This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/0POn4eiSe4D7lLX8DICoyCNVffg.roa File: 0POn4eiSe4D7lLX8DICoyCNVffg.roa (raw, json) Hash identifier: IuTOIfnYnKgQ1QMnujowbH+xUlcXahzENOK89qB7q6Y= Subject key identifier: D0:F3:A7:E1:E8:92:7B:80:FB:94:B5:FC:0C:80:A8:C8:23:55:7D:F8 Certificate issuer: /CN=8b21ffade930bd1fd2e1788cff407d9d34134e17 Certificate serial: 019B797E9315DC16FAFDFC9F9139DCB4BB33 Authority key identifier: 8B:21:FF:AD:E9:30:BD:1F:D2:E1:78:8C:FF:40:7D:9D:34:13:4E:17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iyH_rekwvR_S4XiM_0B9nTQTThc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/0POn4eiSe4D7lLX8DICoyCNVffg.roa Signing time: Thu 01 Jan 2026 12:18:16 +0000 ROA not before: Thu 01 Jan 2026 12:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204782 IP address blocks: 185.240.96.0/22 maxlen: 22 2a0c:7a80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/iyH_rekwvR_S4XiM_0B9nTQTThc.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/iyH_rekwvR_S4XiM_0B9nTQTThc.mft rsync://rpki.ripe.net/repository/DEFAULT/iyH_rekwvR_S4XiM_0B9nTQTThc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 21:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:93:15:dc:16:fa:fd:fc:9f:91:39:dc:b4:bb:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b21ffade930bd1fd2e1788cff407d9d34134e17 Validity Not Before: Jan 1 12:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d0f3a7e1e8927b80fb94b5fc0c80a8c823557df8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:66:06:0c:0f:51:3d:72:96:dd:2c:4e:0a:57: 2d:fc:2b:95:04:3b:cf:78:d1:2e:95:c5:53:72:c4: e3:60:21:91:ed:9e:9e:32:6d:18:95:07:51:d5:87: cf:20:2b:67:e9:b4:0c:65:f3:dd:46:c7:71:e8:65: 30:07:9a:0e:fb:37:3b:f1:5c:cb:30:6e:4c:e1:f6: 9f:98:e3:33:ac:53:c1:db:d6:6d:9f:d7:55:e3:49: 90:44:58:49:d7:48:b7:91:59:25:0e:0a:ae:82:63: 98:75:bd:d3:e6:c8:d3:91:c1:dc:57:63:63:7d:5f: e3:0d:58:35:7e:9d:6c:be:ea:f2:88:ef:5c:bf:91: eb:5c:87:a8:48:91:4a:7b:35:65:c0:13:64:bc:ae: 6a:11:70:66:94:8d:21:6c:92:4c:c0:74:b0:bc:e8: b0:72:68:9d:d3:d3:8c:41:ba:18:d5:ef:34:2c:3e: 82:7f:a1:42:a6:45:3e:de:49:27:41:be:e7:a2:c4: e4:d8:9a:be:ac:f8:f9:9d:78:e6:c4:65:83:d6:74: 02:ca:9c:5c:78:c2:ef:d4:39:e1:cd:c2:1f:65:93: d5:8f:46:1f:b4:10:2b:74:98:84:07:84:4a:26:32: 23:89:8d:2a:03:d2:a3:3a:51:1b:be:18:e0:09:0b: be:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:F3:A7:E1:E8:92:7B:80:FB:94:B5:FC:0C:80:A8:C8:23:55:7D:F8 X509v3 Authority Key Identifier: keyid:8B:21:FF:AD:E9:30:BD:1F:D2:E1:78:8C:FF:40:7D:9D:34:13:4E:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iyH_rekwvR_S4XiM_0B9nTQTThc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/0POn4eiSe4D7lLX8DICoyCNVffg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9ce0eb-3aba-4b36-b7c4-425c51d7888b/1/iyH_rekwvR_S4XiM_0B9nTQTThc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.240.96.0/22 