This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/5G9NBhPDFJnBpV_ODJ-yxnU8F0U.roa File: 5G9NBhPDFJnBpV_ODJ-yxnU8F0U.roa (raw, json) Hash identifier: xl4h6DuoEnDQif85q6/N4TbdIRiCv01AKSy0anUCZ3k= Subject key identifier: E4:6F:4D:06:13:C3:14:99:C1:A5:5F:CE:0C:9F:B2:C6:75:3C:17:45 Certificate issuer: /CN=577c0cd5a4cfd83d491d627d8b0fccb670e81534 Certificate serial: 019B797E4C49142EA670A21789D5FD1816F8 Authority key identifier: 57:7C:0C:D5:A4:CF:D8:3D:49:1D:62:7D:8B:0F:CC:B6:70:E8:15:34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/5G9NBhPDFJnBpV_ODJ-yxnU8F0U.roa Signing time: Thu 01 Jan 2026 12:17:58 +0000 ROA not before: Thu 01 Jan 2026 12:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43766 IP address blocks: 91.147.128.0/23 maxlen: 23 91.147.130.0/24 maxlen: 24 91.147.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.crl rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.mft rsync://rpki.ripe.net/repository/DEFAULT/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 06:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:4c:49:14:2e:a6:70:a2:17:89:d5:fd:18:16:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=577c0cd5a4cfd83d491d627d8b0fccb670e81534 Validity Not Before: Jan 1 12:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e46f4d0613c31499c1a55fce0c9fb2c6753c1745 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:b9:51:7a:3c:16:73:87:61:d8:29:54:42:c7: a0:92:6f:40:b6:12:db:3c:d8:af:6d:22:cc:19:d1: 0c:04:43:74:86:72:ff:65:ed:a5:37:bf:c6:81:8c: fe:03:16:81:e3:7e:87:cc:ed:64:0f:83:ef:70:b6: 09:25:b0:bd:df:1d:67:95:bc:c5:29:58:b4:65:ef: f0:ce:6c:28:83:d7:74:b5:7b:0e:77:65:9c:f5:04: 80:0d:da:bf:75:59:3e:83:7c:45:0e:0a:e0:6c:14: e9:d7:e9:5e:1c:25:85:87:c7:41:21:76:ae:23:5a: d7:85:62:aa:4e:43:77:d0:b4:38:dd:8a:fd:36:bf: 7c:52:17:0b:60:c3:9a:fe:91:6a:56:1a:a8:00:a8: 53:6b:92:9b:2c:c0:d2:46:d2:66:78:e4:29:df:c3: f4:22:9e:ef:23:4a:f3:39:ca:6e:60:64:91:d4:9f: c9:e2:89:e4:c8:79:c4:dc:f9:f8:97:42:e5:65:11: ea:2e:8b:ac:b8:84:7a:15:0d:25:dc:50:bb:a2:3e: 09:19:6a:1c:f1:c1:8a:cf:a1:6f:63:e4:fd:a0:ab: 1f:2d:46:65:12:62:ba:c8:52:50:95:ee:12:1e:4c: 83:ad:9a:af:54:06:aa:5c:13:db:65:56:a1:40:87: c5:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:6F:4D:06:13:C3:14:99:C1:A5:5F:CE:0C:9F:B2:C6:75:3C:17:45 X509v3 Authority Key Identifier: keyid:57:7C:0C:D5:A4:CF:D8:3D:49:1D:62:7D:8B:0F:CC:B6:70:E8:15:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/5G9NBhPDFJnBpV_ODJ-yxnU8F0U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/011b5d-652e-452a-96c9-d8ec2cbcad26/1/V3wM1aTP2D1JHWJ9iw_MtnDoFTQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.147.128.0/22 