This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/1Q9fXglvsAmLyk7oBnnGROcZ55Q.roa File: 1Q9fXglvsAmLyk7oBnnGROcZ55Q.roa (raw, json) Hash identifier: 8sGtUkhkFlICQ8XRP+JZAkWRdlSZS/aRM+3p/w/Efdw= Subject key identifier: D5:0F:5F:5E:09:6F:B0:09:8B:CA:4E:E8:06:79:C6:44:E7:19:E7:94 Certificate issuer: /CN=8ebb0eb19e7777d7038000f6c12d39ded1204242 Certificate serial: 019B7DCAEBA55F793EA22657F689832BFAD4 Authority key identifier: 8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/1Q9fXglvsAmLyk7oBnnGROcZ55Q.roa Signing time: Fri 02 Jan 2026 08:20:09 +0000 ROA not before: Fri 02 Jan 2026 08:20:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43099 IP address blocks: 91.194.66.0/23 maxlen: 24 2001:67c:a2c::/48 maxlen: 56 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.mft rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 20:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:eb:a5:5f:79:3e:a2:26:57:f6:89:83:2b:fa:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8ebb0eb19e7777d7038000f6c12d39ded1204242 Validity Not Before: Jan 2 08:20:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d50f5f5e096fb0098bca4ee80679c644e719e794 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:33:15:3c:95:49:9f:90:62:18:24:77:d3:5b: 71:7c:00:85:a7:bb:a1:51:4f:48:8a:db:e9:49:b6: 52:8a:53:29:56:f3:fa:95:00:a7:9c:0c:a5:52:8e: 98:a1:d4:fb:9c:ae:d6:77:99:eb:68:f1:59:1f:32: 28:8b:b1:a7:c1:54:c2:6a:74:97:b1:20:f0:11:a3: 59:01:fd:f3:2a:7a:cc:cc:1d:5c:b2:fc:36:2c:4c: b1:30:8f:45:6f:67:70:f6:9d:98:75:05:9a:67:2c: ee:b9:56:34:fd:4c:d6:59:01:3f:e2:68:23:5d:af: a4:a4:57:30:f7:90:ee:3b:a5:4d:1b:fa:11:7f:57: 85:e4:6a:00:6a:f1:35:bd:49:d9:a7:f5:f6:7c:7d: 06:4f:bb:10:d6:bc:e2:34:18:3e:e6:fc:a0:06:3d: d1:ab:11:9b:1c:4b:52:62:d0:e8:e5:5a:b0:e6:81: f2:da:6c:16:f5:28:cc:4c:79:77:e9:73:47:db:c5: 4d:83:6d:96:81:da:24:72:3b:8b:80:44:03:3b:df: f5:46:97:d6:7c:49:ce:25:58:ae:fb:cf:da:8d:52: eb:37:62:29:c0:ef:15:95:ed:51:a7:ff:d2:bd:5f: 56:7b:33:80:8e:ef:fd:78:a2:2c:aa:cf:f7:27:b6: 22:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:0F:5F:5E:09:6F:B0:09:8B:CA:4E:E8:06:79:C6:44:E7:19:E7:94 X509v3 Authority Key Identifier: keyid:8E:BB:0E:B1:9E:77:77:D7:03:80:00:F6:C1:2D:39:DE:D1:20:42:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrsOsZ53d9cDgAD2wS053tEgQkI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/1Q9fXglvsAmLyk7oBnnGROcZ55Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/3b157d-8196-4e40-ab36-15141c66854d/1/jrsOsZ53d9cDgAD2wS053tEgQkI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.194.66.0/23 