This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/9RHmDDSrz_TVDy-BB9jwxctiETg.roa File: 9RHmDDSrz_TVDy-BB9jwxctiETg.roa (raw, json) Hash identifier: aSoHx1cw90YD5oFMHiMAaXrr40QHCrlwJm1tiyZ2AA8= Subject key identifier: F5:11:E6:0C:34:AB:CF:F4:D5:0F:2F:81:07:D8:F0:C5:CB:62:11:38 Certificate issuer: /CN=19b390b62d09950d500cd6bbbd78d0390560ec42 Certificate serial: 019B78A27325A9A69EC84C49D137F7558DA5 Authority key identifier: 19:B3:90:B6:2D:09:95:0D:50:0C:D6:BB:BD:78:D0:39:05:60:EC:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GbOQti0JlQ1QDNa7vXjQOQVg7EI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/9RHmDDSrz_TVDy-BB9jwxctiETg.roa Signing time: Thu 01 Jan 2026 08:17:50 +0000 ROA not before: Thu 01 Jan 2026 08:17:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200474 IP address blocks: 185.133.240.0/23 maxlen: 24 2a05:fbe0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/GbOQti0JlQ1QDNa7vXjQOQVg7EI.crl rsync://rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/GbOQti0JlQ1QDNa7vXjQOQVg7EI.mft rsync://rpki.ripe.net/repository/DEFAULT/GbOQti0JlQ1QDNa7vXjQOQVg7EI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 02:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:73:25:a9:a6:9e:c8:4c:49:d1:37:f7:55:8d:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=19b390b62d09950d500cd6bbbd78d0390560ec42 Validity Not Before: Jan 1 08:17:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f511e60c34abcff4d50f2f8107d8f0c5cb621138 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a3:b9:ce:ad:1e:b9:29:d3:23:de:19:5e:14: 79:52:b6:9f:18:72:7d:59:64:c1:63:38:96:78:ce: 7e:44:8d:f0:26:f7:ae:55:cd:35:fa:14:cc:0d:7f: 4e:6b:19:a7:24:65:2d:85:64:c5:48:b4:e0:11:53: 15:ab:f6:a7:be:c0:b2:2e:8c:d4:73:a8:87:60:54: e8:0c:2f:7c:1b:b8:0d:50:76:9d:f6:af:48:c1:2e: 0b:0a:5e:e6:a7:41:21:13:a3:c8:43:91:ea:a1:8b: 29:01:7d:a8:31:93:bf:59:61:b4:76:8d:52:f8:03: b6:9b:bb:e4:bc:2a:1b:fc:a5:06:e8:0b:86:d9:ad: 8e:94:79:66:40:b4:12:ef:fe:89:a1:9f:99:45:52: 9f:6c:5a:ca:40:8a:75:5d:5e:75:04:17:e7:7b:4e: 46:72:c1:08:6b:7d:d4:31:cb:0d:7b:22:00:78:9e: 30:2e:ea:0e:89:33:cf:4b:50:2f:db:08:e9:2f:47: 7a:28:99:f9:3a:50:a4:a7:9b:d0:ae:98:e9:e2:46: 9e:fb:1c:ab:26:5a:41:a3:96:86:96:d3:5e:0b:91: b5:bb:5b:4b:3d:59:7e:fe:92:e3:00:84:cc:bc:8a: 97:52:5b:ba:aa:c5:33:fa:19:69:4f:26:4b:78:ed: 12:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:11:E6:0C:34:AB:CF:F4:D5:0F:2F:81:07:D8:F0:C5:CB:62:11:38 X509v3 Authority Key Identifier: keyid:19:B3:90:B6:2D:09:95:0D:50:0C:D6:BB:BD:78:D0:39:05:60:EC:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbOQti0JlQ1QDNa7vXjQOQVg7EI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/9RHmDDSrz_TVDy-BB9jwxctiETg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/GbOQti0JlQ1QDNa7vXjQOQVg7EI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.133.240.0/23 