This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/990506-41bc-4098-af7f-cc8bf3fbef99/1/schhp52ulEJ2Q5lWWzeviWV-gSw.roa File: schhp52ulEJ2Q5lWWzeviWV-gSw.roa (raw, json) Hash identifier: HhUn0pI+C/AL7qljIPdAHULHb8txQJ+RtoE68bF3XwQ= Subject key identifier: B1:C8:61:A7:9D:AE:94:42:76:43:99:56:5B:37:AF:89:65:7E:81:2C Certificate issuer: /CN=af478ccdc0480a6b43bacd8aaee0079b16ec2e68 Certificate serial: 019B7758F5F7B78C079B61B3F6375970FEE3 Authority key identifier: AF:47:8C:CD:C0:48:0A:6B:43:BA:CD:8A:AE:E0:07:9B:16:EC:2E:68 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r0eMzcBICmtDus2KruAHmxbsLmg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/990506-41bc-4098-af7f-cc8bf3fbef99/1/schhp52ulEJ2Q5lWWzeviWV-gSw.roa Signing time: Thu 01 Jan 2026 02:17:57 +0000 ROA not before: Thu 01 Jan 2026 02:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30857 IP address blocks: 91.206.134.0/23 maxlen: 23 91.206.134.0/24 maxlen: 24 91.206.135.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/990506-41bc-4098-af7f-cc8bf3fbef99/1/r0eMzcBICmtDus2KruAHmxbsLmg.crl rsync://rpki.ripe.net/repository/DEFAULT/09/990506-41bc-4098-af7f-cc8bf3fbef99/1/r0eMzcBICmtDus2KruAHmxbsLmg.mft rsync://rpki.ripe.net/repository/DEFAULT/r0eMzcBICmtDus2KruAHmxbsLmg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:f5:f7:b7:8c:07:9b:61:b3:f6:37:59:70:fe:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af478ccdc0480a6b43bacd8aaee0079b16ec2e68 Validity Not Before: Jan 1 02:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b1c861a79dae9442764399565b37af89657e812c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:70:d4:1f:00:84:3a:bf:c0:85:a0:5e:2f:2e: 56:f6:26:60:8e:b0:d5:d8:45:57:13:b6:72:56:f1: 58:5b:b8:20:4a:33:83:e8:0c:66:bd:7a:5b:4c:4d: 15:b1:36:24:26:95:ab:45:98:41:93:42:9c:69:d4: 78:3d:66:b6:b8:8c:95:9c:65:e9:99:1f:e9:8d:37: 7d:26:04:51:97:05:02:b7:8f:e3:9a:a5:bd:50:2b: ed:c9:83:ff:58:6b:d2:66:fe:5f:45:44:74:a0:62: 04:e3:6f:c9:85:8e:96:47:47:35:4a:5c:f4:10:51: e0:f1:47:2d:d0:0e:50:79:f8:e3:41:c7:0b:63:bb: 0b:6b:0b:b6:cc:68:7c:4c:d5:9e:ee:7e:d7:f1:e2: 30:6f:f5:b3:45:e9:d9:80:c5:d5:6e:5a:0c:4c:c1: d0:72:f4:88:f1:21:3e:b0:68:78:0a:07:5c:51:ad: c7:d9:6d:ea:68:8c:19:75:bb:ea:ec:c8:45:34:f6: e3:17:10:09:77:65:12:b0:5c:13:3f:39:cb:d9:7b: f0:ec:f7:3f:0e:6f:a3:89:bf:81:3c:92:7f:53:8c: 34:ca:60:55:7b:f0:85:41:56:f9:e3:7b:42:66:9f: c0:cc:9c:e3:36:ed:7e:6b:86:71:f2:c1:f2:59:80: 5a:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:C8:61:A7:9D:AE:94:42:76:43:99:56:5B:37:AF:89:65:7E:81:2C X509v3 Authority Key Identifier: keyid:AF:47:8C:CD:C0:48:0A:6B:43:BA:CD:8A:AE:E0:07:9B:16:EC:2E:68 