This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/iBJ31yh-XKNto6qwkr_lk9nm8Ik.roa File: iBJ31yh-XKNto6qwkr_lk9nm8Ik.roa (raw, json) Hash identifier: YPdFv2hCP/PkOD/9i/Bu7OVfZju2bdOQgcBdgpKIrw0= Subject key identifier: 88:12:77:D7:28:7E:5C:A3:6D:A3:AA:B0:92:BF:E5:93:D9:E6:F0:89 Certificate issuer: /CN=bf5599c26755f4a4d4f540e2ffd7b74a39053da3 Certificate serial: 019B7EA6AC407DD9E1AA5A45A0106E37D899 Authority key identifier: BF:55:99:C2:67:55:F4:A4:D4:F5:40:E2:FF:D7:B7:4A:39:05:3D:A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v1WZwmdV9KTU9UDi_9e3SjkFPaM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/iBJ31yh-XKNto6qwkr_lk9nm8Ik.roa Signing time: Fri 02 Jan 2026 12:20:10 +0000 ROA not before: Fri 02 Jan 2026 12:20:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 13030 IP address blocks: 91.199.76.0/24 maxlen: 24 2001:67c:470::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/v1WZwmdV9KTU9UDi_9e3SjkFPaM.crl rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/v1WZwmdV9KTU9UDi_9e3SjkFPaM.mft rsync://rpki.ripe.net/repository/DEFAULT/v1WZwmdV9KTU9UDi_9e3SjkFPaM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:ac:40:7d:d9:e1:aa:5a:45:a0:10:6e:37:d8:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bf5599c26755f4a4d4f540e2ffd7b74a39053da3 Validity Not Before: Jan 2 12:20:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=881277d7287e5ca36da3aab092bfe593d9e6f089 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:2a:2b:5c:ad:d4:0a:5c:b5:d1:2a:5c:13:cb: 8e:f0:cc:a0:f0:a9:da:4e:0c:d3:37:8d:ec:24:78: 25:09:0b:c7:15:56:2a:11:a6:9f:65:a6:19:61:be: 0a:b1:71:2b:6a:d8:48:d5:73:67:75:a2:18:41:57: 58:60:61:dc:cb:5d:b0:52:78:b2:26:8f:41:a9:22: 26:65:e3:a2:af:7b:c9:f3:86:ef:5f:1c:4c:a1:7a: 6d:ce:a2:a6:d9:b5:96:66:da:38:02:f0:76:4c:1b: 25:c2:1f:ac:7d:90:9d:30:90:8c:9d:47:e5:fd:dc: a9:ce:53:c2:0d:56:8d:c1:69:bf:9b:d3:da:29:f4: 0f:a8:fb:9b:a8:d6:fd:5c:7d:93:1d:40:8e:93:35: 4f:34:02:8c:5c:70:4f:08:36:4a:9f:c7:55:df:ce: 57:5d:1c:d9:ca:1c:e6:67:2f:fb:49:5b:ef:d8:39: 7d:11:96:84:0e:af:d3:99:a4:26:c9:55:6e:21:0b: 98:af:70:00:02:76:ee:b6:e2:01:e0:1c:81:ce:4c: ef:ad:40:8e:81:3c:16:35:0c:7c:3b:48:63:a5:83: 48:81:c2:08:05:6d:9f:ce:97:70:bb:70:5c:2e:4c: 24:00:b1:45:50:64:d9:ff:9c:3c:0f:e1:74:b7:f4: 49:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:12:77:D7:28:7E:5C:A3:6D:A3:AA:B0:92:BF:E5:93:D9:E6:F0:89 X509v3 Authority Key Identifier: keyid:BF:55:99:C2:67:55:F4:A4:D4:F5:40:E2:FF:D7:B7:4A:39:05:3D:A3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1WZwmdV9KTU9UDi_9e3SjkFPaM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/iBJ31yh-XKNto6qwkr_lk9nm8Ik.