This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/P52Z19ZFS5PcHmr747_30HPjt0A.roa File: P52Z19ZFS5PcHmr747_30HPjt0A.roa (raw, json) Hash identifier: Q+07EEoc98NoCKMiauQ6zERb9JXZfHA9LGDMQqCoPfo= Subject key identifier: 3F:9D:99:D7:D6:45:4B:93:DC:1E:6A:FB:E3:BF:F7:D0:73:E3:B7:40 Certificate issuer: /CN=90fd8aae1b6e159a2fa8f03d7a3188a1e18072a0 Certificate serial: 019B7AC8600400284E665F73E0E70AD815C3 Authority key identifier: 90:FD:8A:AE:1B:6E:15:9A:2F:A8:F0:3D:7A:31:88:A1:E1:80:72:A0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kP2KrhtuFZovqPA9ejGIoeGAcqA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/P52Z19ZFS5PcHmr747_30HPjt0A.roa Signing time: Thu 01 Jan 2026 18:18:30 +0000 ROA not before: Thu 01 Jan 2026 18:18:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212073 IP address blocks: 91.209.16.0/24 maxlen: 24 2a0f:c440::/48 maxlen: 48 2a0f:c444::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/kP2KrhtuFZovqPA9ejGIoeGAcqA.crl rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/kP2KrhtuFZovqPA9ejGIoeGAcqA.mft rsync://rpki.ripe.net/repository/DEFAULT/kP2KrhtuFZovqPA9ejGIoeGAcqA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 09:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:60:04:00:28:4e:66:5f:73:e0:e7:0a:d8:15:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90fd8aae1b6e159a2fa8f03d7a3188a1e18072a0 Validity Not Before: Jan 1 18:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3f9d99d7d6454b93dc1e6afbe3bff7d073e3b740 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:9b:14:dc:3f:e9:bf:82:ca:1c:0f:84:63:03: 72:24:5e:6c:a8:a7:77:e1:fb:12:28:bb:fb:cb:35: ca:6c:0a:04:00:a8:cf:32:80:61:61:f0:c0:02:86: a7:6e:85:3f:01:5b:08:04:c9:50:11:63:e8:e5:0d: 8d:f6:56:e6:c2:5c:12:9c:fd:c4:06:4b:77:c9:57: c1:df:3e:b8:91:fe:68:73:6c:d6:7d:1f:56:0d:bd: d2:27:18:d4:e3:c3:48:11:55:cf:44:66:b4:78:73: b7:1f:5d:0f:b7:e0:38:a8:6d:f9:15:b0:59:ee:9a: e7:aa:02:4d:ae:25:b0:20:bb:8e:af:9d:87:a1:8e: 4f:15:ec:07:57:13:14:e0:0c:fd:88:fb:cd:12:60: a9:55:3d:89:d0:f5:6a:ae:27:0b:fc:a9:25:f9:22: f4:8f:84:0e:1e:4e:74:06:5e:ec:9a:28:77:ae:ae: 1f:98:4c:03:b2:a1:45:f0:3c:64:12:15:1c:db:5d: 3e:64:57:b7:88:08:22:64:20:5c:8b:18:80:97:fa: c2:50:68:68:b0:a9:b0:61:11:73:75:d7:f4:4b:11: ce:d7:24:6f:f9:70:22:d6:b8:02:22:7d:d6:bf:c8: f6:84:c0:1f:81:2e:0c:20:df:03:fe:f6:6b:7b:3c: 50:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:9D:99:D7:D6:45:4B:93:DC:1E:6A:FB:E3:BF:F7:D0:73:E3:B7:40 X509v3 Authority Key Identifier: keyid:90:FD:8A:AE:1B:6E:15:9A:2F:A8:F0:3D:7A:31:88:A1:E1:80:72:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kP2KrhtuFZovqPA9ejGIoeGAcqA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/P52Z19ZFS5PcHmr747_30HPjt0A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/5dfc76-e7eb-4d35-8ad7-7993591113e4/1/kP2KrhtuFZovqPA9ejGIoeGAcqA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.209.16.0/24 