This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/a8ecfb-7355-4cfe-84bf-b776a220456b/1/1-kVWLa7RWGGfopZS1-VapgfpBYI.roa File: 1-kVWLa7RWGGfopZS1-VapgfpBYI.roa (raw, json) Hash identifier: o63mXTfuAnWKeKiqVp8Qsvs4JJ8chuTesaHFbdkIsGo= Subject key identifier: FA:45:56:2D:AE:D1:58:61:9F:A2:96:52:D7:E5:5A:A6:07:E9:05:82 Certificate issuer: /CN=2ff6182beb7b82c8573df8b6d51044d6c6724e82 Certificate serial: 019B797F1BF2A8A785D7D908EFD9CD76B516 Authority key identifier: 2F:F6:18:2B:EB:7B:82:C8:57:3D:F8:B6:D5:10:44:D6:C6:72:4E:82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L_YYK-t7gshXPfi21RBE1sZyToI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/a8ecfb-7355-4cfe-84bf-b776a220456b/1/1-kVWLa7RWGGfopZS1-VapgfpBYI.roa Signing time: Thu 01 Jan 2026 12:18:51 +0000 ROA not before: Thu 01 Jan 2026 12:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43641 IP address blocks: 91.198.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/a8ecfb-7355-4cfe-84bf-b776a220456b/1/L_YYK-t7gshXPfi21RBE1sZyToI.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/a8ecfb-7355-4cfe-84bf-b776a220456b/1/L_YYK-t7gshXPfi21RBE1sZyToI.mft rsync://rpki.ripe.net/repository/DEFAULT/L_YYK-t7gshXPfi21RBE1sZyToI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 03:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:1b:f2:a8:a7:85:d7:d9:08:ef:d9:cd:76:b5:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ff6182beb7b82c8573df8b6d51044d6c6724e82 Validity Not Before: Jan 1 12:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fa45562daed158619fa29652d7e55aa607e90582 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:6e:77:25:d7:93:f5:dc:87:00:1b:d8:d2:f8: e9:e8:73:79:ce:c0:1b:cb:c0:8b:00:bf:5f:14:59: 56:13:c6:95:fc:15:34:1f:1a:68:d8:f9:95:07:d0: 2b:bb:8f:d4:b6:51:27:c3:79:dd:b7:5a:60:30:b5: c0:e3:77:03:dd:dd:33:ae:b6:09:7e:e9:71:cf:b3: ef:16:58:6c:81:2e:c3:3c:f2:20:3b:c9:e9:32:63: e6:fe:f6:53:9a:97:ad:c9:e7:a6:fe:25:c2:cf:d4: 8c:47:4f:8b:44:d8:98:67:36:4b:a5:0e:80:2d:b1: a2:87:89:55:17:37:f1:c1:8b:53:48:03:c6:48:96: 2a:6a:7c:36:98:5f:6c:b9:80:76:f7:db:97:ce:f8: 65:f5:69:92:5f:2c:7d:81:cc:df:96:cd:2d:74:86: 6e:0e:6b:08:5c:49:6a:69:fe:d9:13:7c:b7:29:de: e7:81:8d:a6:87:d4:3b:21:94:fe:73:e3:ef:a7:5f: a2:ed:c1:15:64:50:fe:c8:25:48:89:f1:dd:bb:87: 7d:eb:a8:41:94:1d:a9:94:85:d1:44:74:ff:db:6c: 2c:28:d2:f6:85:85:9e:4b:51:32:ce:74:f2:cc:45: c4:23:55:93:d9:d9:b5:1f:c9:6c:44:15:12:22:bc: 88:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:45:56:2D:AE:D1:58:61:9F:A2:96:52:D7:E5:5A:A6:07:E9:05:82 X509v3 Authority Key Identifier: keyid:2F:F6:18:2B:EB:7B:82:C8:57:3D:F8:B6:D5:10:44:D6:C6:72:4E:82 