This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/K1qLnnrsBytcCd672tmGsMqXxYM.roa File: K1qLnnrsBytcCd672tmGsMqXxYM.roa (raw, json) Hash identifier: chgkC32Z3UMGB9mkkwLQsJIKs1LFl1ohHwqbg9qIaPw= Subject key identifier: 2B:5A:8B:9E:7A:EC:07:2B:5C:09:DE:BB:DA:D9:86:B0:CA:97:C5:83 Certificate issuer: /CN=502c37e7ecb59b667fa82ecf093e5ed87661a8e2 Certificate serial: 019B7E38133BF522D33D9CEF52985EA5444A Authority key identifier: 50:2C:37:E7:EC:B5:9B:66:7F:A8:2E:CF:09:3E:5E:D8:76:61:A8:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UCw35-y1m2Z_qC7PCT5e2HZhqOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/K1qLnnrsBytcCd672tmGsMqXxYM.roa Signing time: Fri 02 Jan 2026 10:19:22 +0000 ROA not before: Fri 02 Jan 2026 10:19:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1299 IP address blocks: 91.220.159.0/24 maxlen: 24 91.221.120.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/UCw35-y1m2Z_qC7PCT5e2HZhqOI.crl rsync://rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/UCw35-y1m2Z_qC7PCT5e2HZhqOI.mft rsync://rpki.ripe.net/repository/DEFAULT/UCw35-y1m2Z_qC7PCT5e2HZhqOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:13:3b:f5:22:d3:3d:9c:ef:52:98:5e:a5:44:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=502c37e7ecb59b667fa82ecf093e5ed87661a8e2 Validity Not Before: Jan 2 10:19:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2b5a8b9e7aec072b5c09debbdad986b0ca97c583 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:8d:6c:9e:7a:29:6e:ff:01:c3:de:19:4a:d3: 08:45:69:8b:87:31:b6:19:27:3f:be:83:2b:93:d7: ae:fe:73:ea:d1:56:42:48:92:15:e7:e6:df:1a:4f: a3:5f:d8:e0:47:09:45:65:27:5f:eb:e9:a1:f0:c5: a1:f3:bf:f7:e2:d0:34:18:09:83:c5:0a:cc:3a:bf: 9e:62:54:96:61:17:d8:4e:be:94:22:e8:2d:eb:c5: 57:1b:23:6e:11:d3:49:48:21:6e:10:9d:f9:33:0d: a4:5a:e3:35:00:2c:0a:2d:f2:b0:16:72:b9:8d:29: a0:e2:e1:ef:35:a9:fc:d6:d3:37:56:11:a3:3e:b7: 77:bd:03:cf:34:12:ba:bd:2d:1a:75:5c:51:d7:67: 2e:8b:61:02:59:63:13:f3:e6:e1:30:f7:f1:a1:60: 37:0d:28:f5:8a:83:25:7e:80:12:c6:dd:c0:8c:7c: 6a:35:97:bb:bf:ff:25:7f:8e:15:51:22:a3:ed:3a: f8:47:0d:b1:57:67:de:79:90:f1:b1:0c:a9:f0:96: d4:26:46:aa:c0:7b:b1:7e:1a:92:b3:c8:e8:59:57: 5f:96:57:86:e9:7f:55:f6:5b:df:33:43:ea:d0:bf: 94:08:88:dd:03:aa:8c:6f:60:a5:ba:62:eb:59:24: c0:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:5A:8B:9E:7A:EC:07:2B:5C:09:DE:BB:DA:D9:86:B0:CA:97:C5:83 X509v3 Authority Key Identifier: keyid:50:2C:37:E7:EC:B5:9B:66:7F:A8:2E:CF:09:3E:5E:D8:76:61:A8:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UCw35-y1m2Z_qC7PCT5e2HZhqOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/K1qLnnrsBytcCd672tmGsMqXxYM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/b5f6af-3c83-4cb5-b5eb-ba14843c549c/1/UCw35-y1m2Z_qC7PCT5e2HZhqOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.220.159.0/24 