This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/1-kTvZ0CIAu8uTw7fU1T6vT9hc9c.roa File: 1-kTvZ0CIAu8uTw7fU1T6vT9hc9c.roa (raw, json) Hash identifier: me+ftvQPzHdAUrIuYjuuG8bbQjdCu8RbriElDkqOOBo= Subject key identifier: FA:44:EF:67:40:88:02:EF:2E:4F:0E:DF:53:54:FA:BD:3F:61:73:D7 Certificate issuer: /CN=0e64f81b9e36b849917787678d014db4bfcef311 Certificate serial: 019B78A2A94E497AEBED4D32797F8AA712C8 Authority key identifier: 0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/1-kTvZ0CIAu8uTw7fU1T6vT9hc9c.roa Signing time: Thu 01 Jan 2026 08:18:04 +0000 ROA not before: Thu 01 Jan 2026 08:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215871 IP address blocks: 91.243.68.0/24 maxlen: 24 2a14:1f80::/29 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.crl rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.mft rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:a9:4e:49:7a:eb:ed:4d:32:79:7f:8a:a7:12:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e64f81b9e36b849917787678d014db4bfcef311 Validity Not Before: Jan 1 08:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fa44ef67408802ef2e4f0edf5354fabd3f6173d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:20:a7:dc:b1:2c:16:7e:d9:57:a9:ad:df:4c: 68:11:be:ed:ca:a7:5c:7d:33:ad:81:c4:cc:79:fd: c8:60:26:61:42:84:70:cc:ac:b5:e2:9f:87:dc:93: bf:fd:cf:36:9e:33:ac:a8:5f:34:6f:6e:44:52:90: cb:37:95:48:a9:d6:41:2c:f8:39:47:42:a8:c3:ac: 4a:c3:c5:52:a7:b2:19:fe:90:7b:32:d0:cf:16:4e: 62:91:7a:a9:fb:af:d1:16:83:e2:1f:1f:a9:7c:bd: b3:86:ef:c8:8b:1e:ae:d0:ea:0b:c6:fb:40:69:28: 2b:39:a1:85:86:1a:c9:00:57:8c:a6:ec:0d:c1:09: f6:0b:a5:e7:9e:91:a3:0a:cf:07:97:69:9b:59:b1: a0:60:43:7e:ab:9a:ab:43:69:a4:ec:12:9f:22:c0: 67:86:1c:c1:44:b2:69:66:d6:54:b3:3a:28:c4:f4: e3:b0:58:a0:d5:bd:7c:2e:2f:cf:df:09:6c:dd:0d: 81:d8:7d:35:8a:4b:26:a4:a9:29:6b:88:40:f1:f9: 75:fa:9f:8a:db:5c:2b:bc:5c:c0:50:2a:78:27:89: b6:f7:ea:e7:1c:b3:46:41:2e:df:57:ff:85:9e:38: ba:7e:fd:0f:5a:04:2f:e2:a2:df:09:bc:d5:e5:e1: 2a:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:44:EF:67:40:88:02:EF:2E:4F:0E:DF:53:54:FA:BD:3F:61:73:D7 X509v3 Authority Key Identifier: keyid:0E:64:F8:1B:9E:36:B8:49:91:77:87:67:8D:01:4D:B4:BF:CE:F3:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DmT4G542uEmRd4dnjQFNtL_O8xE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/1-kTvZ0CIAu8uTw7fU1T6vT9hc9c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/594d25-f1c6-4044-a8a7-c8f182e95ea5/1/DmT4G542uEmRd4dnjQFNtL_O8xE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.243.68.0/24 IPv6: 2a14:1f80::/29 Signature