This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/d25015-7d24-4ad5-a2c1-ac4e28c2c5b6/1/c09YJVIz1gAeeersG-N_XV14zPo.roa File: c09YJVIz1gAeeersG-N_XV14zPo.roa (raw, json) Hash identifier: A4WIJzWdDctFX+Ynr5FMyCdWVozIwFvvlX52iKZ/Phw= Subject key identifier: 73:4F:58:25:52:33:D6:00:1E:79:EA:EC:1B:E3:7F:5D:5D:78:CC:FA Certificate issuer: /CN=ca8160efe39f1a3077fdd2faf22a64804b541382 Certificate serial: 019B7F159018A0A500385FFCD228313D70FD Authority key identifier: CA:81:60:EF:E3:9F:1A:30:77:FD:D2:FA:F2:2A:64:80:4B:54:13:82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yoFg7-OfGjB3_dL68ipkgEtUE4I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/d25015-7d24-4ad5-a2c1-ac4e28c2c5b6/1/c09YJVIz1gAeeersG-N_XV14zPo.roa Signing time: Fri 02 Jan 2026 14:21:18 +0000 ROA not before: Fri 02 Jan 2026 14:21:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56503 IP address blocks: 91.106.64.0/24 maxlen: 24 91.106.65.0/24 maxlen: 24 91.106.66.0/24 maxlen: 24 91.106.67.0/24 maxlen: 24 91.106.68.0/24 maxlen: 24 91.106.69.0/24 maxlen: 24 91.106.70.0/24 maxlen: 24 91.106.71.0/24 maxlen: 24 91.106.72.0/24 maxlen: 24 91.106.73.0/24 maxlen: 24 91.106.74.0/24 maxlen: 24 91.106.75.0/24 maxlen: 24 91.106.76.0/24 maxlen: 24 91.106.77.0/24 maxlen: 24 91.106.78.0/24 maxlen: 24 91.106.79.0/24 maxlen: 24 91.106.80.0/24 maxlen: 24 91.106.81.0/24 maxlen: 24 91.106.82.0/24 maxlen: 24 91.106.83.0/24 maxlen: 24 91.106.84.0/24 maxlen: 24 91.106.85.0/24 maxlen: 24 91.106.86.0/24 maxlen: 24 91.106.87.0/24 maxlen: 24 91.106.88.0/24 maxlen: 24 91.106.89.0/24 maxlen: 24 91.106.90.0/24 maxlen: 24 91.106.91.0/24 maxlen: 24 91.106.92.0/24 maxlen: 24 91.106.93.0/24 maxlen: 24 91.106.94.0/24 maxlen: 24 91.106.95.0/24 maxlen: 24 185.26.232.0/23 maxlen: 23 185.26.234.0/23 maxlen: 23 185.103.244.0/22 maxlen: 22 185.103.248.0/22 maxlen: 22 185.104.232.0/22 maxlen: 22 185.104.240.0/22 maxlen: 22 185.106.136.0/22 maxlen: 22 185.106.144.0/22 maxlen: 22 185.107.28.0/24 maxlen: 24 185.107.29.0/24 maxlen: 24 185.107.30.0/23 maxlen: 23 185.108.164.0/22 maxlen: 22 2a04:1380::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/d25015-7d24-4ad5-a2c1-ac4e28c2c5b6/1/yoFg7-OfGjB3_dL68ipkgEtUE4I.