This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/9bNCpS-BnNsc0OV_kVUAGpMesVQ.roa File: 9bNCpS-BnNsc0OV_kVUAGpMesVQ.roa (raw, json) Hash identifier: SEbw3h7uQbDEC24FBGDOhfqkNO2N0ao6d2+D5+Fazds= Subject key identifier: F5:B3:42:A5:2F:81:9C:DB:1C:D0:E5:7F:91:55:00:1A:93:1E:B1:54 Certificate issuer: /CN=2ad59994f2af79599cfb3ff2e3e98e518f914fba Certificate serial: 019B79EC799B348CB97965F94C9C6EE9DC70 Authority key identifier: 2A:D5:99:94:F2:AF:79:59:9C:FB:3F:F2:E3:E9:8E:51:8F:91:4F:BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KtWZlPKveVmc-z_y4-mOUY-RT7o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/9bNCpS-BnNsc0OV_kVUAGpMesVQ.roa Signing time: Thu 01 Jan 2026 14:18:19 +0000 ROA not before: Thu 01 Jan 2026 14:18:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43395 IP address blocks: 91.239.108.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/KtWZlPKveVmc-z_y4-mOUY-RT7o.crl rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/KtWZlPKveVmc-z_y4-mOUY-RT7o.mft rsync://rpki.ripe.net/repository/DEFAULT/KtWZlPKveVmc-z_y4-mOUY-RT7o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:79:9b:34:8c:b9:79:65:f9:4c:9c:6e:e9:dc:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ad59994f2af79599cfb3ff2e3e98e518f914fba Validity Not Before: Jan 1 14:18:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f5b342a52f819cdb1cd0e57f9155001a931eb154 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:6e:06:33:16:e7:1b:5f:b1:b8:ba:aa:e1:16: b1:e5:e5:71:2d:87:4d:1d:c3:57:0a:57:57:c0:29: 6d:b8:e0:ba:26:ef:9e:da:22:c4:79:56:30:28:e9: 61:fc:4b:31:31:ea:d9:21:4c:fe:6d:9c:a8:7e:07: f3:22:d3:97:10:d6:b3:db:98:3c:63:ac:98:e6:0e: 24:07:cc:35:a9:01:17:e4:a3:f7:97:b7:ad:fb:60: a5:2f:fa:6f:b5:bc:24:a2:ce:90:dd:d7:6d:96:0e: 02:55:0d:06:f4:80:7e:76:2e:6c:34:95:b9:6c:af: be:1c:01:af:2c:4d:fa:e2:1a:08:70:cb:b7:c4:8b: 4e:a5:a7:61:6d:db:5f:d2:42:e4:1a:7e:43:e3:b4: ba:93:f9:44:f9:e9:6b:bf:a4:38:22:b5:28:31:5e: ed:15:d2:1f:fa:40:71:40:c4:ed:14:00:0d:04:4b: 39:c5:67:90:47:85:28:d2:0b:24:53:93:21:28:8f: 93:77:6b:c2:41:9f:c6:b3:6b:a1:77:4a:42:a2:4e: f4:b9:1f:e7:19:f4:e9:4f:bf:f2:a3:66:5d:20:33: 89:39:bc:ec:74:a9:49:bd:cf:de:37:1e:f0:1c:8c: a5:e5:b1:f8:a6:6b:f5:d7:7d:60:8d:03:77:73:ac: 5f:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:B3:42:A5:2F:81:9C:DB:1C:D0:E5:7F:91:55:00:1A:93:1E:B1:54 X509v3 Authority Key Identifier: keyid:2A:D5:99:94:F2:AF:79:59:9C:FB:3F:F2:E3:E9:8E:51:8F:91:4F:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtWZlPKveVmc-z_y4-mOUY-RT7o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/9bNCpS-BnNsc0OV_kVUAGpMesVQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2bcf31-6277-4e87-a007-bbe2c4d88c2f/1/KtWZlPKveVmc-z_y4-mOUY-RT7o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.239.108.0/22 