This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/4mh6prr0Wbz0D6x1jN54D-RSH0k.roa File: 4mh6prr0Wbz0D6x1jN54D-RSH0k.roa (raw, json) Hash identifier: rEvOzl/pkC+xF2DelQL0hLp1T3RL6BXK9o5MbdVYvU4= Subject key identifier: E2:68:7A:A6:BA:F4:59:BC:F4:0F:AC:75:8C:DE:78:0F:E4:52:1F:49 Certificate issuer: /CN=71a3413d407d8adf8ab6be55706094efe9c3d5da Certificate serial: 019B7F159E8E2BCB64EE594A6E7F315215A3 Authority key identifier: 71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/4mh6prr0Wbz0D6x1jN54D-RSH0k.roa Signing time: Fri 02 Jan 2026 14:21:21 +0000 ROA not before: Fri 02 Jan 2026 14:21:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205774 IP address blocks: 91.208.100.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.mft rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:9e:8e:2b:cb:64:ee:59:4a:6e:7f:31:52:15:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71a3413d407d8adf8ab6be55706094efe9c3d5da Validity Not Before: Jan 2 14:21:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e2687aa6baf459bcf40fac758cde780fe4521f49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:68:3a:93:e3:44:ca:a9:3a:f4:06:8c:1f:98: 63:bb:7a:ea:b5:aa:2d:ca:3e:91:e5:61:f1:7b:55: ff:42:9d:a6:fa:70:bf:aa:66:ab:86:b2:38:05:91: 84:6f:22:ac:51:55:0d:23:fd:71:41:05:2f:1b:8d: 78:4f:5e:7c:7a:92:9c:f6:bf:b9:04:07:15:55:f4: f1:ad:02:40:b5:3e:05:14:d2:cd:26:5c:a5:a5:24: dc:5a:fa:01:4c:b2:0d:f3:4c:e9:e6:38:99:b6:a9: 4d:6c:90:97:d9:0b:36:58:71:a5:d0:f3:1d:ba:f0: b6:b8:0c:d1:1b:33:4b:77:40:64:08:ec:11:35:e3: e1:a1:6f:55:d8:63:e1:5a:19:1f:54:2b:bb:14:94: 26:f5:93:ba:f0:d4:bd:9c:e7:9c:ac:4e:f5:c7:06: 43:9f:e7:22:3c:cb:01:b8:2c:6f:27:06:df:de:dc: 32:12:e5:de:cc:38:06:ef:6a:94:9b:ea:da:55:6c: 92:4d:73:e3:11:0e:f3:d9:11:55:1f:c0:39:57:d5: 1a:f2:1f:50:06:90:01:7f:40:54:8c:ba:30:cc:da: b8:5a:af:f8:2d:65:c7:88:42:8e:f3:cf:cd:b6:64: 1b:20:16:c7:a2:f9:cd:b4:f3:54:3e:63:b8:a5:55: e1:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:68:7A:A6:BA:F4:59:BC:F4:0F:AC:75:8C:DE:78:0F:E4:52:1F:49 X509v3 Authority Key Identifier: keyid:71:A3:41:3D:40:7D:8A:DF:8A:B6:BE:55:70:60:94:EF:E9:C3:D5:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caNBPUB9it-Ktr5VcGCU7-nD1do.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/4mh6prr0Wbz0D6x1jN54D-RSH0k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/66/5b4b36-1ac9-4d29-a067-8320de44df8b/1/caNBPUB9it-Ktr5VcGCU7-nD1do.