This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K8pJciAppyQKyeOK3fRXdjmg1K8.roa File: K8pJciAppyQKyeOK3fRXdjmg1K8.roa (raw, json) Hash identifier: 8YB5kHBOeJnp+tBPXfyKGE6HLaaSJjcQklEnN9Gms/s= Subject key identifier: 2B:CA:49:72:20:29:A7:24:0A:C9:E3:8A:DD:F4:57:76:39:A0:D4:AF Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5AE7FBF03D485AB2431CA6DF914E6D Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K8pJciAppyQKyeOK3fRXdjmg1K8.roa Signing time: Thu 01 Jan 2026 16:18:56 +0000 ROA not before: Thu 01 Jan 2026 16:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 267507 IP address blocks: 109.176.16.0/24 maxlen: 24 212.38.84.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:e7:fb:f0:3d:48:5a:b2:43:1c:a6:df:91:4e:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2bca49722029a7240ac9e38addf4577639a0d4af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:77:a3:dd:57:10:08:41:27:3e:7b:84:61:41: 10:57:d6:92:b3:d5:e3:51:04:bd:27:95:c9:cb:42: 17:f1:38:61:39:f2:29:17:8c:9a:86:7a:d3:2a:61: 41:14:6c:5b:f1:66:41:5a:06:2a:cc:be:3d:45:24: f4:c8:cc:70:74:68:1f:97:70:3b:6a:19:4b:04:b3: d4:44:34:a9:30:0f:8f:81:f6:72:ec:48:b5:1f:01: 3b:7f:8b:5e:08:ed:85:f9:b1:82:82:d1:9f:7e:f6: 68:4c:3c:87:0f:c8:fa:ef:98:b5:7f:42:4b:e9:3b: a2:f5:cd:dc:e1:19:1c:ea:37:ed:ae:2e:71:ec:40: aa:74:91:d2:9d:89:2d:00:5d:fe:6b:01:c9:70:7b: 64:2e:e2:7e:09:5f:35:db:58:39:ba:d6:49:61:dc: a0:22:2c:3f:4e:05:07:f7:0c:ae:67:af:cb:69:30: 4b:3c:02:6c:13:12:f5:f5:fd:f6:b5:e4:c1:c5:e3: 6a:27:b9:ff:07:46:16:f6:1c:64:b6:6c:31:ef:48: 24:12:17:89:d2:47:7a:f9:d3:24:22:54:4a:02:92: b5:48:88:67:dd:5a:b9:b0:96:5a:8c:57:0e:34:9e: 32:bc:fd:b2:e9:11:ad:78:02:d8:ae:0e:97:2d:b7: 56:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:CA:49:72:20:29:A7:24:0A:C9:E3:8A:DD:F4:57:76:39:A0:D4:AF X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K8pJciAppyQKyeOK3fRXdjmg1K8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.176.16.0/24 212.38.84.0/24 Signature Algorithm: sha256WithRSAEncryption 25:4e:12:54:99:03:4f:4b:8b:53:48:f7:cc:c9:16:fc:fe:72: 76:33:43:d8:6e:a5:14:ae:aa:29:4b:58:85:bc:da:98:74:e7: 31:bc:ca:58:0e:df:fb:f6:f2:83:4b:5a:dd:fc:d8:48:ea:c9: 20:ad:c3:51:6e:ac:1f:1f:47:43:3a:f6:aa:86:45:42:6d:e5: 17:45:2e:47:38:a9:b7:57:84:e2:05:a7:4e:f3:a8:a7:1c:35: ac:ad:84:80:07:97:4c:0d:71:b3:08:97:69:9a:cc:65:4b:05: 4d:ba:13:fe:06:5c:16:da:a9:ca:85:fa:21:f3:91:1b:46:72: 8c:31:f2:d5:d1:46:dd:83:10:6e:2d:15:64:0c:e9:f7:9f:91: 59:3f:26:55:05:06:0c:1e:66:19:e3:bc:9e:9f:28:7e:4d:3f: be:be:f1:7a:d8:b6:ec:b5:88:16:f3:bd:9a:e9:b7:07:64:92: 2a:b3:29:15:c7:30:35:8b:9f:7a:11:88:6d:d0:75:96:3b:0e: ac:5d:c3:ad:97:6e:db:28:38:0c:7c:11:f7:bf:42:ef:8f:79: 92:8c:f1:be:c3:17:e2:3d:1f:42:8b:93:22:cb:29:04:f3:7f: da:87:62:24:ef:bf:87:b2:30:32:16:83:bf:ea:83:4a:ae:f2: 4e:d0:ae:ec -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6Wuf78D1IWrJDHKbfkU5tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYmNhNDk3MjIwMjlhNzI0MGFjOWUzOGFkZGY0NTc3NjM5YTBkNGFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHej3VcQCEEnPnuEYUEQV9aSs9Xj UQS9J5XJy0IX8ThhOfIpF4yahnrTKmFBFGxb8WZBWgYqzL49RST0yMxwdGgfl3A7 ahlLBLPURDSpMA+PgfZy7Ei1HwE7f4teCO2F+bGCgtGffvZoTDyHD8j675i1f0JL 6Tui9c3c4Rkc6jftri5x7ECqdJHSnYktAF3+awHJcHtkLuJ+CV8121g5utZJYdyg Iiw/TgUH9wyuZ6/LaTBLPAJsExL19f32teTBxeNqJ7n/B0YW9hxktmwx70gkEheJ 0kd6+dMkIlRKApK1SIhn3Vq5sJZajFcONJ4yvP2y6RGteALYrg6XLbdW6QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCvKSXIgKackCsnjit30V3Y5oNSvMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvSzhwSmNpQXBweVFLeWVPSzNmUlhkam1nMUs4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbbAQAwQA 1CZUMA0GCSqGSIb3DQEBCwUAA4IBAQAlThJUmQNPS4tTSPfMyRb8/nJ2M0PYbqUU rqopS1iFvNqYdOcxvMpYDt/79vKDS1rd/NhI6skgrcNRbqwfH0dDOvaqhkVCbeUX RS5HOKm3V4TiBadO86inHDWsrYSAB5dMDXGzCJdpmsxlSwVNuhP+BlwW2qnKhfoh 85EbRnKMMfLV0UbdgxBuLRVkDOn3n5FZPyZVBQYMHmYZ47yenyh+TT++vvF62Lbs tYgW872a6bcHZJIqsykVxzA1i596EYht0HWWOw6sXcOtl27bKDgMfBH3v0Lvj3mS jPG+wxfiPR9Ci5MiyykE83/ah2Ik77+HsjAyFoO/6oNKrvJO0K7s -----END CERTIFICATE-----Generated at Sun Jan 25 07:15:35 2026 by rpki-client