This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/16nRyZBneqNvEfGo1-HpM9Ja0Qg.roa File: 16nRyZBneqNvEfGo1-HpM9Ja0Qg.roa (raw, json) Hash identifier: jc0qTiU5kUL9CDVuEIN96YPjHZwKeP34Xiz/uIOIYSs= Subject key identifier: D7:A9:D1:C9:90:67:7A:A3:6F:11:F1:A8:D7:E1:E9:33:D2:5A:D1:08 Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a Certificate serial: 019B7FF164E5788C12BCD94A75793F5E837C Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/16nRyZBneqNvEfGo1-HpM9Ja0Qg.roa Signing time: Fri 02 Jan 2026 18:21:24 +0000 ROA not before: Fri 02 Jan 2026 18:21:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5065 IP address blocks: 91.109.43.0/24 maxlen: 24 91.109.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 05:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:64:e5:78:8c:12:bc:d9:4a:75:79:3f:5e:83:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a Validity Not Before: Jan 2 18:21:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d7a9d1c990677aa36f11f1a8d7e1e933d25ad108 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:09:ce:dc:60:e4:1f:0f:0b:95:6a:f5:9d:16: 44:76:06:f5:47:d5:50:1f:44:3e:a0:3d:62:03:e6: a9:ef:25:99:64:4c:6e:be:05:3f:5a:95:70:00:43: 4c:ff:64:40:06:ba:ab:fd:50:4d:12:1e:96:c4:90: da:7f:0f:9f:21:a5:2a:82:33:10:f8:29:41:f7:4d: f3:ca:bc:01:5f:49:19:46:36:6d:e3:7d:cb:4d:32: 5f:d7:5c:5f:8c:96:fe:42:f2:cf:25:66:d3:07:8b: c0:30:1a:75:2a:77:11:57:48:52:6f:2d:68:76:cc: 4b:f4:b7:a5:ec:c8:b4:3d:7b:95:f1:fe:46:72:ef: c6:93:36:7e:63:46:c9:bd:cf:5c:fe:4f:b7:63:1c: e6:9a:19:ff:a8:25:52:bb:ce:b4:17:79:1a:1f:cf: b1:64:e1:a1:18:71:96:c5:85:53:75:b3:12:91:2f: 50:74:78:65:c3:c7:dc:59:12:d3:3f:8d:64:2d:f0: 87:70:d1:84:31:6d:9f:82:46:c7:d5:bd:1d:12:67: 78:5c:57:31:8b:5a:f3:76:e1:66:24:30:6a:b7:7e: 9d:f7:d2:ad:67:6a:9c:0c:de:12:d4:b7:9c:a8:e0: a1:ee:5e:7a:97:4d:f6:6c:46:64:a6:68:3d:56:0f: d5:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:A9:D1:C9:90:67:7A:A3:6F:11:F1:A8:D7:E1:E9:33:D2:5A:D1:08 X509v3 Authority Key Identifier: keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/16nRyZBneqNvEfGo1-HpM9Ja0Qg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.109.43.0/24 91.109.47.0/24 Signature Algorithm: sha256WithRSAEncryption 4e:73:29:c9:41:98:3c:24:ae:76:04:da:5e:73:fb:bf:31:7e: 2f:5a:59:16:fe:c5:8c:7e:a8:bf:83:af:ce:6d:de:8a:78:2a: 32:79:8e:e5:68:1a:c1:52:4f:3c:37:ed:da:dc:99:e8:ba:f1: de:9b:d3:e7:2f:d8:2c:ce:fb:61:ef:67:e8:a9:c4:58:40:18: 7a:0b:3d:a0:a1:5d:74:c1:55:ea:d7:e4:7d:0d:19:e4:61:9f: 83:53:4d:dd:1c:b5:aa:5c:ed:b1:68:a7:f6:0d:d0:66:ae:ff: 80:07:f4:e5:37:7e:bc:e2:d4:71:91:0f:98:08:69:a4:2e:bd: 16:0c:95:71:84:25:62:af:0c:1f:35:6f:e9:48:eb:77:d2:77: 60:52:e3:2f:2f:fd:a7:30:d3:fd:87:07:5b:ce:90:1b:b9:b0: 03:ae:a1:8b:b5:58:14:b0:63:a5:38:99:50:4d:86:b3:e7:20: 2f:cb:9f:4e:df:a4:97:0d:e3:38:95:fa:5c:24:d1:00:1d:3a: a6:8d:1a:d7:3b:09:c3:db:36:09:1e:56:bb:6d:48:df:dd:16: f6:54:d7:99:88:66:c1:71:95:3f:d9:0f:bc:2e:b0:4d:e1:90: e0:59:b6:52:48:e5:68:29:42:f0:bf:dc:68:a3:d9:61:75:8c: c7:e1:8e:a5 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/8WTleIwSvNlKdXk/XoN8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk ZjM1NGEwHhcNMjYwMTAyMTgyMTI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkN2E5ZDFjOTkwNjc3YWEzNmYxMWYxYThkN2UxZTkzM2QyNWFkMTA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwnO3GDkHw8LlWr1nRZEdgb1R9VQ H0Q+oD1iA+ap7yWZZExuvgU/WpVwAENM/2RABrqr/VBNEh6WxJDafw+fIaUqgjMQ +ClB903zyrwBX0kZRjZt433LTTJf11xfjJb+QvLPJWbTB4vAMBp1KncRV0hSby1o dsxL9Lel7Mi0PXuV8f5Gcu/GkzZ+Y0bJvc9c/k+3Yxzmmhn/qCVSu860F3kaH8+x ZOGhGHGWxYVTdbMSkS9QdHhlw8fcWRLTP41kLfCHcNGEMW2fgkbH1b0dEmd4XFcx i1rzduFmJDBqt36d99KtZ2qcDN4S1LecqOCh7l56l032bEZkpmg9Vg/VIQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNep0cmQZ3qjbxHxqNfh6TPSWtEIMB8GA1UdIwQY MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt MjBlMTk3ODBjYjJlLzEvMTZuUnlaQm5lcU52RWZHbzEtSHBNOUphMFFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW20rAwQA W20vMA0GCSqGSIb3DQEBCwUAA4IBAQBOcynJQZg8JK52BNpec/u/MX4vWlkW/sWM fqi/g6/Obd6KeCoyeY7laBrBUk88N+3a3JnouvHem9PnL9gszvth72foqcRYQBh6 Cz2goV10wVXq1+R9DRnkYZ+DU03dHLWqXO2xaKf2DdBmrv+AB/TlN3684tRxkQ+Y CGmkLr0WDJVxhCVirwwfNW/pSOt30ndgUuMvL/2nMNP9hwdbzpAbubADrqGLtVgU sGOlOJlQTYaz5yAvy59O36SXDeM4lfpcJNEAHTqmjRrXOwnD2zYJHla7bUjf3Rb2 VNeZiGbBcZU/2Q+8LrBN4ZDgWbZSSOVoKULwv9xoo9lhdYzH4Y6l -----END CERTIFICATE-----Generated at Mon Jan 19 11:23:49 2026 by rpki-client