This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/8q9oSsZ4UYUMrh0rSwaxnqwZWJ4.roa File: 8q9oSsZ4UYUMrh0rSwaxnqwZWJ4.roa (raw, json) Hash identifier: UZuk/CP3WSM3LGuW3AkAPL5k1plOMJu2aZscVLHOeSY= Subject key identifier: F2:AF:68:4A:C6:78:51:85:0C:AE:1D:2B:4B:06:B1:9E:AC:19:58:9E Certificate issuer: /CN=df8877f3c55b528e1a29db3d79920656f0c66aeb Certificate serial: 019B7A5A90108CA7F293C79626EBEC4B00ED Authority key identifier: DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/8q9oSsZ4UYUMrh0rSwaxnqwZWJ4.roa Signing time: Thu 01 Jan 2026 16:18:34 +0000 ROA not before: Thu 01 Jan 2026 16:18:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21183 IP address blocks: 66.186.198.0/23 maxlen: 24 80.78.64.0/20 maxlen: 20 91.132.172.0/22 maxlen: 22 109.69.0.0/21 maxlen: 21 109.69.0.0/24 maxlen: 24 109.69.1.0/24 maxlen: 24 109.69.2.0/24 maxlen: 24 109.69.3.0/24 maxlen: 24 109.69.4.0/23 maxlen: 23 109.69.5.0/24 maxlen: 24 109.69.6.0/24 maxlen: 24 109.69.7.0/24 maxlen: 24 141.98.140.0/22 maxlen: 24 185.62.174.0/23 maxlen: 23 185.200.212.0/22 maxlen: 22 217.73.128.0/20 maxlen: 20 217.73.128.0/24 maxlen: 24 217.73.129.0/24 maxlen: 24 217.73.130.0/24 maxlen: 24 217.73.131.0/24 maxlen: 24 217.73.132.0/24 maxlen: 24 217.73.133.0/24 maxlen: 24 217.73.135.0/24 maxlen: 24 217.73.136.0/24 maxlen: 24 217.73.137.0/24 maxlen: 24 217.73.138.0/24 maxlen: 24 217.73.139.0/24 maxlen: 24 217.73.141.0/24 maxlen: 24 217.73.142.0/24 maxlen: 24 217.73.143.0/24 maxlen: 24 2a04:eb40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.crl rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.mft rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:90:10:8c:a7:f2:93:c7:96:26:eb:ec:4b:00:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df8877f3c55b528e1a29db3d79920656f0c66aeb Validity Not Before: Jan 1 16:18:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f2af684ac67851850cae1d2b4b06b19eac19589e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:40:18:60:17:73:f5:f0:38:22:28:6f:30:1c: 39:06:fd:67:83:1a:78:b5:99:59:84:95:cf:de:ca: 4c:ef:a6:33:81:4d:dc:fa:45:ce:85:8e:16:61:57: 40:dd:eb:aa:68:e2:1c:ff:fd:ff:c8:d7:c8:8d:b4: 6c:e2:70:ce:85:ac:3d:a8:e5:87:7b:c2:42:da:04: 42:bd:36:cd:db:36:65:d7:f1:d1:33:09:8c:7a:63: b6:5a:d0:79:e2:48:b7:99:fe:46:2e:81:cd:85:75: ff:32:4f:7c:03:42:94:94:95:84:a8:c1:07:d2:42: fb:ba:38:8c:c8:0e:6f:ce:23:67:cd:79:1f:b4:f2: 5e:26:61:c2:57:d4:bb:17:07:f7:b7:67:3f:87:04: a6:8a:97:ea:ba:61:3c:08:ad:a2:68:b4:b0:84:e9: c9:a7:da:36:f7:c5:d4:69:53:37:e2:97:b0:2f:6a: db:9e:b5:dd:5a:4a:5a:ff:71:43:fe:28:c5:96:cf: 09:7d:f7:66:51:9b:5d:68:97:07:8a:20:e2:24:19: 5d:e4:d9:57:09:7c:0e:cb:0e:ed:f4:9f:90:70:c8: f2:4e:f0:73:4f:4e:8b:be:00:47:aa:67:12:ff:06: c8:9f:95:93:f0:64:ba:ee:53:fd:dd:20:83:ac:9c: b7:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:AF:68:4A:C6:78:51:85:0C:AE:1D:2B:4B:06:B1:9E:AC:19:58:9E