This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/rAXOeYyJicjxp8FzJx__Y7hlvEM.roa File: rAXOeYyJicjxp8FzJx__Y7hlvEM.roa (raw, json) Hash identifier: shr4TV48j/I82nbVkR38hVjMhfoyIR4wttCVbDSd4eg= Subject key identifier: AC:05:CE:79:8C:89:89:C8:F1:A7:C1:73:27:1F:FF:63:B8:65:BC:43 Certificate issuer: /CN=28c2202a443537fb8fb280567a17485f1230c411 Certificate serial: 019B7F1493181F3703412FC184893CA729F7 Authority key identifier: 28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/rAXOeYyJicjxp8FzJx__Y7hlvEM.roa Signing time: Fri 02 Jan 2026 14:20:13 +0000 ROA not before: Fri 02 Jan 2026 14:20:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51926 IP address blocks: 91.220.160.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:93:18:1f:37:03:41:2f:c1:84:89:3c:a7:29:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28c2202a443537fb8fb280567a17485f1230c411 Validity Not Before: Jan 2 14:20:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ac05ce798c8989c8f1a7c173271fff63b865bc43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:03:5b:30:81:17:42:c0:fb:30:00:e4:86:61: 7e:be:b0:b7:34:27:3b:2c:bd:57:7f:4c:e5:50:a2: a4:12:2a:3f:07:3e:25:97:4b:de:8b:a0:bb:ff:28: ca:e0:f5:34:98:59:8d:62:52:34:78:5b:fd:e2:30: 47:a0:be:e5:c3:4e:7f:29:8e:55:8e:94:3f:c6:5d: 57:a6:f2:5f:7a:0b:a2:9b:43:02:85:4e:bb:f1:92: 33:dd:73:87:b5:38:b8:84:f0:ba:2d:1f:0a:84:87: 22:4b:25:cd:b1:02:29:d8:82:7f:7b:cf:bc:fc:ed: 7b:a5:60:c9:47:d3:a3:4c:d5:65:89:8f:c6:d8:37: 03:e3:1b:9c:db:76:7d:25:06:e3:01:d3:39:c9:e0: c0:f2:57:ce:36:69:91:04:a6:92:d7:a2:4a:3b:c4: ff:60:c9:10:73:d9:c6:25:a0:03:a3:82:65:2c:24: 90:35:00:79:6e:04:bf:d1:d5:3e:65:cf:14:eb:67: a3:dc:9b:37:6c:db:79:fc:53:29:58:2d:c1:e3:4f: be:a6:91:8b:fe:6c:26:05:0f:40:70:36:19:a9:06: b3:a6:e4:11:2f:0b:cf:41:b0:18:a3:dc:aa:2b:a4: 5e:6f:5e:b0:c0:ed:8d:a3:ee:a2:a0:15:b0:4e:56: 86:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:05:CE:79:8C:89:89:C8:F1:A7:C1:73:27:1F:FF:63:B8:65:BC:43 X509v3 Authority Key Identifier: keyid:28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/rAXOeYyJicjxp8FzJx__Y7hlvEM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.220.160.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:0b:de:f8:c7:80:67:4f:e5:c9:c9:e6:96:8b:7a:5e:ce:0e: df:a6:24:e2:3b:e9:9e:2e:5c:43:1b:e2:e2:0c:da:20:0d:51: 82:f0:68:23:4a:89:c1:0e:8d:46:34:c1:fc:90:a7:6a:3d:a8: 51:55:f6:98:30:03:e7:f3:53:d6:ab:0f:58:87:3c:0d:8b:da: 51:ac:b1:ae:44:82:42:4a:46:94:a2:69:fa:ec:b0:b1:e1:4f: 0b:ff:92:98:13:1e:99:40:7b:af:27:6b:bc:04:e5:37:18:18: da:00:16:66:aa:69:38:36:d0:e0:23:41:97:f3:c3:c1:b2:5b: ea:ac:cc:36:c7:c3:2b:4e:0e:e0:2d:43:a4:a8:52:57:64:80: 4f:8e:35:ad:33:90:7e:ea:99:a6:9b:4c:c3:21:78:be:d7:75: 8b:ea:a6:5e:74:0a:b2:61:cd:d3:4c:5a:c4:7e:42:05:22:d6: 8e:f8:6d:dc:90:2b:06:c1:47:86:b9:30:42:ea:d7:93:b8:f2: 54:63:6f:03:96:da:8e:c8:ed:7e:fc:99:84:88:38:15:94:d6: eb:5f:79:c1:82:4d:f6:32:23:d0:47:ec:fd:8b:02:ac:23:ce: c5:0a:ae:57:d4:76:30:2f:b4:62:f1:34:3d:2c:f5:d3:1f:b3: ff:8c:d1:5b -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FJMYHzcDQS/BhIk8pyn3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4YzIyMDJhNDQzNTM3ZmI4ZmIyODA1NjdhMTc0ODVmMTIz MGM0MTEwHhcNMjYwMTAyMTQyMDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYzA1Y2U3OThjODk4OWM4ZjFhN2MxNzMyNzFmZmY2M2I4NjViYzQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ANbMIEXQsD7MADkhmF+vrC3NCc7 LL1Xf0zlUKKkEio/Bz4ll0vei6C7/yjK4PU0mFmNYlI0eFv94jBHoL7lw05/KY5V jpQ/xl1XpvJfeguim0MChU678ZIz3XOHtTi4hPC6LR8KhIciSyXNsQIp2IJ/e8+8 /O17pWDJR9OjTNVliY/G2DcD4xuc23Z9JQbjAdM5yeDA8lfONmmRBKaS16JKO8T/ YMkQc9nGJaADo4JlLCSQNQB5bgS/0dU+Zc8U62ej3Js3bNt5/FMpWC3B40++ppGL /mwmBQ9AcDYZqQazpuQRLwvPQbAYo9yqK6Reb16wwO2No+6ioBWwTlaGaQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKwFznmMiYnI8afBcycf/2O4ZbxDMB8GA1UdIwQY MBaAFCjCICpENTf7j7KAVnoXSF8SMMQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWIt ODlkMjYxMWE5NWRiLzEvckFYT2VZeUppY2p4cDhGekp4X19ZN2hsdkVNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWItODlkMjYxMWE5NWRi LzEvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ygMA0G CSqGSIb3DQEBCwUAA4IBAQAsC974x4BnT+XJyeaWi3pezg7fpiTiO+meLlxDG+Li DNogDVGC8GgjSonBDo1GNMH8kKdqPahRVfaYMAPn81PWqw9YhzwNi9pRrLGuRIJC SkaUomn67LCx4U8L/5KYEx6ZQHuvJ2u8BOU3GBjaABZmqmk4NtDgI0GX88PBslvq rMw2x8MrTg7gLUOkqFJXZIBPjjWtM5B+6pmmm0zDIXi+13WL6qZedAqyYc3TTFrE fkIFItaO+G3ckCsGwUeGuTBC6teTuPJUY28DltqOyO1+/JmEiDgVlNbrX3nBgk32 MiPQR+z9iwKsI87FCq5X1HYwL7Ri8TQ9LPXTH7P/jNFb -----END CERTIFICATE-----Generated at Mon Feb 9 19:55:03 2026 by rpki-client