This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/6d752a-59c5-47a0-b3cd-8f979b69943f/1/Cia7XDUlVcQjhopxxsVFSxmf98Q.roa File: Cia7XDUlVcQjhopxxsVFSxmf98Q.roa (raw, json) Hash identifier: Rgit10JBl/HzmYiRu+Za82DqspSX6JZYYxG73T1zZ9k= Subject key identifier: 0A:26:BB:5C:35:25:55:C4:23:86:8A:71:C6:C5:45:4B:19:9F:F7:C4 Certificate issuer: /CN=d721fd9d278b6458e9bf1cceba2c31a19fb96cfd Certificate serial: 019B7F83A59B58DBC672BB54D67AB439514C Authority key identifier: D7:21:FD:9D:27:8B:64:58:E9:BF:1C:CE:BA:2C:31:A1:9F:B9:6C:FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1yH9nSeLZFjpvxzOuiwxoZ-5bP0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/6d752a-59c5-47a0-b3cd-8f979b69943f/1/Cia7XDUlVcQjhopxxsVFSxmf98Q.roa Signing time: Fri 02 Jan 2026 16:21:32 +0000 ROA not before: Fri 02 Jan 2026 16:21:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29684 IP address blocks: 91.208.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/6d752a-59c5-47a0-b3cd-8f979b69943f/1/1yH9nSeLZFjpvxzOuiwxoZ-5bP0.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/6d752a-59c5-47a0-b3cd-8f979b69943f/1/1yH9nSeLZFjpvxzOuiwxoZ-5bP0.mft rsync://rpki.ripe.net/repository/DEFAULT/1yH9nSeLZFjpvxzOuiwxoZ-5bP0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 22:01:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:a5:9b:58:db:c6:72:bb:54:d6:7a:b4:39:51:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d721fd9d278b6458e9bf1cceba2c31a19fb96cfd Validity Not Before: Jan 2 16:21:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a26bb5c352555c423868a71c6c5454b199ff7c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:9a:33:8e:fa:05:19:51:77:25:3d:8b:98:cf: e8:09:8e:97:4f:49:56:65:1b:ae:63:61:fb:86:24: 98:00:38:fa:45:62:18:a2:91:e9:96:a4:25:0d:db: a4:66:c7:30:dc:c1:b4:7b:c8:d7:ed:20:bd:92:2f: b7:d7:01:7b:3f:98:5c:28:dd:15:d3:fc:61:a7:08: 75:fc:a4:80:4e:92:76:7b:9d:7b:de:2e:d4:95:66: e4:f7:88:bf:35:45:14:0f:b9:3e:a5:8f:82:08:69: 0a:ac:59:20:4c:91:07:2d:13:42:e9:22:dd:41:b2: aa:78:df:4c:b2:6f:f4:af:9d:80:a9:e8:4d:a9:c9: c5:91:a4:b3:00:53:89:72:a7:04:b4:2b:dc:8d:60: a4:83:1d:a0:21:de:a1:36:10:31:8b:6b:0c:52:c3: aa:5c:70:a0:29:13:8b:c9:d5:3c:25:9c:c7:20:f0: 47:68:54:cd:45:86:08:dc:c1:74:18:58:99:bc:46: c1:3c:c6:48:38:75:86:42:f7:a6:ed:c3:7b:04:d7: 1b:fa:f7:03:c3:c6:5a:c9:45:b5:3e:15:49:cd:2c: 20:0d:59:a4:2e:36:3c:d2:c4:7a:98:ba:6a:a9:26: fb:c1:19:e4:ca:49:2c:d8:4a:49:56:11:14:b8:ae: df:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:26:BB:5C:35:25:55:C4:23:86:8A:71:C6:C5:45:4B:19:9F:F7:C4 X509v3 Authority Key Identifier: