This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cS9SDw_wRLcb4SO4eAfzPHF7Lk0.roa File: cS9SDw_wRLcb4SO4eAfzPHF7Lk0.roa (raw, json) Hash identifier: KZM3aBAFGP+Sx5MlpZaG7nqsyGz9/yy+qv2PlCdJXQw= Subject key identifier: 71:2F:52:0F:0F:F0:44:B7:1B:E1:23:B8:78:07:F3:3C:71:7B:2E:4D Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5AA00387699B8237CECB15E018DE4B Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cS9SDw_wRLcb4SO4eAfzPHF7Lk0.roa Signing time: Thu 01 Jan 2026 16:18:37 +0000 ROA not before: Thu 01 Jan 2026 16:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29802 IP address blocks: 82.152.57.0/24 maxlen: 24 82.152.58.0/24 maxlen: 24 82.152.73.0/24 maxlen: 24 82.152.75.0/24 maxlen: 24 82.152.76.0/23 maxlen: 24 82.152.79.0/24 maxlen: 24 82.152.86.0/23 maxlen: 24 82.152.88.0/24 maxlen: 24 82.152.109.0/24 maxlen: 24 82.152.226.0/24 maxlen: 24 82.152.240.0/24 maxlen: 24 82.152.243.0/24 maxlen: 24 82.153.38.0/24 maxlen: 24 82.153.56.0/24 maxlen: 24 82.153.61.0/24 maxlen: 24 82.153.79.0/24 maxlen: 24 82.153.83.0/24 maxlen: 24 82.153.84.0/24 maxlen: 24 82.153.152.0/24 maxlen: 24 82.153.186.0/24 maxlen: 24 82.153.201.0/24 maxlen: 24 82.153.239.0/24 maxlen: 24 89.213.98.0/24 maxlen: 24 89.213.232.0/23 maxlen: 24 89.213.234.0/23 maxlen: 24 89.213.236.0/23 maxlen: 24 109.176.27.0/24 maxlen: 24 109.176.32.0/21 maxlen: 24 109.176.40.0/21 maxlen: 24 109.176.48.0/21 maxlen: 24 109.176.56.0/21 maxlen: 24 109.176.235.0/24 maxlen: 24 213.130.130.0/24 maxlen: 24 213.130.149.0/24 maxlen: 24 213.218.214.0/24 maxlen: 24 213.218.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:a0:03:87:69:9b:82:37:ce:cb:15:e0:18:de:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=712f520f0ff044b71be123b87807f33c717b2e4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:20:20:09:c8:55:2c:fe:7d:05:4e:94:68:9c: 9b:83:86:9b:0a:b6:17:79:52:34:cd:24:7a:9c:37: 77:73:e3:28:f9:3d:32:a0:23:02:c3:5a:a3:ec:08: ba:25:2f:73:75:68:79:07:10:86:fd:ea:03:dd:b6: 4a:bd:d2:43:13:76:07:3f:96:a0:92:d1:5a:4d:a7: 07:79:0a:05:6b:a7:a0:eb:84:f9:cf:70:c0:98:1a: 21:7f:ff:a4:e3:3b:0a:66:c1:7f:24:49:41:cb:95: 36:52:b0:ef:f8:31:6a:b6:07:a8:77:2c:ce:21:2c: 4a:c5:3c:42:20:94:2b:c1:54:61:53:fe:f4:d8:71: b9:49:03:84:4b:16:a5:9d:dc:fd:0e:da:51:66:d1: b9:9d:09:d5:32:3d:de:6f:18:51:6f:d8:00:90:9c: 23:16:46:9f:e0:81:67:2e:77:97:bf:cd:e7:08:5d: cf:6a:6c:1f:f7:77:2f:88:89:de:0e:d2:79:b0:37: a3:db:eb:87:c3:e4:a5:f7:7c:3d:1f:4c:b1:fb:eb: 56:7b:ea:0c:c6:dd:21:fd:37:8f:2c:54:ea:c4:5b: b0:2e:bb:39:ae:13:74:bc:2e:5e:35:4d:52:cc:9f: 33:7f:3a:1e:f8:46:aa:b9:10:04:ae:cf:ff:84:df: ca:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:2F:52:0F:0F:F0:44:B7:1B:E1:23:B8:78:07:F3:3C:71:7B:2E:4D X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cS9SDw_wRLcb4SO4eAfzPHF7Lk0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.152.57.0-82.152.58.255 