This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/P9OMN6vgdLJtD09eskr6MgjyHfg.roa File: P9OMN6vgdLJtD09eskr6MgjyHfg.roa (raw, json) Hash identifier: SopYEJD5bVxHlDcqx6I2t8+qQOHpKjNg8JsM2U0RHno= Subject key identifier: 3F:D3:8C:37:AB:E0:74:B2:6D:0F:4F:5E:B2:4A:FA:32:08:F2:1D:F8 Certificate issuer: /CN=87d38ba12f4629c2131fc60e8950d6c303be7d22 Certificate serial: 019B79ECD21256BBBB9A109398A4B69EDE68 Authority key identifier: 87:D3:8B:A1:2F:46:29:C2:13:1F:C6:0E:89:50:D6:C3:03:BE:7D:22 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/P9OMN6vgdLJtD09eskr6MgjyHfg.roa Signing time: Thu 01 Jan 2026 14:18:41 +0000 ROA not before: Thu 01 Jan 2026 14:18:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212544 IP address blocks: 89.38.212.0/22 maxlen: 22 89.41.184.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.mft rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 14:19:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:d2:12:56:bb:bb:9a:10:93:98:a4:b6:9e:de:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87d38ba12f4629c2131fc60e8950d6c303be7d22 Validity Not Before: Jan 1 14:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3fd38c37abe074b26d0f4f5eb24afa3208f21df8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:8d:34:6f:66:66:da:b0:e8:f5:7f:56:2e:9c: 1d:02:81:58:54:11:1b:ac:a3:21:f0:84:b0:59:a6: f5:61:47:7e:06:8b:92:c0:b1:2b:f8:74:f5:22:c9: c4:cb:94:bf:c2:4d:9b:23:e2:6a:67:58:f6:a1:eb: 42:c6:ad:ed:64:64:d0:41:92:76:c6:50:38:a5:fd: 28:64:b5:7b:11:85:0e:38:5e:3d:84:89:23:6d:32: 29:2b:83:fc:b4:a7:b3:63:e3:7a:c5:26:e7:aa:ab: df:89:74:4d:cb:12:31:cd:4a:5a:18:a4:e9:7b:50: c0:21:bc:49:91:c1:a5:78:f7:c2:ed:72:ab:96:99: d0:4d:51:bc:11:9e:81:ab:8b:3d:19:39:34:52:5c: e4:ef:a3:ba:6c:2d:cb:b9:74:be:ff:2d:76:d3:23: 38:f3:2b:f0:1b:ae:46:c3:3e:3f:a1:dd:2f:17:93: f4:b8:32:01:9e:dc:39:43:fb:63:0c:b7:ba:5b:3e: 68:28:9d:ac:98:de:dc:1f:be:49:2e:fe:a1:4f:dd: 52:b9:23:05:be:d5:07:40:2e:2c:65:1a:54:36:c8: 46:4d:bc:e0:71:2a:88:31:29:95:fa:84:b1:ce:ea: 07:da:61:ec:6f:fb:3f:3e:82:36:bd:82:b6:64:53: 39:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:D3:8C:37:AB:E0:74:B2:6D:0F:4F:5E:B2:4A:FA:32:08:F2:1D:F8 X509v3 Authority Key Identifier: keyid:87:D3:8B:A1:2F:46:29:C2:13:1F:C6:0E:89:50:D6:C3:03:BE:7D:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h9OLoS9GKcITH8YOiVDWwwO-fSI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/P9OMN6vgdLJtD09eskr6MgjyHfg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d2141-ecb8-4289-9669-fd55c58edaf7/1/h9OLoS9GKcITH8YOiVDWwwO-fSI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.38.212.0/22 