This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/8dzN450MceNxFZuh40v7FDAkGTQ.roa File: 8dzN450MceNxFZuh40v7FDAkGTQ.roa (raw, json) Hash identifier: BgZesWB7TBZ2ukStYIi5/XRVw/OSfrLbRqY0NDLypP4= Subject key identifier: F1:DC:CD:E3:9D:0C:71:E3:71:15:9B:A1:E3:4B:FB:14:30:24:19:34 Certificate issuer: /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4 Certificate serial: 019B9982F1AD34E823FD19B0849E92C832CC Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/8dzN450MceNxFZuh40v7FDAkGTQ.roa Signing time: Wed 07 Jan 2026 17:30:54 +0000 ROA not before: Wed 07 Jan 2026 17:30:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62651 IP address blocks: 176.67.82.0/24 maxlen: 24 176.67.85.0/24 maxlen: 24 176.67.86.0/24 maxlen: 24 176.67.87.0/24 maxlen: 24 185.91.120.0/23 maxlen: 23 2a05:e9c0:1000::/40 maxlen: 40 2a05:e9c0:1400::/40 maxlen: 40 2a05:e9c0:1800::/40 maxlen: 40 2a05:e9c0:3800::/40 maxlen: 40 2a05:e9c0:4400::/40 maxlen: 40 2a05:e9c0:5000::/40 maxlen: 40 2a05:e9c0:6800::/40 maxlen: 40 2a05:e9c0:7400::/40 maxlen: 40 2a05:e9c0:7800::/40 maxlen: 40 2a05:e9c0:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.mft rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 08:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:99:82:f1:ad:34:e8:23:fd:19:b0:84:9e:92:c8:32:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4 Validity Not Before: Jan 7 17:30:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f1dccde39d0c71e371159ba1e34bfb1430241934 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e0:4a:fc:89:a9:32:5a:86:ac:a3:c4:01:87: 1b:5c:f3:b0:59:08:9d:bd:01:97:61:4a:13:14:27: b5:a5:de:37:8f:f1:f3:0d:ce:a5:88:57:88:10:08: ca:da:1a:9b:66:b2:f6:ab:99:de:2a:e3:c5:16:43: 62:a8:5a:c7:ff:b5:ca:f9:1b:71:cf:ad:16:7f:69: fe:64:94:a0:c3:50:8c:51:cd:d3:bc:db:cd:ef:8d: fd:9a:6e:91:a3:42:33:85:bb:bc:50:f8:f5:a5:c0: ee:73:9a:bf:90:ba:0e:02:86:04:b8:ef:3f:0e:41: 56:29:ec:9d:57:ad:1b:3c:de:e3:82:81:33:36:7a: e9:29:4e:a7:5a:61:00:01:32:da:c0:67:5e:e0:d2: c8:fe:4b:f6:8d:d6:d4:69:86:bb:4b:0f:c5:89:57: 4a:72:c4:16:a3:ed:c2:e7:8b:37:a5:cf:78:d6:0a: e7:36:34:dd:d3:9d:2d:6c:b3:b1:7b:88:70:28:2e: da:f9:49:83:34:81:d6:88:50:64:ab:a8:27:b8:c8: 4b:43:64:8b:34:67:f0:51:e7:f3:0b:3f:cd:82:f9: cb:83:01:7d:d9:4f:39:69:8e:8e:8c:40:59:ab:0f: 01:38:b8:9b:de:04:60:e9:62:b2:96:c5:65:db:7d: ce:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:DC:CD:E3:9D:0C:71:E3:71:15:9B:A1:E3:4B:FB:14:30:24:19:34 X509v3 Authority Key Identifier: keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/8dzN450MceNxFZuh40v7FDAkGTQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.67.82.0/24 176.67.85.0-176.67.87.255 