IPv6: 2001:67c:a2c::/48 Signature Algorithm: sha256WithRSAEncryption ae:7f:7d:e7:09:d1:76:00:30:ad:76:20:fd:5f:1a:ac:df:30: e0:22:a9:01:50:6c:24:06:a2:14:53:ff:35:cf:38:06:12:c6: 1a:eb:18:60:47:6d:c1:5d:a6:b1:ed:8d:06:52:89:b4:3b:e1: 75:c0:8d:ce:3d:43:43:27:83:cc:98:79:5c:ed:ef:6d:76:e4: da:5d:dc:56:71:2e:26:84:bf:b2:6d:b5:ab:26:78:d2:6e:ad: 5b:45:ff:58:f9:44:f4:35:4a:3f:80:c4:22:1d:89:63:5c:2f: 2c:ef:53:39:da:89:5a:c3:72:29:76:a4:82:e6:ad:6f:ba:12: 33:50:00:01:9c:43:50:fb:9d:fc:da:79:ad:09:f4:00:bb:c2: b9:79:3f:2a:0d:d8:2c:1f:e1:28:b8:6b:b7:8d:c7:8a:b9:36: e4:9d:82:c5:34:3c:26:9d:d8:50:1e:ac:c6:17:af:a3:34:5b: 30:dd:05:d7:5f:fe:e7:98:7e:1c:34:02:41:68:ea:bf:61:07: 24:c1:5b:57:9b:77:8f:9e:0f:7f:58:2f:c3:21:8e:56:5b:55: 2b:5a:41:33:09:b1:c9:fc:52:da:57:3a:7d:8b:d7:fe:87:f3: e6:13:08:5c:d5:88:17:6a:aa:95:61:b0:27:67:f7:26:9e:2e: 7c:79:f8:ad -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt9yuulX3k+oiZX9omDK/rUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlYmIwZWIxOWU3Nzc3ZDcwMzgwMDBmNmMxMmQzOWRlZDEy MDQyNDIwHhcNMjYwMTAyMDgyMDA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNTBmNWY1ZTA5NmZiMDA5OGJjYTRlZTgwNjc5YzY0NGU3MTllNzk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8TMVPJVJn5BiGCR301txfACFp7uh UU9IitvpSbZSilMpVvP6lQCnnAylUo6YodT7nK7Wd5nraPFZHzIoi7GnwVTCanSX sSDwEaNZAf3zKnrMzB1csvw2LEyxMI9Fb2dw9p2YdQWaZyzuuVY0/UzWWQE/4mgj Xa+kpFcw95DuO6VNG/oRf1eF5GoAavE1vUnZp/X2fH0GT7sQ1rziNBg+5vygBj3R qxGbHEtSYtDo5Vqw5oHy2mwW9SjMTHl36XNH28VNg22WgdokcjuLgEQDO9/1RpfW fEnOJViu+8/ajVLrN2IpwO8Vle1Rp//SvV9WezOAju/9eKIsqs/3J7YiHwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFNUPX14Jb7AJi8pO6AZ5xkTnGeeUMB8GA1UdIwQY MBaAFI67DrGed3fXA4AA9sEtOd7RIEJCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYt MTUxNDFjNjY4NTRkLzEvMVE5ZlhnbHZzQW1MeWs3b0JubkdST2NaNTVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi8zYjE1N2QtODE5Ni00ZTQwLWFiMzYtMTUxNDFjNjY4NTRk LzEvanJzT3NaNTNkOWNEZ0FEMndTMDUzdEVnUWtJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBW8JCMA8E AgACMAkDBwAgAQZ8CiwwDQYJKoZIhvcNAQELBQADggEBAK5/fecJ0XYAMK12IP1f GqzfMOAiqQFQbCQGohRT/zXPOAYSxhrrGGBHbcFdprHtjQZSibQ74XXAjc49Q0Mn g8yYeVzt72125Npd3FZxLiaEv7JttasmeNJurVtF/1j5RPQ1Sj+AxCIdiWNcLyzv UznaiVrDcil2pILmrW+6EjNQAAGcQ1D7nfzaea0J9AC7wrl5PyoN2Cwf4Si4a7eN x4q5NuSdgsU0PCad2FAerMYXr6M0WzDdBddf/ueYfhw0AkFo6r9hByTBW1ebd4+e D39YL8MhjlZbVStaQTMJscn8UtpXOn2L1/6H8+YTCFzViBdqqpVhsCdn9yaeLnx5 +K0= -----END CERTIFICATE-----Generated at Sat Jan 10 04:20:35 2026 by rpki-client