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r0eMzcBICmtDus2KruAHmxbsLmg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/990506-41bc-4098-af7f-cc8bf3fbef99/1/schhp52ulEJ2Q5lWWzeviWV-gSw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/990506-41bc-4098-af7f-cc8bf3fbef99/1/r0eMzcBICmtDus2KruAHmxbsLmg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.206.134.0/23 Signature Algorithm: sha256WithRSAEncryption 10:ff:e7:e3:14:d4:33:4c:da:1b:a9:76:b2:eb:39:42:35:cb: 90:b8:2c:15:93:89:95:2e:e0:32:7b:90:3d:20:f0:dc:ef:7a: 8a:fd:6f:42:3b:d2:2d:90:ed:3e:f2:00:9a:aa:16:d2:07:b5: c0:14:f1:22:08:89:32:99:76:14:04:52:3a:c5:b0:11:54:2d: 75:41:bb:29:a8:c9:48:31:25:d1:1b:9f:f6:3d:78:7a:a1:79: fa:be:de:fc:0d:f4:d9:90:53:d5:eb:2e:51:58:bc:94:b5:b9: c9:6f:d2:31:3d:59:78:18:f3:a1:27:b8:6e:01:1f:b5:45:07: c7:d6:d9:85:70:aa:7d:d7:85:5f:ce:09:68:52:b7:0f:ea:e3: 6d:1a:55:7d:b7:cb:61:82:4c:90:3b:45:b1:1f:54:0f:70:ef: 67:80:d1:c5:08:7d:84:f2:dd:cd:ab:a0:ac:79:b0:9e:c2:65: 5e:d1:d1:9a:95:6b:e8:25:03:a2:f2:e4:17:50:02:45:3a:ba: a5:90:31:be:2b:78:bf:b7:66:da:ae:aa:60:47:52:1e:e8:0a: fa:9b:9e:cd:40:38:c9:62:6d:84:37:b3:a8:93:5f:23:88:25: 4b:8a:91:dd:64:9a:e3:ff:c4:9e:37:59:b2:bf:3e:22:01:60: 4b:fc:b1:be -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3WPX3t4wHm2Gz9jdZcP7jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmNDc4Y2NkYzA0ODBhNmI0M2JhY2Q4YWFlZTAwNzliMTZl YzJlNjgwHhcNMjYwMTAxMDIxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMWM4NjFhNzlkYWU5NDQyNzY0Mzk5NTY1YjM3YWY4OTY1N2U4MTJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHDUHwCEOr/AhaBeLy5W9iZgjrDV 2EVXE7ZyVvFYW7ggSjOD6AxmvXpbTE0VsTYkJpWrRZhBk0KcadR4PWa2uIyVnGXp mR/pjTd9JgRRlwUCt4/jmqW9UCvtyYP/WGvSZv5fRUR0oGIE42/JhY6WR0c1Slz0 EFHg8Uct0A5QefjjQccLY7sLawu2zGh8TNWe7n7X8eIwb/WzRenZgMXVbloMTMHQ cvSI8SE+sGh4CgdcUa3H2W3qaIwZdbvq7MhFNPbjFxAJd2USsFwTPznL2Xvw7Pc/ Dm+jib+BPJJ/U4w0ymBVe/CFQVb543tCZp/AzJzjNu1+a4Zx8sHyWYBarwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLHIYaedrpRCdkOZVls3r4llfoEsMB8GA1UdIwQY MBaAFK9HjM3ASAprQ7rNiq7gB5sW7C5oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjBlTXpjQklDbXREdXMyS3J1QUhteGJzTG1nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85OTA1MDYtNDFiYy00MDk4LWFmN2Yt Y2M4YmYzZmJlZjk5LzEvc2NoaHA1MnVsRUoyUTVsV1d6ZXZpV1YtZ1N3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS85OTA1MDYtNDFiYy00MDk4LWFmN2YtY2M4YmYzZmJlZjk5 LzEvcjBlTXpjQklDbXREdXMyS3J1QUhteGJzTG1nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW86GMA0G CSqGSIb3DQEBCwUAA4IBAQAQ/+fjFNQzTNobqXay6zlCNcuQuCwVk4mVLuAye5A9 IPDc73qK/W9CO9ItkO0+8gCaqhbSB7XAFPEiCIkymXYUBFI6xbARVC11QbspqMlI MSXRG5/2PXh6oXn6vt78DfTZkFPV6y5RWLyUtbnJb9IxPVl4GPOhJ7huAR+1RQfH 1tmFcKp914VfzgloUrcP6uNtGlV9t8thgkyQO0WxH1QPcO9ngNHFCH2E8t3Nq6Cs ebCewmVe0dGalWvoJQOi8uQXUAJFOrqlkDG+K3i/t2barqpgR1Ie6Ar6m57NQDjJ Ym2EN7Ook18jiCVLipHdZJrj/8SeN1myvz4iAWBL/LG+ -----END CERTIFICATE-----Generated at Tue Jan 20 07:32:58 2026 by rpki-client