This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/kQ0io2PNAP5BY8r7GxffYcQFx9o.roa File: kQ0io2PNAP5BY8r7GxffYcQFx9o.roa (raw, json) Hash identifier: 3jWAN8RtvcrXSZtLqgReLIQU9lIS3iNu48aFnlNqCkE= Subject key identifier: 91:0D:22:A3:63:CD:00:FE:41:63:CA:FB:1B:17:DF:61:C4:05:C7:DA Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16 Certificate serial: 019BC67A3F98B7A56664B87B4E1E3FAED1FD Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/kQ0io2PNAP5BY8r7GxffYcQFx9o.roa Signing time: Fri 16 Jan 2026 11:04:18 +0000 ROA not before: Fri 16 Jan 2026 11:04:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41852 IP address blocks: 89.39.72.0/22 maxlen: 22 2a03:9c20:4000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.mft rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:c6:7a:3f:98:b7:a5:66:64:b8:7b:4e:1e:3f:ae:d1:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16 Validity Not Before: Jan 16 11:04:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=910d22a363cd00fe4163cafb1b17df61c405c7da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:87:50:6c:79:c8:85:53:c2:e8:16:6d:67:01: b0:91:cf:39:2d:2a:0b:2a:cd:4f:4b:10:e5:46:67: 2e:91:1f:e1:b0:b5:4c:02:d1:a3:da:d4:9a:b0:f5: 67:a3:cc:2e:85:8d:63:a0:38:c3:cb:82:cb:29:79: ae:46:ec:44:2d:85:a1:c7:f5:98:d4:38:2f:42:bc: 05:7b:28:ae:4c:bf:af:5f:d0:3a:33:01:83:f3:95: 8d:dc:1f:8f:d6:46:b6:45:01:22:98:76:7d:4c:8e: 3d:74:ca:42:5e:5f:ac:2a:ed:98:0c:5f:86:42:11: 1c:9d:6e:e7:44:0b:15:be:6d:93:c0:23:2c:41:c1: 60:e5:6e:0a:1d:60:77:a4:e9:d8:0c:27:b2:77:7c: 20:8b:98:3d:40:32:75:de:84:fa:8e:a5:77:6d:96: f9:f0:55:18:36:bf:7f:75:4e:76:f7:3c:48:d2:be: 61:69:5b:4d:77:0a:68:38:96:90:3d:b2:ba:0e:a1: 19:43:d9:7a:eb:ee:42:c7:f5:c8:ca:49:8f:5b:71: 1e:61:09:2a:50:1b:4e:7c:d8:7d:d9:7c:23:db:b7: 80:7b:7a:62:c8:da:9d:ea:ce:d6:81:f7:ef:d8:93: 2c:71:a0:6d:4e:58:bb:76:15:ef:f9:b3:6e:b9:03: 92:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:0D:22:A3:63:CD:00:FE:41:63:CA:FB:1B:17:DF:61:C4:05:C7:DA X509v3 Authority Key Identifier: keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/kQ0io2PNAP5BY8r7GxffYcQFx9o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.39.72.0/22 IPv6: 2a03:9c20:4000::/36 Signature Algorithm: sha256WithRSAEncryption 82:b0:47:8f:66:69:7d:ce:4a:9c:0d:ac:e4:05:03:96:78:82: 31:f5:b8:3f:8a:a1:4d:e5:7e:96:40:1f:f1:ac:98:9d:49:98: a5:ba:8f:06:e6:01:ad:04:f3:6a:07:c3:0b:95:74:06:fa:6d: b6:27:4d:95:c9:e6:5d:f9:c9:2b:d5:43:38:c0:7b:89:54:1d: f4:3b:4c:0a:5e:90:ee:4a:25:7b:a0:ed:c2:a7:9e:3c:5f:3d: cd:e4:a5:e5:24:f7:c0:0f:2a:66:fa:68:f3:37:93:30:72:99: 1b:94:62:53:b3:86:d7:6d:48:94:73:fc:4e:2c:e8:89:0a:c3: 97:7d:09:36:02:62:02:22:7b:02:f9:86:c3:53:87:da:36:b1: 69:2e:95:67:0c:26:6f:ac:26:f8:f4:77:83:02:73:53:67:78: 43:bf:b7:ba:22:64:73:a7:b8:57:11:03:2f:ef:e2:95:46:23: 73:ed:8c:ce:85:07:a7:0e:34:4f:89:2e:47:cd:8b:7d:8b:6d: 50:c4:16:95:ce:51:6c:a3:b9:ef:17:d8:9e:e9:4d:cc:91:27: 56:d2:df:d9:98:90:17:7e:ef:9b:5e:35:7c:fd:a5:3e:7b:4d: f1:10:c1:03:1f:ab:e8:0a:b3:f5:ed:8b:4c:26:f0:90:09:d7: de:fa:09:9c -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZvGej+Yt6VmZLh7Th4/rtH9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3 OWRjMTYwHhcNMjYwMTE2MTEwNDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MTBkMjJhMzYzY2QwMGZlNDE2M2NhZmIxYjE3ZGY2MWM0MDVjN2RhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14dQbHnIhVPC6BZtZwGwkc85LSoL Ks1PSxDlRmcukR/hsLVMAtGj2tSasPVno8wuhY1joDjDy4LLKXmuRuxELYWhx/WY 1DgvQrwFeyiuTL+vX9A6MwGD85WN3B+P1ka2RQEimHZ9TI49dMpCXl+sKu2YDF+G QhEcnW7nRAsVvm2TwCMsQcFg5W4KHWB3pOnYDCeyd3wgi5g9QDJ13oT6jqV3bZb5 8FUYNr9/dU529zxI0r5haVtNdwpoOJaQPbK6DqEZQ9l66+5Cx/XIykmPW3EeYQkq UBtOfNh92Xwj27eAe3piyNqd6s7Wgffv2JMscaBtTli7dhXv+bNuuQOScwIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFJENIqNjzQD+QWPK+xsX32HEBcfaMB8GA1UdIwQY MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt ZDJiYmYzN2RhYmI0LzEva1EwaW8yUE5BUDVCWThyN0d4ZmZZY1FGeDlvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0 LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCWSdIMA4E AgACMAgDBgQqA5wgQDANBgkqhkiG9w0BAQsFAAOCAQEAgrBHj2Zpfc5KnA2s5AUD lniCMfW4P4qhTeV+lkAf8ayYnUmYpbqPBuYBrQTzagfDC5V0BvpttidNlcnmXfnJ K9VDOMB7iVQd9DtMCl6Q7kole6DtwqeePF89zeSl5ST3wA8qZvpo8zeTMHKZG5Ri U7OG121IlHP8TizoiQrDl30JNgJiAiJ7AvmGw1OH2jaxaS6VZwwmb6wm+PR3gwJz U2d4Q7+3uiJkc6e4VxEDL+/ilUYjc+2MzoUHpw40T4kuR82LfYttUMQWlc5RbKO5 7xfYnulNzJEnVtLf2ZiQF37vm141fP2lPntN8RDBAx+r6Aqz9e2LTCbwkAnX3voJ nA== -----END CERTIFICATE-----Generated at Mon Jan 26 05:30:33 2026 by rpki-client