This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/SRouw1ACmOxsP7DYIDJnot7Wy0M.roa File: SRouw1ACmOxsP7DYIDJnot7Wy0M.roa (raw, json) Hash identifier: Axkim79AjMG7Hlgx6O/xdzgLE7UsB+oDhwA5WGJg0Bs= Subject key identifier: 49:1A:2E:C3:50:02:98:EC:6C:3F:B0:D8:20:32:67:A2:DE:D6:CB:43 Certificate issuer: /CN=3d43cf40f691f14b35ca657032934802005cfa88 Certificate serial: 019B7FF05CC5942B8977FC21927A539FDE90 Authority key identifier: 3D:43:CF:40:F6:91:F1:4B:35:CA:65:70:32:93:48:02:00:5C:FA:88 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUPPQPaR8Us1ymVwMpNIAgBc-og.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/SRouw1ACmOxsP7DYIDJnot7Wy0M.roa Signing time: Fri 02 Jan 2026 18:20:17 +0000 ROA not before: Fri 02 Jan 2026 18:20:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20712 IP address blocks: 91.200.61.0/24 maxlen: 24 2001:67c:1270::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/PUPPQPaR8Us1ymVwMpNIAgBc-og.crl rsync://rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/PUPPQPaR8Us1ymVwMpNIAgBc-og.mft rsync://rpki.ripe.net/repository/DEFAULT/PUPPQPaR8Us1ymVwMpNIAgBc-og.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f0:5c:c5:94:2b:89:77:fc:21:92:7a:53:9f:de:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d43cf40f691f14b35ca657032934802005cfa88 Validity Not Before: Jan 2 18:20:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=491a2ec3500298ec6c3fb0d8203267a2ded6cb43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:17:93:1f:b1:53:dd:53:18:d1:e8:3a:58:76: 55:60:36:f3:ed:19:a5:b5:ba:e9:56:3c:03:8f:18: 69:c4:24:8a:a7:84:df:10:a1:4d:e8:17:94:3d:52: e1:1e:72:9e:11:b1:f4:52:89:55:d4:0f:86:98:06: b1:19:fd:ba:47:63:2b:25:e6:52:14:e0:76:a1:ae: cf:38:8d:2a:5b:59:53:9c:7c:18:d9:7e:4b:31:ee: c5:ef:b8:e1:31:6a:36:c7:2d:04:0b:6c:cf:96:cb: 55:de:98:c5:7d:a2:d8:36:46:46:af:77:80:ad:8c: e0:9b:b2:19:4a:cd:3e:8b:ae:a6:3a:40:bc:4d:b5: 36:38:70:4f:78:60:3b:58:71:57:b7:69:8d:31:de: db:e9:7b:e9:ee:9f:27:fc:c9:39:20:b0:bd:2c:f4: 99:58:1e:a0:16:ab:fd:1d:fc:d9:ba:15:ef:f1:48: 06:b9:99:94:30:96:ef:d9:63:a8:4c:b0:01:a5:c0: 7e:ff:18:a8:4a:71:e3:c4:a9:fa:f4:df:be:05:d0: bc:94:9c:bc:4b:3b:06:71:3b:c5:61:7e:ed:3d:ba: 35:c1:52:f9:a0:c0:16:96:e5:8d:5d:ab:ed:ed:4c: 3f:f5:b4:a7:68:8b:b4:d7:eb:b2:b6:b1:a4:cb:74: fa:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:1A:2E:C3:50:02:98:EC:6C:3F:B0:D8:20:32:67:A2:DE:D6:CB:43 X509v3 Authority Key Identifier: keyid:3D:43:CF:40:F6:91:F1:4B:35:CA:65:70:32:93:48:02:00:5C:FA:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUPPQPaR8Us1ymVwMpNIAgBc-og.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/SRouw1ACmOxsP7DYIDJnot7Wy0M.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/43f7ac-6788-490b-9b3b-07fb6171f18f/1/PUPPQPaR8Us1ymVwMpNIAgBc-og.