This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/v3K9UBCZQXetZHCASn_v-Er6z80.roa File: v3K9UBCZQXetZHCASn_v-Er6z80.roa (raw, json) Hash identifier: M01ADTQv5+WF8EwvS7wZ9W7tolykwshPsb2JjYqw3EQ= Subject key identifier: BF:72:BD:50:10:99:41:77:AD:64:70:80:4A:7F:EF:F8:4A:FA:CF:CD Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec Certificate serial: 019B7F158531240DC20EABBA59DC8A379FA4 Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/v3K9UBCZQXetZHCASn_v-Er6z80.roa Signing time: Fri 02 Jan 2026 14:21:15 +0000 ROA not before: Fri 02 Jan 2026 14:21:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59437 IP address blocks: 85.234.64.0/24 maxlen: 24 85.234.66.0/24 maxlen: 24 85.234.67.0/24 maxlen: 24 85.234.78.0/24 maxlen: 24 85.234.79.0/24 maxlen: 24 85.234.82.0/24 maxlen: 24 85.234.84.0/24 maxlen: 24 85.234.86.0/24 maxlen: 24 85.234.90.0/24 maxlen: 24 85.234.91.0/24 maxlen: 24 85.234.93.0/24 maxlen: 24 85.234.94.0/24 maxlen: 24 92.38.143.0/24 maxlen: 24 93.113.170.0/24 maxlen: 24 93.119.168.0/24 maxlen: 24 93.119.169.0/24 maxlen: 24 109.61.121.0/24 maxlen: 24 2a03:90c0:2b0::/44 maxlen: 44 2a03:90c0:650::/44 maxlen: 64 2a03:90c0:680::/44 maxlen: 44 2a03:90c0:7a0::/44 maxlen: 44 2a03:90c0:7b0::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:85:31:24:0d:c2:0e:ab:ba:59:dc:8a:37:9f:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec Validity Not Before: Jan 2 14:21:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bf72bd5010994177ad6470804a7feff84afacfcd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:bb:eb:9b:cf:85:30:99:d8:35:ee:60:cd:01: b6:14:42:3d:c4:a6:a9:0b:8d:b3:56:56:3b:0c:03: 85:98:21:df:ef:f0:71:f5:ed:a9:c0:48:5a:ed:55: 67:a0:27:45:0d:6a:c7:c4:79:b4:62:8a:66:85:9d: 3a:e6:18:5f:95:79:c2:cb:c2:98:7e:12:59:3c:00: 5f:63:a9:07:1d:74:46:26:d7:a1:23:71:d9:8f:fe: 5e:2a:9e:7d:3f:d3:aa:d4:92:1b:1a:5a:9f:f7:bf: d7:6a:ea:91:fe:da:d3:b3:4f:63:d5:e0:3a:a3:37: b2:9c:d3:86:8e:fd:1d:2f:b2:2b:dd:dc:12:6c:38: 1e:d5:13:b3:ff:d8:29:c7:d0:bc:b2:51:ff:db:fd: 61:3f:cc:84:dc:fd:b2:a1:c5:1a:fe:1e:78:a2:df: 24:4e:49:6c:d6:52:a0:51:16:22:ee:0c:ce:22:20: 44:fa:4a:83:7e:d4:a3:63:4e:65:c5:ef:6d:af:48: 2b:0f:b8:99:47:0a:74:29:b4:69:fa:59:d4:90:a2: 60:7f:57:48:df:b5:99:70:26:c7:6a:29:cb:cd:9c: f3:ca:69:31:b8:28:ae:33:a5:ef:3f:ee:e7:0e:05: 38:0c:47:55:cd:95:fa:8f:74:27:dc:81:48:97:c5: b0:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:72:BD:50:10:99:41:77:AD:64:70:80:4A:7F:EF:F8:4A:FA:CF:CD X509v3 Authority Key Identifier: keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/v3K9UBCZQXetZHCASn_v-Er6z80.