This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/i_ltRwYEioUiSqM_N0IGaAXBwww.roa File: i_ltRwYEioUiSqM_N0IGaAXBwww.roa (raw, json) Hash identifier: i9BjibDTOdKVln71YPwL1G7OdUxiUoFhFjozV67L+Z0= Subject key identifier: 8B:F9:6D:47:06:04:8A:85:22:4A:A3:3F:37:42:06:68:05:C1:C3:0C Certificate issuer: /CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8 Certificate serial: 019B7B35B25C698EDD3D518F1992AE1B4A16 Authority key identifier: DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/i_ltRwYEioUiSqM_N0IGaAXBwww.roa Signing time: Thu 01 Jan 2026 20:17:55 +0000 ROA not before: Thu 01 Jan 2026 20:17:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 91.236.66.0/24 maxlen: 24 91.236.67.0/24 maxlen: 24 2a10:a700:100::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.crl rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.mft rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:b2:5c:69:8e:dd:3d:51:8f:19:92:ae:1b:4a:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dcfae7d4e69d42e4f4c95d99f482b9a944dbefc8 Validity Not Before: Jan 1 20:17:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8bf96d4706048a85224aa33f3742066805c1c30c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:9d:be:24:cd:79:33:62:64:cb:99:8e:08:d1: f4:49:dd:39:4b:e7:13:20:ad:04:d7:62:3a:51:3d: 76:79:fd:07:8b:d2:7e:89:15:ab:e8:ec:e4:88:e6: 64:8a:e0:5f:47:46:ef:ee:e4:aa:37:05:34:a8:36: ae:2c:df:98:9f:86:64:be:ea:a4:45:9c:a0:84:8c: 10:d5:7a:c4:57:96:84:b8:88:e9:41:4d:bc:17:f9: 7a:dd:2a:f2:b0:d7:ef:c2:41:7a:30:86:06:e0:17: 3c:80:ba:d4:8d:be:46:17:01:e5:dd:29:27:51:90: 3b:71:61:a0:3d:e8:d6:1d:3a:6a:57:8a:ce:9a:b8: 7c:19:f2:76:75:aa:1c:8c:a5:c2:80:5e:3c:57:71: c3:84:50:b8:4f:f6:e0:ed:13:e7:e4:00:83:eb:9c: 10:79:ce:2b:ce:52:8f:c4:6f:18:6b:36:ee:ca:dd: 30:e2:50:9a:3f:5c:1b:c6:0d:91:09:a8:f1:d2:c9: 22:42:5d:57:0a:7a:ee:fd:c7:c5:f3:17:11:43:a0: 10:de:9f:f4:e1:5f:82:1c:92:9f:2b:8c:5e:28:1a: 69:45:15:e9:8c:8d:65:c2:a0:7a:ab:71:41:66:3b: 95:29:47:31:eb:52:7a:b1:2b:f4:50:fd:9b:6f:2e: 39:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:F9:6D:47:06:04:8A:85:22:4A:A3:3F:37:42:06:68:05:C1:C3:0C X509v3 Authority Key Identifier: keyid:DC:FA:E7:D4:E6:9D:42:E4:F4:C9:5D:99:F4:82:B9:A9:44:DB:EF:C8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Prn1OadQuT0yV2Z9IK5qUTb78g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/i_ltRwYEioUiSqM_N0IGaAXBwww.