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/d25015-7d24-4ad5-a2c1-ac4e28c2c5b6/1/yoFg7-OfGjB3_dL68ipkgEtUE4I.mft rsync://rpki.ripe.net/repository/DEFAULT/yoFg7-OfGjB3_dL68ipkgEtUE4I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:90:18:a0:a5:00:38:5f:fc:d2:28:31:3d:70:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca8160efe39f1a3077fdd2faf22a64804b541382 Validity Not Before: Jan 2 14:21:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=734f58255233d6001e79eaec1be37f5d5d78ccfa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:dd:a8:1d:e2:3b:b5:fe:93:12:93:a8:0f:16: 28:77:18:86:08:b6:c8:31:80:63:d9:f4:b4:b3:58: db:1f:51:c1:bd:08:a8:52:c4:1d:7c:fb:45:42:53: 07:43:b7:59:9e:15:d1:b4:c4:85:f7:e2:0d:0b:e6: 7b:3a:7f:f6:9b:ec:50:31:ff:7c:35:c8:72:be:66: 04:74:a3:f9:2d:3d:95:0c:5a:40:87:eb:f3:e0:13: c0:ce:97:35:3f:db:23:ec:b2:76:cf:72:a8:bf:d1: c9:d8:f3:28:ff:84:1c:f0:0e:26:5e:d5:7b:41:0d: 5d:8d:67:a7:d9:92:b6:2f:ac:5a:67:80:7e:cf:c1: b3:fd:aa:0a:a7:fc:79:e9:bf:48:3a:6c:18:3b:15: fd:ac:a9:bc:fb:b7:8d:7c:64:b0:28:26:0e:00:05: 66:2e:e8:83:6f:a1:df:28:64:eb:91:8a:00:02:c1: 7f:98:46:47:44:d5:79:cf:39:05:62:78:99:e2:1a: 88:5c:50:99:4b:81:d1:f2:0d:7d:d6:2b:81:cc:e8: f3:1f:69:1d:09:2e:28:57:52:63:d6:1e:b4:ce:23: a3:47:8e:8e:16:c0:d6:7d:0b:de:80:0d:47:05:7e: 67:94:8c:54:af:a4:1b:db:3f:5f:3b:8a:96:f2:37: 71:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:4F:58:25:52:33:D6:00:1E:79:EA:EC:1B:E3:7F:5D:5D:78:CC:FA X509v3 Authority Key Identifier: keyid:CA:81:60:EF:E3:9F:1A:30:77:FD:D2:FA:F2:2A:64:80:4B:54:13:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yoFg7-OfGjB3_dL68ipkgEtUE4I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d25015-7d24-4ad5-a2c1-ac4e28c2c5b6/1/c09YJVIz1gAeeersG-N_XV14zPo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/d25015-7d24-4ad5-a2c1-ac4e28c2c5b6/1/yoFg7-OfGjB3_dL68ipkgEtUE4I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.106.64.0/19 185.26.232.0/22 185.103.244.0-185.103.251.255 185.104.232.0/22 185.104.240.0/22 185.106.136.0/22 185.106.144.0/22 185.107.28.0/22 185.108.164.0/22 IPv6: 2a04:1380::/29 Signature Algorithm: sha256WithRSAEncryption 99:02:89:32:3f:5a:8b:9e:46:34:00:bc:48:23:2d:10:4c:14: 6f:ee:6f:69:63:e4:ab:a8:36:20:22:b6:0b:f1:d1:2d:27:1a: 55:e5:f0:f7:e6:4c:ee:35:7c:22:8d:5c:5a:40:a5:18:ba:ea: 27:35:39:50:b1:30:d2:6b:08:df:6d:d1:f0:30:af:6b:7e:70: 7e:1e:82:d7:ee:43:d4:a1:ff:43:28:c8:a6:94:d2:09:f3:16: 