IPv6: 2a0f:c440::/48 2a0f:c444::/32 Signature Algorithm: sha256WithRSAEncryption 6c:a9:4b:1e:c9:7c:2f:1d:be:d5:b2:22:94:1d:7b:7d:7f:1f: 07:e3:31:b5:a3:32:37:08:77:e2:7d:cf:91:5a:4d:69:54:c4: 8f:e5:f7:c0:19:c9:1a:98:ad:48:9a:ac:b4:36:62:11:0b:3e: 7c:f8:4f:ac:ae:e7:04:88:16:d1:1f:86:67:17:27:1e:fa:57: 9a:f5:de:60:c9:a6:7b:ee:99:85:db:0a:0b:ce:24:ce:db:cd: 08:d0:2f:b7:af:16:c7:78:85:d5:83:88:05:7d:8a:7a:a2:42: 25:48:51:d3:6c:b0:77:d3:98:4f:ec:67:1a:a3:d0:0f:c8:ca: f2:a5:fe:ce:3f:c0:c7:06:6c:16:ac:37:d3:8a:68:8b:36:fc: 04:a3:6c:90:f3:e0:fe:a9:e8:a9:63:44:85:04:be:09:1d:b1: b9:4a:49:39:76:a0:d4:e1:2f:ba:65:da:88:ad:31:98:2a:18: d2:66:27:64:dc:8e:c8:3b:bd:7a:1e:b8:bf:7a:ef:90:82:85: 36:1f:8f:66:4b:60:f8:d5:73:87:a9:62:8f:3f:76:13:d2:ee: 91:b9:31:ef:7f:fe:83:75:7a:05:f0:93:09:36:65:c3:11:f3: f3:7f:0f:c3:cc:dc:a1:09:8b:b4:4d:2c:ae:c2:f6:ab:f2:fc: a9:42:de:e3 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt6yGAEAChOZl9z4OcK2BXDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwZmQ4YWFlMWI2ZTE1OWEyZmE4ZjAzZDdhMzE4OGExZTE4 MDcyYTAwHhcNMjYwMTAxMTgxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZjlkOTlkN2Q2NDU0YjkzZGMxZTZhZmJlM2JmZjdkMDczZTNiNzQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJsU3D/pv4LKHA+EYwNyJF5sqKd3 4fsSKLv7yzXKbAoEAKjPMoBhYfDAAoanboU/AVsIBMlQEWPo5Q2N9lbmwlwSnP3E Bkt3yVfB3z64kf5oc2zWfR9WDb3SJxjU48NIEVXPRGa0eHO3H10Pt+A4qG35FbBZ 7prnqgJNriWwILuOr52HoY5PFewHVxMU4Az9iPvNEmCpVT2J0PVqricL/Kkl+SL0 j4QOHk50Bl7smih3rq4fmEwDsqFF8DxkEhUc210+ZFe3iAgiZCBcixiAl/rCUGho sKmwYRFzddf0SxHO1yRv+XAi1rgCIn3Wv8j2hMAfgS4MIN8D/vZrezxQ8QIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFD+dmdfWRUuT3B5q++O/99Bz47dAMB8GA1UdIwQY MBaAFJD9iq4bbhWaL6jwPXoxiKHhgHKgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1AyS3JodHVGWm92cVBBOWVqR0lvZUdBY3FBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi81ZGZjNzYtZTdlYi00ZDM1LThhZDct Nzk5MzU5MTExM2U0LzEvUDUyWjE5WkZTNVBjSG1yNzQ3XzMwSFBqdDBBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi81ZGZjNzYtZTdlYi00ZDM1LThhZDctNzk5MzU5MTExM2U0 LzEva1AyS3JodHVGWm92cVBBOWVqR0lvZUdBY3FBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAW9EQMBYE AgACMBADBwAqD8RAAAADBQAqD8REMA0GCSqGSIb3DQEBCwUAA4IBAQBsqUseyXwv Hb7VsiKUHXt9fx8H4zG1ozI3CHfifc+RWk1pVMSP5ffAGckamK1Imqy0NmIRCz58 +E+srucEiBbRH4ZnFyce+lea9d5gyaZ77pmF2woLziTO280I0C+3rxbHeIXVg4gF fYp6okIlSFHTbLB305hP7Gcao9APyMrypf7OP8DHBmwWrDfTimiLNvwEo2yQ8+D+ qeipY0SFBL4JHbG5Skk5dqDU4S+6ZdqIrTGYKhjSZidk3I7IO716Hri/eu+QgoU2 H49mS2D41XOHqWKPP3YT0u6RuTHvf/6DdXoF8JMJNmXDEfPzfw/DzNyhCYu0TSyu wvar8vypQt7j -----END CERTIFICATE-----Generated at Mon Feb 9 18:38:00 2026 by rpki-client