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9342f8-df9e-45bb-972f-37273df3901c/1/3Prn1OadQuT0yV2Z9IK5qUTb78g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.236.66.0/23 IPv6: 2a10:a700:100::/40 Signature Algorithm: sha256WithRSAEncryption af:2c:d5:1c:f7:8e:1a:79:9e:3e:75:6b:0c:fa:fa:01:ea:a6: dd:64:89:af:a0:cd:3b:20:a0:3c:54:7f:25:2f:4b:37:9a:24: 70:1c:25:27:0f:00:7b:35:9d:2f:32:d6:4a:c1:73:c6:20:63: d1:7a:d7:b7:79:aa:0b:41:f0:3c:db:a3:ca:06:ff:44:55:ee: 2f:6c:90:30:57:07:45:e6:23:01:2a:57:1e:c2:13:fb:51:ea: 9b:e2:a1:75:1a:91:24:ab:8a:b0:77:4b:9f:c7:44:d2:82:26: 4d:de:d7:e6:8a:92:1b:8d:94:ef:f2:d9:1e:bf:8d:8a:73:45: 1e:5f:60:c1:9b:95:dc:9e:a3:be:15:04:99:87:df:1d:a7:62: 97:19:65:72:1f:a8:da:1c:54:ff:7a:bb:55:7f:3d:79:8a:a5: 82:c5:1f:4f:72:64:e4:05:4d:26:9f:91:52:0f:65:02:9a:b9: 78:98:1d:b7:75:96:e4:87:90:fe:f6:b4:31:62:36:9e:2f:8d: 53:3d:4d:e4:fc:94:97:05:53:35:0f:12:0a:3b:92:e2:58:82: 7a:fa:92:95:8a:60:2b:45:58:c3:c7:6e:b3:66:ea:85:18:ee: 8c:32:45:7b:8f:19:d6:d8:0e:ce:1d:b7:93:28:ef:bb:98:40: 9e:19:85:af -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt7NbJcaY7dPVGPGZKuG0oWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjZmFlN2Q0ZTY5ZDQyZTRmNGM5NWQ5OWY0ODJiOWE5NDRk YmVmYzgwHhcNMjYwMTAxMjAxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YmY5NmQ0NzA2MDQ4YTg1MjI0YWEzM2YzNzQyMDY2ODA1YzFjMzBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA252+JM15M2Jky5mOCNH0Sd05S+cT IK0E12I6UT12ef0Hi9J+iRWr6OzkiOZkiuBfR0bv7uSqNwU0qDauLN+Yn4Zkvuqk RZyghIwQ1XrEV5aEuIjpQU28F/l63SrysNfvwkF6MIYG4Bc8gLrUjb5GFwHl3Skn UZA7cWGgPejWHTpqV4rOmrh8GfJ2daocjKXCgF48V3HDhFC4T/bg7RPn5ACD65wQ ec4rzlKPxG8Yazbuyt0w4lCaP1wbxg2RCajx0skiQl1XCnru/cfF8xcRQ6AQ3p/0 4V+CHJKfK4xeKBppRRXpjI1lwqB6q3FBZjuVKUcx61J6sSv0UP2bby45YQIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFIv5bUcGBIqFIkqjPzdCBmgFwcMMMB8GA1UdIwQY MBaAFNz659TmnULk9MldmfSCualE2+/IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYt MzcyNzNkZjM5MDFjLzEvaV9sdFJ3WUVpb1VpU3FNX04wSUdhQVhCd3d3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS85MzQyZjgtZGY5ZS00NWJiLTk3MmYtMzcyNzNkZjM5MDFj LzEvM1BybjFPYWRRdVQweVYyWjlJSzVxVVRiNzhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBW+xCMA4E AgACMAgDBgAqEKcAATANBgkqhkiG9w0BAQsFAAOCAQEAryzVHPeOGnmePnVrDPr6 Aeqm3WSJr6DNOyCgPFR/JS9LN5okcBwlJw8AezWdLzLWSsFzxiBj0XrXt3mqC0Hw PNujygb/RFXuL2yQMFcHReYjASpXHsIT+1Hqm+KhdRqRJKuKsHdLn8dE0oImTd7X 5oqSG42U7/LZHr+NinNFHl9gwZuV3J6jvhUEmYffHadilxllch+o2hxU/3q7VX89 eYqlgsUfT3Jk5AVNJp+RUg9lApq5eJgdt3WW5IeQ/va0MWI2ni+NUz1N5PyUlwVT NQ8SCjuS4liCevqSlYpgK0VYw8dus2bqhRjujDJFe48Z1tgOzh23kyjvu5hAnhmF rw== -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:23 2026 by rpki-client