This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/5yDhnFwC0iVn5DPcpR3QmCvoVv0.roa File: 5yDhnFwC0iVn5DPcpR3QmCvoVv0.roa (raw, json) Hash identifier: ZjrAq68K+mD03JUMhXQCJJAVWYAycmpN3p0OOOXApGI= Subject key identifier: E7:20:E1:9C:5C:02:D2:25:67:E4:33:DC:A5:1D:D0:98:2B:E8:56:FD Certificate issuer: /CN=84a69fc568894cb3985edef22216bd99974de251 Certificate serial: 019B7A5B7CF8B30D7FEF95DB5F47B53C2609 Authority key identifier: 84:A6:9F:C5:68:89:4C:B3:98:5E:DE:F2:22:16:BD:99:97:4D:E2:51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hKafxWiJTLOYXt7yIha9mZdN4lE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/5yDhnFwC0iVn5DPcpR3QmCvoVv0.roa Signing time: Thu 01 Jan 2026 16:19:34 +0000 ROA not before: Thu 01 Jan 2026 16:19:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212489 IP address blocks: 91.243.117.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.mft rsync://rpki.ripe.net/repository/DEFAULT/hKafxWiJTLOYXt7yIha9mZdN4lE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:7c:f8:b3:0d:7f:ef:95:db:5f:47:b5:3c:26:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84a69fc568894cb3985edef22216bd99974de251 Validity Not Before: Jan 1 16:19:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e720e19c5c02d22567e433dca51dd0982be856fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:b9:bc:9e:6c:af:ea:af:50:b6:61:65:87:f3: 1d:67:87:f6:0f:8d:be:ee:8c:1a:61:f9:ec:04:67: 32:cd:2d:ae:d9:b1:bf:45:25:03:b6:76:cf:d9:ca: b3:1d:6c:39:c2:66:a0:52:5d:99:9a:b0:e5:22:99: 78:d2:b2:7d:44:f2:e5:6f:71:18:ad:1f:76:6f:e8: 01:9c:28:59:6c:25:67:00:66:75:fc:3b:35:ef:7c: 77:c8:cf:eb:cf:e3:9b:cd:86:5e:eb:f2:5f:8f:c2: af:e1:22:07:9d:4a:23:18:36:a9:04:ad:86:a0:6d: ac:db:bb:61:16:c8:c2:25:73:57:b5:48:45:80:b3: 63:2b:5c:19:bc:79:29:c5:80:22:19:c3:8b:5f:bd: 9f:d0:23:23:4c:e1:a8:e3:a0:cd:aa:63:ab:c5:e9: b0:c3:05:33:56:3a:2b:68:b0:77:c0:39:5e:12:10: 0a:30:cf:e8:04:7c:15:45:ce:78:57:68:7f:e5:6d: d8:82:99:88:44:f1:8f:69:20:e6:55:d8:44:1e:73: f8:77:76:16:ce:b5:4f:cf:4e:30:6e:1f:91:ef:ae: 31:d4:2e:dd:67:49:04:f9:06:a5:33:e5:e4:c9:ed: 3d:e3:51:4f:2a:23:3c:e4:10:90:1c:31:64:20:e1: b8:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:20:E1:9C:5C:02:D2:25:67:E4:33:DC:A5:1D:D0:98:2B:E8:56:FD X509v3 Authority Key Identifier: keyid:84:A6:9F:C5:68:89:4C:B3:98:5E:DE:F2:22:16:BD:99:97:4D:E2:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hKafxWiJTLOYXt7yIha9mZdN4lE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/5yDhnFwC0iVn5DPcpR3QmCvoVv0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/c60a1e-9080-4b08-95da-437fe50bb4f7/1/hKafxWiJTLOYXt7yIha9mZdN4lE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.243.117.0/24 