This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/CN-8Pu5bXSBT4QPtIGRjyVpzJzI.roa File: CN-8Pu5bXSBT4QPtIGRjyVpzJzI.roa (raw, json) Hash identifier: EZji+EdR2qZINXOAD9p9aVvQwY57zPJN1GhrheBWnsE= Subject key identifier: 08:DF:BC:3E:EE:5B:5D:20:53:E1:03:ED:20:64:63:C9:5A:73:27:32 Certificate issuer: /CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9 Certificate serial: 019B7DCACAD761868577167F750977F3E3DE Authority key identifier: B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/CN-8Pu5bXSBT4QPtIGRjyVpzJzI.roa Signing time: Fri 02 Jan 2026 08:20:00 +0000 ROA not before: Fri 02 Jan 2026 08:20:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 91.223.161.0/24 maxlen: 24 193.28.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.mft rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 11:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:ca:d7:61:86:85:77:16:7f:75:09:77:f3:e3:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5b0a86659ec314f13a04e3a03dbdb1244a0e0a9 Validity Not Before: Jan 2 08:20:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08dfbc3eee5b5d2053e103ed206463c95a732732 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:d4:b7:a0:f5:e0:0e:65:48:21:97:89:38:0a: ec:59:ef:1c:65:cf:57:f9:b0:b7:7a:68:c9:3b:c0: 16:de:c1:ca:e0:17:e8:7d:91:39:ca:b4:c3:2c:b0: de:aa:ed:af:88:77:71:62:84:22:18:ce:2c:6a:f7: 2f:31:5b:77:59:b0:4e:06:f0:08:7b:38:d8:79:19: c6:34:98:bf:1f:51:10:a0:bf:ec:f1:f7:f4:63:cc: a6:a4:b8:a6:f2:a7:50:e8:a9:03:25:13:1a:f5:84: cc:07:4c:ab:b1:ba:00:46:04:84:91:19:f8:ec:35: f2:0a:a7:5e:ff:0b:22:2e:3e:64:61:47:a7:a9:0c: 1d:6b:f3:0c:f7:fe:21:f9:bd:62:34:ce:65:b8:69: 1e:4d:aa:7b:25:bd:9b:c5:ed:1c:35:d1:0a:f6:15: b4:63:6f:fc:cf:8e:06:3e:40:4a:f5:4f:95:62:a8: 48:5e:a0:36:a6:c1:d7:c9:30:5c:bf:ea:17:dc:d5: d4:e5:0e:0c:d8:30:7f:c7:95:95:af:f2:23:bc:ea: 3c:05:3f:39:15:39:21:43:07:e3:f1:ed:5b:9e:3f: f2:b1:32:89:fb:b5:12:7f:61:0a:0c:9a:20:48:67: ab:f8:c6:99:45:30:ca:77:67:55:9a:59:a8:f8:7b: a4:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:DF:BC:3E:EE:5B:5D:20:53:E1:03:ED:20:64:63:C9:5A:73:27:32 X509v3 Authority Key Identifier: keyid:B5:B0:A8:66:59:EC:31:4F:13:A0:4E:3A:03:DB:DB:12:44:A0:E0:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tbCoZlnsMU8ToE46A9vbEkSg4Kk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/CN-8Pu5bXSBT4QPtIGRjyVpzJzI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/044402-c4d4-4259-93e2-7fbf5ee290ac/1/tbCoZlnsMU8ToE46A9vbEkSg4Kk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.223.161.0/24 