X509v3 Authority Key Identifier: keyid:DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/8q9oSsZ4UYUMrh0rSwaxnqwZWJ4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 66.186.198.0/23 80.78.64.0/20 91.132.172.0/22 109.69.0.0/21 141.98.140.0/22 185.62.174.0/23 185.200.212.0/22 217.73.128.0/20 IPv6: 2a04:eb40::/29 Signature Algorithm: sha256WithRSAEncryption 18:a2:ee:d3:a5:8f:24:c0:9d:84:03:2c:5b:74:c4:45:8f:15: c6:6d:fd:52:47:db:c9:c5:aa:3a:e0:72:4c:8a:5e:82:43:7a: 59:d3:4c:05:ff:be:c1:ef:de:eb:6b:f3:25:a0:fa:72:49:4e: 1b:e2:b0:d8:2a:74:62:ad:26:30:73:d0:02:34:1e:b4:c7:95: be:62:7f:67:79:0b:a3:ab:da:74:88:b1:a5:dc:05:a6:23:de: f2:5a:57:d3:8f:93:b1:d3:c6:a1:41:ea:5b:b0:56:d1:ab:6f: ab:eb:11:60:f7:09:6d:22:18:d4:3f:5d:22:b3:09:46:6e:4a: 81:be:a5:f7:d9:97:96:20:70:15:32:74:3b:86:34:e6:62:55: 7f:b3:85:ae:4f:d6:d9:46:e5:80:2d:49:3e:65:77:ea:42:de: e2:48:85:8c:8b:07:44:49:80:8e:68:e8:26:17:3b:ab:07:d2: 14:f4:ab:44:8f:f1:6f:da:1f:4c:37:45:17:c6:d0:97:a2:98: 50:3d:9d:85:3a:bd:e4:2f:25:81:8f:7e:5b:79:35:60:de:dc: c9:ca:c0:33:d6:db:ad:dd:d2:f7:6a:39:f4:24:ac:b9:68:1a: a7:60:a7:b8:ca:e9:8d:e8:aa:47:c7:8d:bf:ce:72:98:85:60: 41:0e:cb:ea -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZt6WpAQjKfyk8eWJuvsSwDtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmODg3N2YzYzU1YjUyOGUxYTI5ZGIzZDc5OTIwNjU2ZjBj NjZhZWIwHhcNMjYwMTAxMTYxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMmFmNjg0YWM2Nzg1MTg1MGNhZTFkMmI0YjA2YjE5ZWFjMTk1ODllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEAYYBdz9fA4IihvMBw5Bv1ngxp4 tZlZhJXP3spM76YzgU3c+kXOhY4WYVdA3euqaOIc//3/yNfIjbRs4nDOhaw9qOWH e8JC2gRCvTbN2zZl1/HRMwmMemO2WtB54ki3mf5GLoHNhXX/Mk98A0KUlJWEqMEH 0kL7ujiMyA5vziNnzXkftPJeJmHCV9S7Fwf3t2c/hwSmipfqumE8CK2iaLSwhOnJ p9o298XUaVM34pewL2rbnrXdWkpa/3FD/ijFls8JffdmUZtdaJcHiiDiJBld5NlX CXwOyw7t9J+QcMjyTvBzT06LvgBHqmcS/wbIn5WT8GS67lP93SCDrJy3MQIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFPKvaErGeFGFDK4dK0sGsZ6sGVieMB8GA1UdIwQY MBaAFN+Id/PFW1KOGinbPXmSBlbwxmrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODkt MjU0NTVhOGRkZDQ1LzEvOHE5b1NzWjRVWVVNcmgwclN3YXhucXdaV0o0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODktMjU0NTVhOGRkZDQ1 LzEvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQBQrrGAwQE UE5AAwQCW4SsAwQDbUUAAwQCjWKMAwQBuT6uAwQCucjUAwQE2UmAMA0EAgACMAcD BQMqBOtAMA0GCSqGSIb3DQEBCwUAA4IBAQAYou7TpY8kwJ2EAyxbdMRFjxXGbf1S R9vJxao64HJMil6CQ3pZ00wF/77B797ra/MloPpySU4b4rDYKnRirSYwc9ACNB60 x5W+Yn9neQujq9p0iLGl3AWmI97yWlfTj5Ox08ahQepbsFbRq2+r6xFg9wltIhjU P10iswlGbkqBvqX32ZeWIHAVMnQ7hjTmYlV/s4WuT9bZRuWALUk+ZXfqQt7iSIWM iwdESYCOaOgmFzurB9IU9KtEj/Fv2h9MN0UXxtCXophQPZ2FOr3kLyWBj35beTVg 3tzJysAz1tut3dL3ajn0JKy5aBqnYKe4yumN6KpHx42/znKYhWBBDsvq -----END CERTIFICATE-----Generated at Mon Jan 26 12:22:20 2026 by rpki-client