89.41.184.0/22 Signature Algorithm: sha256WithRSAEncryption 58:c5:fe:04:d3:0a:d3:ff:e0:44:a7:a1:2e:e9:64:1a:cf:ff: ac:6e:6e:06:40:3f:b5:8a:55:b7:03:3a:6e:02:50:ab:b7:0f: cc:e3:d2:01:5b:69:71:4f:01:a2:8a:e7:4e:db:05:eb:cf:e5: bc:e1:58:d1:1a:bd:ae:7b:1c:9d:f9:23:4b:39:46:68:eb:2f: fc:bb:4d:b6:eb:40:41:00:f8:b0:d0:16:95:de:7f:74:a4:82: 33:e5:8b:41:5f:f0:0f:e4:b2:e3:fa:8c:6f:ac:e6:16:3c:8c: a0:65:0f:e9:0a:3c:06:b3:1c:a7:c2:70:da:d8:25:a9:26:b0: f4:c1:05:8c:9d:fe:7d:a4:e4:92:c4:9f:9a:12:a7:39:66:a9: a2:95:a7:1d:bc:da:9a:73:0e:96:44:97:3c:86:54:7e:a9:9d: e1:43:ec:d1:1f:0c:25:f8:32:8c:d5:45:11:c0:28:5e:a4:78: 23:05:af:d4:4c:28:fb:bf:47:6a:d0:46:6d:74:30:db:db:b8: 19:08:62:c8:e5:a7:35:b6:8d:9f:6e:01:c5:8e:da:5c:2c:68: 22:fe:62:5c:ab:8d:c0:5c:b2:ab:8f:f2:17:13:22:0f:c9:0e: c5:7e:35:5f:fb:9d:86:90:29:e2:ba:68:c8:4a:04:a3:62:95: c6:58:dd:ff -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt57NISVru7mhCTmKS2nt5oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3ZDM4YmExMmY0NjI5YzIxMzFmYzYwZTg5NTBkNmMzMDNi ZTdkMjIwHhcNMjYwMTAxMTQxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZmQzOGMzN2FiZTA3NGIyNmQwZjRmNWViMjRhZmEzMjA4ZjIxZGY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo00b2Zm2rDo9X9WLpwdAoFYVBEb rKMh8ISwWab1YUd+BouSwLEr+HT1IsnEy5S/wk2bI+JqZ1j2oetCxq3tZGTQQZJ2 xlA4pf0oZLV7EYUOOF49hIkjbTIpK4P8tKezY+N6xSbnqqvfiXRNyxIxzUpaGKTp e1DAIbxJkcGlePfC7XKrlpnQTVG8EZ6Bq4s9GTk0Ulzk76O6bC3LuXS+/y120yM4 8yvwG65Gwz4/od0vF5P0uDIBntw5Q/tjDLe6Wz5oKJ2smN7cH75JLv6hT91SuSMF vtUHQC4sZRpUNshGTbzgcSqIMSmV+oSxzuoH2mHsb/s/PoI2vYK2ZFM5fQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFD/TjDer4HSybQ9PXrJK+jII8h34MB8GA1UdIwQY MBaAFIfTi6EvRinCEx/GDolQ1sMDvn0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDIxNDEtZWNiOC00Mjg5LTk2Njkt ZmQ1NWM1OGVkYWY3LzEvUDlPTU42dmdkTEp0RDA5ZXNrcjZNZ2p5SGZnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi8zZDIxNDEtZWNiOC00Mjg5LTk2NjktZmQ1NWM1OGVkYWY3 LzEvaDlPTG9TOUdLY0lUSDhZT2lWRFd3d08tZlNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSbUAwQC WSm4MA0GCSqGSIb3DQEBCwUAA4IBAQBYxf4E0wrT/+BEp6Eu6WQaz/+sbm4GQD+1 ilW3AzpuAlCrtw/M49IBW2lxTwGiiudO2wXrz+W84VjRGr2uexyd+SNLOUZo6y/8 u02260BBAPiw0BaV3n90pIIz5YtBX/AP5LLj+oxvrOYWPIygZQ/pCjwGsxynwnDa 2CWpJrD0wQWMnf59pOSSxJ+aEqc5ZqmilacdvNqacw6WRJc8hlR+qZ3hQ+zRHwwl +DKM1UURwChepHgjBa/UTCj7v0dq0EZtdDDb27gZCGLI5ac1to2fbgHFjtpcLGgi /mJcq43AXLKrj/IXEyIPyQ7FfjVf+52GkCniumjISgSjYpXGWN3/ -----END CERTIFICATE-----Generated at Thu Jan 1 22:37:59 2026 by rpki-client