFeWSAIKisXq8Q.roa (raw, json) Hash identifier: PHpRDYyGYnqjTmjt3ejWEskYaaVTFLnfQhZUlCEYSpg= Subject key identifier: 17:D7:CE:69:83:EA:6F:88:31:50:71:5E:59:20:08:2A:2B:17:AB:C4 Certificate issuer: /CN=b9f769d4433b7704df703d1645b7fea8efbf926e Certificate serial: 019B7BA3D9EAEE0F096E4BC34BCAF8D9ABFA Authority key identifier: B9:F7:69:D4:43:3B:77:04:DF:70:3D:16:45:B7:FE:A8:EF:BF:92:6E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ufdp1EM7dwTfcD0WRbf-qO-_km4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/F9fOaYPqb4gxUHFeWSAIKisXq8Q.roa Signing time: Thu 01 Jan 2026 22:18:14 +0000 ROA not before: Thu 01 Jan 2026 22:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210250 IP address blocks: 194.1.147.0/24 maxlen: 24 198.60.193.0/24 maxlen: 24 2001:67c:51c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/ufdp1EM7dwTfcD0WRbf-qO-_km4.crl rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/ufdp1EM7dwTfcD0WRbf-qO-_km4.mft rsync://rpki.ripe.net/repository/DEFAULT/ufdp1EM7dwTfcD0WRbf-qO-_km4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:d9:ea:ee:0f:09:6e:4b:c3:4b:ca:f8:d9:ab:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b9f769d4433b7704df703d1645b7fea8efbf926e Validity Not Before: Jan 1 22:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=17d7ce6983ea6f883150715e5920082a2b17abc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:81:1a:d2:c8:7b:ae:ce:5a:0c:f9:80:d4:52: 58:f4:6b:b4:3c:d2:6e:95:2f:d1:bb:55:ce:f7:06: 3d:81:09:42:37:bd:2f:1c:9d:cf:16:06:20:24:b9: 82:1e:40:9b:68:8a:3f:d3:18:42:9c:18:58:b1:48: e9:cc:24:48:28:3c:43:1a:0b:77:ea:35:dd:35:7b: ad:a7:16:2a:26:70:5a:20:b1:3a:1b:8b:ac:fe:17: 3c:4d:b1:33:c5:a5:25:3e:01:86:db:0a:11:81:71: ba:1c:69:6f:f7:20:93:41:39:20:7b:27:1c:9c:7b: 0a:b9:2e:69:6c:ad:df:98:1b:5b:82:f7:04:4f:e2: 70:c1:dd:6a:6c:6b:b5:64:d6:ba:6a:25:6b:54:25: d6:c0:23:97:ed:4f:9b:c4:bd:33:e9:74:26:7a:5e: 89:c1:1d:8a:19:d1:59:e2:b1:b9:7a:f2:2d:2d:df: 0e:da:06:7e:da:9b:ca:a9:f3:2e:ce:a0:a9:4f:db: 67:db:25:6f:5a:ad:a3:0d:49:7c:3a:07:65:0c:9e: 12:47:52:30:28:c8:21:cc:eb:d3:a7:e3:1d:34:b4: fd:a2:2d:06:b4:da:56:ee:4f:37:06:6f:8a:1b:a7: a3:60:9f:94:8f:f8:29:cd:b0:c4:76:92:51:d6:5a: 11:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:D7:CE:69:83:EA:6F:88:31:50:71:5E:59:20:08:2A:2B:17:AB:C4 X509v3 Authority Key Identifier: keyid:B9:F7:69:D4:43:3B:77:04:DF:70:3D:16:45:B7:FE:A8:EF:BF:92:6E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ufdp1EM7dwTfcD0WRbf-qO-_km4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/F9fOaYPqb4gxUHFeWSAIKisXq8Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/4dfbd4-8ed7-45f2-950d-3aeb7cde036c/1/ufdp1EM7dwTfcD0WRbf-qO-_km4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.1.147.0/24 