This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/PKYdzI7_btncrfJybcR9dUE0ZSE.roa File: PKYdzI7_btncrfJybcR9dUE0ZSE.roa (raw, json) Hash identifier: y3/sm0eAAEkLjKvdsBgjXRt+wfnk4CjHq0q5eayWO8s= Subject key identifier: 3C:A6:1D:CC:8E:FF:6E:D9:DC:AD:F2:72:6D:C4:7D:75:41:34:65:21 Certificate issuer: /CN=2a12efaee997e9a763b460ab592ddda67a0deb70 Certificate serial: 019B78A327E1CC1604635CE332EAD8CC911E Authority key identifier: 2A:12:EF:AE:E9:97:E9:A7:63:B4:60:AB:59:2D:DD:A6:7A:0D:EB:70 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhLvrumX6adjtGCrWS3dpnoN63A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/PKYdzI7_btncrfJybcR9dUE0ZSE.roa Signing time: Thu 01 Jan 2026 08:18:37 +0000 ROA not before: Thu 01 Jan 2026 08:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212910 IP address blocks: 91.137.240.0/22 maxlen: 22 91.137.248.0/22 maxlen: 22 91.137.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/KhLvrumX6adjtGCrWS3dpnoN63A.crl rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/KhLvrumX6adjtGCrWS3dpnoN63A.mft rsync://rpki.ripe.net/repository/DEFAULT/KhLvrumX6adjtGCrWS3dpnoN63A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:27:e1:cc:16:04:63:5c:e3:32:ea:d8:cc:91:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a12efaee997e9a763b460ab592ddda67a0deb70 Validity Not Before: Jan 1 08:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3ca61dcc8eff6ed9dcadf2726dc47d7541346521 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:84:76:de:23:f7:62:89:4f:07:11:c1:b9:72: d6:92:64:6c:65:96:f2:4f:36:c2:af:bc:45:d5:d8: 3f:11:91:0d:7b:80:6c:54:07:9a:83:96:ed:23:30: c4:08:52:73:04:7e:24:36:5d:53:9a:8d:5d:1b:29: 18:d7:74:ea:97:08:d2:75:5d:ce:be:da:6f:c3:71: ab:d8:a6:d6:e8:99:65:10:1d:66:99:ef:36:46:a4: 2d:76:09:cb:a3:49:3a:e5:06:08:86:b3:6b:98:b7: 79:91:6a:ed:6b:87:7f:d3:0a:22:4d:0a:28:40:66: d1:04:d8:ce:f2:15:ec:14:dd:8b:8b:77:34:15:18: 43:ac:89:37:24:d1:f3:ab:48:61:45:1e:b8:08:00: 7e:89:3b:1b:4a:18:f8:07:79:c3:88:8e:ad:fa:0b: 42:97:3a:95:ef:78:26:c1:4d:41:2f:69:2b:58:d3: db:47:4e:38:ab:f8:d8:b5:05:0f:be:ec:53:a6:3e: 48:19:c9:a6:e1:c4:eb:bc:98:be:1b:a1:09:6d:51: 32:c8:f8:e6:9e:fb:cf:4f:cf:1f:13:3a:9e:6d:30: 2c:9b:a8:1c:f1:a2:f6:3d:59:d8:b8:8a:bf:bb:fa: ee:da:a1:9f:d4:b9:d7:4f:02:d1:f7:b4:8e:06:51: fd:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:A6:1D:CC:8E:FF:6E:D9:DC:AD:F2:72:6D:C4:7D:75:41:34:65:21 X509v3 Authority Key Identifier: keyid:2A:12:EF:AE:E9:97:E9:A7:63:B4:60:AB:59:2D:DD:A6:7A:0D:EB:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhLvrumX6adjtGCrWS3dpnoN63A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/PKYdzI7_btncrfJybcR9dUE0ZSE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/67/6ff43b-27ab-4064-af1d-09ed7800fdfb/1/KhLvrumX6adjtGCrWS3dpnoN63A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.137.240.0/22 