This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/40-CHxhmMzV3x6IivUs8SRJDN6k.roa File: 40-CHxhmMzV3x6IivUs8SRJDN6k.roa (raw, json) Hash identifier: gJaTDTJyLHFCd6XAz4N6c1KU5ewn+eKdpcXn2PlsHgg= Subject key identifier: E3:4F:82:1F:18:66:33:35:77:C7:A2:22:BD:4B:3C:49:12:43:37:A9 Certificate issuer: /CN=788b7e4c045cdae78b5bf43f2c53f1a94d9e159e Certificate serial: 019B7D5C647570604DFC20F1AE53C17C0FC1 Authority key identifier: 78:8B:7E:4C:04:5C:DA:E7:8B:5B:F4:3F:2C:53:F1:A9:4D:9E:15:9E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/40-CHxhmMzV3x6IivUs8SRJDN6k.roa Signing time: Fri 02 Jan 2026 06:19:25 +0000 ROA not before: Fri 02 Jan 2026 06:19:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47193 IP address blocks: 91.203.208.0/22 maxlen: 22 91.203.211.0/24 maxlen: 24 2001:67c:22d8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.mft rsync://rpki.ripe.net/repository/DEFAULT/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:64:75:70:60:4d:fc:20:f1:ae:53:c1:7c:0f:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=788b7e4c045cdae78b5bf43f2c53f1a94d9e159e Validity Not Before: Jan 2 06:19:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e34f821f1866333577c7a222bd4b3c49124337a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:7a:aa:39:43:de:b7:16:99:cb:43:f6:ec:06: 2e:af:fa:60:fe:ee:41:47:1f:37:01:56:e8:d9:0b: 1e:d2:e2:d4:2c:40:41:50:47:ec:e6:eb:f9:00:3a: ce:51:dc:4d:7d:26:aa:d2:66:c5:08:bd:f4:a5:07: ca:1f:42:71:70:96:20:10:34:2b:06:bc:13:f2:d3: 1e:e7:1f:86:e4:34:b6:69:b2:9e:aa:e4:79:06:52: 8d:87:a6:dc:38:45:c1:0a:97:31:6b:01:93:0b:54: c5:e6:e4:41:de:3a:9a:0e:25:5e:e4:ce:d9:4f:95: 2b:1a:ef:c2:9e:73:a5:58:97:92:93:27:b8:49:b6: a2:c6:f6:ba:ab:34:27:aa:e1:22:35:cf:e0:15:df: 4e:88:ea:1a:cf:5d:0f:72:4e:b6:8e:43:c6:b9:b0: 38:c0:cb:f2:8c:ee:9e:b9:5d:44:23:4a:ad:5f:4e: ba:66:6f:56:ef:dc:59:13:44:08:34:2a:23:d9:99: 0c:7f:f3:8d:41:b5:1e:fb:50:e6:eb:78:72:3d:65: c1:d7:13:23:9e:8f:f8:81:f6:55:0c:b6:7e:24:eb: d3:ec:8c:74:fd:99:67:0a:be:26:19:e6:0c:a6:b4: e6:9c:8f:81:2e:86:6b:db:c9:1f:96:60:7a:58:fa: 64:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:4F:82:1F:18:66:33:35:77:C7:A2:22:BD:4B:3C:49:12:43:37:A9 X509v3 Authority Key Identifier: keyid:78:8B:7E:4C:04:5C:DA:E7:8B:5B:F4:3F:2C:53:F1:A9:4D:9E:15:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/40-CHxhmMzV3x6IivUs8SRJDN6k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7613bd-0349-420d-8808-0a26e6e57f20/1/eIt-TARc2ueLW_Q_LFPxqU2eFZ4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.203.208.0/22 IPv6: 2001:67c:22d8::/48 