This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/67OHgQ9oY03pFObGOEWvUB45FRY.roa File: 67OHgQ9oY03pFObGOEWvUB45FRY.roa (raw, json) Hash identifier: Bw9KDuBO2RcXnPqBfJKA7s6j1vu8KiRAlWxURETULCk= Subject key identifier: EB:B3:87:81:0F:68:63:4D:E9:14:E6:C6:38:45:AF:50:1E:39:15:16 Certificate issuer: /CN=fa1b2478dfe0f33a278b13f42dd319601d6378a8 Certificate serial: 019B7C119BB4E7F3C00A926E07BD01AFF543 Authority key identifier: FA:1B:24:78:DF:E0:F3:3A:27:8B:13:F4:2D:D3:19:60:1D:63:78:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-hskeN_g8zonixP0LdMZYB1jeKg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/67OHgQ9oY03pFObGOEWvUB45FRY.roa Signing time: Fri 02 Jan 2026 00:18:07 +0000 ROA not before: Fri 02 Jan 2026 00:18:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207647 IP address blocks: 87.239.8.0/24 maxlen: 24 87.239.9.0/24 maxlen: 24 87.239.10.0/24 maxlen: 24 87.239.12.0/24 maxlen: 24 87.239.13.0/24 maxlen: 24 87.239.14.0/24 maxlen: 24 87.239.15.0/24 maxlen: 24 2001:678:be4::/48 maxlen: 48 2a13:da40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/1-hskeN_g8zonixP0LdMZYB1jeKg.crl rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/1-hskeN_g8zonixP0LdMZYB1jeKg.mft rsync://rpki.ripe.net/repository/DEFAULT/1-hskeN_g8zonixP0LdMZYB1jeKg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:9b:b4:e7:f3:c0:0a:92:6e:07:bd:01:af:f5:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fa1b2478dfe0f33a278b13f42dd319601d6378a8 Validity Not Before: Jan 2 00:18:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ebb387810f68634de914e6c63845af501e391516 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a7:fa:65:45:f8:44:da:be:6b:4f:81:99:84: d3:c6:7f:3f:d7:4d:0d:1a:8f:99:6e:43:41:aa:f0: c6:1b:5e:0e:81:ad:b8:a9:7e:dc:a3:53:49:0d:fd: 45:3b:a3:c8:97:49:1d:fa:a1:3e:ac:14:9d:c5:d4: b5:31:f3:d6:50:74:3c:14:9c:8d:c3:ee:74:09:25: d1:49:7e:2f:bd:0b:8a:87:f7:80:63:5c:22:b1:a2: bb:ec:8b:85:a9:40:f4:29:ca:79:70:59:c9:ec:f1: 35:28:93:47:41:dc:93:19:87:43:36:a2:99:dc:6f: 9b:dd:7c:88:9f:d6:2e:b8:b7:ca:73:a9:5e:45:e2: e1:bf:ab:aa:91:56:f5:86:3d:9e:16:04:5d:41:69: 93:39:63:ff:b8:11:9e:e3:f4:48:c2:7a:72:1c:57: c5:4a:5f:67:a1:c0:59:c3:d6:59:6c:e5:05:1e:c0: 1c:56:ee:db:8c:5a:71:0c:38:81:98:04:36:dc:76: 84:4b:02:4b:8e:30:7c:57:fd:51:c1:ad:c9:7d:b8: f3:23:61:e0:37:6e:9e:e7:0e:ea:20:6e:b2:bb:64: 64:98:9f:c0:6f:21:95:04:db:74:03:28:e1:54:d2: b9:8b:4f:a2:1f:e6:b2:36:c9:81:9a:31:35:31:d7: 56:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:B3:87:81:0F:68:63:4D:E9:14:E6:C6:38:45:AF:50:1E:39:15:16 X509v3 Authority Key Identifier: keyid:FA:1B:24:78:DF:E0:F3:3A:27:8B:13:F4:2D:D3:19:60:1D:63:78:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-hskeN_g8zonixP0LdMZYB1jeKg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/67OHgQ9oY03pFObGOEWvUB45FRY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/af/08a9c8-4be3-4682-af82-2a1cce7d2c65/1/1-hskeN_g8zonixP0LdMZYB1jeKg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.239.8.0-87.239.10.255 