82.152.73.0/24 82.152.75.0-82.152.77.255 82.152.79.0/24 82.152.86.0-82.152.88.255 82.152.109.0/24 82.152.226.0/24 82.152.240.0/24 82.152.243.0/24 82.153.38.0/24 82.153.56.0/24 82.153.61.0/24 82.153.79.0/24 82.153.83.0-82.153.84.255 82.153.152.0/24 82.153.186.0/24 82.153.201.0/24 82.153.239.0/24 89.213.98.0/24 89.213.232.0-89.213.237.255 109.176.27.0/24 109.176.32.0/19 109.176.235.0/24 213.130.130.0/24 213.130.149.0/24 213.218.214.0/24 213.218.231.0/24 Signature Algorithm: sha256WithRSAEncryption 1c:a5:dd:e0:30:6e:6a:63:eb:8d:85:cc:f2:e9:b9:b4:cf:c9: c7:6b:84:85:2c:cf:1b:16:e3:b3:3c:3f:12:ab:c5:9a:e0:66: d9:cc:7f:db:ce:f3:f9:2d:b0:f1:a7:04:db:70:e6:3d:df:65: b6:92:ad:54:dc:63:4f:36:6c:a2:c5:da:d2:5b:5a:c8:de:af: 71:56:d0:7b:c1:b5:4b:0f:67:2a:3d:9a:4e:98:8d:10:42:81: a8:51:13:07:64:57:29:14:1e:e8:16:f7:61:28:cc:88:c3:f7: e6:d5:c2:12:0d:a6:54:c1:fa:46:44:3c:03:64:1f:65:42:c0: 3f:8d:fc:eb:4c:ea:19:65:71:db:f8:f3:3e:16:bd:03:64:31: 92:22:72:35:a1:a1:4f:b9:6b:58:d4:0b:b3:37:62:eb:b4:2b: 8d:62:be:18:a1:ee:8f:53:6e:29:f0:56:0f:f6:24:9a:79:b5: 4d:2e:e2:45:1c:d2:1d:2f:c9:0d:05:e1:a0:6c:74:ab:ba:cb: f7:63:f6:57:3d:42:7d:1c:52:7b:eb:62:f9:58:87:e4:0f:01: 4f:e6:2a:6c:37:7f:63:58:f9:4c:80:67:68:90:62:c3:0d:4f: 26:ae:f9:8d:e3:e8:ae:4c:ad:e4:5d:ea:97:22:36:ea:fd:9b: 11:5d:aa:fa -----BEGIN CERTIFICATE----- MIIFxjCCBK6gAwIBAgISAZt6WqADh2mbgjfOyxXgGN5LMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MTJmNTIwZjBmZjA0NGI3MWJlMTIzYjg3ODA3ZjMzYzcxN2IyZTRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziAgCchVLP59BU6UaJybg4abCrYX eVI0zSR6nDd3c+Mo+T0yoCMCw1qj7Ai6JS9zdWh5BxCG/eoD3bZKvdJDE3YHP5ag ktFaTacHeQoFa6eg64T5z3DAmBohf/+k4zsKZsF/JElBy5U2UrDv+DFqtgeodyzO ISxKxTxCIJQrwVRhU/702HG5SQOESxalndz9DtpRZtG5nQnVMj3ebxhRb9gAkJwj Fkaf4IFnLneXv83nCF3Pamwf93cviIneDtJ5sDej2+uHw+Sl93w9H0yx++tWe+oM xt0h/TePLFTqxFuwLrs5rhN0vC5eNU1SzJ8zfzoe+EaquRAErs//hN/K5wIDAQAB o4IC0jCCAs4wHQYDVR0OBBYEFHEvUg8P8ES3G+EjuHgH8zxxey5NMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvY1M5U0R3X3dSTGNiNFNPNGVBZnpQSEY3TGswLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcowDAME AFKYOQMEAFKYOgMEAFKYSTAMAwQAUphLAwQBUphMAwQAUphPMAwDBAFSmFYDBABS mFgDBABSmG0DBABSmOIDBABSmPADBABSmPMDBABSmSYDBABSmTgDBABSmT0DBABS mU8wDAMEAFKZUwMEAFKZVAMEAFKZmAMEAFKZugMEAFKZyQMEAFKZ7wMEAFnVYjAM AwQDWdXoAwQBWdXsAwQAbbAbAwQFbbAgAwQAbbDrAwQA1YKCAwQA1YKVAwQA1drW AwQA1drnMA0GCSqGSIb3DQEBCwUAA4IBAQAcpd3gMG5qY+uNhczy6bm0z8nHa4SF LM8bFuOzPD8Sq8Wa4GbZzH/bzvP5LbDxpwTbcOY932W2kq1U3GNPNmyixdrSW1rI 3q9xVtB7wbVLD2cqPZpOmI0QQoGoURMHZFcpFB7oFvdhKMyIw/fm1cISDaZUwfpG RDwDZB9lQsA/jfzrTOoZZXHb+PM+Fr0DZDGSInI1oaFPuWtY1AuzN2LrtCuNYr4Y oe6PU24p8FYP9iSaebVNLuJFHNIdL8kNBeGgbHSrusv3Y/ZXPUJ9HFJ762L5WIfk DwFP5ipsN39jWPlMgGdokGLDDU8mrvmN4+iuTK3kXeqXIjbq/ZsRXar6 -----END CERTIFICATE-----Generated at Sun Jan 25 14:36:01 2026 by rpki-client