keyid:D7:21:FD:9D:27:8B:64:58:E9:BF:1C:CE:BA:2C:31:A1:9F:B9:6C:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yH9nSeLZFjpvxzOuiwxoZ-5bP0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/6d752a-59c5-47a0-b3cd-8f979b69943f/1/Cia7XDUlVcQjhopxxsVFSxmf98Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/6d752a-59c5-47a0-b3cd-8f979b69943f/1/1yH9nSeLZFjpvxzOuiwxoZ-5bP0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.208.4.0/24 Signature Algorithm: sha256WithRSAEncryption 54:b7:37:27:b1:9c:9d:f1:df:de:e7:46:af:f1:6b:59:dd:fc: 6f:f0:9b:3c:9e:7f:fd:ff:38:3e:45:46:41:47:34:1e:f5:aa: c1:19:b7:93:2c:ca:9e:43:7d:b0:a4:8d:5a:5f:cb:a2:e8:fd: 95:7a:63:2a:bd:ce:68:59:2f:c8:5b:df:4a:66:46:56:8c:9d: a8:3e:55:4e:9a:5d:a0:ef:34:44:5d:c1:1e:c7:a1:0b:4e:16: fc:d1:51:d7:41:3b:df:3e:49:de:27:0d:ae:e1:77:ce:94:82: 5a:69:46:cb:af:3d:06:be:7f:78:b3:4e:e2:a5:6e:f5:6b:fc: a5:46:fe:f7:80:c5:18:f6:33:3a:54:70:d1:38:27:7f:8c:88: 08:9a:1a:2d:44:26:cc:70:ea:78:3e:44:14:04:63:b2:47:7d: e2:ba:a6:8f:fa:92:0f:bc:ba:18:32:c6:3e:cd:05:6d:68:50: cd:87:ae:4b:08:11:2c:f0:f5:93:7a:5c:18:5b:e8:c1:0e:1f: 92:3b:af:3a:82:31:a9:10:f7:cb:fe:33:18:b8:9a:15:27:22: ee:fd:3b:c7:5b:d2:3c:06:fe:b1:b4:07:5d:92:b7:20:46:01: c5:f4:fd:dd:19:56:d6:e1:85:c1:59:aa:e6:2a:b8:e7:23:0e: 67:df:24:d6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/g6WbWNvGcrtU1nq0OVFMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3MjFmZDlkMjc4YjY0NThlOWJmMWNjZWJhMmMzMWExOWZi OTZjZmQwHhcNMjYwMTAyMTYyMTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTI2YmI1YzM1MjU1NWM0MjM4NjhhNzFjNmM1NDU0YjE5OWZmN2M0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZozjvoFGVF3JT2LmM/oCY6XT0lW ZRuuY2H7hiSYADj6RWIYopHplqQlDdukZscw3MG0e8jX7SC9ki+31wF7P5hcKN0V 0/xhpwh1/KSATpJ2e5173i7UlWbk94i/NUUUD7k+pY+CCGkKrFkgTJEHLRNC6SLd QbKqeN9Msm/0r52AqehNqcnFkaSzAFOJcqcEtCvcjWCkgx2gId6hNhAxi2sMUsOq XHCgKROLydU8JZzHIPBHaFTNRYYI3MF0GFiZvEbBPMZIOHWGQvem7cN7BNcb+vcD w8ZayUW1PhVJzSwgDVmkLjY80sR6mLpqqSb7wRnkykks2EpJVhEUuK7fJwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAomu1w1JVXEI4aKccbFRUsZn/fEMB8GA1UdIwQY MBaAFNch/Z0ni2RY6b8czrosMaGfuWz9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMXlIOW5TZUxaRmpwdnh6T3Vpd3hvWi01YlAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi82ZDc1MmEtNTljNS00N2EwLWIzY2Qt OGY5NzliNjk5NDNmLzEvQ2lhN1hEVWxWY1FqaG9weHhzVkZTeG1mOThRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi82ZDc1MmEtNTljNS00N2EwLWIzY2QtOGY5NzliNjk5NDNm LzEvMXlIOW5TZUxaRmpwdnh6T3Vpd3hvWi01YlAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9AEMA0G CSqGSIb3DQEBCwUAA4IBAQBUtzcnsZyd8d/e50av8WtZ3fxv8Js8nn/9/zg+RUZB RzQe9arBGbeTLMqeQ32wpI1aX8ui6P2VemMqvc5oWS/IW99KZkZWjJ2oPlVOml2g 7zREXcEex6ELThb80VHXQTvfPkneJw2u4XfOlIJaaUbLrz0Gvn94s07ipW71a/yl Rv73gMUY9jM6VHDROCd/jIgImhotRCbMcOp4PkQUBGOyR33iuqaP+pIPvLoYMsY+ zQVtaFDNh65LCBEs8PWTelwYW+jBDh+SO686gjGpEPfL/jMYuJoVJyLu/TvHW9I8 Bv6xtAddkrcgRgHF9P3dGVbW4YXBWarmKrjnIw5n3yTW -----END CERTIFICATE-----Generated at Tue Jan 20 07:47:28 2026 by rpki-client