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.208.100.0/24 Signature Algorithm: sha256WithRSAEncryption 92:e7:50:54:7b:2f:7d:20:17:85:56:98:7d:26:68:80:f0:c4: 54:13:63:8b:b2:ff:6a:a1:d7:44:7c:c8:97:38:86:61:38:de: 8b:b2:83:09:f7:f4:61:0b:78:e8:6d:e9:d3:cb:3e:d1:8d:33: dd:47:a9:46:36:fb:4b:8c:e2:16:5e:92:42:61:83:39:48:35: b3:1c:c6:bd:a1:3a:88:97:08:72:ab:41:46:8a:1c:bd:91:09: c5:3e:e7:9e:f3:bd:2c:a1:ac:b8:7f:64:a2:ba:87:3a:01:c5: bb:b8:35:bc:31:cc:5e:2b:72:16:c4:7a:cf:f7:df:e1:6e:f0: 4b:e3:1b:88:aa:49:80:f9:7c:99:13:7c:15:79:f9:75:1e:5b: 4c:3b:ef:fc:56:12:d2:2d:85:0e:5f:63:b7:52:b2:04:a1:69: f5:1b:61:b7:74:1a:52:06:9a:fc:b6:2b:b1:b9:6d:54:de:00: cd:a1:53:b9:d2:f2:5b:69:ae:e0:c5:38:9d:54:5f:cf:fc:e6: c0:6e:dd:b9:ad:d0:37:a4:dd:5e:1d:8c:b0:a3:02:62:25:af: b2:7d:00:34:11:31:a3:cc:09:c6:82:03:e6:e2:ba:70:df:f4: ce:b3:a0:a3:35:51:5d:02:0b:3c:5b:17:88:22:de:4d:8f:59: 7c:66:3d:22 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FZ6OK8tk7llKbn8xUhWjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxYTM0MTNkNDA3ZDhhZGY4YWI2YmU1NTcwNjA5NGVmZTlj M2Q1ZGEwHhcNMjYwMTAyMTQyMTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMjY4N2FhNmJhZjQ1OWJjZjQwZmFjNzU4Y2RlNzgwZmU0NTIxZjQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Wg6k+NEyqk69AaMH5hju3rqtaot yj6R5WHxe1X/Qp2m+nC/qmarhrI4BZGEbyKsUVUNI/1xQQUvG414T158epKc9r+5 BAcVVfTxrQJAtT4FFNLNJlylpSTcWvoBTLIN80zp5jiZtqlNbJCX2Qs2WHGl0PMd uvC2uAzRGzNLd0BkCOwRNePhoW9V2GPhWhkfVCu7FJQm9ZO68NS9nOecrE71xwZD n+ciPMsBuCxvJwbf3twyEuXezDgG72qUm+raVWySTXPjEQ7z2RFVH8A5V9Ua8h9Q BpABf0BUjLowzNq4Wq/4LWXHiEKO88/NtmQbIBbHovnNtPNUPmO4pVXhLwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOJoeqa69Fm89A+sdYzeeA/kUh9JMB8GA1UdIwQY MBaAFHGjQT1AfYrfira+VXBglO/pw9XaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjct ODMyMGRlNDRkZjhiLzEvNG1oNnBycjBXYnowRDZ4MWpONTRELVJTSDBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ni81YjRiMzYtMWFjOS00ZDI5LWEwNjctODMyMGRlNDRkZjhi LzEvY2FOQlBVQjlpdC1LdHI1VmNHQ1U3LW5EMWRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9BkMA0G CSqGSIb3DQEBCwUAA4IBAQCS51BUey99IBeFVph9JmiA8MRUE2OLsv9qoddEfMiX OIZhON6LsoMJ9/RhC3jobenTyz7RjTPdR6lGNvtLjOIWXpJCYYM5SDWzHMa9oTqI lwhyq0FGihy9kQnFPuee870soay4f2Siuoc6AcW7uDW8McxeK3IWxHrP99/hbvBL 4xuIqkmA+XyZE3wVefl1HltMO+/8VhLSLYUOX2O3UrIEoWn1G2G3dBpSBpr8tiux uW1U3gDNoVO50vJbaa7gxTidVF/P/ObAbt25rdA3pN1eHYywowJiJa+yfQA0ETGj zAnGggPm4rpw3/TOs6CjNVFdAgs8WxeIIt5Nj1l8Zj0i -----END CERTIFICATE-----Generated at Mon Jan 26 13:11:05 2026 by rpki-client