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.234.64.0/24 85.234.66.0/23 85.234.78.0/23 85.234.82.0/24 85.234.84.0/24 85.234.86.0/24 85.234.90.0/23 85.234.93.0-85.234.94.255 92.38.143.0/24 93.113.170.0/24 93.119.168.0/23 109.61.121.0/24 IPv6: 2a03:90c0:2b0::/44 2a03:90c0:650::/44 2a03:90c0:680::/44 2a03:90c0:7a0::/43 Signature Algorithm: sha256WithRSAEncryption d2:35:f7:de:85:05:5a:40:4e:9e:84:64:3b:9d:10:94:38:9e: d9:e2:61:0a:42:b1:d6:74:65:11:43:ec:be:81:02:f6:43:8e: 81:36:c6:45:23:4f:a6:4a:89:75:57:b3:91:28:31:83:82:60: 53:29:b1:eb:40:91:6b:fc:ec:53:4d:90:95:eb:8a:47:f9:86: b8:7c:3f:65:34:f2:97:f3:1a:7c:83:fd:b2:ef:9c:61:c6:c2: 1b:6b:85:fe:ab:75:08:03:69:51:6f:2f:ff:f4:af:8c:2f:8c: 48:4a:79:ae:12:a6:3f:0c:eb:cc:1d:e6:93:15:0c:ff:4e:2d: ca:c0:39:3f:6e:2e:65:b2:18:17:87:75:dc:21:c9:33:1b:9e: ba:cb:5b:e3:b6:8e:d5:2c:21:a3:fc:32:c8:02:dc:b3:fd:9f: 21:b4:63:73:e3:55:1f:8a:fe:d4:58:04:b2:68:9b:e0:b6:8c: 14:09:7a:61:e6:13:8f:95:cb:23:40:29:99:2c:62:39:5e:52: 37:73:73:96:91:0b:79:d1:04:85:4b:d1:cc:5f:1a:e4:e7:01: 6d:b9:8a:5f:81:0b:f6:70:cf:61:a0:c5:2a:cf:7a:dc:eb:21: 2f:04:19:1e:4d:e6:ab:65:44:4c:76:1c:dd:1c:67:86:98:b1: 00:e5:92:ab -----BEGIN CERTIFICATE----- MIIFdjCCBF6gAwIBAgISAZt/FYUxJA3CDqu6WdyKN5+kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw MDhhZWMwHhcNMjYwMTAyMTQyMTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZjcyYmQ1MDEwOTk0MTc3YWQ2NDcwODA0YTdmZWZmODRhZmFjZmNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLvrm8+FMJnYNe5gzQG2FEI9xKap C42zVlY7DAOFmCHf7/Bx9e2pwEha7VVnoCdFDWrHxHm0YopmhZ065hhflXnCy8KY fhJZPABfY6kHHXRGJtehI3HZj/5eKp59P9Oq1JIbGlqf97/XauqR/trTs09j1eA6 ozeynNOGjv0dL7Ir3dwSbDge1ROz/9gpx9C8slH/2/1hP8yE3P2yocUa/h54ot8k Tkls1lKgURYi7gzOIiBE+kqDftSjY05lxe9tr0grD7iZRwp0KbRp+lnUkKJgf1dI 37WZcCbHainLzZzzymkxuCiuM6XvP+7nDgU4DEdVzZX6j3Qn3IFIl8WwnQIDAQAB o4ICgjCCAn4wHQYDVR0OBBYEFL9yvVAQmUF3rWRwgEp/7/hK+s/NMB8GA1UdIwQY MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt YjA3ZDg0MTZhZTRhLzEvdjNLOVVCQ1pRWGV0WkhDQVNuX3YtRXI2ejgwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGXBggrBgEFBQcBBwEB/wSBhzCBhDBWBAIAATBQAwQAVepA AwQBVepCAwQBVepOAwQAVepSAwQAVepUAwQAVepWAwQBVepaMAwDBABV6l0DBABV 6l4DBABcJo8DBABdcaoDBAFdd6gDBABtPXkwKgQCAAIwJAMHBCoDkMACsAMHBCoD kMAGUAMHBCoDkMAGgAMHBSoDkMAHoDANBgkqhkiG9w0BAQsFAAOCAQEA0jX33oUF WkBOnoRkO50QlDie2eJhCkKx1nRlEUPsvoEC9kOOgTbGRSNPpkqJdVezkSgxg4Jg Uymx60CRa/zsU02QleuKR/mGuHw/ZTTyl/MafIP9su+cYcbCG2uF/qt1CANpUW8v //SvjC+MSEp5rhKmPwzrzB3mkxUM/04tysA5P24uZbIYF4d13CHJMxueustb47aO 1Swho/wyyALcs/2fIbRjc+NVH4r+1FgEsmib4LaMFAl6YeYTj5XLI0ApmSxiOV5S N3NzlpELedEEhUvRzF8a5OcBbbmKX4EL9nDPYaDFKs963OshLwQZHk3mq2VETHYc 3RxnhpixAOWSqw== -----END CERTIFICATE-----Generated at Sun Jan 25 12:18:11 2026 by rpki-client