Algorithm: sha256WithRSAEncryption 52:27:53:a5:a0:d9:87:17:97:9b:b4:3e:5e:d8:58:b1:d0:77: ba:36:a6:44:99:14:cc:9e:84:8a:9d:93:50:00:c3:4e:9e:27: c3:92:17:14:cc:46:1a:66:f1:b3:d9:8b:c0:69:e2:bb:12:ee: cd:a3:11:f6:af:1f:86:b3:2e:bb:6c:b5:a1:2c:9b:55:bf:92: 06:a5:2b:b2:ff:39:08:d3:25:fd:d1:9e:bf:d3:46:5c:14:e8: cf:46:f4:7d:6c:b4:af:57:34:dc:ce:6b:b1:80:3e:dc:04:78: c2:76:c9:7d:4b:e5:ce:af:f8:9a:39:14:09:9b:46:fe:91:e5: db:6f:a9:27:70:6c:ea:12:69:8c:fd:e9:e9:01:28:7c:a4:5e: 6b:2c:3f:a9:c9:5e:dc:6e:93:89:f5:f4:1c:89:fa:fb:48:19: cd:e2:8b:52:19:59:4c:96:3b:b1:0a:a6:f1:68:78:ee:9e:1a: 69:aa:dc:72:54:d2:58:79:4c:cf:87:0a:dd:46:b1:50:a1:9d: 43:3b:dc:6d:68:45:a4:0b:37:2c:b5:93:db:e2:19:5e:75:ab: 83:11:da:6c:92:90:d3:77:fb:f9:5a:73:80:d4:0b:4c:55:e7: cb:30:92:8a:21:2c:64:71:b6:15:df:f9:a4:62:d6:d9:24:78: 5d:f2:c6:2a -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt4oqlOSXrr7U0yeX+KpxLIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlNjRmODFiOWUzNmI4NDk5MTc3ODc2NzhkMDE0ZGI0YmZj ZWYzMTEwHhcNMjYwMTAxMDgxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYTQ0ZWY2NzQwODgwMmVmMmU0ZjBlZGY1MzU0ZmFiZDNmNjE3M2Q3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSCn3LEsFn7ZV6mt30xoEb7tyqdc fTOtgcTMef3IYCZhQoRwzKy14p+H3JO//c82njOsqF80b25EUpDLN5VIqdZBLPg5 R0Kow6xKw8VSp7IZ/pB7MtDPFk5ikXqp+6/RFoPiHx+pfL2zhu/Iix6u0OoLxvtA aSgrOaGFhhrJAFeMpuwNwQn2C6XnnpGjCs8Hl2mbWbGgYEN+q5qrQ2mk7BKfIsBn hhzBRLJpZtZUszooxPTjsFig1b18Li/P3wls3Q2B2H01iksmpKkpa4hA8fl1+p+K 21wrvFzAUCp4J4m29+rnHLNGQS7fV/+Fnji6fv0PWgQv4qLfCbzV5eEqoQIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFPpE72dAiALvLk8O31NU+r0/YXPXMB8GA1UdIwQY MBaAFA5k+BueNrhJkXeHZ40BTbS/zvMRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRG1UNEc1NDJ1RW1SZDRkbmpRRk50TF9POHhFLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy81OTRkMjUtZjFjNi00MDQ0LWE4YTct YzhmMTgyZTk1ZWE1LzEvMS1rVHZaMENJQXU4dVR3N2ZVMVQ2dlQ5aGM5Yy5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMTcvNTk0ZDI1LWYxYzYtNDA0NC1hOGE3LWM4ZjE4MmU5NWVh NS8xL0RtVDRHNTQydUVtUmQ0ZG5qUUZOdExfTzh4RS5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAFvzRDAN BAIAAjAHAwUDKhQfgDANBgkqhkiG9w0BAQsFAAOCAQEAUidTpaDZhxeXm7Q+XthY sdB3ujamRJkUzJ6Eip2TUADDTp4nw5IXFMxGGmbxs9mLwGniuxLuzaMR9q8fhrMu u2y1oSybVb+SBqUrsv85CNMl/dGev9NGXBToz0b0fWy0r1c03M5rsYA+3AR4wnbJ fUvlzq/4mjkUCZtG/pHl22+pJ3Bs6hJpjP3p6QEofKReayw/qcle3G6TifX0HIn6 +0gZzeKLUhlZTJY7sQqm8Wh47p4aaarcclTSWHlMz4cK3UaxUKGdQzvcbWhFpAs3 LLWT2+IZXnWrgxHabJKQ03f7+VpzgNQLTFXnyzCSiiEsZHG2Fd/5pGLW2SR4XfLG Kg== -----END CERTIFICATE-----Generated at Sun Jan 25 20:49:17 2026 by rpki-client