This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/CNW3k6cV5qMFfGeO7DCzp4az4dk.roa File: CNW3k6cV5qMFfGeO7DCzp4az4dk.roa (raw, json) Hash identifier: eEtgT8pDcDhVSbny7WGDB2FnSEmCUTl8gLtOm3YCkbI= Subject key identifier: 08:D5:B7:93:A7:15:E6:A3:05:7C:67:8E:EC:30:B3:A7:86:B3:E1:D9 Certificate issuer: /CN=9514df9fdc3a0b128c20ee8c06628c43c958bbf0 Certificate serial: 019B7E38E8C46CC92FCF8835FC905B02BEED Authority key identifier: 95:14:DF:9F:DC:3A:0B:12:8C:20:EE:8C:06:62:8C:43:C9:58:BB:F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/CNW3k6cV5qMFfGeO7DCzp4az4dk.roa Signing time: Fri 02 Jan 2026 10:20:17 +0000 ROA not before: Fri 02 Jan 2026 10:20:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42402 IP address blocks: 91.189.56.0/21 maxlen: 21 91.189.56.0/22 maxlen: 22 91.189.60.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.mft rsync://rpki.ripe.net/repository/DEFAULT/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:e8:c4:6c:c9:2f:cf:88:35:fc:90:5b:02:be:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9514df9fdc3a0b128c20ee8c06628c43c958bbf0 Validity Not Before: Jan 2 10:20:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08d5b793a715e6a3057c678eec30b3a786b3e1d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:c6:b0:df:9b:46:f4:29:9f:02:ab:cd:35:8b: 35:02:73:ac:3f:c9:d9:e5:35:1c:57:b6:04:c7:04: a8:5b:b8:0e:be:43:1e:c1:04:ca:35:34:18:01:fa: 61:c6:d7:d9:31:68:8c:3b:d0:6f:71:3d:0e:f6:1b: f2:ff:b7:0b:bd:27:4a:88:2c:28:7c:6b:56:61:61: de:0e:fc:8d:a8:00:ff:61:d9:e8:f5:87:18:e8:77: 1a:93:24:15:35:5a:e9:72:87:b8:27:40:19:f3:fa: bf:06:35:7c:09:9c:59:a6:2f:e6:ac:4c:f0:48:55: 18:a8:2e:bf:c0:ec:2a:aa:e4:e0:6e:09:01:49:0e: 3e:bb:aa:d3:45:94:4b:a2:bc:c3:5c:f8:9e:90:9f: 0b:0f:14:24:6f:1f:8b:1f:81:24:8e:1f:b2:8b:df: 95:26:bf:11:bc:81:5f:9d:ed:3b:9d:9e:6d:6a:1c: 7b:0d:56:a7:ef:21:de:a4:f4:ce:25:64:58:e1:b1: e3:39:dc:b4:5e:22:d8:71:eb:8a:76:73:0e:ee:0b: 08:97:5a:6a:35:de:72:21:f1:c6:2b:f3:47:8e:db: e5:09:3c:1d:3b:70:a9:3d:29:9b:19:5f:33:d7:b8: d6:52:d5:93:86:04:45:f8:2a:4f:00:c6:e1:42:f4: 80:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:D5:B7:93:A7:15:E6:A3:05:7C:67:8E:EC:30:B3:A7:86:B3:E1:D9 X509v3 Authority Key Identifier: keyid:95:14:DF:9F:DC:3A:0B:12:8C:20:EE:8C:06:62:8C:43:C9:58:BB:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/CNW3k6cV5qMFfGeO7DCzp4az4dk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/97fb0d-d77f-4467-8627-e222bf8529b8/1/lRTfn9w6CxKMIO6MBmKMQ8lYu_A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.189.56.0/21 Signature