This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/_yxMDdNQJ6Gep4Y5SiebkN9OZOc.roa File: _yxMDdNQJ6Gep4Y5SiebkN9OZOc.roa (raw, json) Hash identifier: ngJbG5m3YmsYx5tKmvort95IPotFGSUX55NRo92YHuQ= Subject key identifier: FF:2C:4C:0D:D3:50:27:A1:9E:A7:86:39:4A:27:9B:90:DF:4E:64:E7 Certificate issuer: /CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64 Certificate serial: 019B7DCA71F09B34ED604FAD937D39BAC5E2 Authority key identifier: 3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/_yxMDdNQJ6Gep4Y5SiebkN9OZOc.roa Signing time: Fri 02 Jan 2026 08:19:38 +0000 ROA not before: Fri 02 Jan 2026 08:19:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35263 IP address blocks: 86.109.64.0/21 maxlen: 21 86.109.72.0/23 maxlen: 23 2a00:1b90::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/PXud_6rjPsLPGbWtTknB6esdnWQ.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/PXud_6rjPsLPGbWtTknB6esdnWQ.mft rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:71:f0:9b:34:ed:60:4f:ad:93:7d:39:ba:c5:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64 Validity Not Before: Jan 2 08:19:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ff2c4c0dd35027a19ea786394a279b90df4e64e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:35:7c:4b:6c:e2:41:61:8d:c0:04:94:d7:03: b8:c1:05:1d:0e:aa:14:68:39:ca:ec:e2:84:c5:0a: cc:1e:63:07:ac:e9:4f:a4:2f:02:cf:4d:02:b6:45: 1d:a4:c1:1c:f6:d1:54:f2:08:9e:4e:4f:e5:ef:b8: e0:13:76:48:7a:46:2f:00:41:0d:e7:c5:77:35:a6: 81:4f:82:79:d2:42:a0:df:3f:3b:57:08:8a:e2:81: a1:17:27:f9:a7:72:39:a3:1d:71:37:f2:98:cb:35: 96:94:e7:da:82:da:12:d6:29:f4:d3:9b:33:40:53: 53:ed:02:c5:80:f9:83:d3:09:1f:dd:ad:2d:66:52: 80:17:8d:bb:b6:ed:55:c1:35:eb:10:ad:38:e6:38: 2d:a3:3d:dc:84:ba:ff:1f:34:9b:ed:99:9f:ab:00: de:88:06:42:ed:1f:21:00:e1:07:16:c4:dd:c0:00: 31:bf:12:0a:0d:28:75:1b:19:92:8f:af:93:ba:d2: b3:1a:0d:4b:82:82:93:31:c2:9d:60:7a:75:39:fe: b4:f4:5f:03:77:a4:c4:41:9f:07:71:b2:45:ef:62: 52:a5:e4:bb:2a:1a:00:60:21:2a:bd:67:36:f1:b0: cd:9c:01:0d:0e:b7:61:a7:96:0f:4e:3c:2e:27:53: 73:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:2C:4C:0D:D3:50:27:A1:9E:A7:86:39:4A:27:9B:90:DF:4E:64:E7 X509v3 Authority Key Identifier: keyid:3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/_yxMDdNQJ6Gep4Y5SiebkN9OZOc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/PXud_6rjPsLPGbWtTknB6esdnWQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.109.64.0-86.109.73.255 IPv6: 2a00:1b90::/32 Signature Algorithm: sha256WithRSAEncryption 81:ed:c1:67:cb:72:61:98:7d:6a:bd:37:43:5e:4f:4b:40:72: 7f:31:d0:44:c4:d8:68:61:7a:0c:31:30:48:ba:14:ed:a2:37: 08:12:2c:3f:32:8b:06:d4:bb:21:3a:28:69:e0:3a:33:a3:c0: 8b:f2:c0:17:85:77:b2:83:19:d0:63:f5:a8:e4:91:c3:a6:2f: f6:99:00:fc:af:52:78:38:f8:58:04:9c:45:93:f2:46:a8:22: b8:a3:8f:9e:14:48:2a:18:1c:f3:20:8a:5b:41:24:6b:63:2e: 02:5c:fd:6e:06:6f:15:1c:56:86:55:7b:b8:04:e3:1b:96:8e: 28:4b:8c:89:72:90:73:05:5a:bf:ed:a9:a0:29:87:b3:8d:61: 35:5e:be:ca:42:5e:25:91:7f:e5:5c:69:2b:a2:47:79:57:f6: d4:9c:b6:0f:52:21:97:76:bf:4a:1f:73:f9:94:43:09:30:20: 0e:ae:45:28:bd:ba:45:85:fa:26:5b:55:71:2d:d1:dc:48:5b: 84:45:82:6a:51:41:78:8f:83:12:39:b2:e6:1e:7b:98:78:35: 6e:e4:37:59:7e:cc:2e:51:74:a6:6e:b5:2a:09:10:4f:b4:21: 44:f3:0b:df:e0:2c:5f:92:94:80:8d:a3:8a:ff:1b:13:f4:8f: 6f:e2:21:39 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt9ynHwmzTtYE+tk305usXiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkN2I5ZGZmYWFlMzNlYzJjZjE5YjVhZDRlNDljMWU5ZWIx ZDlkNjQwHhcNMjYwMTAyMDgxOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZjJjNGMwZGQzNTAyN2ExOWVhNzg2Mzk0YTI3OWI5MGRmNGU2NGU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTV8S2ziQWGNwASU1wO4wQUdDqoU aDnK7OKExQrMHmMHrOlPpC8Cz00CtkUdpMEc9tFU8gieTk/l77jgE3ZIekYvAEEN 58V3NaaBT4J50kKg3z87VwiK4oGhFyf5p3I5ox1xN/KYyzWWlOfagtoS1in005sz QFNT7QLFgPmD0wkf3a0tZlKAF427tu1VwTXrEK045jgtoz3chLr/HzSb7ZmfqwDe iAZC7R8hAOEHFsTdwAAxvxIKDSh1GxmSj6+TutKzGg1LgoKTMcKdYHp1Of609F8D d6TEQZ8HcbJF72JSpeS7KhoAYCEqvWc28bDNnAENDrdhp5YPTjwuJ1Nz9wIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFP8sTA3TUCehnqeGOUonm5DfTmTnMB8GA1UdIwQY MBaAFD17nf+q4z7Czxm1rU5JwenrHZ1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2Ut NDIyNTIzYzRlNjhiLzEvX3l4TURkTlFKNkdlcDRZNVNpZWJrTjlPWk9jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2UtNDIyNTIzYzRlNjhi LzEvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAZWbUAD BAFWbUgwDQQCAAIwBwMFACoAG5AwDQYJKoZIhvcNAQELBQADggEBAIHtwWfLcmGY fWq9N0NeT0tAcn8x0ETE2GhhegwxMEi6FO2iNwgSLD8yiwbUuyE6KGngOjOjwIvy wBeFd7KDGdBj9ajkkcOmL/aZAPyvUng4+FgEnEWT8kaoIrijj54USCoYHPMgiltB JGtjLgJc/W4GbxUcVoZVe7gE4xuWjihLjIlykHMFWr/tqaAph7ONYTVevspCXiWR f+VcaSuiR3lX9tSctg9SIZd2v0ofc/mUQwkwIA6uRSi9ukWF+iZbVXEt0dxIW4RF gmpRQXiPgxI5suYee5h4NW7kN1l+zC5RdKZutSoJEE+0IUTzC9/gLF+SlICNo4r/ GxP0j2/iITk= -----END CERTIFICATE-----Generated at Sun Jan 25 07:16:05 2026 by rpki-client