193.28.159.0/24 Signature Algorithm: sha256WithRSAEncryption 28:3e:80:9f:8d:99:0d:0b:80:2f:06:42:9e:bd:c5:ae:7f:ac: 15:66:e4:d2:48:13:54:63:56:cc:bc:a1:c4:3e:e4:7a:4c:ab: 49:22:58:4d:ba:08:6b:da:f7:23:1c:ab:5c:ac:b1:5c:bd:b5: 22:a6:ed:25:30:8d:4d:90:b5:8d:58:5c:6a:96:12:ec:ac:2e: a8:ac:9c:26:00:b5:2d:e2:55:ab:65:e1:bb:a9:3f:58:a4:5b: 00:3e:6d:d5:71:43:ad:94:fa:cb:ca:fd:4b:74:0a:b6:92:4a: ba:10:3a:0b:56:22:0a:1c:11:31:57:2d:56:44:5a:0b:86:69: da:89:16:95:a7:da:9a:a3:23:2f:37:60:e0:bd:45:06:8e:c7: f8:48:91:de:32:19:b7:4e:82:50:08:6f:7f:c8:b6:e2:92:23: 2e:f8:10:26:50:29:47:e2:c7:b1:2f:b4:80:46:b8:ed:56:35: 02:c8:64:d3:cf:57:77:58:3d:6c:b6:75:6a:34:f1:33:ea:f6: f6:ee:91:78:43:39:76:ab:d6:72:f8:39:88:a2:1d:7b:3a:9d: 1f:34:45:91:78:15:50:9b:85:34:71:7b:33:59:8c:97:dd:26: 02:cd:fe:44:1d:36:a6:93:ca:13:ed:05:36:ae:54:24:18:b6: 66:cb:29:e8 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9ysrXYYaFdxZ/dQl38+PeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1YjBhODY2NTllYzMxNGYxM2EwNGUzYTAzZGJkYjEyNDRh MGUwYTkwHhcNMjYwMTAyMDgyMDAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOGRmYmMzZWVlNWI1ZDIwNTNlMTAzZWQyMDY0NjNjOTVhNzMyNzMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdS3oPXgDmVIIZeJOArsWe8cZc9X +bC3emjJO8AW3sHK4BfofZE5yrTDLLDequ2viHdxYoQiGM4savcvMVt3WbBOBvAI ezjYeRnGNJi/H1EQoL/s8ff0Y8ympLim8qdQ6KkDJRMa9YTMB0yrsboARgSEkRn4 7DXyCqde/wsiLj5kYUenqQwda/MM9/4h+b1iNM5luGkeTap7Jb2bxe0cNdEK9hW0 Y2/8z44GPkBK9U+VYqhIXqA2psHXyTBcv+oX3NXU5Q4M2DB/x5WVr/IjvOo8BT85 FTkhQwfj8e1bnj/ysTKJ+7USf2EKDJogSGer+MaZRTDKd2dVmlmo+HukSwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFAjfvD7uW10gU+ED7SBkY8lacycyMB8GA1UdIwQY MBaAFLWwqGZZ7DFPE6BOOgPb2xJEoOCpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTIt N2ZiZjVlZTI5MGFjLzEvQ04tOFB1NWJYU0JUNFFQdElHUmp5VnB6SnpJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS8wNDQ0MDItYzRkNC00MjU5LTkzZTItN2ZiZjVlZTI5MGFj LzEvdGJDb1psbnNNVThUb0U0NkE5dmJFa1NnNEtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9+hAwQA wRyfMA0GCSqGSIb3DQEBCwUAA4IBAQAoPoCfjZkNC4AvBkKevcWuf6wVZuTSSBNU Y1bMvKHEPuR6TKtJIlhNughr2vcjHKtcrLFcvbUipu0lMI1NkLWNWFxqlhLsrC6o rJwmALUt4lWrZeG7qT9YpFsAPm3VcUOtlPrLyv1LdAq2kkq6EDoLViIKHBExVy1W RFoLhmnaiRaVp9qaoyMvN2DgvUUGjsf4SJHeMhm3ToJQCG9/yLbikiMu+BAmUClH 4sexL7SARrjtVjUCyGTTz1d3WD1stnVqNPEz6vb27pF4Qzl2q9Zy+DmIoh17Op0f NEWReBVQm4U0cXszWYyX3SYCzf5EHTamk8oT7QU2rlQkGLZmyyno -----END CERTIFICATE-----Generated at Fri Jan 9 17:05:28 2026 by rpki-client