Signature Algorithm: sha256WithRSAEncryption 1a:38:cd:bd:bf:aa:bd:74:9e:ce:66:a8:11:cd:00:71:ce:50: f0:9c:f6:96:a2:0e:1b:9d:ca:34:8c:31:d5:2d:2f:2b:fa:38: 05:61:c0:22:9a:6f:c5:b5:92:3c:ea:7e:e3:07:1c:ee:7a:a2: 8a:f9:b8:7f:ea:7c:5b:f6:fe:c8:18:82:4f:18:5f:d3:f9:c7: ef:bc:5a:a8:f0:06:66:ba:07:dc:cd:04:1f:7a:70:b7:c1:9c: 02:6f:04:84:d5:d1:b9:d1:10:77:c2:e5:c0:42:5a:66:0d:f2: 84:31:32:90:2e:29:72:ba:ad:2f:e7:f5:b1:21:2e:37:b0:08: e9:82:af:f2:49:a2:4e:c2:7f:12:58:4a:58:60:59:1b:39:b6: 07:9d:24:c2:a4:ed:bd:c1:5c:a6:d4:3f:8f:b5:85:9a:53:7c: 35:33:98:6c:2e:cf:f4:49:6b:4b:58:ec:e2:90:f7:a5:6a:6a: 99:64:e2:b2:10:9d:06:3f:aa:96:da:74:f1:44:dd:e0:21:4c: c1:f2:c1:fc:20:f3:7f:3f:44:f2:dd:5f:bf:e5:59:2b:46:f4: ba:77:58:0d:86:51:b2:b1:b3:43:06:1c:71:2d:7d:d8:95:68: 5e:1d:56:69:02:be:d8:f4:07:73:86:0b:f7:46:e4:5e:f1:59: f3:90:0d:f6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5fkxJFC6mcKIXidX9GBb4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3N2MwY2Q1YTRjZmQ4M2Q0OTFkNjI3ZDhiMGZjY2I2NzBl ODE1MzQwHhcNMjYwMTAxMTIxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNDZmNGQwNjEzYzMxNDk5YzFhNTVmY2UwYzlmYjJjNjc1M2MxNzQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7lRejwWc4dh2ClUQsegkm9AthLb PNivbSLMGdEMBEN0hnL/Ze2lN7/GgYz+AxaB436HzO1kD4PvcLYJJbC93x1nlbzF KVi0Ze/wzmwog9d0tXsOd2Wc9QSADdq/dVk+g3xFDgrgbBTp1+leHCWFh8dBIXau I1rXhWKqTkN30LQ43Yr9Nr98UhcLYMOa/pFqVhqoAKhTa5KbLMDSRtJmeOQp38P0 Ip7vI0rzOcpuYGSR1J/J4onkyHnE3Pn4l0LlZRHqLousuIR6FQ0l3FC7oj4JGWoc 8cGKz6FvY+T9oKsfLUZlEmK6yFJQle4SHkyDrZqvVAaqXBPbZVahQIfFvQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFORvTQYTwxSZwaVfzgyfssZ1PBdFMB8GA1UdIwQY MBaAFFd8DNWkz9g9SR1ifYsPzLZw6BU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjN3TTFhVFAyRDFKSFdKOWl3X010bkRvRlRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8wMTFiNWQtNjUyZS00NTJhLTk2Yzkt ZDhlYzJjYmNhZDI2LzEvNUc5TkJoUERGSm5CcFZfT0RKLXl4blU4RjBVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC8wMTFiNWQtNjUyZS00NTJhLTk2YzktZDhlYzJjYmNhZDI2 LzEvVjN3TTFhVFAyRDFKSFdKOWl3X010bkRvRlRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW5OAMA0G CSqGSIb3DQEBCwUAA4IBAQAaOM29v6q9dJ7OZqgRzQBxzlDwnPaWog4bnco0jDHV LS8r+jgFYcAimm/FtZI86n7jBxzueqKK+bh/6nxb9v7IGIJPGF/T+cfvvFqo8AZm ugfczQQfenC3wZwCbwSE1dG50RB3wuXAQlpmDfKEMTKQLilyuq0v5/WxIS43sAjp gq/ySaJOwn8SWEpYYFkbObYHnSTCpO29wVym1D+PtYWaU3w1M5hsLs/0SWtLWOzi kPelamqZZOKyEJ0GP6qW2nTxRN3gIUzB8sH8IPN/P0Ty3V+/5VkrRvS6d1gNhlGy sbNDBhxxLX3YlWheHVZpAr7Y9Adzhgv3RuRe8VnzkA32 -----END CERTIFICATE-----Generated at Tue Jan 20 14:13:48 2026 by rpki-client