This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/_In4h_FwuHoLeAhLdOO_0gDal3g.roa File: _In4h_FwuHoLeAhLdOO_0gDal3g.roa (raw, json) Hash identifier: 5CWj3iN4WCDtTiUEN45Kg99lLjsQ7Kch3A5A4xC3N5U= Subject key identifier: FC:89:F8:87:F1:70:B8:7A:0B:78:08:4B:74:E3:BF:D2:00:DA:97:78 Certificate issuer: /CN=3bfccd4a00422c865f5093b85bb868c2bb30c469 Certificate serial: 019B76EB6B013317B35ACC73E3C17E6E96CC Authority key identifier: 3B:FC:CD:4A:00:42:2C:86:5F:50:93:B8:5B:B8:68:C2:BB:30:C4:69 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/_In4h_FwuHoLeAhLdOO_0gDal3g.roa Signing time: Thu 01 Jan 2026 00:18:18 +0000 ROA not before: Thu 01 Jan 2026 00:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8454 IP address blocks: 91.213.98.0/24 maxlen: 24 2001:67c:2f78::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.crl rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.mft rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 19:29:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:6b:01:33:17:b3:5a:cc:73:e3:c1:7e:6e:96:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3bfccd4a00422c865f5093b85bb868c2bb30c469 Validity Not Before: Jan 1 00:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fc89f887f170b87a0b78084b74e3bfd200da9778 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:e7:9c:e2:22:8d:83:6b:bd:ad:85:69:7b:a7: fb:4e:f4:ca:f1:31:19:2c:34:8d:8e:88:86:2c:82: d0:2a:ae:82:bc:71:fc:cf:00:40:0d:84:cc:8d:ec: 4d:40:90:5b:7a:1f:cb:62:67:5b:ac:10:eb:20:d6: d1:30:3d:c7:66:20:37:cc:35:c0:b8:7b:e0:ed:22: 9b:9a:4f:fc:e6:a5:c2:14:2b:25:c2:75:32:7c:47: a4:d7:68:b9:6d:d6:86:97:83:bf:93:6a:20:18:6d: 53:fe:14:2d:a0:82:b1:c3:b8:a2:42:b0:cd:ef:e9: 68:3c:8d:40:b7:e8:f6:77:3a:ce:a9:c9:23:9b:fa: ee:5a:d7:6b:e8:e6:83:36:e6:7e:53:be:d6:2c:ea: 75:c6:cb:f0:ef:b3:63:85:24:f8:22:7a:37:68:73: 4c:8f:4c:d5:fb:0c:13:dd:c4:d1:d3:d5:7b:a3:19: e2:5c:3d:a1:ba:8a:48:6b:38:b4:50:2c:74:d2:77: 61:1f:43:aa:a1:3f:e1:3a:af:b5:e0:e3:94:19:84: ea:ae:3f:6b:eb:c6:e3:2a:13:5c:29:70:43:29:8d: fd:d1:5e:6c:26:65:36:fa:66:33:4f:7d:c7:f7:63: ff:16:4a:bf:d2:af:13:40:45:4e:fc:4c:7e:8e:68: f2:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:89:F8:87:F1:70:B8:7A:0B:78:08:4B:74:E3:BF:D2:00:DA:97:78 X509v3 Authority Key Identifier: keyid:3B:FC:CD:4A:00:42:2C:86:5F:50:93:B8:5B:B8:68:C2:BB:30:C4:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_zNSgBCLIZfUJO4W7howrswxGk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/_In4h_FwuHoLeAhLdOO_0gDal3g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/ba70f2-b7ac-4346-9d08-63ae0bfc169f/1/O_zNSgBCLIZfUJO4W7howrswxGk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.213.98.0/24 