IPv6: 2a05:fbe0::/32 Signature Algorithm: sha256WithRSAEncryption 1f:01:45:39:12:90:f3:42:d8:6b:80:db:84:c7:4b:7f:4d:37: 14:af:46:4c:82:18:03:59:dd:8b:74:fe:dd:f7:89:8c:1a:c6: b0:81:ba:c9:c5:d8:40:40:e6:06:59:d8:59:e5:f7:45:e9:47: dd:12:03:62:e0:cf:7c:3c:c9:75:92:97:18:7d:35:84:6f:ca: 09:6e:59:ca:5d:b2:32:ec:53:17:ad:53:8f:6f:36:25:73:ad: 0c:28:e3:4c:9f:94:94:80:f3:a6:0e:f2:a8:44:ac:a4:79:2c: 42:d9:6b:f4:08:06:f0:5f:a6:ea:73:18:ed:8c:56:33:cb:8b: af:7d:8c:2f:92:fe:6c:33:1e:5f:f5:a9:f3:d4:64:37:9b:c7: 13:1d:35:4b:27:3d:51:85:50:cc:25:2a:6e:a2:cb:3c:ed:bd: 1f:17:7a:e9:09:e7:2f:3e:4a:53:95:9a:89:4e:ba:81:c9:63: b3:7c:54:28:74:48:94:30:b9:44:e0:e5:84:a7:f4:f6:7a:a6: 98:b9:32:c3:bc:ac:7a:ab:6a:e1:ee:0b:81:2c:87:a0:0d:87: 96:ab:2f:1c:86:25:7e:91:23:bb:6f:9b:22:30:22:0e:b2:91: 5f:48:c0:c1:07:89:c6:9d:6b:35:9a:3c:f1:c8:11:bf:b5:e4: f5:f7:74:34 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4onMlqaaeyExJ0Tf3VY2lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE5YjM5MGI2MmQwOTk1MGQ1MDBjZDZiYmJkNzhkMDM5MDU2 MGVjNDIwHhcNMjYwMTAxMDgxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNTExZTYwYzM0YWJjZmY0ZDUwZjJmODEwN2Q4ZjBjNWNiNjIxMTM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaO5zq0euSnTI94ZXhR5UrafGHJ9 WWTBYziWeM5+RI3wJveuVc01+hTMDX9OaxmnJGUthWTFSLTgEVMVq/anvsCyLozU c6iHYFToDC98G7gNUHad9q9IwS4LCl7mp0EhE6PIQ5HqoYspAX2oMZO/WWG0do1S +AO2m7vkvCob/KUG6AuG2a2OlHlmQLQS7/6JoZ+ZRVKfbFrKQIp1XV51BBfne05G csEIa33UMcsNeyIAeJ4wLuoOiTPPS1Av2wjpL0d6KJn5OlCkp5vQrpjp4kae+xyr JlpBo5aGltNeC5G1u1tLPVl+/pLjAITMvIqXUlu6qsUz+hlpTyZLeO0SmQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFPUR5gw0q8/01Q8vgQfY8MXLYhE4MB8GA1UdIwQY MBaAFBmzkLYtCZUNUAzWu7140DkFYOxCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR2JPUXRpMEpsUTFRRE5hN3ZYalFPUVZnN0VJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9iMzE1ODYtMzU2Ni00N2IwLTk1Y2Mt MTQ0ZDc0NzNlYTU5LzEvOVJIbUREU3J6X1RWRHktQkI5and4Y3RpRVRnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy9iMzE1ODYtMzU2Ni00N2IwLTk1Y2MtMTQ0ZDc0NzNlYTU5 LzEvR2JPUXRpMEpsUTFRRE5hN3ZYalFPUVZnN0VJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuYXwMA0E AgACMAcDBQAqBfvgMA0GCSqGSIb3DQEBCwUAA4IBAQAfAUU5EpDzQthrgNuEx0t/ TTcUr0ZMghgDWd2LdP7d94mMGsawgbrJxdhAQOYGWdhZ5fdF6UfdEgNi4M98PMl1 kpcYfTWEb8oJblnKXbIy7FMXrVOPbzYlc60MKONMn5SUgPOmDvKoRKykeSxC2Wv0 CAbwX6bqcxjtjFYzy4uvfYwvkv5sMx5f9anz1GQ3m8cTHTVLJz1RhVDMJSpuoss8 7b0fF3rpCecvPkpTlZqJTrqByWOzfFQodEiUMLlE4OWEp/T2eqaYuTLDvKx6q2rh 7guBLIegDYeWqy8chiV+kSO7b5siMCIOspFfSMDBB4nGnWs1mjzxyBG/teT193Q0 -----END CERTIFICATE-----Generated at Fri Jan 2 09:49:55 2026 by rpki-client