This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/IwsvS8RMbeaKnb6W0isgZ_jGVmw.roa File: IwsvS8RMbeaKnb6W0isgZ_jGVmw.roa (raw, json) Hash identifier: 4c2RJvFORctjrcpJUYKuJxaYNELJKpkNVKrS5LH92qg= Subject key identifier: 23:0B:2F:4B:C4:4C:6D:E6:8A:9D:BE:96:D2:2B:20:67:F8:C6:56:6C Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21 Certificate serial: 019B76EAF7CAB532385DC95742A72CFD1CC4 Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/IwsvS8RMbeaKnb6W0isgZ_jGVmw.roa Signing time: Thu 01 Jan 2026 00:17:48 +0000 ROA not before: Thu 01 Jan 2026 00:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12642 IP address blocks: 87.239.199.0/24 maxlen: 24 91.195.191.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.mft rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:f7:ca:b5:32:38:5d:c9:57:42:a7:2c:fd:1c:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21 Validity Not Before: Jan 1 00:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=230b2f4bc44c6de68a9dbe96d22b2067f8c6566c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:1e:b1:9c:8f:c0:3d:0b:85:8a:ce:38:1e:2b: 10:b1:6a:2f:8d:6b:32:09:5a:f4:ef:03:16:71:29: 39:08:87:21:08:41:80:5b:3c:de:51:87:c3:a8:d6: dc:02:2e:63:8a:4d:86:11:b9:0b:24:53:56:01:79: 58:45:06:c9:47:52:c7:c3:c6:ab:90:04:8c:ba:a5: eb:70:96:0a:4b:91:e3:84:d2:bd:12:23:5a:c7:12: 07:0d:2a:5a:14:68:f0:c7:07:fb:44:ba:d9:56:56: 10:11:dd:12:12:f2:38:db:da:81:a9:7b:8b:b2:0e: 67:1e:6d:33:55:d3:03:a0:a4:b1:10:7c:1e:86:69: 7b:9c:03:40:9e:99:db:2c:f4:57:cc:ba:29:35:8d: 52:95:44:00:b0:6d:f8:71:14:d9:fd:c8:51:87:c5: f1:80:51:a3:69:b9:46:e1:21:17:21:8d:88:a5:d7: d0:7b:5e:f3:50:f7:03:af:60:44:dd:a5:d4:a2:0c: fb:65:9d:18:54:01:39:22:d8:79:a0:de:71:bc:0d: 53:69:77:3d:08:ac:fc:29:fc:b5:3e:37:37:6e:f2: c7:8b:d4:05:cc:29:2c:55:a0:27:22:c5:69:39:14: 41:97:f3:3e:1f:1e:67:6c:68:f4:de:cd:93:99:08: b7:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:0B:2F:4B:C4:4C:6D:E6:8A:9D:BE:96:D2:2B:20:67:F8:C6:56:6C X509v3 Authority Key Identifier: keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/IwsvS8RMbeaKnb6W0isgZ_jGVmw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.239.199.0/24 91.195.191.0/24 Signature Algorithm: sha256WithRSAEncryption 39:e4:d0:4f:f8:f9:da:9a:16:95:42:bf:60:d9:cc:18:cf:ae: 7f:d4:fb:57:7c:b7:7b:e2:3e:12:26:df:74:e5:7e:fe:25:d4: 46:98:a2:62:23:07:60:12:72:15:87:60:c6:29:5c:07:c0:71: 11:b6:e8:e1:64:57:e8:e6:98:d2:86:f1:d4:d1:c7:5b:55:fc: 72:17:ed:7a:3b:b7:5f:ac:6b:e1:05:59:ab:40:f9:e3:87:86: 92:d7:a3:f7:85:c6:8b:b2:38:91:4b:eb:96:02:f4:cd:f7:80: f0:c7:39:1f:fd:28:ca:f4:87:f9:b9:a7:75:c1:3f:ef:08:65: 87:e3:ec:2f:21:8f:1e:f6:4d:a5:82:86:87:78:52:2d:c9:a2: ef:53:a9:04:f9:59:00:d9:0c:ca:1a:c9:2e:ee:21:b6:ca:6a: f8:6c:f7:87:7c:6a:6b:83:89:fc:70:49:b9:2a:31:fe:41:53: a3:3f:b3:42:08:a9:35:94:b1:88:0d:12:17:ea:2f:08:9c:0d: 4f:50:60:6a:41:ae:b6:06:6c:aa:a4:99:6a:ed:e9:da:7f:a0: cb:7d:5f:01:08:15:54:fc:5e:d8:9e:7e:50:1c:cc:e6:59:18: be:d9:dd:7c:23:5a:8b:bb:69:18:fc:5c:36:91:4f:b4:f8:85: 54:ce:a4:5b -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt26vfKtTI4XclXQqcs/RzEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3 MzlkMjEwHhcNMjYwMTAxMDAxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMzBiMmY0YmM0NGM2ZGU2OGE5ZGJlOTZkMjJiMjA2N2Y4YzY1NjZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx6xnI/APQuFis44HisQsWovjWsy CVr07wMWcSk5CIchCEGAWzzeUYfDqNbcAi5jik2GEbkLJFNWAXlYRQbJR1LHw8ar kASMuqXrcJYKS5HjhNK9EiNaxxIHDSpaFGjwxwf7RLrZVlYQEd0SEvI429qBqXuL sg5nHm0zVdMDoKSxEHwehml7nANAnpnbLPRXzLopNY1SlUQAsG34cRTZ/chRh8Xx gFGjablG4SEXIY2IpdfQe17zUPcDr2BE3aXUogz7ZZ0YVAE5Ith5oN5xvA1TaXc9 CKz8Kfy1Pjc3bvLHi9QFzCksVaAnIsVpORRBl/M+Hx5nbGj03s2TmQi3zQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCMLL0vETG3mip2+ltIrIGf4xlZsMB8GA1UdIwQY MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt MWY5MjQ0OTVmY2RkLzEvSXdzdlM4Uk1iZWFLbmI2VzBpc2daX2pHVm13LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV+/HAwQA W8O/MA0GCSqGSIb3DQEBCwUAA4IBAQA55NBP+PnamhaVQr9g2cwYz65/1PtXfLd7 4j4SJt905X7+JdRGmKJiIwdgEnIVh2DGKVwHwHERtujhZFfo5pjShvHU0cdbVfxy F+16O7dfrGvhBVmrQPnjh4aS16P3hcaLsjiRS+uWAvTN94Dwxzkf/SjK9If5uad1 wT/vCGWH4+wvIY8e9k2lgoaHeFItyaLvU6kE+VkA2QzKGsku7iG2ymr4bPeHfGpr g4n8cEm5KjH+QVOjP7NCCKk1lLGIDRIX6i8InA1PUGBqQa62BmyqpJlq7enaf6DL fV8BCBVU/F7Ynn5QHMzmWRi+2d18I1qLu2kY/Fw2kU+0+IVUzqRb -----END CERTIFICATE-----Generated at Mon Jan 26 00:37:20 2026 by rpki-client