198.60.193.0/24 IPv6: 2001:67c:51c::/48 Signature Algorithm: sha256WithRSAEncryption a0:85:9b:b2:d3:fd:d9:6e:cd:71:04:68:57:96:0c:a3:09:83: a8:b6:6c:bf:50:b9:da:a8:02:51:c2:c6:3e:9d:47:69:87:86: ce:31:5a:87:c7:63:ce:f4:c6:94:fe:80:e5:87:f1:75:ce:db: a0:b8:de:b2:b2:2c:29:40:98:90:b4:4d:b7:e9:86:48:5a:be: 4c:45:35:62:23:aa:2d:de:cd:2a:d1:f7:81:65:2a:cc:c9:69: d4:db:85:59:0e:01:f0:6f:9e:6c:65:93:bf:49:c7:e2:85:a0: db:0a:20:d9:e6:76:31:e1:47:06:4a:18:ce:d5:37:dd:30:29: 8f:82:64:a8:af:9e:dd:46:79:02:43:ce:82:63:e8:c9:e4:0c: ec:ad:42:8d:e4:d4:32:5e:b3:40:24:ba:27:75:81:cb:a4:6f: 20:03:06:e2:7d:bc:a4:48:c9:15:7b:63:bf:6f:54:a1:a3:83: f5:7c:52:80:8e:9c:fa:21:80:d6:ae:20:bf:1d:42:aa:8a:42: ef:84:c6:1a:8a:a3:00:61:44:41:c3:ec:65:33:e7:0a:04:3d: ea:60:9a:13:1f:29:cc:06:ae:d5:db:67:01:83:a2:7a:44:64: 06:f8:2d:ca:c0:71:39:3d:22:d2:de:df:7e:b9:b2:c0:e2:77: c0:7b:b5:82 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt7o9nq7g8JbkvDS8r42av6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5Zjc2OWQ0NDMzYjc3MDRkZjcwM2QxNjQ1YjdmZWE4ZWZi ZjkyNmUwHhcNMjYwMTAxMjIxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxN2Q3Y2U2OTgzZWE2Zjg4MzE1MDcxNWU1OTIwMDgyYTJiMTdhYmM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooEa0sh7rs5aDPmA1FJY9Gu0PNJu lS/Ru1XO9wY9gQlCN70vHJ3PFgYgJLmCHkCbaIo/0xhCnBhYsUjpzCRIKDxDGgt3 6jXdNXutpxYqJnBaILE6G4us/hc8TbEzxaUlPgGG2woRgXG6HGlv9yCTQTkgeycc nHsKuS5pbK3fmBtbgvcET+Jwwd1qbGu1ZNa6aiVrVCXWwCOX7U+bxL0z6XQmel6J wR2KGdFZ4rG5evItLd8O2gZ+2pvKqfMuzqCpT9tn2yVvWq2jDUl8OgdlDJ4SR1Iw KMghzOvTp+MdNLT9oi0GtNpW7k83Bm+KG6ejYJ+Uj/gpzbDEdpJR1loRFQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFBfXzmmD6m+IMVBxXlkgCCorF6vEMB8GA1UdIwQY MBaAFLn3adRDO3cE33A9FkW3/qjvv5JuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWZkcDFFTTdkd1RmY0QwV1JiZi1xTy1fa200LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS80ZGZiZDQtOGVkNy00NWYyLTk1MGQt M2FlYjdjZGUwMzZjLzEvRjlmT2FZUHFiNGd4VUhGZVdTQUlLaXNYcThRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS80ZGZiZDQtOGVkNy00NWYyLTk1MGQtM2FlYjdjZGUwMzZj LzEvdWZkcDFFTTdkd1RmY0QwV1JiZi1xTy1fa200LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwgGTAwQA xjzBMA8EAgACMAkDBwAgAQZ8BRwwDQYJKoZIhvcNAQELBQADggEBAKCFm7LT/dlu zXEEaFeWDKMJg6i2bL9QudqoAlHCxj6dR2mHhs4xWofHY870xpT+gOWH8XXO26C4 3rKyLClAmJC0TbfphkhavkxFNWIjqi3ezSrR94FlKszJadTbhVkOAfBvnmxlk79J x+KFoNsKINnmdjHhRwZKGM7VN90wKY+CZKivnt1GeQJDzoJj6MnkDOytQo3k1DJe s0Akuid1gcukbyADBuJ9vKRIyRV7Y79vVKGjg/V8UoCOnPohgNauIL8dQqqKQu+E xhqKowBhREHD7GUz5woEPepgmhMfKcwGrtXbZwGDonpEZAb4LcrAcTk9ItLe3365 ssDid8B7tYI= -----END CERTIFICATE-----Generated at Mon Jan 26 08:37:35 2026 by rpki-client