This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/CO3NGBtj6lvSDwNx7qgisnxcpZE.roa File: CO3NGBtj6lvSDwNx7qgisnxcpZE.roa (raw, json) Hash identifier: Ta+b1EmbPlRx8CBP3A/a0A01hRd22nzH/W3OVEU0ya4= Subject key identifier: 08:ED:CD:18:1B:63:EA:5B:D2:0F:03:71:EE:A8:22:B2:7C:5C:A5:91 Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba Certificate serial: 019B7AC78E4E21F568AC117D9419DF805F12 Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/CO3NGBtj6lvSDwNx7qgisnxcpZE.roa Signing time: Thu 01 Jan 2026 18:17:36 +0000 ROA not before: Thu 01 Jan 2026 18:17:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47376 IP address blocks: 85.9.86.0/23 maxlen: 23 85.9.116.0/22 maxlen: 22 85.9.116.0/24 maxlen: 24 85.9.117.0/24 maxlen: 24 85.9.119.0/24 maxlen: 24 185.131.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.mft rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:8e:4e:21:f5:68:ac:11:7d:94:19:df:80:5f:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba Validity Not Before: Jan 1 18:17:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08edcd181b63ea5bd20f0371eea822b27c5ca591 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d9:d7:50:83:e5:84:7a:e1:a7:e5:b0:30:c3: 1d:c6:ea:bb:0b:8b:5d:18:5b:39:4a:3b:42:b3:07: 54:24:50:bc:a1:fe:ce:72:74:6d:7b:45:07:81:b7: 0d:56:80:0e:9d:a2:61:60:75:c2:62:9f:d2:8d:ee: bc:e4:e2:90:87:c8:ca:43:0f:83:b1:17:bb:0a:56: 8a:bd:34:f2:90:08:f6:10:0e:22:b3:9d:d5:df:18: 9f:44:73:60:37:40:09:8d:a5:b6:bc:d1:60:f4:8f: ca:7a:14:06:ac:af:46:b5:e4:93:7c:1e:15:94:11: 06:d9:33:fa:b5:c6:47:58:3f:60:a1:d9:1d:af:9e: a9:4b:31:84:a5:d8:1e:5f:0c:fe:14:95:cc:1d:16: d2:80:ae:39:c2:84:08:d8:04:74:5e:c7:58:fe:df: 60:52:f3:dd:33:40:c4:23:fd:ff:3c:2c:88:ec:35: 4b:5d:25:82:ca:71:d4:1a:55:6e:a7:72:70:5d:e2: 71:7a:0c:79:f8:ff:ac:4f:b0:b8:f2:60:ef:b3:3b: 84:94:ce:5b:bc:5d:e5:fe:2e:3f:e0:cb:4b:8c:f4: 52:2e:9f:14:23:e4:ff:1d:fd:16:f1:5d:50:bd:d6: 2e:f3:ae:7d:db:83:73:82:fc:cc:84:c5:76:37:60: fc:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:ED:CD:18:1B:63:EA:5B:D2:0F:03:71:EE:A8:22:B2:7C:5C:A5:91 X509v3 Authority Key Identifier: keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/CO3NGBtj6lvSDwNx7qgisnxcpZE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.9.86.0/23 85.9.116.0/22 185.131.29.0/24 Signature Algorithm: sha256WithRSAEncryption 58:c6:c5:7b:09:c4:b8:bb:aa:d7:15:cc:58:6d:db:9a:ad:c9: 5f:99:ab:cf:a8:86:be:cf:86:67:5f:44:93:21:98:c1:58:17: fb:2f:da:07:33:23:8e:6c:b3:7f:7a:dc:df:e8:26:71:17:5b: 02:8d:36:dc:c7:b9:76:87:53:ab:33:c7:94:5f:e3:db:2e:71: 00:ef:55:a6:13:68:5a:ed:86:79:20:c7:db:20:d0:dc:e0:1f: 04:14:29:2f:4b:23:9f:2f:1e:68:0f:11:cb:e7:e0:2b:50:b2: a1:09:27:b6:fc:8b:c8:08:a3:d5:a7:fd:2c:bf:2f:f8:e1:e6: cf:e3:93:1d:30:d6:03:a2:a8:bf:37:88:0b:69:72:49:17:5e: db:b8:9b:cc:8f:27:c9:75:b2:ab:97:0c:4f:c0:de:92:fa:52: 7d:fd:61:07:15:bd:66:5c:5f:66:2e:eb:57:71:6a:50:a4:07: b5:da:34:2c:1f:0d:f4:d4:00:cf:88:82:0f:7f:85:5b:be:b6: 14:b7:cf:07:96:e5:83:83:01:ff:8b:35:f6:81:be:fa:65:2b: f2:2d:89:d4:ec:7a:c5:cd:fe:04:2b:2e:7b:95:b2:c3:ec:21: d2:8c:d3:ce:8c:fc:eb:58:69:28:49:12:85:d0:73:62:5f:16: b9:3a:a0:33 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt6x45OIfVorBF9lBnfgF8SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1 OTVlYmEwHhcNMjYwMTAxMTgxNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOGVkY2QxODFiNjNlYTViZDIwZjAzNzFlZWE4MjJiMjdjNWNhNTkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytnXUIPlhHrhp+WwMMMdxuq7C4td GFs5SjtCswdUJFC8of7OcnRte0UHgbcNVoAOnaJhYHXCYp/Sje685OKQh8jKQw+D sRe7ClaKvTTykAj2EA4is53V3xifRHNgN0AJjaW2vNFg9I/KehQGrK9GteSTfB4V lBEG2TP6tcZHWD9godkdr56pSzGEpdgeXwz+FJXMHRbSgK45woQI2AR0XsdY/t9g UvPdM0DEI/3/PCyI7DVLXSWCynHUGlVup3JwXeJxegx5+P+sT7C48mDvszuElM5b vF3l/i4/4MtLjPRSLp8UI+T/Hf0W8V1QvdYu865924NzgvzMhMV2N2D84QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFAjtzRgbY+pb0g8Dce6oIrJ8XKWRMB8GA1UdIwQY MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt MTA5ODJlMDQwZDUzLzEvQ08zTkdCdGo2bHZTRHdOeDdxZ2lzbnhjcFpFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVQlWAwQC VQl0AwQAuYMdMA0GCSqGSIb3DQEBCwUAA4IBAQBYxsV7CcS4u6rXFcxYbduarclf mavPqIa+z4ZnX0STIZjBWBf7L9oHMyOObLN/etzf6CZxF1sCjTbcx7l2h1OrM8eU X+PbLnEA71WmE2ha7YZ5IMfbINDc4B8EFCkvSyOfLx5oDxHL5+ArULKhCSe2/IvI CKPVp/0svy/44ebP45MdMNYDoqi/N4gLaXJJF17buJvMjyfJdbKrlwxPwN6S+lJ9 /WEHFb1mXF9mLutXcWpQpAe12jQsHw301ADPiIIPf4VbvrYUt88HluWDgwH/izX2 gb76ZSvyLYnU7HrFzf4EKy57lbLD7CHSjNPOjPzrWGkoSRKF0HNiXxa5OqAz -----END CERTIFICATE-----Generated at Sun Jan 11 23:53:25 2026 by rpki-client