This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/9zaCEl1SgGOc-A7zIR9SmhOUbCA.roa File: 9zaCEl1SgGOc-A7zIR9SmhOUbCA.roa (raw, json) Hash identifier: eFtzjl4+/9tlA7bC6sKrJsHMLsAxLeLlfmditC5aZTs= Subject key identifier: F7:36:82:12:5D:52:80:63:9C:F8:0E:F3:21:1F:52:9A:13:94:6C:20 Certificate issuer: /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c Certificate serial: 019B7C7FD4D279D0F30DA0342A2DF2676CC1 Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/9zaCEl1SgGOc-A7zIR9SmhOUbCA.roa Signing time: Fri 02 Jan 2026 02:18:30 +0000 ROA not before: Fri 02 Jan 2026 02:18:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6855 IP address blocks: 91.245.16.0/23 maxlen: 24 2a01:5f7::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.mft rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:d4:d2:79:d0:f3:0d:a0:34:2a:2d:f2:67:6c:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c Validity Not Before: Jan 2 02:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f73682125d5280639cf80ef3211f529a13946c20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:d1:39:50:40:11:db:3c:85:31:d0:6a:17:1f: 96:b0:6f:64:41:d3:ed:16:c2:0e:c0:0f:15:85:09: 3d:55:2f:a2:e3:1b:db:42:52:5e:9e:71:d4:b2:11: 05:36:ca:89:e5:25:fe:8b:0f:47:de:43:53:ca:3e: f0:3f:1d:80:d0:ff:0d:ea:e0:26:52:b6:68:b9:8e: 89:4d:6c:36:20:27:64:cc:84:9b:3e:15:d0:de:e0: 61:3d:30:2e:30:ce:41:70:33:3b:2c:a9:c2:a7:59: 3a:f0:c8:bf:10:da:bb:23:59:ac:9b:e7:4f:a8:fd: 6e:18:60:ea:70:d1:8a:ed:db:b9:fe:ab:c8:3c:3a: 38:20:51:ea:26:ff:cb:bc:ee:a2:c7:18:cd:01:f3: 07:e8:f7:c0:79:da:01:f7:41:ba:dc:56:18:06:04: 0b:63:65:5d:d8:fd:83:f0:54:9d:56:42:f8:0b:8b: 1f:db:cf:e9:1b:d2:05:c0:b2:5f:4c:dc:8e:3f:d6: c5:5c:1f:c6:c3:70:82:06:3e:13:8d:59:32:78:5c: 26:f9:ad:4a:06:29:5b:c6:e0:3d:16:fc:6b:62:d5: 6f:d0:b7:eb:78:82:55:9b:8c:0b:94:3a:3b:51:1c: 4f:d2:62:f4:61:6c:ef:15:4d:52:8f:11:50:cd:a7: 6c:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:36:82:12:5D:52:80:63:9C:F8:0E:F3:21:1F:52:9A:13:94:6C:20 X509v3 Authority Key Identifier: keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/9zaCEl1SgGOc-A7zIR9SmhOUbCA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.245.16.0/23 IPv6: 2a01:5f7::/32 Signature Algorithm: sha256WithRSAEncryption bd:16:1a:e8:6d:0b:f4:33:19:60:9e:12:5c:46:b7:c2:ef:9c: 07:1c:f3:1a:10:7f:db:ff:5b:15:76:1b:e8:c6:af:ed:67:9a: 5b:37:6a:d2:7a:21:b5:c9:54:f7:aa:6c:84:95:c6:2c:b6:d3: ba:05:fd:4d:2c:4e:e1:90:08:49:44:26:87:f8:17:e3:c8:93: 00:03:dc:63:1d:47:7d:0d:e8:87:11:c2:cf:23:78:f2:c0:e2: 58:39:73:11:a2:4e:56:63:5e:00:46:d3:f8:e9:c5:4b:57:02: b0:ad:46:e7:98:8e:01:50:c7:a0:7e:1c:2b:bc:2d:19:37:06: d7:f9:1d:de:10:cb:a5:1d:ce:62:08:c5:9f:2b:e2:68:7e:2d: 45:34:28:0f:a9:cf:c0:2f:b1:1f:80:9b:e9:9d:e1:9b:7a:b3: cd:38:01:22:cb:f7:e5:5e:e6:24:0d:69:3d:4d:32:9a:5e:7a: 93:81:ec:4d:6d:b7:f8:8e:8f:1e:6a:b2:f3:bb:1f:50:44:2b: 9b:d7:5c:e2:85:ef:e0:92:8d:f9:d2:24:08:49:2f:3c:29:38: 30:fd:aa:9f:23:19:24:74:c1:25:ea:cd:0a:75:97:39:1b:9c: 83:8f:ca:e2:95:12:3d:d3:23:d9:b7:2b:dd:84:30:90:e3:d9: 9d:60:eb:e3 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8f9TSedDzDaA0Ki3yZ2zBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjY2IyZDVmYjI1Mzg1MmYxODIzYzY1NDM0ZThmMjc2ZDA0 ZTRlMGMwHhcNMjYwMTAyMDIxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNzM2ODIxMjVkNTI4MDYzOWNmODBlZjMyMTFmNTI5YTEzOTQ2YzIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7tE5UEAR2zyFMdBqFx+WsG9kQdPt FsIOwA8VhQk9VS+i4xvbQlJennHUshEFNsqJ5SX+iw9H3kNTyj7wPx2A0P8N6uAm UrZouY6JTWw2ICdkzISbPhXQ3uBhPTAuMM5BcDM7LKnCp1k68Mi/ENq7I1msm+dP qP1uGGDqcNGK7du5/qvIPDo4IFHqJv/LvO6ixxjNAfMH6PfAedoB90G63FYYBgQL Y2Vd2P2D8FSdVkL4C4sf28/pG9IFwLJfTNyOP9bFXB/Gw3CCBj4TjVkyeFwm+a1K BilbxuA9FvxrYtVv0LfreIJVm4wLlDo7URxP0mL0YWzvFU1SjxFQzadsJwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFPc2ghJdUoBjnPgO8yEfUpoTlGwgMB8GA1UdIwQY MBaAFNzLLV+yU4UvGCPGVDTo8nbQTk4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQt ZTFhOGE2ZjFkNTlhLzEvOXphQ0VsMVNnR09jLUE3eklSOVNtaE9VYkNBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQtZTFhOGE2ZjFkNTlh LzEvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW/UQMA0E AgACMAcDBQAqAQX3MA0GCSqGSIb3DQEBCwUAA4IBAQC9FhrobQv0MxlgnhJcRrfC 75wHHPMaEH/b/1sVdhvoxq/tZ5pbN2rSeiG1yVT3qmyElcYsttO6Bf1NLE7hkAhJ RCaH+BfjyJMAA9xjHUd9DeiHEcLPI3jywOJYOXMRok5WY14ARtP46cVLVwKwrUbn mI4BUMegfhwrvC0ZNwbX+R3eEMulHc5iCMWfK+Jofi1FNCgPqc/AL7EfgJvpneGb erPNOAEiy/flXuYkDWk9TTKaXnqTgexNbbf4jo8earLzux9QRCub11zihe/gko35 0iQISS88KTgw/aqfIxkkdMEl6s0KdZc5G5yDj8rilRI90yPZtyvdhDCQ49mdYOvj -----END CERTIFICATE-----Generated at Mon Jan 26 14:43:24 2026 by rpki-client