This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/ndIFovkOM59q_GrNUdf0rAGkzdk.roa File: ndIFovkOM59q_GrNUdf0rAGkzdk.roa (raw, json) Hash identifier: IjeHyVSgVr9enrcMavU9+Zitjl1p4kguwLZr/wm0Fuk= Subject key identifier: 9D:D2:05:A2:F9:0E:33:9F:6A:FC:6A:CD:51:D7:F4:AC:01:A4:CD:D9 Certificate issuer: /CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c Certificate serial: 019B7CEE2F97076BEB6BA41B020F017F6B5E Authority key identifier: D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/ndIFovkOM59q_GrNUdf0rAGkzdk.roa Signing time: Fri 02 Jan 2026 04:19:03 +0000 ROA not before: Fri 02 Jan 2026 04:19:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199777 IP address blocks: 91.238.30.0/24 maxlen: 24 91.238.32.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:2f:97:07:6b:eb:6b:a4:1b:02:0f:01:7f:6b:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c Validity Not Before: Jan 2 04:19:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9dd205a2f90e339f6afc6acd51d7f4ac01a4cdd9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:e5:44:77:dd:ac:5d:aa:6b:12:57:f8:f0:e4: ab:5e:e5:d8:5d:73:5e:d5:a3:d6:42:b7:4a:50:1c: 9f:81:b8:a7:49:e3:64:45:30:a4:c5:b4:ee:30:87: 97:b7:cb:58:a1:5f:f3:e3:01:94:99:10:9f:d9:22: c9:fe:8d:25:ec:63:0d:05:c9:79:fd:fe:db:db:63: d6:fe:0a:f5:d9:6e:2b:98:b3:33:91:c1:15:a2:5a: 14:bd:0d:c1:1a:47:f4:b1:38:ad:9d:d4:35:e6:1f: 05:b9:86:d1:d4:64:76:b7:90:72:89:38:ce:28:8f: 46:75:0c:0b:d1:8f:ec:a0:87:43:7c:97:f3:be:f8: 59:2b:f9:72:0e:0a:40:5d:1f:a6:f4:4a:39:63:a8: d8:5c:87:60:32:7b:27:01:30:14:5b:fd:2c:73:0e: cd:b1:22:1c:2c:f5:70:8e:08:33:a9:1d:f6:cc:a9: cd:a0:44:45:17:03:fc:66:32:74:4a:03:c6:28:99: fc:a1:a4:ff:8f:60:0b:1d:f7:ff:c1:72:91:aa:39: 8d:3c:2b:b8:42:c5:cc:45:fa:03:72:6d:76:d8:a3: 8d:60:1e:63:a6:8e:0f:10:a1:b7:84:4c:b7:61:46: cd:7c:32:83:1c:e5:ed:93:40:b8:8e:e2:f7:6d:c9: f2:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:D2:05:A2:F9:0E:33:9F:6A:FC:6A:CD:51:D7:F4:AC:01:A4:CD:D9 X509v3 Authority Key Identifier: keyid:D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/ndIFovkOM59q_GrNUdf0rAGkzdk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.238.30.0/24 91.238.32.0/24 Signature Algorithm: sha256WithRSAEncryption 10:84:ac:4c:5b:e1:fe:6d:ce:4f:54:9e:c5:05:af:7f:77:04: 81:fe:ac:47:fe:03:7b:09:f7:0d:ad:0d:63:9f:e0:e4:86:b7: a0:ad:f5:f3:3a:c4:99:fd:9a:5f:f1:b3:6e:78:6c:a6:53:5c: ef:70:a5:1b:97:0f:6b:9f:32:9b:ae:fc:b5:44:f6:d2:c3:77: 57:ea:80:43:2d:a2:d7:60:27:bb:59:ed:f8:50:1f:1a:45:9a: b8:f0:01:38:b2:f4:a3:05:fe:63:c6:e9:0a:c2:eb:12:6c:21: 3e:d9:5e:49:3f:fe:b8:7c:c4:53:3a:9e:7e:9f:b6:cc:dc:89: 74:e6:ec:62:ef:88:77:67:8c:be:e1:e6:15:37:a0:92:1d:6e: 1d:c2:a7:0b:b0:09:c0:44:d6:f9:e6:1e:09:a6:95:27:3c:76: d3:66:b9:73:e6:0b:f3:d2:68:60:0d:7d:77:fb:8b:38:05:89: 9e:76:5e:8e:a2:12:7a:89:6d:5e:d5:cf:72:74:34:74:e8:61: 92:3f:f8:fe:c8:ac:3e:81:cc:c8:85:5f:a4:dc:26:56:5d:48: 5f:2d:a3:2b:aa:6e:f4:b5:b5:61:01:da:32:8d:c6:be:9a:e1: 97:38:2e:bb:32:a2:3b:85:bd:5e:6b:90:20:25:f7:c1:e0:10: b5:21:9a:4e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt87i+XB2vra6QbAg8Bf2teMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4ODJhMTk3MzQwZDM1ODRlNmFjMTdjMWZiMmE5OTAwYWU0 ZjYwM2MwHhcNMjYwMTAyMDQxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZGQyMDVhMmY5MGUzMzlmNmFmYzZhY2Q1MWQ3ZjRhYzAxYTRjZGQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOVEd92sXaprElf48OSrXuXYXXNe 1aPWQrdKUByfgbinSeNkRTCkxbTuMIeXt8tYoV/z4wGUmRCf2SLJ/o0l7GMNBcl5 /f7b22PW/gr12W4rmLMzkcEVoloUvQ3BGkf0sTitndQ15h8FuYbR1GR2t5ByiTjO KI9GdQwL0Y/soIdDfJfzvvhZK/lyDgpAXR+m9Eo5Y6jYXIdgMnsnATAUW/0scw7N sSIcLPVwjggzqR32zKnNoERFFwP8ZjJ0SgPGKJn8oaT/j2ALHff/wXKRqjmNPCu4 QsXMRfoDcm122KONYB5jpo4PEKG3hEy3YUbNfDKDHOXtk0C4juL3bcnyuwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJ3SBaL5DjOfavxqzVHX9KwBpM3ZMB8GA1UdIwQY MBaAFNiCoZc0DTWE5qwXwfsqmQCuT2A8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUt YjA1YWU1Y2EyZDVlLzEvbmRJRm92a09NNTlxX0dyTlVkZjByQUdremRrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUtYjA1YWU1Y2EyZDVl LzEvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+4eAwQA W+4gMA0GCSqGSIb3DQEBCwUAA4IBAQAQhKxMW+H+bc5PVJ7FBa9/dwSB/qxH/gN7 CfcNrQ1jn+DkhregrfXzOsSZ/Zpf8bNueGymU1zvcKUblw9rnzKbrvy1RPbSw3dX 6oBDLaLXYCe7We34UB8aRZq48AE4svSjBf5jxukKwusSbCE+2V5JP/64fMRTOp5+ n7bM3Il05uxi74h3Z4y+4eYVN6CSHW4dwqcLsAnARNb55h4JppUnPHbTZrlz5gvz 0mhgDX13+4s4BYmedl6OohJ6iW1e1c9ydDR06GGSP/j+yKw+gczIhV+k3CZWXUhf LaMrqm70tbVhAdoyjca+muGXOC67MqI7hb1ea5AgJffB4BC1IZpO -----END CERTIFICATE-----Generated at Mon Jan 26 04:55:04 2026 by rpki-client