This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/cFW2f7mYQVMT0WQiKum-84YT7Tg.roa File: cFW2f7mYQVMT0WQiKum-84YT7Tg.roa (raw, json) Hash identifier: NYhMRFKPP2MvfbOtQ4xBGxpe8K5LETaIrUVLB8Q0RF0= Subject key identifier: 70:55:B6:7F:B9:98:41:53:13:D1:64:22:2A:E9:BE:F3:86:13:ED:38 Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8 Certificate serial: 019B7DC888CAD20DF7E30129827B6DB3609B Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/cFW2f7mYQVMT0WQiKum-84YT7Tg.roa Signing time: Fri 02 Jan 2026 08:17:32 +0000 ROA not before: Fri 02 Jan 2026 08:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202432 IP address blocks: 91.108.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c8:88:ca:d2:0d:f7:e3:01:29:82:7b:6d:b3:60:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8 Validity Not Before: Jan 2 08:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7055b67fb998415313d164222ae9bef38613ed38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:df:fd:ce:f5:20:ff:86:5c:df:bb:2f:47:9b: 13:15:20:c0:ad:3c:38:88:24:37:d9:d1:6a:37:e3: d4:10:21:be:01:d4:10:ed:5a:bc:ee:c1:1c:25:44: 0e:f2:11:e5:c6:f4:04:f7:b5:7f:97:b8:1e:80:e2: 74:35:98:c0:2a:ff:9b:d1:53:9d:2b:96:74:f2:57: c1:23:7b:08:16:a9:66:d8:97:88:29:d3:7a:25:68: 5d:5b:9c:09:f2:88:be:b4:5e:aa:ea:2c:29:41:63: 16:40:97:e8:5e:0c:55:c9:ea:6a:8a:2f:55:4c:45: e9:54:22:dd:c6:64:45:5b:37:d0:2e:90:4c:fe:62: ac:09:ca:c8:37:55:e1:74:cc:55:cd:78:d8:30:9b: 25:a7:ba:97:4b:5d:9d:fd:17:54:62:93:c5:56:ee: 82:6c:98:2f:ce:2b:42:e4:d1:ba:bf:a3:7b:24:a0: ed:b7:d2:bf:a5:05:44:82:e0:91:22:a2:52:30:22: 39:fa:5c:0b:18:ee:cb:ed:26:e4:f2:dc:d1:96:9a: 53:e5:88:a2:1f:ce:ab:ef:97:0c:f8:bb:90:e1:84: 2f:2c:89:fe:17:70:00:df:60:76:e2:f9:cb:97:0a: 49:34:15:cf:2e:2b:37:71:94:84:ab:e6:65:ae:fb: 4e:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:55:B6:7F:B9:98:41:53:13:D1:64:22:2A:E9:BE:F3:86:13:ED:38 X509v3 Authority Key Identifier: keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/cFW2f7mYQVMT0WQiKum-84YT7Tg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.108.42.0/24 Signature Algorithm: sha256WithRSAEncryption 11:8f:54:a0:06:73:57:ac:82:99:5a:51:02:e3:f3:fc:49:85: da:52:0d:1a:21:d0:5c:c0:44:2c:ce:2b:eb:ad:81:a1:aa:69: 3b:79:fd:1a:08:da:05:54:31:bd:d5:d4:d8:bd:48:69:0d:a4: f4:4a:03:b6:42:64:6e:2b:8e:a1:98:f8:1d:2a:91:1e:06:ca: c9:b4:ce:0b:ae:51:33:cc:fb:5a:60:67:3f:14:a6:87:17:d1: 89:d7:06:92:c0:84:10:2c:a3:98:8f:99:ff:c7:5b:02:3a:51: 0c:82:ad:ac:c8:87:58:b0:e6:b9:0d:13:bf:ec:6c:ab:7a:39: b2:69:42:58:34:b9:8d:79:78:15:69:ab:63:78:b1:ab:36:35: 09:40:c5:93:4f:25:e6:61:cc:78:84:5a:9d:bb:71:01:ad:97: d1:ca:6a:31:45:34:89:85:87:cf:3c:2d:ae:31:fb:6f:c8:c1: fd:a5:69:f8:cd:ba:15:7d:d1:b7:01:02:f9:5b:51:41:3b:74: ed:c7:db:b3:2f:16:6d:01:5b:f7:c1:e5:56:4e:23:b7:92:9d: ce:91:09:3e:1b:6f:28:69:4a:e3:4c:ee:a4:17:77:9e:f9:9d: 24:da:7c:5f:d9:a2:31:81:96:01:f1:e1:f1:f7:bf:59:2e:61: c2:70:e7:0f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yIjK0g334wEpgntts2CbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx YTUxYjgwHhcNMjYwMTAyMDgxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MDU1YjY3ZmI5OTg0MTUzMTNkMTY0MjIyYWU5YmVmMzg2MTNlZDM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt/9zvUg/4Zc37svR5sTFSDArTw4 iCQ32dFqN+PUECG+AdQQ7Vq87sEcJUQO8hHlxvQE97V/l7gegOJ0NZjAKv+b0VOd K5Z08lfBI3sIFqlm2JeIKdN6JWhdW5wJ8oi+tF6q6iwpQWMWQJfoXgxVyepqii9V TEXpVCLdxmRFWzfQLpBM/mKsCcrIN1XhdMxVzXjYMJslp7qXS12d/RdUYpPFVu6C bJgvzitC5NG6v6N7JKDtt9K/pQVEguCRIqJSMCI5+lwLGO7L7Sbk8tzRlppT5Yii H86r75cM+LuQ4YQvLIn+F3AA32B24vnLlwpJNBXPLis3cZSEq+ZlrvtOZQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHBVtn+5mEFTE9FkIirpvvOGE+04MB8GA1UdIwQY MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt NzY3NDE2NTI1MTBkLzEvY0ZXMmY3bVlRVk1UMFdRaUt1bS04NFlUN1RnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2wqMA0G CSqGSIb3DQEBCwUAA4IBAQARj1SgBnNXrIKZWlEC4/P8SYXaUg0aIdBcwEQszivr rYGhqmk7ef0aCNoFVDG91dTYvUhpDaT0SgO2QmRuK46hmPgdKpEeBsrJtM4LrlEz zPtaYGc/FKaHF9GJ1waSwIQQLKOYj5n/x1sCOlEMgq2syIdYsOa5DRO/7Gyrejmy aUJYNLmNeXgVaatjeLGrNjUJQMWTTyXmYcx4hFqdu3EBrZfRymoxRTSJhYfPPC2u MftvyMH9pWn4zboVfdG3AQL5W1FBO3Ttx9uzLxZtAVv3weVWTiO3kp3OkQk+G28o aUrjTO6kF3ee+Z0k2nxf2aIxgZYB8eHx979ZLmHCcOcP -----END CERTIFICATE-----Generated at Sun Jan 25 13:03:35 2026 by rpki-client