This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/2fbcbf-358e-4928-9a84-ce78d4c0642f/1/9THKMpdhKPWxbXYdpErXi3_iU-Q.roa File: 9THKMpdhKPWxbXYdpErXi3_iU-Q.roa (raw, json) Hash identifier: oYGp6JfEMDArlRyb2+6e34bfuaEMbLQs/CMwMB+TL+k= Subject key identifier: F5:31:CA:32:97:61:28:F5:B1:6D:76:1D:A4:4A:D7:8B:7F:E2:53:E4 Certificate issuer: /CN=db2ec22a66b5b24986395feed7fb5b90e28c9be4 Certificate serial: 019BDB9A9D8F9A696F919EAF47E1D525670D Authority key identifier: DB:2E:C2:2A:66:B5:B2:49:86:39:5F:EE:D7:FB:5B:90:E2:8C:9B:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2y7CKma1skmGOV_u1_tbkOKMm-Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/2fbcbf-358e-4928-9a84-ce78d4c0642f/1/9THKMpdhKPWxbXYdpErXi3_iU-Q.roa Signing time: Tue 20 Jan 2026 13:31:41 +0000 ROA not before: Tue 20 Jan 2026 13:31:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3320 IP address blocks: 195.226.216.0/24 maxlen: 24 2a12:5dc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/2fbcbf-358e-4928-9a84-ce78d4c0642f/1/2y7CKma1skmGOV_u1_tbkOKMm-Q.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/2fbcbf-358e-4928-9a84-ce78d4c0642f/1/2y7CKma1skmGOV_u1_tbkOKMm-Q.mft rsync://rpki.ripe.net/repository/DEFAULT/2y7CKma1skmGOV_u1_tbkOKMm-Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:db:9a:9d:8f:9a:69:6f:91:9e:af:47:e1:d5:25:67:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=db2ec22a66b5b24986395feed7fb5b90e28c9be4 Validity Not Before: Jan 20 13:31:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f531ca32976128f5b16d761da44ad78b7fe253e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:09:ad:ac:57:e6:9e:85:fd:fa:1f:de:41:1e: ec:41:ea:bc:72:ed:56:a2:7c:9a:2c:c7:28:c0:bc: 94:36:31:08:1e:d9:1d:8a:71:bf:bc:7f:e1:e5:b0: 93:2a:a3:01:ea:2f:e0:72:82:da:b9:0f:a3:f3:61: 4b:ac:a1:52:a6:fb:e9:f3:c0:7d:8e:02:30:de:6a: 64:28:8d:5c:9b:a8:d1:99:70:8d:1f:f8:09:1f:67: db:5e:e9:29:57:a7:d8:1c:e7:11:bf:17:96:3a:50: 1c:77:03:dc:8e:ee:45:95:06:60:0f:ae:2c:28:5c: 23:03:ed:73:db:ed:d3:90:e1:09:d1:16:e9:b1:aa: e9:af:3f:9f:32:10:b0:81:92:e0:f9:c7:d5:1e:d6: ab:33:43:6d:d8:6a:fb:12:4f:52:87:cd:ff:15:45: 35:6b:8d:53:d8:d9:7b:d7:c1:16:5e:56:fc:80:40: cb:76:5e:b0:b1:15:d0:a7:3f:6c:d2:c7:bc:f6:06: cd:15:46:36:29:af:71:ef:e2:f1:b2:4e:fc:b9:df: cd:8d:62:21:74:a3:9f:f8:70:13:9e:b1:c8:76:f0: 63:cc:b8:29:41:43:50:f8:88:8c:33:6a:f3:f9:68: 78:f3:c7:b1:31:8b:25:8c:e7:9c:45:03:a5:d7:b5: 9e:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:31:CA:32:97:61:28:F5:B1:6D:76:1D:A4:4A:D7:8B:7F:E2:53:E4 X509v3 Authority Key Identifier: keyid:DB:2E:C2:2A:66:B5:B2:49:86:39:5F:EE:D7:FB:5B:90:E2:8C:9B:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2y7CKma1skmGOV_u1_tbkOKMm-Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/2fbcbf-358e-4928-9a84-ce78d4c0642f/1/9THKMpdhKPWxbXYdpErXi3_iU-Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/2fbcbf-358e-4928-9a84-ce78d4c0642f/1/2y7CKma1skmGOV_u1_tbkOKMm-Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.226.216.0/24 