This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/6cddca-fad7-4494-bc14-00abc471f9c1/1/WNCvUST9GFQgH9lNnrBxz7wn1MA.roa File: WNCvUST9GFQgH9lNnrBxz7wn1MA.roa (raw, json) Hash identifier: Y8xEIX8tbfw6KstlTGIt4As/gEkptm/Cc262V8KE5HU= Subject key identifier: 58:D0:AF:51:24:FD:18:54:20:1F:D9:4D:9E:B0:71:CF:BC:27:D4:C0 Certificate issuer: /CN=1143dd85fa01ebec01ee331a13179e8a33d9022f Certificate serial: 019B7EA63AF50D7A5DDED36D7E3D2081D665 Authority key identifier: 11:43:DD:85:FA:01:EB:EC:01:EE:33:1A:13:17:9E:8A:33:D9:02:2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EUPdhfoB6-wB7jMaExeeijPZAi8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/6cddca-fad7-4494-bc14-00abc471f9c1/1/WNCvUST9GFQgH9lNnrBxz7wn1MA.roa Signing time: Fri 02 Jan 2026 12:19:41 +0000 ROA not before: Fri 02 Jan 2026 12:19:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51914 IP address blocks: 91.221.128.0/23 maxlen: 23 91.221.128.0/24 maxlen: 24 91.221.129.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/6cddca-fad7-4494-bc14-00abc471f9c1/1/EUPdhfoB6-wB7jMaExeeijPZAi8.crl rsync://rpki.ripe.net/repository/DEFAULT/28/6cddca-fad7-4494-bc14-00abc471f9c1/1/EUPdhfoB6-wB7jMaExeeijPZAi8.mft rsync://rpki.ripe.net/repository/DEFAULT/EUPdhfoB6-wB7jMaExeeijPZAi8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 03:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:3a:f5:0d:7a:5d:de:d3:6d:7e:3d:20:81:d6:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1143dd85fa01ebec01ee331a13179e8a33d9022f Validity Not Before: Jan 2 12:19:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=58d0af5124fd1854201fd94d9eb071cfbc27d4c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:d8:bb:4d:a3:47:19:c3:d8:d4:f7:b7:9a:1b: c6:af:c9:91:d4:2f:b6:3f:c8:42:7a:e8:dd:6d:20: 74:5c:aa:cc:ac:7c:23:bf:8e:0a:86:cd:87:47:63: 13:3a:14:86:39:4a:02:5c:d1:5f:4d:7f:23:d5:ed: 1a:fd:87:26:69:19:fd:15:62:16:3a:40:f7:0d:b6: 82:64:7d:26:a0:52:33:6e:ee:a7:07:a6:fe:1c:e2: 33:bb:f4:52:0c:8e:8e:ba:2f:3f:f1:39:9b:1a:e7: e9:b8:22:ac:16:6a:4b:c0:66:1b:ec:d6:48:9d:7a: fa:c2:57:60:60:9c:d7:9c:a2:ac:bd:99:53:00:a3: 28:50:6d:21:a5:91:b1:c6:e0:11:a8:15:74:6d:88: 8f:8a:fc:c4:37:89:8c:42:3d:c3:3e:5a:df:b5:8f: 22:6b:7b:ad:2e:fe:b0:63:b5:c0:9f:07:e2:01:f5: df:d4:7f:77:6c:7d:98:47:bc:a3:90:5a:95:e8:13: d2:db:4c:92:2f:83:e0:d2:ee:38:71:57:43:28:d3: f4:c8:53:48:7e:a1:94:19:d3:c7:a0:07:49:6e:d5: ee:96:c9:d7:e2:b7:56:82:98:53:03:7e:f4:50:4c: 1c:0d:d4:45:90:7f:6e:61:af:09:8c:6a:83:d5:24: cf:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:D0:AF:51:24:FD:18:54:20:1F:D9:4D:9E:B0:71:CF:BC:27:D4:C0 X509v3 Authority Key Identifier: