This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/PUKkt35cHiKGiJvSjqXEn6uVP7Y.roa File: PUKkt35cHiKGiJvSjqXEn6uVP7Y.roa (raw, json) Hash identifier: Bmwa3jnfP0hJvyVvtY0byaw0ncITKSVJhGUCxBAyHJ0= Subject key identifier: 3D:42:A4:B7:7E:5C:1E:22:86:88:9B:D2:8E:A5:C4:9F:AB:95:3F:B6 Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb Certificate serial: 019B7E39011ADC8E05361B289E2C50363E6F Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/PUKkt35cHiKGiJvSjqXEn6uVP7Y.roa Signing time: Fri 02 Jan 2026 10:20:23 +0000 ROA not before: Fri 02 Jan 2026 10:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30781 IP address blocks: 91.209.107.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.mft rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:01:1a:dc:8e:05:36:1b:28:9e:2c:50:36:3e:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb Validity Not Before: Jan 2 10:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3d42a4b77e5c1e2286889bd28ea5c49fab953fb6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:22:84:bf:4b:92:8b:35:ca:cc:13:b9:cb:9e: f9:2b:d6:5b:34:5d:57:69:02:e6:bf:47:52:a4:40: 07:22:1e:60:33:56:0a:28:6a:2c:97:02:2f:11:cd: 55:e7:73:0b:e9:7e:bb:0b:a6:cc:68:5f:35:79:14: a5:68:56:ed:44:22:33:fd:af:7a:0b:a3:42:3f:01: 8c:45:e6:07:9d:f1:c5:12:00:cf:c9:3a:48:26:43: bc:9f:13:47:e9:f5:fa:c2:c1:75:1d:f5:de:68:30: 94:54:da:38:d5:bf:14:c7:eb:cc:bb:5a:bb:c0:eb: f3:94:af:d2:ee:c4:3c:ca:73:95:6e:57:f1:c4:99: 29:04:38:65:80:20:6d:91:c3:bc:5b:0c:fd:39:f1: 0d:b1:51:8d:8c:3b:cc:38:37:ee:a3:d3:66:87:87: d4:da:08:4b:77:de:bd:a1:3e:6a:85:10:14:8f:68: 87:76:d4:02:e9:44:de:5b:a5:41:26:c5:5e:2c:31: c3:c1:2e:a8:70:87:2d:ae:17:10:1f:b9:0b:d0:09: 27:37:79:a9:e6:b7:20:76:90:ca:b0:5a:a0:d1:88: c7:a4:9b:49:81:f6:8c:17:ce:3b:09:64:81:ad:99: ac:e9:06:7e:4a:09:2b:df:f1:a7:ea:e8:12:43:da: fa:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:42:A4:B7:7E:5C:1E:22:86:88:9B:D2:8E:A5:C4:9F:AB:95:3F:B6 X509v3 Authority Key Identifier: keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/PUKkt35cHiKGiJvSjqXEn6uVP7Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.209.107.0/24 Signature Algorithm: sha256WithRSAEncryption 42:89:86:65:f6:9e:9d:97:6c:f5:d8:76:64:23:d7:91:72:26: 39:d6:22:22:d7:1f:28:39:30:2d:44:f1:fe:15:2c:10:63:05: 9c:68:5f:ea:43:9d:98:4f:b2:48:88:b5:36:45:f3:56:70:7e: ba:51:54:ce:7a:cd:43:34:6f:be:31:f3:e3:12:87:d6:67:b9: 43:c0:6c:26:95:47:97:e7:e3:83:98:10:1e:76:0e:19:fe:60: 1f:10:14:86:b5:7a:75:21:f8:9e:74:89:cd:f2:de:46:b3:ee: bc:4e:0b:a3:9e:3d:d6:8c:a1:84:96:67:fc:36:13:be:d2:33: c6:76:46:dd:7c:e3:f3:81:ad:91:8a:35:eb:fb:6e:96:14:3f: c1:9c:79:32:2b:75:4a:9d:e8:24:4e:2c:1f:9a:dd:42:96:61: e1:a5:50:99:d5:cd:70:2e:ca:5c:88:d4:14:cb:2d:94:6e:5e: a0:b9:1e:83:31:05:09:9a:6d:0b:4e:ed:1f:32:c4:c8:92:d9: 82:53:7d:63:48:0d:4c:87:6b:f6:06:65:1b:04:6a:2c:f2:7f: 05:84:57:fb:7d:b5:f2:42:aa:56:f5:06:42:2a:61:ac:98:64: 6e:d0:56:d1:33:ab:29:60:f0:fc:f8:39:63:de:1c:cf:aa:02: 07:36:e8:95 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OQEa3I4FNhsonixQNj5vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0 NTBhZWIwHhcNMjYwMTAyMTAyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZDQyYTRiNzdlNWMxZTIyODY4ODliZDI4ZWE1YzQ5ZmFiOTUzZmI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriKEv0uSizXKzBO5y575K9ZbNF1X aQLmv0dSpEAHIh5gM1YKKGoslwIvEc1V53ML6X67C6bMaF81eRSlaFbtRCIz/a96 C6NCPwGMReYHnfHFEgDPyTpIJkO8nxNH6fX6wsF1HfXeaDCUVNo41b8Ux+vMu1q7 wOvzlK/S7sQ8ynOVblfxxJkpBDhlgCBtkcO8Wwz9OfENsVGNjDvMODfuo9Nmh4fU 2ghLd969oT5qhRAUj2iHdtQC6UTeW6VBJsVeLDHDwS6ocIctrhcQH7kL0AknN3mp 5rcgdpDKsFqg0YjHpJtJgfaMF847CWSBrZms6QZ+Sgkr3/Gn6ugSQ9r6WwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFD1CpLd+XB4ihoib0o6lxJ+rlT+2MB8GA1UdIwQY MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt YTRkYjM5NmM4OTg3LzEvUFVLa3QzNWNIaUtHaUp2U2pxWEVuNnVWUDdZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3 LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9FrMA0G CSqGSIb3DQEBCwUAA4IBAQBCiYZl9p6dl2z12HZkI9eRciY51iIi1x8oOTAtRPH+ FSwQYwWcaF/qQ52YT7JIiLU2RfNWcH66UVTOes1DNG++MfPjEofWZ7lDwGwmlUeX 5+ODmBAedg4Z/mAfEBSGtXp1IfiedInN8t5Gs+68Tgujnj3WjKGElmf8NhO+0jPG dkbdfOPzga2RijXr+26WFD/BnHkyK3VKnegkTiwfmt1ClmHhpVCZ1c1wLspciNQU yy2Ubl6guR6DMQUJmm0LTu0fMsTIktmCU31jSA1Mh2v2BmUbBGos8n8FhFf7fbXy QqpW9QZCKmGsmGRu0FbRM6spYPD8+Dlj3hzPqgIHNuiV -----END CERTIFICATE-----Generated at Sun Jan 25 16:17:53 2026 by rpki-client