22:6c:a6:e1:73:ec:7e:6d:62:2b:ff:7d:9b:3f:b8:72:c5:79: a2:c5:04:ba:1b:ed:3a:5a:b3:a9:86:4a:cd:d7:a2:00:c7:4f: ba:b0:2f:0f:61:54:b9:e1:01:71:6b:69:2d:ff:86:83:fd:da: ea:4b:31:0a:ae:25:08:ba:50:97:02:fa:13:45:44:c2:5a:b1: 9d:58:c0:76:d1:63:ab:0f:a4:85:5c:84:f3:b6:c0:2e:2c:9b: aa:59:e8:73:57:6c:8d:c5:02:7e:eb:82:53:24:84:2d:56:df: ed:cd:98:d5:b3:90:01:20:c4:f7:f9:58:66:90:9d:85:f6:ba: cf:60:63:ad:8d:0c:7a:19:b0:9a:64:a1:07:00:1c:e6:19:c7: 70:1c:5d:b6:b5:7b:eb:f3:d6:ba:56:51:f6:24:d1:d5:5e:df: 4b:ac:fe:b8 -----BEGIN CERTIFICATE----- MIIFRDCCBCygAwIBAgISAZt/FZAYoKUAOF/80igxPXD9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhODE2MGVmZTM5ZjFhMzA3N2ZkZDJmYWYyMmE2NDgwNGI1 NDEzODIwHhcNMjYwMTAyMTQyMTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MzRmNTgyNTUyMzNkNjAwMWU3OWVhZWMxYmUzN2Y1ZDVkNzhjY2ZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld2oHeI7tf6TEpOoDxYodxiGCLbI MYBj2fS0s1jbH1HBvQioUsQdfPtFQlMHQ7dZnhXRtMSF9+INC+Z7On/2m+xQMf98 NchyvmYEdKP5LT2VDFpAh+vz4BPAzpc1P9sj7LJ2z3Kov9HJ2PMo/4Qc8A4mXtV7 QQ1djWen2ZK2L6xaZ4B+z8Gz/aoKp/x56b9IOmwYOxX9rKm8+7eNfGSwKCYOAAVm LuiDb6HfKGTrkYoAAsF/mEZHRNV5zzkFYniZ4hqIXFCZS4HR8g191iuBzOjzH2kd CS4oV1Jj1h60ziOjR46OFsDWfQvegA1HBX5nlIxUr6Qb2z9fO4qW8jdxhwIDAQAB o4ICUDCCAkwwHQYDVR0OBBYEFHNPWCVSM9YAHnnq7Bvjf11deMz6MB8GA1UdIwQY MBaAFMqBYO/jnxowd/3S+vIqZIBLVBOCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveW9GZzctT2ZHakIzX2RMNjhpcGtnRXRVRTRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9kMjUwMTUtN2QyNC00YWQ1LWEyYzEt YWM0ZTI4YzJjNWI2LzEvYzA5WUpWSXoxZ0FlZWVyc0ctTl9YVjE0elBvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS9kMjUwMTUtN2QyNC00YWQ1LWEyYzEtYWM0ZTI4YzJjNWI2 LzEveW9GZzctT2ZHakIzX2RMNjhpcGtnRXRVRTRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQFW2pAAwQC uRroMAwDBAK5Z/QDBAK5Z/gDBAK5aOgDBAK5aPADBAK5aogDBAK5apADBAK5axwD BAK5bKQwDQQCAAIwBwMFAyoEE4AwDQYJKoZIhvcNAQELBQADggEBAJkCiTI/Woue RjQAvEgjLRBMFG/ub2lj5KuoNiAitgvx0S0nGlXl8PfmTO41fCKNXFpApRi66ic1 OVCxMNJrCN9t0fAwr2t+cH4egtfuQ9Sh/0MoyKaU0gnzFiJspuFz7H5tYiv/fZs/ uHLFeaLFBLob7Tpas6mGSs3XogDHT7qwLw9hVLnhAXFraS3/hoP92upLMQquJQi6 UJcC+hNFRMJasZ1YwHbRY6sPpIVchPO2wC4sm6pZ6HNXbI3FAn7rglMkhC1W3+3N mNWzkAEgxPf5WGaQnYX2us9gY62NDHoZsJpkoQcAHOYZx3AcXba1e+vz1rpWUfYk 0dVe30us/rg= -----END CERTIFICATE-----Generated at Mon Jan 26 04:20:01 2026 by rpki-client