Signature Algorithm: sha256WithRSAEncryption 26:09:75:40:61:83:be:74:6f:41:9c:fa:6a:71:0e:90:a6:28: ff:27:90:39:34:92:1b:9f:54:60:74:10:c7:b2:56:b2:68:94: f5:af:c9:bc:2d:e3:d1:22:a7:6a:4e:e4:2c:2f:b0:33:c9:44: 35:5b:9d:71:3d:0d:af:53:d1:bd:bc:df:ea:53:f9:c8:07:ac: 12:ea:e7:76:a7:b6:ea:ea:89:45:0a:e7:e6:eb:ec:5f:6f:25: 3e:6f:88:1e:9b:7f:77:9f:ec:ba:aa:13:7d:e8:9d:df:03:2d: 07:63:37:1a:06:86:8c:ff:8f:df:b0:82:7c:14:55:68:ce:11: a9:d5:f7:35:9b:f0:88:36:a5:25:01:dd:0e:74:22:b4:77:e1: 91:14:9a:ad:2f:68:b4:67:46:3d:c1:4c:3c:77:3d:b6:77:ad: bb:bd:9c:82:24:08:7e:6d:ef:bb:57:75:ff:b6:8d:3b:0a:9c: 0e:4e:cb:ec:f7:2f:23:f3:94:54:97:f3:00:a5:41:ec:c2:0a: 1f:4c:ff:60:cd:c8:46:6b:d9:62:ff:e8:8b:86:ae:44:a3:a6: 98:bf:25:7b:54:03:80:1f:11:e5:73:30:1b:53:9c:7d:fb:7b: 49:14:08:29:5e:25:8e:82:26:ed:8a:e1:7c:b2:5f:3b:5c:fc: 04:dd:61:c4 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt9XGR1cGBN/CDxrlPBfA/BMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc4OGI3ZTRjMDQ1Y2RhZTc4YjViZjQzZjJjNTNmMWE5NGQ5 ZTE1OWUwHhcNMjYwMTAyMDYxOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMzRmODIxZjE4NjYzMzM1NzdjN2EyMjJiZDRiM2M0OTEyNDMzN2E5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnqqOUPetxaZy0P27AYur/pg/u5B Rx83AVbo2Qse0uLULEBBUEfs5uv5ADrOUdxNfSaq0mbFCL30pQfKH0JxcJYgEDQr BrwT8tMe5x+G5DS2abKequR5BlKNh6bcOEXBCpcxawGTC1TF5uRB3jqaDiVe5M7Z T5UrGu/CnnOlWJeSkye4Sbaixva6qzQnquEiNc/gFd9OiOoaz10Pck62jkPGubA4 wMvyjO6euV1EI0qtX066Zm9W79xZE0QINCoj2ZkMf/ONQbUe+1Dm63hyPWXB1xMj no/4gfZVDLZ+JOvT7Ix0/ZlnCr4mGeYMprTmnI+BLoZr28kflmB6WPpkuwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFONPgh8YZjM1d8eiIr1LPEkSQzepMB8GA1UdIwQY MBaAFHiLfkwEXNrni1v0PyxT8alNnhWeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZUl0LVRBUmMydWVMV19RX0xGUHhxVTJlRlo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83NjEzYmQtMDM0OS00MjBkLTg4MDgt MGEyNmU2ZTU3ZjIwLzEvNDAtQ0h4aG1NelYzeDZJaXZVczhTUkpETjZrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83NjEzYmQtMDM0OS00MjBkLTg4MDgtMGEyNmU2ZTU3ZjIw LzEvZUl0LVRBUmMydWVMV19RX0xGUHhxVTJlRlo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW8vQMA8E AgACMAkDBwAgAQZ8ItgwDQYJKoZIhvcNAQELBQADggEBACYJdUBhg750b0Gc+mpx DpCmKP8nkDk0khufVGB0EMeyVrJolPWvybwt49Eip2pO5CwvsDPJRDVbnXE9Da9T 0b283+pT+cgHrBLq53anturqiUUK5+br7F9vJT5viB6bf3ef7LqqE33ond8DLQdj NxoGhoz/j9+wgnwUVWjOEanV9zWb8Ig2pSUB3Q50IrR34ZEUmq0vaLRnRj3BTDx3 PbZ3rbu9nIIkCH5t77tXdf+2jTsKnA5Oy+z3LyPzlFSX8wClQezCCh9M/2DNyEZr 2WL/6IuGrkSjppi/JXtUA4AfEeVzMBtTnH37e0kUCCleJY6CJu2K4XyyXztc/ATd YcQ= -----END CERTIFICATE-----Generated at Mon Jan 26 02:06:57 2026 by rpki-client