91.221.120.0/23 Signature Algorithm: sha256WithRSAEncryption aa:24:64:e0:cf:1b:59:11:eb:4f:22:d4:48:cb:b7:ae:ad:b4: 4f:ed:08:58:c0:1a:b2:11:24:66:8a:09:93:58:fa:15:05:7d: ae:7f:58:bc:e9:a0:7a:96:3f:f3:18:23:ab:1e:21:53:41:a5: bc:0c:aa:fc:13:36:47:e2:84:f1:b4:14:15:69:fb:75:96:a3: 63:ef:55:3e:67:5f:33:15:63:39:dc:64:31:06:9d:13:b7:d9: 97:96:f6:97:8f:12:b4:cc:c6:5e:3f:c1:c1:9d:08:83:42:ec: 75:03:50:8e:ff:a6:ce:7c:0d:83:bf:2c:b5:c3:b1:79:5f:bd: 2c:cd:57:b2:77:30:df:e1:12:f5:7a:db:a3:5c:85:b8:0b:f5: 7b:27:d1:49:7b:a2:49:83:b9:71:c7:a9:4a:fc:12:d3:98:ab: c0:21:62:4e:0e:16:7a:42:15:98:c3:4d:d0:fd:6c:1f:93:87: 90:26:6b:2e:89:5a:da:74:d6:e0:a9:c5:cd:12:7b:4b:82:cb: a4:d4:e5:bc:fd:b9:22:c8:dc:0d:d9:2d:ac:10:db:12:fe:4b: f1:60:5e:b0:8a:50:86:3f:d7:66:39:69:e2:f8:13:e0:e8:86: bb:97:95:49:6b:96:dd:50:bd:79:bb:d8:77:04:14:fc:3d:7e: 72:a2:40:06 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+OBM79SLTPZzvUphepURKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDUwMmMzN2U3ZWNiNTliNjY3ZmE4MmVjZjA5M2U1ZWQ4NzY2 MWE4ZTIwHhcNMjYwMTAyMTAxOTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyYjVhOGI5ZTdhZWMwNzJiNWMwOWRlYmJkYWQ5ODZiMGNhOTdjNTgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsY1snnopbv8Bw94ZStMIRWmLhzG2 GSc/voMrk9eu/nPq0VZCSJIV5+bfGk+jX9jgRwlFZSdf6+mh8MWh87/34tA0GAmD xQrMOr+eYlSWYRfYTr6UIugt68VXGyNuEdNJSCFuEJ35Mw2kWuM1ACwKLfKwFnK5 jSmg4uHvNan81tM3VhGjPrd3vQPPNBK6vS0adVxR12cui2ECWWMT8+bhMPfxoWA3 DSj1ioMlfoASxt3AjHxqNZe7v/8lf44VUSKj7Tr4Rw2xV2feeZDxsQyp8JbUJkaq wHuxfhqSs8joWVdflleG6X9V9lvfM0Pq0L+UCIjdA6qMb2ClumLrWSTAUQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCtai5567AcrXAneu9rZhrDKl8WDMB8GA1UdIwQY MBaAFFAsN+fstZtmf6guzwk+Xth2YajiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVUN3MzUteTFtMlpfcUM3UENUNWUySFpocU9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9iNWY2YWYtM2M4My00Y2I1LWI1ZWIt YmExNDg0M2M1NDljLzEvSzFxTG5ucnNCeXRjQ2Q2NzJ0bUdzTXFYeFlNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC9iNWY2YWYtM2M4My00Y2I1LWI1ZWItYmExNDg0M2M1NDlj LzEvVUN3MzUteTFtMlpfcUM3UENUNWUySFpocU9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9yfAwQB W914MA0GCSqGSIb3DQEBCwUAA4IBAQCqJGTgzxtZEetPItRIy7eurbRP7QhYwBqy ESRmigmTWPoVBX2uf1i86aB6lj/zGCOrHiFTQaW8DKr8EzZH4oTxtBQVaft1lqNj 71U+Z18zFWM53GQxBp0Tt9mXlvaXjxK0zMZeP8HBnQiDQux1A1CO/6bOfA2Dvyy1 w7F5X70szVeydzDf4RL1etujXIW4C/V7J9FJe6JJg7lxx6lK/BLTmKvAIWJODhZ6 QhWYw03Q/Wwfk4eQJmsuiVradNbgqcXNEntLgsuk1OW8/bkiyNwN2S2sENsS/kvx YF6wilCGP9dmOWni+BPg6Ia7l5VJa5bdUL15u9h3BBT8PX5yokAG -----END CERTIFICATE-----Generated at Wed Jan 21 07:23:28 2026 by rpki-client