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.200.61.0/24 IPv6: 2001:67c:1270::/48 Signature Algorithm: sha256WithRSAEncryption 04:32:1b:d1:58:67:4b:b9:62:53:d0:6e:b6:91:15:4d:63:6e: f6:29:53:ff:00:b8:27:3f:a0:4d:5e:3b:33:01:e2:6c:13:5a: 6e:10:00:56:d3:58:a2:21:ca:98:08:4b:bc:51:af:65:18:92: 51:69:84:14:3a:d6:e2:83:7c:4b:a3:60:d5:b5:87:9c:e7:50: 4f:bf:39:11:62:54:28:a9:63:bc:db:8b:38:f3:fe:97:8d:c5: af:84:72:bb:22:6a:ab:c1:8f:d4:72:be:d0:4e:35:69:1b:a1: 97:d1:d8:97:8d:34:5c:18:b6:73:e8:2e:34:03:3a:fb:42:ce: df:cd:45:6a:a0:51:3c:df:e1:0a:47:76:8c:a6:a2:c9:fe:fe: 9a:90:bb:be:70:41:65:5d:a4:f9:97:4e:1b:5a:22:2d:33:0c: e5:f4:10:c6:b2:9b:4e:e6:60:06:a6:f5:d0:5e:1e:cd:61:2e: 49:68:23:e7:30:8a:80:46:fa:fc:e0:b3:4d:e2:16:c7:bd:33: cf:82:00:48:bb:89:8c:dc:54:de:d5:37:e6:50:8f:83:e0:f1: 7b:83:b6:03:c0:1b:47:83:24:89:98:a5:60:24:21:26:9a:0e: d8:23:4f:39:ab:67:5f:72:21:14:a8:dd:40:ff:96:cd:cb:47: 7c:b5:a1:f6 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/8FzFlCuJd/whknpTn96QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkNDNjZjQwZjY5MWYxNGIzNWNhNjU3MDMyOTM0ODAyMDA1 Y2ZhODgwHhcNMjYwMTAyMTgyMDE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0OTFhMmVjMzUwMDI5OGVjNmMzZmIwZDgyMDMyNjdhMmRlZDZjYjQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xeTH7FT3VMY0eg6WHZVYDbz7Rml tbrpVjwDjxhpxCSKp4TfEKFN6BeUPVLhHnKeEbH0UolV1A+GmAaxGf26R2MrJeZS FOB2oa7POI0qW1lTnHwY2X5LMe7F77jhMWo2xy0EC2zPlstV3pjFfaLYNkZGr3eA rYzgm7IZSs0+i66mOkC8TbU2OHBPeGA7WHFXt2mNMd7b6Xvp7p8n/Mk5ILC9LPSZ WB6gFqv9HfzZuhXv8UgGuZmUMJbv2WOoTLABpcB+/xioSnHjxKn69N++BdC8lJy8 SzsGcTvFYX7tPbo1wVL5oMAWluWNXavt7Uw/9bSnaIu01+uytrGky3T6mwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFEkaLsNQApjsbD+w2CAyZ6Le1stDMB8GA1UdIwQY MBaAFD1Dz0D2kfFLNcplcDKTSAIAXPqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFVQUFFQYVI4VXMxeW1Wd01wTklBZ0JjLW9nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80M2Y3YWMtNjc4OC00OTBiLTliM2It MDdmYjYxNzFmMThmLzEvU1JvdXcxQUNtT3hzUDdEWUlESm5vdDdXeTBNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC80M2Y3YWMtNjc4OC00OTBiLTliM2ItMDdmYjYxNzFmMThm LzEvUFVQUFFQYVI4VXMxeW1Wd01wTklBZ0JjLW9nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8g9MA8E AgACMAkDBwAgAQZ8EnAwDQYJKoZIhvcNAQELBQADggEBAAQyG9FYZ0u5YlPQbraR FU1jbvYpU/8AuCc/oE1eOzMB4mwTWm4QAFbTWKIhypgIS7xRr2UYklFphBQ61uKD fEujYNW1h5znUE+/ORFiVCipY7zbizjz/peNxa+EcrsiaqvBj9RyvtBONWkboZfR 2JeNNFwYtnPoLjQDOvtCzt/NRWqgUTzf4QpHdoymosn+/pqQu75wQWVdpPmXThta Ii0zDOX0EMaym07mYAam9dBeHs1hLkloI+cwioBG+vzgs03iFse9M8+CAEi7iYzc VN7VN+ZQj4Pg8XuDtgPAG0eDJImYpWAkISaaDtgjTzmrZ19yIRSo3UD/ls3LR3y1 ofY= -----END CERTIFICATE-----Generated at Mon Jan 26 05:33:45 2026 by rpki-client