Signature Algorithm: sha256WithRSAEncryption 88:70:25:0a:b4:01:71:fc:74:01:a2:a6:6a:04:b7:51:da:0b: d7:5f:8e:bd:87:3a:c8:d8:27:6a:bd:46:73:81:10:bb:5e:6e: 2c:a1:ac:bc:6d:35:d2:46:b3:d0:5a:aa:ec:65:3b:35:f1:be: b9:1f:96:35:49:ec:70:ef:07:e2:01:da:38:17:1e:be:b4:4d: d8:14:2b:72:ab:f7:1b:35:b2:be:ca:4a:56:0a:b4:82:fe:e7: 47:da:7f:09:9a:6f:0b:3f:93:e9:22:3e:c8:7b:fc:49:9e:8b: 80:91:c3:5e:b2:45:13:06:68:f0:82:8f:2e:dc:db:67:fe:fc: 70:f2:39:4f:bb:36:1d:1a:b3:54:d5:1e:15:ec:39:22:f7:91: 46:d1:e2:98:77:9e:62:36:cf:3b:76:f8:74:50:1c:85:68:ac: 11:60:9c:31:5f:b7:6a:e7:aa:6b:2d:73:63:04:f3:08:90:3d: de:99:da:cd:c9:c0:f0:f2:35:cf:a4:f8:23:a9:42:b2:59:70: eb:10:13:a2:48:80:eb:be:0a:71:a3:0d:cf:76:c9:48:69:81: 62:f3:c0:02:6c:b4:cb:f5:06:34:f6:5d:50:8b:cf:4b:23:37: 8c:a3:f8:15:f1:9c:48:ee:ee:24:54:a8:07:db:be:ee:91:a0: 12:23:c0:b0 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6W3z4sw1/75XbX0e1PCYJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0YTY5ZmM1Njg4OTRjYjM5ODVlZGVmMjIyMTZiZDk5OTc0 ZGUyNTEwHhcNMjYwMTAxMTYxOTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNzIwZTE5YzVjMDJkMjI1NjdlNDMzZGNhNTFkZDA5ODJiZTg1NmZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLm8nmyv6q9QtmFlh/MdZ4f2D42+ 7owaYfnsBGcyzS2u2bG/RSUDtnbP2cqzHWw5wmagUl2ZmrDlIpl40rJ9RPLlb3EY rR92b+gBnChZbCVnAGZ1/Ds173x3yM/rz+ObzYZe6/Jfj8Kv4SIHnUojGDapBK2G oG2s27thFsjCJXNXtUhFgLNjK1wZvHkpxYAiGcOLX72f0CMjTOGo46DNqmOrxemw wwUzVjoraLB3wDleEhAKMM/oBHwVRc54V2h/5W3YgpmIRPGPaSDmVdhEHnP4d3YW zrVPz04wbh+R764x1C7dZ0kE+QalM+Xkye0941FPKiM85BCQHDFkIOG4XQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOcg4ZxcAtIlZ+Qz3KUd0Jgr6Fb9MB8GA1UdIwQY MBaAFISmn8VoiUyzmF7e8iIWvZmXTeJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaEthZnhXaUpUTE9ZWHQ3eUloYTltWmRONGxFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9jNjBhMWUtOTA4MC00YjA4LTk1ZGEt NDM3ZmU1MGJiNGY3LzEvNXlEaG5Gd0MwaVZuNURQY3BSM1FtQ3ZvVnYwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9jNjBhMWUtOTA4MC00YjA4LTk1ZGEtNDM3ZmU1MGJiNGY3 LzEvaEthZnhXaUpUTE9ZWHQ3eUloYTltWmRONGxFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW/N1MA0G CSqGSIb3DQEBCwUAA4IBAQCIcCUKtAFx/HQBoqZqBLdR2gvXX469hzrI2CdqvUZz gRC7Xm4soay8bTXSRrPQWqrsZTs18b65H5Y1Sexw7wfiAdo4Fx6+tE3YFCtyq/cb NbK+ykpWCrSC/udH2n8Jmm8LP5PpIj7Ie/xJnouAkcNeskUTBmjwgo8u3Ntn/vxw 8jlPuzYdGrNU1R4V7Dki95FG0eKYd55iNs87dvh0UByFaKwRYJwxX7dq56prLXNj BPMIkD3emdrNycDw8jXPpPgjqUKyWXDrEBOiSIDrvgpxow3PdslIaYFi88ACbLTL 9QY09l1Qi89LIzeMo/gV8ZxI7u4kVKgH277ukaASI8Cw -----END CERTIFICATE-----Generated at Mon Jan 26 02:43:41 2026 by rpki-client