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L_YYK-t7gshXPfi21RBE1sZyToI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/a8ecfb-7355-4cfe-84bf-b776a220456b/1/1-kVWLa7RWGGfopZS1-VapgfpBYI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/a8ecfb-7355-4cfe-84bf-b776a220456b/1/L_YYK-t7gshXPfi21RBE1sZyToI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.198.95.0/24 Signature Algorithm: sha256WithRSAEncryption 08:20:f3:83:f1:3b:88:af:f0:c1:16:57:70:c9:c9:52:60:41: d2:33:9b:a7:ca:2d:d4:ad:0b:bc:2e:59:91:fc:2e:d0:24:ed: 16:7f:d2:9a:5b:75:18:88:de:11:c6:53:11:32:73:45:16:7b: fe:96:07:7a:3e:11:b8:9a:fd:1f:ab:10:1d:38:a2:e7:d0:aa: 40:18:07:60:17:71:8c:0e:b9:4e:1d:3f:68:c2:24:f3:7c:8e: 2c:35:03:76:3e:2d:f2:1e:14:25:2f:71:d4:3b:01:af:5f:17: b2:89:75:62:59:7a:ac:50:04:26:20:32:5d:47:38:97:e9:93: 50:b8:d7:c8:db:36:66:ab:12:bc:e5:b7:5e:83:25:e4:23:a1: 2c:86:63:39:4d:b9:81:43:26:8f:89:69:b7:bf:20:c6:fa:99: c8:ad:bf:1e:7e:a3:ec:e6:3e:9b:37:a2:51:a9:06:2c:ab:b7: 60:ba:29:2b:8a:06:6a:9f:c3:37:80:c3:65:1a:ce:37:23:0a: 39:25:36:8f:0d:fd:ef:a9:de:0d:e7:cb:b4:20:09:1e:08:61: 5f:f4:92:02:9e:96:39:e7:2f:e8:db:51:fa:1f:5a:14:cb:33: fb:09:05:8f:1b:5a:cc:83:0d:f7:c3:fa:91:f4:9b:cf:1f:13: cc:35:9f:80 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt5fxvyqKeF19kI79nNdrUWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmZjYxODJiZWI3YjgyYzg1NzNkZjhiNmQ1MTA0NGQ2YzY3 MjRlODIwHhcNMjYwMTAxMTIxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYTQ1NTYyZGFlZDE1ODYxOWZhMjk2NTJkN2U1NWFhNjA3ZTkwNTgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnW53JdeT9dyHABvY0vjp6HN5zsAb y8CLAL9fFFlWE8aV/BU0Hxpo2PmVB9Aru4/UtlEnw3ndt1pgMLXA43cD3d0zrrYJ fulxz7PvFlhsgS7DPPIgO8npMmPm/vZTmpetyeem/iXCz9SMR0+LRNiYZzZLpQ6A LbGih4lVFzfxwYtTSAPGSJYqanw2mF9suYB299uXzvhl9WmSXyx9gczfls0tdIZu DmsIXElqaf7ZE3y3Kd7ngY2mh9Q7IZT+c+Pvp1+i7cEVZFD+yCVIifHdu4d966hB lB2plIXRRHT/22wsKNL2hYWeS1EyznTyzEXEI1WT2dm1H8lsRBUSIryIPQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFPpFVi2u0Vhhn6KWUtflWqYH6QWCMB8GA1UdIwQY MBaAFC/2GCvre4LIVz34ttUQRNbGck6CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTF9ZWUstdDdnc2hYUGZpMjFSQkUxc1p5VG9JLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9hOGVjZmItNzM1NS00Y2ZlLTg0YmYt Yjc3NmEyMjA0NTZiLzEvMS1rVldMYTdSV0dHZm9wWlMxLVZhcGdmcEJZSS5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvZDUvYThlY2ZiLTczNTUtNGNmZS04NGJmLWI3NzZhMjIwNDU2 Yi8xL0xfWVlLLXQ3Z3NoWFBmaTIxUkJFMXNaeVRvSS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvGXzAN BgkqhkiG9w0BAQsFAAOCAQEACCDzg/E7iK/wwRZXcMnJUmBB0jObp8ot1K0LvC5Z kfwu0CTtFn/Smlt1GIjeEcZTETJzRRZ7/pYHej4RuJr9H6sQHTii59CqQBgHYBdx jA65Th0/aMIk83yOLDUDdj4t8h4UJS9x1DsBr18Xsol1Yll6rFAEJiAyXUc4l+mT ULjXyNs2ZqsSvOW3XoMl5COhLIZjOU25gUMmj4lpt78gxvqZyK2/Hn6j7OY+mzei UakGLKu3YLopK4oGap/DN4DDZRrONyMKOSU2jw3976neDefLtCAJHghhX/SSAp6W Oecv6NtR+h9aFMsz+wkFjxtazIMN98P6kfSbzx8TzDWfgA== -----END CERTIFICATE-----Generated at Mon Jan 19 11:24:43 2026 by rpki-client