This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/0531BAkLXZV67nncfLvNCkjbh-k.roa File: 0531BAkLXZV67nncfLvNCkjbh-k.roa (raw, json) Hash identifier: euvg4/4Sr2jxjMgLytVs8+6OJsRY0QQOvsQOdksVnGQ= Subject key identifier: D3:9D:F5:04:09:0B:5D:95:7A:EE:79:DC:7C:BB:CD:0A:48:DB:87:E9 Certificate issuer: /CN=bf809a7e6ca14d0a1a976673e0319e34e956ed3d Certificate serial: 019BD5C738C499C53D569D00267B2D1B71A0 Authority key identifier: BF:80:9A:7E:6C:A1:4D:0A:1A:97:66:73:E0:31:9E:34:E9:56:ED:3D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4CafmyhTQoal2Zz4DGeNOlW7T0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/0531BAkLXZV67nncfLvNCkjbh-k.roa Signing time: Mon 19 Jan 2026 10:22:41 +0000 ROA not before: Mon 19 Jan 2026 10:22:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 401783 IP address blocks: 45.92.208.0/22 maxlen: 24 208.75.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/v4CafmyhTQoal2Zz4DGeNOlW7T0.crl rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/v4CafmyhTQoal2Zz4DGeNOlW7T0.mft rsync://rpki.ripe.net/repository/DEFAULT/v4CafmyhTQoal2Zz4DGeNOlW7T0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:d5:c7:38:c4:99:c5:3d:56:9d:00:26:7b:2d:1b:71:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bf809a7e6ca14d0a1a976673e0319e34e956ed3d Validity Not Before: Jan 19 10:22:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d39df504090b5d957aee79dc7cbbcd0a48db87e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:5a:eb:fe:e8:e9:7c:5a:f4:c5:7f:dc:18:6f: 13:b2:34:68:cf:08:69:b4:71:6c:07:83:b4:9f:72: 17:29:69:4d:81:b2:39:bf:70:fb:21:d6:6f:49:be: 75:a6:8a:46:22:f1:0e:2a:53:14:da:85:11:ff:5f: 83:7e:dd:ae:98:d7:a3:c5:c2:3c:20:b3:41:3e:d8: 1a:e3:f3:d7:3d:30:96:4b:34:30:dc:ad:71:af:30: 29:30:75:e1:37:12:e3:7d:07:4e:5c:8c:14:1d:a3: d8:77:da:a1:7e:14:59:c5:5c:c3:fb:c9:3c:cc:14: 53:f2:62:d7:87:8d:1d:11:a3:a5:80:6a:bb:4e:70: 23:58:89:23:99:19:24:5c:6b:12:2b:53:f4:19:06: 99:74:ad:ef:37:00:f0:22:d4:ad:6a:d0:b7:e7:77: 71:49:62:09:45:38:bc:55:eb:31:73:4c:25:20:42: bb:e4:ce:6b:32:c4:bb:2a:5f:6a:35:a3:00:83:eb: d3:1b:8d:2b:94:4f:e3:e9:41:f2:03:3f:a6:6b:55: 87:2c:3a:cd:62:ba:53:5f:4f:d8:2e:e8:89:4f:bf: 58:16:e4:03:5d:96:54:66:40:92:60:47:00:d3:f7: 4b:92:27:7d:df:50:37:a8:b1:07:a6:6b:c2:e5:21: 1f:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:9D:F5:04:09:0B:5D:95:7A:EE:79:DC:7C:BB:CD:0A:48:DB:87:E9 X509v3 Authority Key Identifier: keyid:BF:80:9A:7E:6C:A1:4D:0A:1A:97:66:73:E0:31:9E:34:E9:56:ED:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4CafmyhTQoal2Zz4DGeNOlW7T0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/0531BAkLXZV67nncfLvNCkjbh-k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/v4CafmyhTQoal2Zz4DGeNOlW7T0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.92.208.0/22 