91.137.248.0-91.137.252.255 Signature Algorithm: sha256WithRSAEncryption 0a:1e:4f:db:ca:46:b6:e0:cf:2d:3a:6f:bf:d5:de:17:ff:74: 3c:a1:42:3c:99:7a:7c:97:1d:cf:d1:de:43:3e:84:e3:cb:bc: 88:4c:50:d5:2f:66:74:cf:0b:62:40:7a:70:ae:2c:62:a3:8b: 4a:51:7d:69:df:3b:f3:2a:6b:1b:cd:f4:a2:b9:29:b3:f7:01: e5:07:7f:d8:4b:58:0c:56:3f:34:b0:75:ab:b6:e6:b7:1e:d7: ea:b7:c1:11:14:35:3a:b0:bb:79:21:6d:6e:40:94:54:e0:1d: fc:9c:ed:96:33:55:69:d6:08:37:4a:9d:9c:a1:b0:95:db:42: b8:d9:a7:3c:ac:be:06:be:38:34:0b:49:60:ed:7c:c0:df:e7: 92:8a:44:f0:be:f7:50:b8:6b:3e:af:5c:a1:8f:55:2e:12:d8: a1:3b:f1:a8:b7:85:1a:56:aa:f7:1a:8b:37:e2:15:23:aa:6a: 0e:0f:51:14:37:eb:8d:7e:e8:1b:18:e8:89:ba:55:cb:ec:8f: b2:10:4a:0e:c0:ef:f8:37:a6:05:6f:38:98:4a:63:25:fc:8c: 68:e8:f6:8f:d0:9c:f1:1d:0c:91:30:5a:19:71:1b:97:bc:ce: e0:a8:05:12:76:00:d8:b6:79:54:03:dd:0e:ec:85:df:ab:d4: d8:df:ac:b2 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt4oyfhzBYEY1zjMurYzJEeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMTJlZmFlZTk5N2U5YTc2M2I0NjBhYjU5MmRkZGE2N2Ew ZGViNzAwHhcNMjYwMTAxMDgxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzY2E2MWRjYzhlZmY2ZWQ5ZGNhZGYyNzI2ZGM0N2Q3NTQxMzQ2NTIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4R23iP3YolPBxHBuXLWkmRsZZby TzbCr7xF1dg/EZENe4BsVAeag5btIzDECFJzBH4kNl1Tmo1dGykY13TqlwjSdV3O vtpvw3Gr2KbW6JllEB1mme82RqQtdgnLo0k65QYIhrNrmLd5kWrta4d/0woiTQoo QGbRBNjO8hXsFN2Li3c0FRhDrIk3JNHzq0hhRR64CAB+iTsbShj4B3nDiI6t+gtC lzqV73gmwU1BL2krWNPbR044q/jYtQUPvuxTpj5IGcmm4cTrvJi+G6EJbVEyyPjm nvvPT88fEzqebTAsm6gc8aL2PVnYuIq/u/ru2qGf1LnXTwLR97SOBlH9rQIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFDymHcyO/27Z3K3ycm3EfXVBNGUhMB8GA1UdIwQY MBaAFCoS767pl+mnY7Rgq1kt3aZ6DetwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2hMdnJ1bVg2YWRqdEdDcldTM2Rwbm9ONjNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny82ZmY0M2ItMjdhYi00MDY0LWFmMWQt MDllZDc4MDBmZGZiLzEvUEtZZHpJN19idG5jcmZKeWJjUjlkVUUwWlNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Ny82ZmY0M2ItMjdhYi00MDY0LWFmMWQtMDllZDc4MDBmZGZi LzEvS2hMdnJ1bVg2YWRqdEdDcldTM2Rwbm9ONjNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCW4nwMAwD BANbifgDBABbifwwDQYJKoZIhvcNAQELBQADggEBAAoeT9vKRrbgzy06b7/V3hf/ dDyhQjyZenyXHc/R3kM+hOPLvIhMUNUvZnTPC2JAenCuLGKji0pRfWnfO/MqaxvN 9KK5KbP3AeUHf9hLWAxWPzSwdau25rce1+q3wREUNTqwu3khbW5AlFTgHfyc7ZYz VWnWCDdKnZyhsJXbQrjZpzysvga+ODQLSWDtfMDf55KKRPC+91C4az6vXKGPVS4S 2KE78ai3hRpWqvcaizfiFSOqag4PURQ3641+6BsY6Im6Vcvsj7IQSg7A7/g3pgVv OJhKYyX8jGjo9o/QnPEdDJEwWhlxG5e8zuCoBRJ2ANi2eVQD3Q7shd+r1NjfrLI= -----END CERTIFICATE-----Generated at Sun Jan 25 23:48:42 2026 by rpki-client