This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/v9YovKS0rkxgh-imaNT6dS4t8wE.roa File: v9YovKS0rkxgh-imaNT6dS4t8wE.roa (raw, json) Hash identifier: +gjCRrqjahMp/Uxvqf8OR5Yjihz0o/VceeWEOtR4+ZI= Subject key identifier: BF:D6:28:BC:A4:B4:AE:4C:60:87:E8:A6:68:D4:FA:75:2E:2D:F3:01 Certificate issuer: /CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4 Certificate serial: 019B7F83DA86E0BCB91DBA2652E0B9D735A8 Authority key identifier: 8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/v9YovKS0rkxgh-imaNT6dS4t8wE.roa Signing time: Fri 02 Jan 2026 16:21:46 +0000 ROA not before: Fri 02 Jan 2026 16:21:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204437 IP address blocks: 192.33.88.0/24 maxlen: 24 2001:67c:2e40::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/jagkvGMczuGumdcQOv0tx08eKcQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/jagkvGMczuGumdcQOv0tx08eKcQ.mft rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:da:86:e0:bc:b9:1d:ba:26:52:e0:b9:d7:35:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4 Validity Not Before: Jan 2 16:21:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bfd628bca4b4ae4c6087e8a668d4fa752e2df301 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:cd:d9:b1:3c:ca:0a:f8:62:b4:4e:37:1d:7d: 53:6c:58:e5:2a:b3:3b:49:ef:c9:83:42:6f:30:9c: 4c:21:87:23:83:b0:87:12:a1:e0:e1:ac:35:80:59: cb:df:c6:50:7e:84:11:87:a7:e5:11:7f:fa:f7:d6: e6:e2:f2:9a:61:80:7a:52:2c:7a:8a:fb:df:f9:46: 44:ee:26:a9:9c:61:45:17:6d:4d:60:c9:d0:4e:a9: 6f:03:77:9f:2c:a0:8a:3e:9f:31:e0:86:82:64:41: 24:19:ef:b7:99:e4:ad:b7:5d:89:21:91:e4:17:ae: 59:d8:01:74:8a:bf:fd:fa:0e:39:5a:f5:74:1e:a0: ec:a1:57:ba:a6:e4:ee:43:69:80:ac:d7:02:c9:e9: fd:b6:b8:f7:b9:0f:d9:58:ce:da:d1:f5:ec:da:fb: 3d:61:d2:7a:45:4d:83:ea:01:4c:3e:9f:9e:f3:3c: 0c:29:27:7e:ca:a1:0e:ad:67:54:70:2c:ba:f8:15: 60:bc:a4:3c:a1:98:f3:7a:03:be:a6:77:8c:5a:23: 45:53:a2:be:ba:13:e2:51:da:33:7a:42:a0:cb:62: cb:76:33:ce:22:83:4f:d2:cb:aa:4c:4f:52:7c:e5: 54:b5:f3:9b:70:61:14:e2:6b:2d:47:9c:96:c9:40: dd:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:D6:28:BC:A4:B4:AE:4C:60:87:E8:A6:68:D4:FA:75:2E:2D:F3:01 X509v3 Authority Key Identifier: keyid:8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/v9YovKS0rkxgh-imaNT6dS4t8wE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/jagkvGMczuGumdcQOv0tx08eKcQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.33.88.0/24 IPv6: 