208.75.220.0/22 Signature Algorithm: sha256WithRSAEncryption a4:03:34:07:2a:e3:ca:b8:91:6f:8a:e6:34:02:72:e5:44:96: 52:53:73:7c:7f:9c:c4:b6:34:14:61:7f:61:bd:6d:89:04:2c: c1:db:8b:0d:77:93:c2:54:53:b3:94:2f:ca:71:8c:ec:ef:07: c7:42:54:ab:42:68:07:50:ba:2e:df:5f:c9:1c:f9:87:34:fc: a7:94:b3:56:31:6d:54:bd:96:1b:a6:b4:6a:71:61:43:f0:e6: c7:97:75:d5:49:be:bf:d0:c4:fa:9a:50:ce:c4:82:b1:78:20: 77:66:1a:ef:70:7e:2c:26:2e:d5:0e:52:c0:74:fb:54:95:0c: 50:0f:77:3b:aa:f3:1d:e0:9d:87:e2:3e:6a:70:a8:f1:d9:2d: 00:4e:f4:91:3d:d1:0f:4a:3f:ed:b2:e6:f7:b2:c6:58:92:64: 4d:27:c0:a3:95:bb:ec:5e:09:4f:4e:53:dc:2d:04:e4:dd:b7: 07:75:de:91:55:2b:41:80:f3:44:b5:79:f8:36:36:00:ac:62: bc:05:df:b8:96:1d:ea:52:01:2c:9e:45:20:e8:63:f4:37:01: 0c:97:f2:c1:72:46:7a:60:8c:6f:0e:9f:2e:3a:7f:12:5f:92: b4:af:0a:b4:8c:40:15:67:d0:d5:18:6d:af:7c:3d:e1:0e:e4: f4:9c:7b:b3 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZvVxzjEmcU9Vp0AJnstG3GgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmODA5YTdlNmNhMTRkMGExYTk3NjY3M2UwMzE5ZTM0ZTk1 NmVkM2QwHhcNMjYwMTE5MTAyMjQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMzlkZjUwNDA5MGI1ZDk1N2FlZTc5ZGM3Y2JiY2QwYTQ4ZGI4N2U5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlrr/ujpfFr0xX/cGG8TsjRozwhp tHFsB4O0n3IXKWlNgbI5v3D7IdZvSb51popGIvEOKlMU2oUR/1+Dft2umNejxcI8 ILNBPtga4/PXPTCWSzQw3K1xrzApMHXhNxLjfQdOXIwUHaPYd9qhfhRZxVzD+8k8 zBRT8mLXh40dEaOlgGq7TnAjWIkjmRkkXGsSK1P0GQaZdK3vNwDwItStatC353dx SWIJRTi8Vesxc0wlIEK75M5rMsS7Kl9qNaMAg+vTG40rlE/j6UHyAz+ma1WHLDrN YrpTX0/YLuiJT79YFuQDXZZUZkCSYEcA0/dLkid931A3qLEHpmvC5SEfRQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNOd9QQJC12Veu553Hy7zQpI24fpMB8GA1UdIwQY MBaAFL+Amn5soU0KGpdmc+AxnjTpVu09MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjRDYWZteWhUUW9hbDJaejRER2VOT2xXN1QwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zYTM4MmEtM2RkYS00Nzk2LWIzMjAt M2ZkZmI0MTQwZjI0LzEvMDUzMUJBa0xYWlY2N25uY2ZMdk5Da2piaC1rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS8zYTM4MmEtM2RkYS00Nzk2LWIzMjAtM2ZkZmI0MTQwZjI0 LzEvdjRDYWZteWhUUW9hbDJaejRER2VOT2xXN1QwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVzQAwQC 0EvcMA0GCSqGSIb3DQEBCwUAA4IBAQCkAzQHKuPKuJFviuY0AnLlRJZSU3N8f5zE tjQUYX9hvW2JBCzB24sNd5PCVFOzlC/KcYzs7wfHQlSrQmgHULou31/JHPmHNPyn lLNWMW1UvZYbprRqcWFD8ObHl3XVSb6/0MT6mlDOxIKxeCB3ZhrvcH4sJi7VDlLA dPtUlQxQD3c7qvMd4J2H4j5qcKjx2S0ATvSRPdEPSj/tsub3ssZYkmRNJ8Cjlbvs XglPTlPcLQTk3bcHdd6RVStBgPNEtXn4NjYArGK8Bd+4lh3qUgEsnkUg6GP0NwEM l/LBckZ6YIxvDp8uOn8SX5K0rwq0jEAVZ9DVGG2vfD3hDuT0nHuz -----END CERTIFICATE-----Generated at Sun Jan 25 16:38:46 2026 by rpki-client