Signature Algorithm: sha256WithRSAEncryption 82:e7:ca:c6:e3:22:ac:c0:f6:92:d5:c9:0f:a2:1b:68:7e:12: 28:f6:7f:1b:bb:52:ad:6b:16:c5:a2:35:9f:40:1f:28:d6:58: b6:e9:4e:21:4a:0c:09:80:61:54:c5:78:26:9e:e7:58:ca:8c: f6:cf:e3:b5:85:b6:98:fe:79:30:81:6c:15:e9:c0:a9:84:b4: 6d:ba:25:77:8d:6e:2b:36:93:08:df:08:45:1d:7e:48:d2:ac: 89:aa:39:7f:f4:4d:32:51:30:5e:45:2f:1d:aa:79:5e:10:f7: 39:67:0f:63:d9:20:2e:fa:ca:38:36:6b:ed:fd:7c:c9:eb:67: 8e:4d:a3:d8:e3:5e:c3:75:a6:31:4d:34:21:de:ad:df:f4:81: f5:3b:6b:a8:b4:8b:04:77:6a:1c:6b:9f:a9:fa:a3:2d:c1:b1: da:29:e8:74:3b:03:1c:ba:69:96:f6:16:71:40:68:eb:89:4b: 14:64:b7:3b:91:ab:6c:7d:eb:6f:ca:36:e2:a0:20:21:01:66: e3:ba:ff:c3:24:97:27:be:0c:e8:3e:08:dc:b0:b7:6e:0d:bf: c6:58:74:4a:73:dc:04:64:c1:be:28:6e:bd:a1:7e:39:a6:25: 98:4b:85:ae:6b:34:b4:e2:8c:15:0f:56:78:bf:e0:c0:85:b4: ab:33:3b:40 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt57HmbNIy5eWX5TJxu6dxwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhZDU5OTk0ZjJhZjc5NTk5Y2ZiM2ZmMmUzZTk4ZTUxOGY5 MTRmYmEwHhcNMjYwMTAxMTQxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNWIzNDJhNTJmODE5Y2RiMWNkMGU1N2Y5MTU1MDAxYTkzMWViMTU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxm4GMxbnG1+xuLqq4Rax5eVxLYdN HcNXCldXwCltuOC6Ju+e2iLEeVYwKOlh/EsxMerZIUz+bZyofgfzItOXENaz25g8 Y6yY5g4kB8w1qQEX5KP3l7et+2ClL/pvtbwkos6Q3ddtlg4CVQ0G9IB+di5sNJW5 bK++HAGvLE364hoIcMu3xItOpadhbdtf0kLkGn5D47S6k/lE+elrv6Q4IrUoMV7t FdIf+kBxQMTtFAANBEs5xWeQR4Uo0gskU5MhKI+Td2vCQZ/Gs2uhd0pCok70uR/n GfTpT7/yo2ZdIDOJObzsdKlJvc/eNx7wHIyl5bH4pmv1131gjQN3c6xfUQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFPWzQqUvgZzbHNDlf5FVABqTHrFUMB8GA1UdIwQY MBaAFCrVmZTyr3lZnPs/8uPpjlGPkU+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3RXWmxQS3ZlVm1jLXpfeTQtbU9VWS1SVDdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yYmNmMzEtNjI3Ny00ZTg3LWEwMDct YmJlMmM0ZDg4YzJmLzEvOWJOQ3BTLUJuTnNjME9WX2tWVUFHcE1lc1ZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC8yYmNmMzEtNjI3Ny00ZTg3LWEwMDctYmJlMmM0ZDg4YzJm LzEvS3RXWmxQS3ZlVm1jLXpfeTQtbU9VWS1SVDdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+9sMA0G CSqGSIb3DQEBCwUAA4IBAQCC58rG4yKswPaS1ckPohtofhIo9n8bu1KtaxbFojWf QB8o1li26U4hSgwJgGFUxXgmnudYyoz2z+O1hbaY/nkwgWwV6cCphLRtuiV3jW4r NpMI3whFHX5I0qyJqjl/9E0yUTBeRS8dqnleEPc5Zw9j2SAu+so4Nmvt/XzJ62eO TaPY417DdaYxTTQh3q3f9IH1O2uotIsEd2oca5+p+qMtwbHaKeh0OwMcummW9hZx QGjriUsUZLc7katsfetvyjbioCAhAWbjuv/DJJcnvgzoPgjcsLduDb/GWHRKc9wE ZMG+KG69oX45piWYS4WuazS04owVD1Z4v+DAhbSrMztA -----END CERTIFICATE-----Generated at Mon Jan 26 02:22:55 2026 by rpki-client