This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/CR089RdV9vYVGf4mZ93SrR3FOhs.roa File: CR089RdV9vYVGf4mZ93SrR3FOhs.roa (raw, json) Hash identifier: 568v/GpPM88p9MXGvKjGe+TkORQEJQjb2NVPN9PNx0U= Subject key identifier: 09:1D:3C:F5:17:55:F6:F6:15:19:FE:26:67:DD:D2:AD:1D:C5:3A:1B Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf Certificate serial: 019B78A2F53E3D7132843671E057396013E7 Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/CR089RdV9vYVGf4mZ93SrR3FOhs.roa Signing time: Thu 01 Jan 2026 08:18:24 +0000 ROA not before: Thu 01 Jan 2026 08:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51823 IP address blocks: 91.220.132.0/24 maxlen: 24 193.3.172.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:f5:3e:3d:71:32:84:36:71:e0:57:39:60:13:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf Validity Not Before: Jan 1 08:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=091d3cf51755f6f61519fe2667ddd2ad1dc53a1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:95:aa:41:2b:d9:1d:5f:9d:b6:81:04:a3:5a: 7a:65:98:91:67:c2:c8:b2:0e:a9:3e:84:37:e9:cd: d4:3a:2c:ad:8b:f4:e1:2f:26:e9:08:4a:da:d6:0a: 76:39:51:90:d6:fc:64:77:e5:76:14:ff:22:45:3c: 38:b7:35:e7:a3:f0:c3:cf:5b:3c:60:e8:d7:78:4f: 77:02:5a:b1:c4:da:62:29:92:b7:a1:1c:af:25:51: 8c:73:cf:89:72:50:9f:f9:7a:91:40:19:50:c4:1a: fd:a1:7c:9b:4a:b3:5c:68:76:47:f8:9d:09:f1:2e: c5:9b:91:16:b4:6e:aa:e2:48:53:1a:fa:f4:ca:0c: 77:48:28:12:e1:e4:70:fc:b8:4d:ee:ad:2f:9d:3c: 96:a4:f4:2d:3c:7a:6d:37:eb:35:07:43:34:a0:96: 27:9b:84:60:55:16:40:7c:46:2a:4f:b3:03:e3:83: c3:c1:c2:b9:fc:7f:0d:78:5d:a0:c0:53:74:0c:2c: 9d:c3:de:e2:35:9a:82:33:7e:64:cd:28:cb:d3:06: ff:ea:da:97:24:55:35:ca:0c:67:c0:76:92:22:4d: 54:70:95:11:c7:59:04:f9:81:a7:10:1f:ef:26:3d: 98:7d:13:00:68:ca:43:41:97:80:9d:dd:4a:67:37: d7:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:1D:3C:F5:17:55:F6:F6:15:19:FE:26:67:DD:D2:AD:1D:C5:3A:1B X509v3 Authority Key Identifier: keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/CR089RdV9vYVGf4mZ93SrR3FOhs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.220.132.0/24 193.3.172.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:d7:dd:1a:7f:12:c2:0b:2a:bc:88:d5:90:53:e7:d3:15:36: d9:5f:35:a1:85:13:da:82:9e:ec:cd:69:f1:09:10:20:f1:b7: 4b:9e:f8:8a:fb:71:07:ae:7a:76:ba:ae:76:7e:98:0f:fa:fb: 92:eb:fc:60:f0:04:07:15:3d:c1:96:ec:92:6d:08:b9:20:9f: d8:82:12:58:9a:bc:2e:48:b3:00:da:38:78:3d:4d:b4:01:04: 35:ee:65:29:93:35:01:65:e7:f6:b2:b4:a9:f5:92:b4:2c:e8: 85:ef:30:a3:f7:28:58:44:1a:b7:cb:b2:57:c1:52:91:96:2f: 4d:71:36:24:86:cf:32:36:6d:4d:62:1e:e8:df:dc:7c:f8:b1: e8:fe:50:50:66:96:64:c6:ae:1a:1c:11:d5:f0:f0:52:b7:ea: fe:7a:52:07:88:1a:38:92:95:70:06:5f:63:29:3e:0f:27:e4: 91:bf:44:10:af:e1:45:e5:05:8c:18:94:0f:d6:da:b5:6b:25: a1:74:74:0c:2a:a2:c5:17:0f:7a:02:df:86:bd:d2:b8:0a:6d: 8c:b5:c9:27:b6:64:ec:9a:02:c2:4e:bf:ba:e1:05:81:0a:3c: 59:45:10:0c:1b:72:3f:73:af:0e:93:47:59:bf:76:35:dd:60: 9d:85:e3:84 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4ovU+PXEyhDZx4Fc5YBPnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2 Yjk4Y2YwHhcNMjYwMTAxMDgxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOTFkM2NmNTE3NTVmNmY2MTUxOWZlMjY2N2RkZDJhZDFkYzUzYTFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJWqQSvZHV+dtoEEo1p6ZZiRZ8LI sg6pPoQ36c3UOiyti/ThLybpCEra1gp2OVGQ1vxkd+V2FP8iRTw4tzXno/DDz1s8 YOjXeE93AlqxxNpiKZK3oRyvJVGMc8+JclCf+XqRQBlQxBr9oXybSrNcaHZH+J0J 8S7Fm5EWtG6q4khTGvr0ygx3SCgS4eRw/LhN7q0vnTyWpPQtPHptN+s1B0M0oJYn m4RgVRZAfEYqT7MD44PDwcK5/H8NeF2gwFN0DCydw97iNZqCM35kzSjL0wb/6tqX JFU1ygxnwHaSIk1UcJURx1kE+YGnEB/vJj2YfRMAaMpDQZeAnd1KZzfX6wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFAkdPPUXVfb2FRn+Jmfd0q0dxTobMB8GA1UdIwQY MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt OTlmNWNiN2EzY2E1LzEvQ1IwODlSZFY5dllWR2Y0bVo5M1NyUjNGT2hzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1 LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9yEAwQA wQOsMA0GCSqGSIb3DQEBCwUAA4IBAQAs190afxLCCyq8iNWQU+fTFTbZXzWhhRPa gp7szWnxCRAg8bdLnviK+3EHrnp2uq52fpgP+vuS6/xg8AQHFT3BluySbQi5IJ/Y ghJYmrwuSLMA2jh4PU20AQQ17mUpkzUBZef2srSp9ZK0LOiF7zCj9yhYRBq3y7JX wVKRli9NcTYkhs8yNm1NYh7o39x8+LHo/lBQZpZkxq4aHBHV8PBSt+r+elIHiBo4 kpVwBl9jKT4PJ+SRv0QQr+FF5QWMGJQP1tq1ayWhdHQMKqLFFw96At+GvdK4Cm2M tckntmTsmgLCTr+64QWBCjxZRRAMG3I/c68Ok0dZv3Y13WCdheOE -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:05 2026 by rpki-client