This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/lIy9zQMHNpi1v4RKAbwfpcq16JY.roa File: lIy9zQMHNpi1v4RKAbwfpcq16JY.roa (raw, json) Hash identifier: GuxM6yqJlPjVIDlbR8g1Fv5lkMvj//jwJnCdhjFyz9M= Subject key identifier: 94:8C:BD:CD:03:07:36:98:B5:BF:84:4A:01:BC:1F:A5:CA:B5:E8:96 Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3 Certificate serial: 019B797E47CB674E429AC0E199800D5F1224 Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/lIy9zQMHNpi1v4RKAbwfpcq16JY.roa Signing time: Thu 01 Jan 2026 12:17:57 +0000 ROA not before: Thu 01 Jan 2026 12:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210712 IP address blocks: 5.39.200.0/22 maxlen: 24 46.29.224.0/21 maxlen: 24 78.111.112.0/20 maxlen: 24 91.192.32.0/22 maxlen: 24 93.91.144.0/20 maxlen: 24 109.235.0.0/21 maxlen: 24 185.15.108.0/22 maxlen: 24 185.40.80.0/22 maxlen: 24 185.94.4.0/22 maxlen: 24 213.109.172.0/22 maxlen: 24 217.75.208.0/20 maxlen: 24 2a02:17a0::/29 maxlen: 32 2a02:17a0::/30 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:47:cb:67:4e:42:9a:c0:e1:99:80:0d:5f:12:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3 Validity Not Before: Jan 1 12:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=948cbdcd03073698b5bf844a01bc1fa5cab5e896 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:d9:ec:33:27:5f:bd:8a:ba:d9:73:08:c5:aa: c5:74:cc:40:6d:a8:98:f0:4b:66:06:3b:dc:50:82: 91:c1:4a:ec:ba:9f:00:df:d3:bf:17:2b:c2:29:31: e4:00:7f:cd:a6:d3:bd:af:40:83:7b:05:64:67:4d: be:25:78:16:91:42:99:af:1f:b3:d0:b4:8f:a9:b7: 2d:ff:98:52:4a:61:08:02:0f:43:a5:75:4a:62:62: 1d:a4:1a:1d:cb:b1:8f:6c:d6:f2:43:ad:95:e6:1f: 0c:f2:5b:e5:1b:54:d5:59:68:1a:f1:ca:6d:d2:cd: 0a:b8:fd:59:e1:48:83:26:4a:84:ed:e1:08:cf:49: b2:fa:1d:bd:9a:d3:cb:c4:47:bd:46:07:c2:6e:ad: ca:d4:26:b9:d3:9a:c4:11:0b:d4:41:0e:e3:48:17: 76:9d:ad:b4:1f:ba:97:2c:f4:5a:d9:4f:f4:49:46: 75:fc:95:bb:9e:ef:b0:9d:73:3a:ed:4a:95:49:5a: 2a:fc:a4:8a:24:3b:e7:57:d2:4f:86:b7:d7:d6:96: 10:5b:b1:55:93:c5:9e:c3:6e:a0:89:0a:d5:c0:24: 33:05:47:99:78:f5:d6:98:2c:9c:47:02:41:9c:5b: 27:73:07:e9:c6:67:2e:5b:c0:41:05:89:bb:e4:66: 7a:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:8C:BD:CD:03:07:36:98:B5:BF:84:4A:01:BC:1F:A5:CA:B5:E8:96 X509v3 Authority Key Identifier: keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/lIy9zQMHNpi1v4RKAbwfpcq16JY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.39.200.0/22 46.29.224.0/21 78.111.112.0/20 91.192.32.0/22 