This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iAmgWnf5puhHH7-Kfcf8JmORePk.roa File: iAmgWnf5puhHH7-Kfcf8JmORePk.roa (raw, json) Hash identifier: 4gmHagIS310aoxBYpTjH7YUnm0FrbwToXnlM2r1MKqQ= Subject key identifier: 88:09:A0:5A:77:F9:A6:E8:47:1F:BF:8A:7D:C7:FC:26:63:91:78:F9 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5AC83A888A781D35C7A194A159AA33 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iAmgWnf5puhHH7-Kfcf8JmORePk.roa Signing time: Thu 01 Jan 2026 16:18:48 +0000 ROA not before: Thu 01 Jan 2026 16:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211826 IP address blocks: 81.168.67.0/24 maxlen: 24 217.145.77.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:c8:3a:88:8a:78:1d:35:c7:a1:94:a1:59:aa:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8809a05a77f9a6e8471fbf8a7dc7fc26639178f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:51:2d:db:54:28:36:bf:38:d2:d7:71:e6:2e: b6:60:d1:ca:08:10:1b:f1:84:14:1d:c0:04:7a:14: 03:e8:73:f8:a4:51:b6:9a:fe:4e:3d:40:9e:2a:56: 63:d3:3f:e3:b3:81:15:0c:4c:e5:9a:d9:e8:dc:81: de:47:53:fc:89:da:56:0e:2e:6c:28:eb:b1:2d:56: dd:b5:d6:4e:ad:9a:b1:fb:ee:62:c1:95:cd:19:b3: 51:d9:16:eb:55:5c:90:b4:3a:5b:f6:40:94:1f:d2: a6:76:53:e8:a1:59:19:2c:2d:30:03:28:17:73:66: 4b:4d:ff:cc:01:35:cf:2c:87:6b:f6:4e:04:a3:90: 7f:61:9a:94:11:b9:ef:76:48:0e:f9:89:7f:2a:76: 62:c7:0f:91:e6:7b:23:2a:61:08:ae:d0:06:e1:be: 47:33:f7:7c:1e:65:55:a5:cc:b3:ac:d8:59:d3:74: f2:c9:5d:aa:ca:b3:76:e2:f8:54:61:9f:fd:7e:a1: 01:93:74:31:52:b5:c3:81:f2:a6:b4:88:b1:83:fb: 97:73:f6:f6:7c:71:3e:14:4c:35:38:49:b2:56:62: d8:8a:db:2f:34:e0:7f:c6:84:ce:0f:04:51:8a:a9: 94:ac:a7:eb:70:18:43:37:be:90:02:e1:1c:25:8f: 36:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:09:A0:5A:77:F9:A6:E8:47:1F:BF:8A:7D:C7:FC:26:63:91:78:F9 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iAmgWnf5puhHH7-Kfcf8JmORePk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.168.67.0/24 217.145.77.0/24 Signature Algorithm: sha256WithRSAEncryption 9d:52:c2:12:aa:65:fd:64:37:a0:f9:cb:db:4b:5d:37:ae:46: 3b:7d:ab:b3:67:cd:6a:e0:26:c1:c7:0e:32:b0:54:73:d2:cc: b8:72:45:7d:0f:2c:3d:c3:31:c6:58:3c:06:ba:78:c8:08:f0: b8:82:87:49:b2:d0:b3:07:8d:02:d8:53:9a:d6:8c:79:ba:61: a0:7d:e5:26:f6:ca:2a:a6:0b:c3:89:10:b8:2c:a1:1a:2e:9e: ec:c5:76:ef:77:70:18:1d:66:31:9e:cf:9e:a6:88:28:5c:64: ed:a5:53:83:28:3a:ea:40:6c:14:47:3d:24:35:8d:99:fa:d6: f5:04:19:df:2c:ec:a1:33:6b:97:90:6e:2d:94:fb:d7:dc:6d: fd:4b:c1:c2:95:c7:9e:65:72:ea:95:bb:28:70:60:b0:be:73: bb:5d:e3:14:be:11:d5:28:8e:fc:aa:f7:4b:bd:a2:f4:87:a6: d1:17:f7:c7:34:c3:e0:80:b2:5b:d1:7f:f4:74:ce:12:93:00: b4:c1:5e:e4:1d:0f:4f:7e:c0:24:77:ef:20:97:90:87:85:86: ec:8d:cc:ad:4a:a0:e1:5d:4b:f3:d1:db:ec:53:86:98:97:31: 02:ad:7f:8b:ba:c7:94:3a:84:69:72:2d:ad:24:dd:47:2e:aa: d6:e2:a7:1c -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6Wsg6iIp4HTXHoZShWaozMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ODA5YTA1YTc3ZjlhNmU4NDcxZmJmOGE3ZGM3ZmMyNjYzOTE3OGY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVEt21QoNr840tdx5i62YNHKCBAb 8YQUHcAEehQD6HP4pFG2mv5OPUCeKlZj0z/js4EVDEzlmtno3IHeR1P8idpWDi5s KOuxLVbdtdZOrZqx++5iwZXNGbNR2RbrVVyQtDpb9kCUH9KmdlPooVkZLC0wAygX c2ZLTf/MATXPLIdr9k4Eo5B/YZqUEbnvdkgO+Yl/KnZixw+R5nsjKmEIrtAG4b5H M/d8HmVVpcyzrNhZ03TyyV2qyrN24vhUYZ/9fqEBk3QxUrXDgfKmtIixg/uXc/b2 fHE+FEw1OEmyVmLYitsvNOB/xoTODwRRiqmUrKfrcBhDN76QAuEcJY82HwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIgJoFp3+aboRx+/in3H/CZjkXj5MB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvaUFtZ1duZjVwdWhISDctS2ZjZjhKbU9SZVBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUahDAwQA 2ZFNMA0GCSqGSIb3DQEBCwUAA4IBAQCdUsISqmX9ZDeg+cvbS103rkY7fauzZ81q 4CbBxw4ysFRz0sy4ckV9Dyw9wzHGWDwGunjICPC4godJstCzB40C2FOa1ox5umGg feUm9soqpgvDiRC4LKEaLp7sxXbvd3AYHWYxns+epogoXGTtpVODKDrqQGwURz0k NY2Z+tb1BBnfLOyhM2uXkG4tlPvX3G39S8HClceeZXLqlbsocGCwvnO7XeMUvhHV KI78qvdLvaL0h6bRF/fHNMPggLJb0X/0dM4SkwC0wV7kHQ9PfsAkd+8gl5CHhYbs jcytSqDhXUvz0dvsU4aYlzECrX+LuseUOoRpci2tJN1HLqrW4qcc -----END CERTIFICATE-----Generated at Sun Jan 25 08:49:14 2026 by rpki-client