This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/fsnKswSMyeM4OK2o8J_ZzwwYiiI.roa File: fsnKswSMyeM4OK2o8J_ZzwwYiiI.roa (raw, json) Hash identifier: tWk+nFmUcDykdNhoUyVPw1UFkRx/3AJQMBQrLxH1g5k= Subject key identifier: 7E:C9:CA:B3:04:8C:C9:E3:38:38:AD:A8:F0:9F:D9:CF:0C:18:8A:22 Certificate issuer: /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c Certificate serial: 019B7C7FD56EFA35BBC7ADBEFD15F35423F1 Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/fsnKswSMyeM4OK2o8J_ZzwwYiiI.roa Signing time: Fri 02 Jan 2026 02:18:31 +0000 ROA not before: Fri 02 Jan 2026 02:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212224 IP address blocks: 91.245.20.0/22 maxlen: 24 2a01:5f6::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.mft rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 11:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:d5:6e:fa:35:bb:c7:ad:be:fd:15:f3:54:23:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c Validity Not Before: Jan 2 02:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7ec9cab3048cc9e33838ada8f09fd9cf0c188a22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:c2:77:a6:87:53:8f:d5:a3:49:c3:3f:c1:ae: 56:71:16:fa:b8:1f:90:ef:f2:6f:b3:43:7a:23:e1: c1:b9:9c:6a:5b:1b:31:0f:de:e9:ac:bc:d9:69:56: 85:8d:42:b8:cd:a0:9c:15:5f:03:e4:f0:e7:92:26: 93:b9:5d:76:7a:99:6e:9f:0c:ef:c4:c2:c6:e1:b9: 36:ff:13:a4:ac:e1:dc:2d:43:b4:30:6c:cb:7c:a5: 78:64:0d:dc:55:9f:92:f3:4f:d8:b6:25:7e:03:be: 8f:7c:2d:f2:d6:03:0f:3c:f0:10:58:d1:3e:4e:8c: 7d:fe:e2:42:b6:2f:99:43:fb:76:34:73:17:fd:fd: 32:fc:ce:12:1f:0f:67:00:60:67:5d:ca:3b:c9:b9: b4:af:36:14:1f:0d:27:bb:d9:00:9c:8f:46:3d:54: 18:5f:c2:6e:f6:de:58:c3:15:ab:1a:f5:78:f0:06: 4e:c3:a9:8f:6d:33:38:d5:d8:4f:66:4d:3e:93:58: 9e:04:2e:3e:7b:81:6b:d8:ac:bf:b6:39:9a:f9:a6: dc:e9:fb:21:91:1c:e7:c6:65:62:47:1a:79:31:ae: 88:f6:75:41:1a:6e:6c:87:b2:8c:c5:f4:e9:ec:b7: 40:f5:1b:1e:3c:41:92:42:65:74:ec:86:a9:86:6f: 65:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:C9:CA:B3:04:8C:C9:E3:38:38:AD:A8:F0:9F:D9:CF:0C:18:8A:22 X509v3 Authority Key Identifier: keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/fsnKswSMyeM4OK2o8J_ZzwwYiiI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.245.20.0/22 IPv6: 2a01:5f6::/32 Signature Algorithm: sha256WithRSAEncryption b3:ee:4a:58:ac:a2:9d:d2:6c:c2:6b:77:e9:d8:13:81:ec:63: ff:3a:5f:43:c3:a5:8a:cb:e3:ee:a9:4c:8e:66:fd:fe:c5:b8: 4c:c9:f7:9e:12:96:9d:cf:ea:9d:e0:b3:52:2e:41:7a:39:a8: 27:2e:7b:0e:92:61:31:59:f4:bc:e9:c0:7c:8e:47:a4:3d:c0: 80:11:f7:1e:35:68:d2:3f:ed:59:47:97:f5:ac:be:88:21:20: b8:83:49:aa:08:b8:a4:27:d6:53:c6:10:64:06:7c:bb:95:b8: f3:8c:e8:71:46:c7:7d:93:f0:a7:a1:55:ad:d7:18:c3:65:38: f0:a3:81:0d:52:9a:d4:ef:67:7c:41:11:55:48:bc:34:28:fb: fa:6c:43:46:2e:db:45:1e:76:0d:51:7b:74:09:47:6a:73:d3: dc:a2:c8:48:0d:85:8b:e6:ca:e7:b6:fb:14:0a:02:f5:10:b6: e3:ab:50:9f:bd:c3:60:ef:49:31:8a:ab:a2:78:96:66:dc:ca: ba:2e:23:e1:9a:82:00:fd:04:f1:3a:db:74:4d:98:f8:d3:bc: a6:3d:4e:b7:51:10:58:41:6d:0f:7e:f0:ec:8d:27:b5:8c:6c: 68:00:27:29:f4:d0:af:34:02:05:81:c3:46:ac:7c:42:4c:d1: 9a:cc:71:3f -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8f9Vu+jW7x62+/RXzVCPxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjY2IyZDVmYjI1Mzg1MmYxODIzYzY1NDM0ZThmMjc2ZDA0 ZTRlMGMwHhcNMjYwMTAyMDIxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZWM5Y2FiMzA0OGNjOWUzMzgzOGFkYThmMDlmZDljZjBjMTg4YTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsJ3podTj9WjScM/wa5WcRb6uB+Q 7/Jvs0N6I+HBuZxqWxsxD97prLzZaVaFjUK4zaCcFV8D5PDnkiaTuV12eplunwzv xMLG4bk2/xOkrOHcLUO0MGzLfKV4ZA3cVZ+S80/YtiV+A76PfC3y1gMPPPAQWNE+ Tox9/uJCti+ZQ/t2NHMX/f0y/M4SHw9nAGBnXco7ybm0rzYUHw0nu9kAnI9GPVQY X8Ju9t5YwxWrGvV48AZOw6mPbTM41dhPZk0+k1ieBC4+e4Fr2Ky/tjma+abc6fsh kRznxmViRxp5Ma6I9nVBGm5sh7KMxfTp7LdA9RsePEGSQmV07Iaphm9lHQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFH7JyrMEjMnjODitqPCf2c8MGIoiMB8GA1UdIwQY MBaAFNzLLV+yU4UvGCPGVDTo8nbQTk4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQt ZTFhOGE2ZjFkNTlhLzEvZnNuS3N3U015ZU00T0sybzhKX1p6d3dZaWlJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQtZTFhOGE2ZjFkNTlh LzEvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCW/UUMA0E AgACMAcDBQAqAQX2MA0GCSqGSIb3DQEBCwUAA4IBAQCz7kpYrKKd0mzCa3fp2BOB 7GP/Ol9Dw6WKy+PuqUyOZv3+xbhMyfeeEpadz+qd4LNSLkF6OagnLnsOkmExWfS8 6cB8jkekPcCAEfceNWjSP+1ZR5f1rL6IISC4g0mqCLikJ9ZTxhBkBny7lbjzjOhx Rsd9k/CnoVWt1xjDZTjwo4ENUprU72d8QRFVSLw0KPv6bENGLttFHnYNUXt0CUdq c9PcoshIDYWL5srntvsUCgL1ELbjq1CfvcNg70kxiquieJZm3Mq6LiPhmoIA/QTx Ott0TZj407ymPU63URBYQW0PfvDsjSe1jGxoACcp9NCvNAIFgcNGrHxCTNGazHE/ -----END CERTIFICATE-----Generated at Mon Jan 26 17:44:18 2026 by rpki-client