IPv6: 2a0c:7a80::/29 Signature Algorithm: sha256WithRSAEncryption 93:b3:2b:a6:e4:27:82:fd:55:04:c4:14:f2:46:59:d7:fd:26: 34:db:8f:19:11:19:85:f6:09:27:16:26:ff:99:d6:81:af:91: 8d:e7:5e:c4:7d:8c:f7:f2:ce:17:ae:94:36:11:92:f4:f6:99: 81:74:5b:92:d6:89:0b:5d:79:95:99:a2:59:24:70:93:12:9b: fc:27:79:b9:23:25:81:19:c1:21:25:ef:9c:90:74:ff:fb:bf: d0:ed:2d:88:04:fc:85:cf:f1:e2:e6:bd:89:70:66:d4:82:e0: 6f:e0:55:08:48:85:da:44:24:47:14:39:23:43:e0:31:73:14: 35:65:dc:67:90:a2:1f:2a:76:32:d0:3a:64:e1:42:a8:fd:b6: 3d:17:54:e4:4f:a4:78:a1:3f:67:b3:fb:5a:69:18:17:3d:64: 40:09:aa:d0:29:52:4a:51:17:07:c2:b6:98:b9:f0:03:8c:99: 5f:ef:38:37:51:8e:10:65:0a:03:df:97:f6:bb:e1:93:9a:6b: f0:9f:87:99:71:4a:fc:6f:81:26:36:de:60:30:06:9e:16:c7: 67:4c:3a:00:c8:e8:a7:be:f3:fb:36:cf:8c:db:c8:8e:10:59: c5:8e:de:a8:fb:3c:5e:a5:30:f4:67:f3:80:fb:b0:1c:e1:f0: 15:16:e9:42 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5fpMV3Bb6/fyfkTnctLszMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhiMjFmZmFkZTkzMGJkMWZkMmUxNzg4Y2ZmNDA3ZDlkMzQx MzRlMTcwHhcNMjYwMTAxMTIxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMGYzYTdlMWU4OTI3YjgwZmI5NGI1ZmMwYzgwYThjODIzNTU3ZGY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2YGDA9RPXKW3SxOClct/CuVBDvP eNEulcVTcsTjYCGR7Z6eMm0YlQdR1YfPICtn6bQMZfPdRsdx6GUwB5oO+zc78VzL MG5M4fafmOMzrFPB29Ztn9dV40mQRFhJ10i3kVklDgqugmOYdb3T5sjTkcHcV2Nj fV/jDVg1fp1svuryiO9cv5HrXIeoSJFKezVlwBNkvK5qEXBmlI0hbJJMwHSwvOiw cmid09OMQboY1e80LD6Cf6FCpkU+3kknQb7nosTk2Jq+rPj5nXjmxGWD1nQCypxc eMLv1DnhzcIfZZPVj0YftBArdJiEB4RKJjIjiY0qA9KjOlEbvhjgCQu+hQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFNDzp+HoknuA+5S1/AyAqMgjVX34MB8GA1UdIwQY MBaAFIsh/63pML0f0uF4jP9AfZ00E04XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXlIX3Jla3d2Ul9TNFhpTV8wQjluVFFUVGhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85Y2UwZWItM2FiYS00YjM2LWI3YzQt NDI1YzUxZDc4ODhiLzEvMFBPbjRlaVNlNEQ3bExYOERJQ295Q05WZmZnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi85Y2UwZWItM2FiYS00YjM2LWI3YzQtNDI1YzUxZDc4ODhi LzEvaXlIX3Jla3d2Ul9TNFhpTV8wQjluVFFUVGhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufBgMA0E AgACMAcDBQMqDHqAMA0GCSqGSIb3DQEBCwUAA4IBAQCTsyum5CeC/VUExBTyRlnX /SY0248ZERmF9gknFib/mdaBr5GN517EfYz38s4XrpQ2EZL09pmBdFuS1okLXXmV maJZJHCTEpv8J3m5IyWBGcEhJe+ckHT/+7/Q7S2IBPyFz/Hi5r2JcGbUguBv4FUI SIXaRCRHFDkjQ+AxcxQ1ZdxnkKIfKnYy0Dpk4UKo/bY9F1TkT6R4oT9ns/taaRgX PWRACarQKVJKURcHwraYufADjJlf7zg3UY4QZQoD35f2u+GTmmvwn4eZcUr8b4Em Nt5gMAaeFsdnTDoAyOinvvP7Ns+M28iOEFnFjt6o+zxepTD0Z/OA+7Ac4fAVFulC -----END CERTIFICATE-----Generated at Mon Jan 26 06:32:33 2026 by rpki-client