2001:67c:2e40::/48 Signature Algorithm: sha256WithRSAEncryption 29:3e:5c:9d:4d:a4:6c:07:87:f1:b7:f2:c4:df:86:ee:97:bf: 70:ed:3b:68:4a:56:03:b7:3d:de:b2:4e:68:82:62:39:77:ba: a4:ce:c9:1a:4a:18:53:cb:7d:7d:8a:f4:1e:18:5c:79:5b:1c: 47:2d:99:15:6a:d0:e3:ae:9e:93:88:6e:b7:df:97:f5:90:b3: 88:4d:dc:e4:d6:28:42:33:c1:84:bb:cf:fe:ad:6b:f8:f0:15: fd:36:75:47:7d:aa:e9:7c:e4:f8:4c:3d:5a:40:f4:0a:16:50: e4:ba:30:3e:f3:53:50:bf:89:fc:d4:99:40:ac:d1:ea:6b:35: 2b:91:cf:10:17:7d:79:cd:b7:02:11:28:6a:e2:81:ba:a6:20: 23:04:70:49:4f:cf:fa:65:c5:72:97:0c:fc:3e:f3:9b:3c:a3: 45:71:dc:df:07:80:01:ee:22:34:8d:51:fa:1f:1c:26:88:a8: 37:ee:e4:f1:72:51:ae:29:a5:fc:f7:c5:23:41:f9:f1:f5:c1: 90:93:85:21:9e:73:a0:22:97:96:8d:25:3d:99:54:3f:ca:5e: 3e:d1:94:95:56:89:94:f8:29:05:e0:75:90:7b:c3:f7:9a:70: 14:96:bb:ea:16:9c:4c:2d:26:2b:3c:f6:09:59:44:59:d1:3f: e4:d0:83:84 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/g9qG4Ly5HbomUuC51zWoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkYTgyNGJjNjMxY2NlZTFhZTk5ZDcxMDNhZmQyZGM3NGYx ZTI5YzQwHhcNMjYwMTAyMTYyMTQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZmQ2MjhiY2E0YjRhZTRjNjA4N2U4YTY2OGQ0ZmE3NTJlMmRmMzAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAms3ZsTzKCvhitE43HX1TbFjlKrM7 Se/Jg0JvMJxMIYcjg7CHEqHg4aw1gFnL38ZQfoQRh6flEX/699bm4vKaYYB6Uix6 ivvf+UZE7iapnGFFF21NYMnQTqlvA3efLKCKPp8x4IaCZEEkGe+3meStt12JIZHk F65Z2AF0ir/9+g45WvV0HqDsoVe6puTuQ2mArNcCyen9trj3uQ/ZWM7a0fXs2vs9 YdJ6RU2D6gFMPp+e8zwMKSd+yqEOrWdUcCy6+BVgvKQ8oZjzegO+pneMWiNFU6K+ uhPiUdozekKgy2LLdjPOIoNP0suqTE9SfOVUtfObcGEU4mstR5yWyUDdEwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFL/WKLyktK5MYIfopmjU+nUuLfMBMB8GA1UdIwQY MBaAFI2oJLxjHM7hrpnXEDr9LcdPHinEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUt Mzg2YzFmOGIwNjQwLzEvdjlZb3ZLUzBya3hnaC1pbWFOVDZkUzR0OHdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUtMzg2YzFmOGIwNjQw LzEvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwCFYMA8E AgACMAkDBwAgAQZ8LkAwDQYJKoZIhvcNAQELBQADggEBACk+XJ1NpGwHh/G38sTf hu6Xv3DtO2hKVgO3Pd6yTmiCYjl3uqTOyRpKGFPLfX2K9B4YXHlbHEctmRVq0OOu npOIbrffl/WQs4hN3OTWKEIzwYS7z/6ta/jwFf02dUd9qul85PhMPVpA9AoWUOS6 MD7zU1C/ifzUmUCs0eprNSuRzxAXfXnNtwIRKGrigbqmICMEcElPz/plxXKXDPw+ 85s8o0Vx3N8HgAHuIjSNUfofHCaIqDfu5PFyUa4ppfz3xSNB+fH1wZCThSGec6Ai l5aNJT2ZVD/KXj7RlJVWiZT4KQXgdZB7w/eacBSWu+oWnEwtJis89glZRFnRP+TQ g4Q= -----END CERTIFICATE-----Generated at Sun Jan 25 15:15:05 2026 by rpki-client