keyid:11:43:DD:85:FA:01:EB:EC:01:EE:33:1A:13:17:9E:8A:33:D9:02:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EUPdhfoB6-wB7jMaExeeijPZAi8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6cddca-fad7-4494-bc14-00abc471f9c1/1/WNCvUST9GFQgH9lNnrBxz7wn1MA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/6cddca-fad7-4494-bc14-00abc471f9c1/1/EUPdhfoB6-wB7jMaExeeijPZAi8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.221.128.0/23 Signature Algorithm: sha256WithRSAEncryption 1f:9c:46:89:0b:37:a5:58:aa:64:9b:7d:66:88:7a:88:82:25: 05:6d:c4:24:c9:79:76:bf:ee:01:b2:5d:27:0d:a3:7b:02:d6: 1d:dd:19:13:18:de:8e:02:ac:eb:9e:9e:22:4c:1a:48:ef:23: c3:f4:bc:df:57:5e:5a:f2:7d:f8:e5:8b:6d:f4:98:fe:1d:32: f8:8a:be:c9:46:35:0c:b4:94:43:39:34:0a:45:2e:b4:34:cc: bb:d1:a0:06:3b:47:77:5b:d2:b5:72:48:c4:60:95:cc:b2:9a: fc:79:c5:21:ea:0d:77:92:d2:e6:09:35:a8:f3:8f:2e:fd:a7: 89:8c:0f:51:5d:71:ab:ee:fe:a0:79:db:da:44:62:ca:c4:54: 49:ae:57:6f:d1:0c:cd:8a:81:3a:66:d8:bc:f0:32:8c:ac:47: db:09:e7:af:86:50:d7:c4:57:13:5a:3c:a2:73:d6:ba:a9:f2: 58:a2:29:d8:48:b4:fa:0a:a5:94:01:e1:70:88:d4:46:9d:84: b9:c3:aa:ce:46:8c:ff:d7:45:95:5d:2a:c4:d5:45:65:d5:0c: e4:86:62:e8:19:08:1c:68:ea:1b:f6:87:47:85:24:63:f1:26: 4f:0c:88:0c:d6:e6:f0:b1:b0:ac:fe:51:b1:f4:29:5f:f0:53: 21:77:3f:02 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pjr1DXpd3tNtfj0ggdZlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExNDNkZDg1ZmEwMWViZWMwMWVlMzMxYTEzMTc5ZThhMzNk OTAyMmYwHhcNMjYwMTAyMTIxOTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1OGQwYWY1MTI0ZmQxODU0MjAxZmQ5NGQ5ZWIwNzFjZmJjMjdkNGMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9i7TaNHGcPY1Pe3mhvGr8mR1C+2 P8hCeujdbSB0XKrMrHwjv44Khs2HR2MTOhSGOUoCXNFfTX8j1e0a/YcmaRn9FWIW OkD3DbaCZH0moFIzbu6nB6b+HOIzu/RSDI6Oui8/8TmbGufpuCKsFmpLwGYb7NZI nXr6wldgYJzXnKKsvZlTAKMoUG0hpZGxxuARqBV0bYiPivzEN4mMQj3DPlrftY8i a3utLv6wY7XAnwfiAfXf1H93bH2YR7yjkFqV6BPS20ySL4Pg0u44cVdDKNP0yFNI fqGUGdPHoAdJbtXulsnX4rdWgphTA370UEwcDdRFkH9uYa8JjGqD1STPoQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFjQr1Ek/RhUIB/ZTZ6wcc+8J9TAMB8GA1UdIwQY MBaAFBFD3YX6AevsAe4zGhMXnooz2QIvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRVVQZGhmb0I2LXdCN2pNYUV4ZWVpalBaQWk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC82Y2RkY2EtZmFkNy00NDk0LWJjMTQt MDBhYmM0NzFmOWMxLzEvV05DdlVTVDlHRlFnSDlsTm5yQnh6N3duMU1BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC82Y2RkY2EtZmFkNy00NDk0LWJjMTQtMDBhYmM0NzFmOWMx LzEvRVVQZGhmb0I2LXdCN2pNYUV4ZWVpalBaQWk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW92AMA0G CSqGSIb3DQEBCwUAA4IBAQAfnEaJCzelWKpkm31miHqIgiUFbcQkyXl2v+4Bsl0n DaN7AtYd3RkTGN6OAqzrnp4iTBpI7yPD9LzfV15a8n345Ytt9Jj+HTL4ir7JRjUM tJRDOTQKRS60NMy70aAGO0d3W9K1ckjEYJXMspr8ecUh6g13ktLmCTWo848u/aeJ jA9RXXGr7v6gedvaRGLKxFRJrldv0QzNioE6Zti88DKMrEfbCeevhlDXxFcTWjyi c9a6qfJYoinYSLT6CqWUAeFwiNRGnYS5w6rORoz/10WVXSrE1UVl1QzkhmLoGQgc aOob9odHhSRj8SZPDIgM1ubwsbCs/lGx9Clf8FMhdz8C -----END CERTIFICATE-----Generated at Mon Jan 26 13:11:04 2026 by rpki-client