185.91.120.0/23 IPv6: 2a05:e9c0:1000::/40 2a05:e9c0:1400::/40 2a05:e9c0:1800::/40 2a05:e9c0:3800::/40 2a05:e9c0:4400::/40 2a05:e9c0:5000::/40 2a05:e9c0:6800::/40 2a05:e9c0:7400::/40 2a05:e9c0:7800::/40 2a05:e9c0:8800::/40 Signature Algorithm: sha256WithRSAEncryption a7:a7:fc:0e:ac:ae:bf:37:ac:09:b9:cb:80:30:90:ed:69:e6: f2:79:df:14:04:ad:a1:81:59:17:cb:2f:af:72:94:7e:42:c4: 00:c4:5b:df:99:40:c6:ab:8f:78:71:fd:43:3d:f6:12:79:d3: 12:c5:d5:3e:99:13:46:51:d5:e8:74:78:82:78:33:98:9b:37: 45:43:f7:1f:81:76:7c:91:a5:a1:13:ec:85:b2:24:f8:67:67: 16:a7:b6:6b:be:84:26:0f:6b:06:36:39:24:be:54:12:a7:42: 01:86:1f:2d:31:88:6d:d6:b2:7c:b1:2b:83:fd:a6:75:36:60: fa:af:83:0c:a9:c8:84:6d:c6:8e:2d:84:bc:cb:4a:38:4b:40: a7:66:cd:d1:64:41:1a:38:df:ac:52:d8:6a:b5:0a:fd:e5:27: d6:60:86:22:78:fa:84:59:0f:b4:0d:47:95:e8:19:4d:56:09: b4:82:9c:55:13:97:6c:6b:16:19:e1:0d:0e:ff:40:ba:b9:1f: 6a:bf:75:c7:75:1e:8e:ab:f8:5d:bb:1c:88:5a:72:54:95:8b: 3d:9f:18:13:52:35:00:d2:23:14:f4:4a:93:16:74:06:76:00: 8a:90:38:e9:c6:dd:c9:74:a6:dd:61:cf:87:34:c4:18:00:93: 50:bc:82:49 -----BEGIN CERTIFICATE----- MIIFajCCBFKgAwIBAgISAZuZgvGtNOgj/RmwhJ6SyDLMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3 YzczYTQwHhcNMjYwMTA3MTczMDU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMWRjY2RlMzlkMGM3MWUzNzExNTliYTFlMzRiZmIxNDMwMjQxOTM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueBK/ImpMlqGrKPEAYcbXPOwWQid vQGXYUoTFCe1pd43j/HzDc6liFeIEAjK2hqbZrL2q5neKuPFFkNiqFrH/7XK+Rtx z60Wf2n+ZJSgw1CMUc3TvNvN7439mm6Ro0Izhbu8UPj1pcDuc5q/kLoOAoYEuO8/ DkFWKeydV60bPN7jgoEzNnrpKU6nWmEAATLawGde4NLI/kv2jdbUaYa7Sw/FiVdK csQWo+3C54s3pc941grnNjTd050tbLOxe4hwKC7a+UmDNIHWiFBkq6gnuMhLQ2SL NGfwUefzCz/NgvnLgwF92U85aY6OjEBZqw8BOLib3gRg6WKylsVl233OlQIDAQAB o4ICdjCCAnIwHQYDVR0OBBYEFPHczeOdDHHjcRWboeNL+xQwJBk0MB8GA1UdIwQY MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt ODQwY2NiMzRiM2Y1LzEvOGR6TjQ1ME1jZU54Rlp1aDQwdjdGREFrR1RRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1 LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowIAQCAAEwGgMEALBDUjAM AwQAsENVAwQDsENQAwQBuVt4MFYEAgACMFADBgAqBenAEAMGACoF6cAUAwYAKgXp wBgDBgAqBenAOAMGACoF6cBEAwYAKgXpwFADBgAqBenAaAMGACoF6cB0AwYAKgXp wHgDBgAqBenAiDANBgkqhkiG9w0BAQsFAAOCAQEAp6f8DqyuvzesCbnLgDCQ7Wnm 8nnfFAStoYFZF8svr3KUfkLEAMRb35lAxquPeHH9Qz32EnnTEsXVPpkTRlHV6HR4 gngzmJs3RUP3H4F2fJGloRPshbIk+GdnFqe2a76EJg9rBjY5JL5UEqdCAYYfLTGI bdayfLErg/2mdTZg+q+DDKnIhG3Gji2EvMtKOEtAp2bN0WRBGjjfrFLYarUK/eUn 1mCGInj6hFkPtA1HlegZTVYJtIKcVROXbGsWGeENDv9Aurkfar91x3Uejqv4Xbsc iFpyVJWLPZ8YE1I1ANIjFPRKkxZ0BnYAipA46cbdyXSm3WHPhzTEGACTULyCSQ== -----END CERTIFICATE-----Generated at Sun Jan 25 19:02:41 2026 by rpki-client