Algorithm: sha256WithRSAEncryption 34:b0:b5:92:9b:4d:89:39:17:33:ca:75:e4:af:57:ea:91:14: 6b:8f:c0:a1:4a:7a:fa:78:39:00:85:9b:36:c0:3b:29:ba:7b: 20:65:08:ad:6e:af:25:f6:b9:e0:de:71:ba:21:97:32:e3:86: 25:25:5e:61:45:0f:d6:52:65:6d:3d:c7:4b:67:7b:d7:bd:6e: 5f:6d:57:9b:00:c4:e6:90:72:12:02:24:c6:c4:32:63:5c:9a: 62:d9:f0:3a:a2:4a:3a:b8:c3:fe:4d:d6:2a:8f:7f:6e:e1:be: 9d:e3:45:b2:c0:fc:74:36:89:0e:e2:5e:8a:e7:cb:eb:e4:73: 0a:f2:1b:f1:4a:9f:7e:67:e6:f9:3a:4a:7f:c4:54:34:fe:48: c2:4c:b2:f0:00:53:c6:0c:37:10:79:23:08:86:49:82:6b:f9: 03:06:af:b4:40:c1:59:31:4a:b5:29:1e:2b:e2:f8:c3:2a:99: 1a:37:1e:fd:56:44:c6:26:7e:f7:87:1e:47:07:ec:b4:af:22: 7b:fe:12:22:6a:fe:99:85:b0:f6:3e:fd:00:65:f4:c2:2a:fa: c2:07:e5:02:70:e7:56:6e:af:e7:87:34:b1:cf:6c:ee:4a:d9: b0:71:87:80:cb:40:fc:92:17:cc:db:eb:34:20:f9:2c:b3:5b: 8b:1c:31:4e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OOjEbMkvz4g1/JBbAr7tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1MTRkZjlmZGMzYTBiMTI4YzIwZWU4YzA2NjI4YzQzYzk1 OGJiZjAwHhcNMjYwMTAyMTAyMDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOGQ1Yjc5M2E3MTVlNmEzMDU3YzY3OGVlYzMwYjNhNzg2YjNlMWQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMaw35tG9CmfAqvNNYs1AnOsP8nZ 5TUcV7YExwSoW7gOvkMewQTKNTQYAfphxtfZMWiMO9BvcT0O9hvy/7cLvSdKiCwo fGtWYWHeDvyNqAD/Ydno9YcY6HcakyQVNVrpcoe4J0AZ8/q/BjV8CZxZpi/mrEzw SFUYqC6/wOwqquTgbgkBSQ4+u6rTRZRLorzDXPiekJ8LDxQkbx+LH4Ekjh+yi9+V Jr8RvIFfne07nZ5tahx7DVan7yHepPTOJWRY4bHjOdy0XiLYceuKdnMO7gsIl1pq Nd5yIfHGK/NHjtvlCTwdO3CpPSmbGV8z17jWUtWThgRF+CpPAMbhQvSAfQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAjVt5OnFeajBXxnjuwws6eGs+HZMB8GA1UdIwQY MBaAFJUU35/cOgsSjCDujAZijEPJWLvwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbFJUZm45dzZDeEtNSU82TUJtS01ROGxZdV9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85N2ZiMGQtZDc3Zi00NDY3LTg2Mjct ZTIyMmJmODUyOWI4LzEvQ05XM2s2Y1Y1cU1GZkdlTzdEQ3pwNGF6NGRrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi85N2ZiMGQtZDc3Zi00NDY3LTg2MjctZTIyMmJmODUyOWI4 LzEvbFJUZm45dzZDeEtNSU82TUJtS01ROGxZdV9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDW704MA0G CSqGSIb3DQEBCwUAA4IBAQA0sLWSm02JORczynXkr1fqkRRrj8ChSnr6eDkAhZs2 wDspunsgZQitbq8l9rng3nG6IZcy44YlJV5hRQ/WUmVtPcdLZ3vXvW5fbVebAMTm kHISAiTGxDJjXJpi2fA6oko6uMP+TdYqj39u4b6d40WywPx0NokO4l6K58vr5HMK 8hvxSp9+Z+b5Okp/xFQ0/kjCTLLwAFPGDDcQeSMIhkmCa/kDBq+0QMFZMUq1KR4r 4vjDKpkaNx79VkTGJn73hx5HB+y0ryJ7/hIiav6ZhbD2Pv0AZfTCKvrCB+UCcOdW bq/nhzSxz2zuStmwcYeAy0D8khfM2+s0IPkss1uLHDFO -----END CERTIFICATE-----Generated at Mon Jan 26 12:55:23 2026 by rpki-client