IPv6: 2a12:5dc0::/29 Signature Algorithm: sha256WithRSAEncryption a5:6c:84:1c:65:0e:54:bf:e8:0d:63:dd:7f:28:40:6e:6f:2e: 25:8d:0f:fa:d4:ca:6d:3b:d3:e4:9c:fb:d6:fb:53:97:61:3e: 94:15:27:b5:4f:6f:c9:d3:f4:9b:f0:03:91:2e:08:7a:c5:fc: 40:e8:e8:04:0e:5c:9e:c4:35:f6:50:96:60:e2:b8:e7:3b:6c: 9b:79:85:de:3c:0b:82:95:43:83:d8:e8:5e:35:6c:74:50:71: e1:de:15:3b:f3:dd:34:0e:1e:64:f4:73:ac:3f:b5:d1:5c:ca: ed:5e:26:71:14:ac:b5:17:9b:75:7c:d6:b6:ba:07:48:b9:73: bb:26:2e:55:c3:92:09:f3:83:70:ce:c4:d5:05:f5:2b:df:f3: 62:1f:b0:3c:48:aa:3e:85:1d:7e:58:91:71:87:83:d9:1a:9f: b7:64:8f:59:b8:ac:ac:2f:92:fa:fe:7e:c6:be:d0:b6:fe:24: ce:41:c0:e2:ea:8e:64:4e:96:f2:3f:94:2b:f7:04:6d:ba:1f: 5f:9b:0a:95:c0:d6:2c:6c:10:e9:c7:3e:ef:82:cf:1a:eb:c7: 39:25:aa:02:57:59:ea:fe:40:f6:81:93:47:c7:95:cb:03:ca: 50:6f:a1:b1:10:7a:4f:b1:c6:60:63:d7:00:2d:f7:d1:a5:f4: a2:73:09:98 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZvbmp2PmmlvkZ6vR+HVJWcNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRiMmVjMjJhNjZiNWIyNDk4NjM5NWZlZWQ3ZmI1YjkwZTI4 YzliZTQwHhcNMjYwMTIwMTMzMTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNTMxY2EzMjk3NjEyOGY1YjE2ZDc2MWRhNDRhZDc4YjdmZTI1M2U0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAmtrFfmnoX9+h/eQR7sQeq8cu1W onyaLMcowLyUNjEIHtkdinG/vH/h5bCTKqMB6i/gcoLauQ+j82FLrKFSpvvp88B9 jgIw3mpkKI1cm6jRmXCNH/gJH2fbXukpV6fYHOcRvxeWOlAcdwPcju5FlQZgD64s KFwjA+1z2+3TkOEJ0Rbpsarprz+fMhCwgZLg+cfVHtarM0Nt2Gr7Ek9Sh83/FUU1 a41T2Nl718EWXlb8gEDLdl6wsRXQpz9s0se89gbNFUY2Ka9x7+Lxsk78ud/NjWIh dKOf+HATnrHIdvBjzLgpQUNQ+IiMM2rz+Wh488exMYsljOecRQOl17WecQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFPUxyjKXYSj1sW12HaRK14t/4lPkMB8GA1UdIwQY MBaAFNsuwipmtbJJhjlf7tf7W5DijJvkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnk3Q0ttYTFza21HT1ZfdTFfdGJrT0tNbS1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8yZmJjYmYtMzU4ZS00OTI4LTlhODQt Y2U3OGQ0YzA2NDJmLzEvOVRIS01wZGhLUFd4YlhZZHBFclhpM19pVS1RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy8yZmJjYmYtMzU4ZS00OTI4LTlhODQtY2U3OGQ0YzA2NDJm LzEvMnk3Q0ttYTFza21HT1ZfdTFfdGJrT0tNbS1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw+LYMA0E AgACMAcDBQMqEl3AMA0GCSqGSIb3DQEBCwUAA4IBAQClbIQcZQ5Uv+gNY91/KEBu by4ljQ/61MptO9PknPvW+1OXYT6UFSe1T2/J0/Sb8AORLgh6xfxA6OgEDlyexDX2 UJZg4rjnO2ybeYXePAuClUOD2OheNWx0UHHh3hU78900Dh5k9HOsP7XRXMrtXiZx FKy1F5t1fNa2ugdIuXO7Ji5Vw5IJ84NwzsTVBfUr3/NiH7A8SKo+hR1+WJFxh4PZ Gp+3ZI9ZuKysL5L6/n7GvtC2/iTOQcDi6o5kTpbyP5Qr9wRtuh9fmwqVwNYsbBDp xz7vgs8a68c5JaoCV1nq/kD2gZNHx5XLA8pQb6GxEHpPscZgY9cALffRpfSicwmY -----END CERTIFICATE-----Generated at Sun Jan 25 21:02:55 2026 by rpki-client