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/101696-83dd-436f-b47c-3e1b8432fc70/1/v1WZwmdV9KTU9UDi_9e3SjkFPaM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.199.76.0/24 IPv6: 2001:67c:470::/48 Signature Algorithm: sha256WithRSAEncryption 86:da:f0:0b:19:53:5d:da:d9:71:e2:a4:f4:c6:f7:a8:43:ea: 15:86:f6:20:c6:4e:3b:58:9f:0c:6c:f5:82:b8:3b:f8:1b:0f: d0:94:6e:fa:c2:c7:81:17:7b:ca:47:97:01:72:cf:50:0c:ca: 08:91:3d:4f:12:2c:05:93:fa:23:2d:91:c4:df:a7:63:34:fd: fb:ed:f3:94:e6:57:e9:bc:98:14:06:49:4d:a5:a6:af:a4:47: 1a:b3:d8:ad:81:17:b7:18:f0:fe:7b:67:fb:6e:da:4d:b5:5f: 50:b7:55:68:75:e9:fe:40:bc:bd:bb:2a:19:8d:61:a9:0a:e2: ef:bf:04:3d:38:1f:88:79:1f:30:d4:79:a1:bb:4f:36:81:ca: 74:8b:cb:d0:98:b1:c4:5d:29:43:f8:2d:aa:bb:31:ad:de:71: c4:af:a1:36:fc:e7:63:b4:5d:9b:3e:2c:c0:cf:aa:65:8f:53: 6c:7f:24:0f:4f:69:02:f2:58:d2:f4:7c:83:37:bd:be:07:9f: 7b:36:24:aa:e8:9a:94:52:4f:f5:98:8e:0d:7c:6a:88:b5:15: d6:e9:15:8a:e4:a4:9f:13:f0:2c:12:db:85:a7:c4:30:e0:32: f2:c1:d9:d3:a2:d0:1f:30:7d:2b:d8:fe:12:52:ea:8c:a7:20: 15:00:5e:23 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+pqxAfdnhqlpFoBBuN9iZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmNTU5OWMyNjc1NWY0YTRkNGY1NDBlMmZmZDdiNzRhMzkw NTNkYTMwHhcNMjYwMTAyMTIyMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ODEyNzdkNzI4N2U1Y2EzNmRhM2FhYjA5MmJmZTU5M2Q5ZTZmMDg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCorXK3UCly10SpcE8uO8Myg8Kna TgzTN43sJHglCQvHFVYqEaafZaYZYb4KsXErathI1XNndaIYQVdYYGHcy12wUniy Jo9BqSImZeOir3vJ84bvXxxMoXptzqKm2bWWZto4AvB2TBslwh+sfZCdMJCMnUfl /dypzlPCDVaNwWm/m9PaKfQPqPubqNb9XH2THUCOkzVPNAKMXHBPCDZKn8dV385X XRzZyhzmZy/7SVvv2Dl9EZaEDq/TmaQmyVVuIQuYr3AAAnbutuIB4ByBzkzvrUCO gTwWNQx8O0hjpYNIgcIIBW2fzpdwu3BcLkwkALFFUGTZ/5w8D+F0t/RJ0QIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFIgSd9coflyjbaOqsJK/5ZPZ5vCJMB8GA1UdIwQY MBaAFL9VmcJnVfSk1PVA4v/Xt0o5BT2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjFXWndtZFY5S1RVOVVEaV85ZTNTamtGUGFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8xMDE2OTYtODNkZC00MzZmLWI0N2Mt M2UxYjg0MzJmYzcwLzEvaUJKMzF5aC1YS050bzZxd2tyX2xrOW5tOElrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS8xMDE2OTYtODNkZC00MzZmLWI0N2MtM2UxYjg0MzJmYzcw LzEvdjFXWndtZFY5S1RVOVVEaV85ZTNTamtGUGFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8dMMA8E AgACMAkDBwAgAQZ8BHAwDQYJKoZIhvcNAQELBQADggEBAIba8AsZU13a2XHipPTG 96hD6hWG9iDGTjtYnwxs9YK4O/gbD9CUbvrCx4EXe8pHlwFyz1AMygiRPU8SLAWT +iMtkcTfp2M0/fvt85TmV+m8mBQGSU2lpq+kRxqz2K2BF7cY8P57Z/tu2k21X1C3 VWh16f5AvL27KhmNYakK4u+/BD04H4h5HzDUeaG7TzaBynSLy9CYscRdKUP4Laq7 Ma3eccSvoTb852O0XZs+LMDPqmWPU2x/JA9PaQLyWNL0fIM3vb4Hn3s2JKrompRS T/WYjg18aoi1FdbpFYrkpJ8T8CwS24WnxDDgMvLB2dOi0B8wfSvY/hJS6oynIBUA XiM= -----END CERTIFICATE-----Generated at Sun Jan 25 23:33:19 2026 by rpki-client