93.91.144.0/20 109.235.0.0/21 185.15.108.0/22 185.40.80.0/22 185.94.4.0/22 213.109.172.0/22 217.75.208.0/20 IPv6: 2a02:17a0::/29 Signature Algorithm: sha256WithRSAEncryption 16:60:7e:d1:54:4c:11:1e:1c:b0:9f:19:b7:6c:f4:fe:b1:26: dd:3e:f2:50:65:5e:75:6a:a9:45:2d:4f:df:3b:95:d5:13:2b: b8:bc:50:c4:c3:11:ce:b0:5b:c0:41:f4:fe:01:85:b6:aa:de: 56:32:84:31:48:46:69:24:2e:35:68:8b:d7:68:2f:ff:55:51: d0:0e:b6:43:cd:9b:05:13:18:1b:43:8a:0b:3d:0f:09:7d:74: 65:e4:b2:72:c9:21:b4:4b:77:73:f8:29:de:5b:8a:25:83:48: 87:5c:50:7b:7f:d4:64:bb:c8:37:78:27:e5:1c:21:b9:db:0e: 5f:29:ba:f6:89:5b:a2:24:0f:d2:60:e1:87:2a:4a:75:a7:55: a9:e7:21:c7:48:85:8b:d2:a6:5f:a9:cc:a4:6a:0b:ea:be:53: ea:8d:7b:b5:d2:ee:c5:77:10:fb:b9:4a:9f:58:4f:35:68:cd: 54:34:52:79:ed:8c:bf:69:af:35:79:b7:92:7a:36:5a:6d:be: 31:c4:9d:f9:2e:bc:fe:67:1e:bf:d8:b6:5c:e2:af:ac:1c:6b: 96:f6:9a:ed:4d:fe:03:5c:36:13:83:f2:06:6f:cf:2b:17:c5: a7:f8:8b:c3:65:81:ad:01:0d:96:fa:79:99:95:93:96:ec:7a: fe:74:3c:be -----BEGIN CERTIFICATE----- MIIFSDCCBDCgAwIBAgISAZt5fkfLZ05CmsDhmYANXxIkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2 MGY2ZjMwHhcNMjYwMTAxMTIxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NDhjYmRjZDAzMDczNjk4YjViZjg0NGEwMWJjMWZhNWNhYjVlODk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttnsMydfvYq62XMIxarFdMxAbaiY 8EtmBjvcUIKRwUrsup8A39O/FyvCKTHkAH/NptO9r0CDewVkZ02+JXgWkUKZrx+z 0LSPqbct/5hSSmEIAg9DpXVKYmIdpBody7GPbNbyQ62V5h8M8lvlG1TVWWga8cpt 0s0KuP1Z4UiDJkqE7eEIz0my+h29mtPLxEe9RgfCbq3K1Ca505rEEQvUQQ7jSBd2 na20H7qXLPRa2U/0SUZ1/JW7nu+wnXM67UqVSVoq/KSKJDvnV9JPhrfX1pYQW7FV k8Wew26giQrVwCQzBUeZePXWmCycRwJBnFsncwfpxmcuW8BBBYm75GZ67QIDAQAB o4ICVDCCAlAwHQYDVR0OBBYEFJSMvc0DBzaYtb+ESgG8H6XKteiWMB8GA1UdIwQY MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It ZDFhYmY0ZWUzMmNiLzEvbEl5OXpRTUhOcGkxdjRSS0Fid2ZwY3ExNkpZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQCBSfIAwQD Lh3gAwQETm9wAwQCW8AgAwQEXVuQAwQDbesAAwQCuQ9sAwQCuShQAwQCuV4EAwQC 1W2sAwQE2UvQMA0EAgACMAcDBQMqAhegMA0GCSqGSIb3DQEBCwUAA4IBAQAWYH7R VEwRHhywnxm3bPT+sSbdPvJQZV51aqlFLU/fO5XVEyu4vFDEwxHOsFvAQfT+AYW2 qt5WMoQxSEZpJC41aIvXaC//VVHQDrZDzZsFExgbQ4oLPQ8JfXRl5LJyySG0S3dz +CneW4olg0iHXFB7f9Rku8g3eCflHCG52w5fKbr2iVuiJA/SYOGHKkp1p1Wp5yHH SIWL0qZfqcykagvqvlPqjXu10u7FdxD7uUqfWE81aM1UNFJ57Yy/aa81ebeSejZa bb4xxJ35Lrz+Zx6/2LZc4q+sHGuW9prtTf4DXDYTg/IGb88rF8Wn+IvDZYGtAQ2W +nmZlZOW7Hr+dDy+ -----END CERTIFICATE-----Generated at Mon Jan 26 01:01:57 2026 by rpki-client