87.239.12.0/22 IPv6: 2001:678:be4::/48 2a13:da40::/29 Signature Algorithm: sha256WithRSAEncryption 0d:e8:f8:7b:fb:7e:34:5e:d5:d7:aa:04:d5:d4:54:2a:2b:49: e3:94:65:f1:40:7e:fa:60:98:6a:b7:e4:41:24:cd:74:5b:c4: c9:dd:58:f0:d7:d7:53:da:5d:23:76:a8:2b:b1:6d:c1:bd:ab: 82:e7:c0:5c:6c:16:67:18:47:55:88:3c:9f:1a:b4:6d:9b:3f: 27:d9:68:03:94:85:ca:cd:9d:58:d6:85:64:bc:57:ec:81:b7: 02:b3:ab:f2:5b:24:99:a2:bb:98:9f:88:bc:8a:7e:0d:0f:27: c8:70:e0:f5:e9:42:7a:6e:f6:c6:0e:43:0f:0e:0c:06:c7:a7: c0:0e:75:04:cc:87:bf:04:48:a3:ad:0a:2c:01:d2:6b:62:c4: 9d:76:96:40:b7:2f:48:83:79:e7:91:b8:db:9c:c1:49:f3:87: 22:18:d9:85:a3:b9:09:37:ce:20:fd:4e:b7:01:db:32:b8:3a: 5f:01:06:37:d6:0b:1c:25:7c:c8:fb:67:44:10:ce:cf:0e:b8: 8a:04:81:a6:06:86:e8:51:1e:08:27:16:1f:90:8c:03:9e:de: 59:f9:3a:44:be:e1:53:8c:eb:b0:85:d9:c2:ef:49:f6:97:ee: 41:77:fe:17:53:00:bd:ae:f9:db:a7:88:8f:1b:6a:b5:02:29: cb:e8:46:c7 -----BEGIN CERTIFICATE----- MIIFJTCCBA2gAwIBAgISAZt8EZu05/PACpJuB70Br/VDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZhMWIyNDc4ZGZlMGYzM2EyNzhiMTNmNDJkZDMxOTYwMWQ2 Mzc4YTgwHhcNMjYwMTAyMDAxODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlYmIzODc4MTBmNjg2MzRkZTkxNGU2YzYzODQ1YWY1MDFlMzkxNTE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6f6ZUX4RNq+a0+BmYTTxn8/100N Go+ZbkNBqvDGG14Oga24qX7co1NJDf1FO6PIl0kd+qE+rBSdxdS1MfPWUHQ8FJyN w+50CSXRSX4vvQuKh/eAY1wisaK77IuFqUD0Kcp5cFnJ7PE1KJNHQdyTGYdDNqKZ 3G+b3XyIn9YuuLfKc6leReLhv6uqkVb1hj2eFgRdQWmTOWP/uBGe4/RIwnpyHFfF Sl9nocBZw9ZZbOUFHsAcVu7bjFpxDDiBmAQ23HaESwJLjjB8V/1Rwa3JfbjzI2Hg N26e5w7qIG6yu2RkmJ/AbyGVBNt0AyjhVNK5i0+iH+ayNsmBmjE1MddWfwIDAQAB o4ICMTCCAi0wHQYDVR0OBBYEFOuzh4EPaGNN6RTmxjhFr1AeORUWMB8GA1UdIwQY MBaAFPobJHjf4PM6J4sT9C3TGWAdY3ioMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1oc2tlTl9nOHpvbml4UDBMZE1aWUIxamVLZy5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWYvMDhhOWM4LTRiZTMtNDY4Mi1hZjgy LTJhMWNjZTdkMmM2NS8xLzY3T0hnUTlvWTAzcEZPYkdPRVd2VUI0NUZSWS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvYWYvMDhhOWM4LTRiZTMtNDY4Mi1hZjgyLTJhMWNjZTdkMmM2 NS8xLzEtaHNrZU5fZzh6b25peFAwTGRNWllCMWplS2cuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwRQYIKwYBBQUHAQcBAf8ENjA0MBoEAgABMBQwDAMEA1fv CAMEAFfvCgMEAlfvDDAWBAIAAjAQAwcAIAEGeAvkAwUDKhPaQDANBgkqhkiG9w0B AQsFAAOCAQEADej4e/t+NF7V16oE1dRUKitJ45Rl8UB++mCYarfkQSTNdFvEyd1Y 8NfXU9pdI3aoK7Ftwb2rgufAXGwWZxhHVYg8nxq0bZs/J9loA5SFys2dWNaFZLxX 7IG3ArOr8lskmaK7mJ+IvIp+DQ8nyHDg9elCem72xg5DDw4MBsenwA51BMyHvwRI o60KLAHSa2LEnXaWQLcvSIN555G425zBSfOHIhjZhaO5CTfOIP1OtwHbMrg6XwEG N9YLHCV8yPtnRBDOzw64igSBpgaG6FEeCCcWH5CMA57eWfk6RL7hU4zrsIXZwu9J 9pfuQXf+F1MAva7526eIjxtqtQIpy+hGxw== -----END CERTIFICATE-----Generated at Mon Jan 26 02:22:26 2026 by rpki-client