IPv6: 2001:67c:2f78::/48 Signature Algorithm: sha256WithRSAEncryption 31:83:fb:99:0d:79:7c:30:2e:be:da:c4:cc:5d:9c:ae:2f:65: e8:7d:17:af:13:ee:33:4c:67:15:ce:20:db:20:b5:67:3b:67: c3:36:0e:04:70:98:23:c6:fe:64:47:a2:17:66:2b:c7:22:b9: 21:45:d3:7a:b7:06:8b:a3:3a:25:30:60:80:c0:87:44:6f:a7: 9f:bd:08:a8:02:a6:df:09:7a:10:d7:62:74:f6:5d:f7:e6:6a: e2:a0:70:94:6c:68:ff:d8:b7:03:48:07:c6:3a:24:64:2d:78: f8:94:17:b1:3a:41:eb:ea:ef:96:31:63:79:79:53:81:9e:ad: 43:48:67:b1:ae:40:a5:78:aa:12:e5:04:b8:f8:6a:03:58:c7: 3e:37:97:74:10:63:a4:d7:9a:f3:26:fb:b0:a0:c9:c7:bd:25: 9d:08:2b:58:82:20:b4:84:4d:d9:be:d3:63:39:39:cf:70:ab: f0:9b:e8:53:93:a4:3f:c8:70:ed:72:35:49:22:cf:04:38:96: 1d:1e:53:f6:70:d8:ae:68:f8:c3:c7:08:20:60:52:cf:97:59: a4:ff:5b:7a:2b:23:85:40:a4:43:84:0a:6e:33:06:e0:f7:e0: 7b:35:6a:e5:36:5e:b8:13:de:e5:8f:58:ed:8c:6c:e0:e3:49: 14:05:44:27 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt262sBMxezWsxz48F+bpbMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiZmNjZDRhMDA0MjJjODY1ZjUwOTNiODViYjg2OGMyYmIz MGM0NjkwHhcNMjYwMTAxMDAxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYzg5Zjg4N2YxNzBiODdhMGI3ODA4NGI3NGUzYmZkMjAwZGE5Nzc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuec4iKNg2u9rYVpe6f7TvTK8TEZ LDSNjoiGLILQKq6CvHH8zwBADYTMjexNQJBbeh/LYmdbrBDrINbRMD3HZiA3zDXA uHvg7SKbmk/85qXCFCslwnUyfEek12i5bdaGl4O/k2ogGG1T/hQtoIKxw7iiQrDN 7+loPI1At+j2dzrOqckjm/ruWtdr6OaDNuZ+U77WLOp1xsvw77NjhST4Ino3aHNM j0zV+wwT3cTR09V7oxniXD2huopIazi0UCx00ndhH0OqoT/hOq+14OOUGYTqrj9r 68bjKhNcKXBDKY390V5sJmU2+mYzT33H92P/Fkq/0q8TQEVO/Ex+jmjy7QIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFPyJ+IfxcLh6C3gIS3Tjv9IA2pd4MB8GA1UdIwQY MBaAFDv8zUoAQiyGX1CTuFu4aMK7MMRpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT196TlNnQkNMSVpmVUpPNFc3aG93cnN3eEdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iYTcwZjItYjdhYy00MzQ2LTlkMDgt NjNhZTBiZmMxNjlmLzEvX0luNGhfRnd1SG9MZUFoTGRPT18wZ0RhbDNnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC9iYTcwZjItYjdhYy00MzQ2LTlkMDgtNjNhZTBiZmMxNjlm LzEvT196TlNnQkNMSVpmVUpPNFc3aG93cnN3eEdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9ViMA8E AgACMAkDBwAgAQZ8L3gwDQYJKoZIhvcNAQELBQADggEBADGD+5kNeXwwLr7axMxd nK4vZeh9F68T7jNMZxXOINsgtWc7Z8M2DgRwmCPG/mRHohdmK8ciuSFF03q3Bouj OiUwYIDAh0Rvp5+9CKgCpt8JehDXYnT2XffmauKgcJRsaP/YtwNIB8Y6JGQtePiU F7E6Qevq75YxY3l5U4GerUNIZ7GuQKV4qhLlBLj4agNYxz43l3QQY6TXmvMm+7Cg yce9JZ0IK1iCILSETdm+02M5Oc9wq/Cb6FOTpD/IcO1yNUkizwQ4lh0eU/Zw2K5o +MPHCCBgUs+XWaT/W3orI4VApEOECm4zBuD34Hs1auU2XrgT3uWPWO2MbODjSRQF RCc= -----END CERTIFICATE-----Generated at Mon Feb 2 06:18:58 2026 by rpki-client