This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/cKcEH95-xZkMRq9n8qxJQ8taC0I.roa File: cKcEH95-xZkMRq9n8qxJQ8taC0I.roa (raw, json) Hash identifier: 5CGu3gKojPJu4bccEdLgCE4zbwffs6jrhAuLccKD0VM= Subject key identifier: 70:A7:04:1F:DE:7E:C5:99:0C:46:AF:67:F2:AC:49:43:CB:5A:0B:42 Certificate issuer: /CN=1a93849bff337df8b8b0bd1ae252ee6119d8a61f Certificate serial: 019B7C1341B37E3702CC447C028E846BDAD9 Authority key identifier: 1A:93:84:9B:FF:33:7D:F8:B8:B0:BD:1A:E2:52:EE:61:19:D8:A6:1F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/cKcEH95-xZkMRq9n8qxJQ8taC0I.roa Signing time: Fri 02 Jan 2026 00:19:55 +0000 ROA not before: Fri 02 Jan 2026 00:19:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8315 IP address blocks: 91.200.50.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/GpOEm_8zffi4sL0a4lLuYRnYph8.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/GpOEm_8zffi4sL0a4lLuYRnYph8.mft rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:41:b3:7e:37:02:cc:44:7c:02:8e:84:6b:da:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a93849bff337df8b8b0bd1ae252ee6119d8a61f Validity Not Before: Jan 2 00:19:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=70a7041fde7ec5990c46af67f2ac4943cb5a0b42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d3:b8:a4:c4:75:ab:48:89:ca:0b:20:ac:8a: ca:01:59:df:26:a5:1a:53:6b:5e:8d:2a:57:2f:24: b7:9b:7e:cb:13:fb:3a:77:c8:c1:d2:7a:43:64:b8: 66:50:e2:8b:66:70:cb:2d:b4:13:bf:6e:59:85:ff: c7:a4:94:b4:81:be:02:94:36:b0:e7:e7:13:59:27: 57:0b:54:36:30:eb:6f:34:0c:dd:a6:d1:6e:2f:44: c5:32:4f:52:be:1b:7b:94:6d:49:2b:3d:6f:7b:51: c7:12:2e:7a:e5:2b:5a:4f:41:3b:b5:d0:30:b9:33: 35:a5:f7:d0:1b:42:40:45:0f:77:a5:7f:40:d1:21: 29:92:5e:d9:75:a1:09:2d:fc:26:2e:cf:ad:32:25: ea:a3:f1:e8:7b:ed:23:c8:93:95:ea:ca:f0:40:92: a8:e2:56:c2:a9:65:ce:5f:83:20:88:ac:32:a2:d7: b5:e2:de:7d:59:ef:c2:59:3a:db:24:46:d2:cd:05: 51:49:a2:d4:7b:f0:e8:dc:4f:7f:d4:17:91:f2:ac: c5:4a:a4:77:77:40:94:c1:ef:22:d1:93:78:8c:ad: af:ea:f9:b2:a0:21:2c:51:68:67:b3:f2:88:f3:1f: 71:fb:2d:eb:d2:d1:81:0e:c0:34:d5:ed:79:d3:b1: 0b:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:A7:04:1F:DE:7E:C5:99:0C:46:AF:67:F2:AC:49:43:CB:5A:0B:42 X509v3 Authority Key Identifier: keyid:1A:93:84:9B:FF:33:7D:F8:B8:B0:BD:1A:E2:52:EE:61:19:D8:A6:1F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/cKcEH95-xZkMRq9n8qxJQ8taC0I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/GpOEm_8zffi4sL0a4lLuYRnYph8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.200.50.0/24 Signature Algorithm: sha256WithRSAEncryption 0d:d8:91:96:d5:04:d9:76:52:8c:3f:8c:a4:a2:63:c8:51:3e: 1c:84:65:0d:ff:d7:76:80:19:a6:ab:94:dd:f6:3f:0c:9c:60: 09:b1:0b:f1:76:2f:d3:a5:f8:94:03:99:4b:ad:42:94:30:cb: 47:ea:4f:76:25:9c:3a:80:7a:c0:76:ec:6b:69:7d:0c:5c:34: 17:45:12:1c:17:97:a2:76:27:58:f9:9d:d3:3d:80:9d:51:8f: 75:e2:c2:38:c4:60:7c:ac:96:29:a6:16:1c:ff:d8:73:22:7f: df:fc:66:60:41:01:3c:97:78:d9:c9:16:87:d1:cf:f0:4c:7d: e4:7c:f9:f2:31:f4:52:11:3f:15:09:25:4a:ea:78:12:b3:d3: 71:29:f2:6f:96:46:09:44:bc:64:74:f2:4d:9e:c3:13:4d:d4: 47:9b:85:4b:ff:0a:f2:9e:60:ac:d8:96:b6:b3:26:7d:4e:1a: 3b:62:f9:e9:62:2d:ab:6f:6e:cf:90:00:50:ae:3f:e0:0b:80: 94:fb:1c:58:fe:d9:76:46:f0:bf:d8:be:09:fe:56:ae:2b:eb: 4e:f1:2a:c4:99:07:4b:49:52:13:c0:23:6d:ee:47:41:77:95: 88:83:87:b5:95:8b:0c:88:8c:bb:7b:4f:ef:4b:30:00:41:de: d6:0e:15:6d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8E0GzfjcCzER8Ao6Ea9rZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhOTM4NDliZmYzMzdkZjhiOGIwYmQxYWUyNTJlZTYxMTlk OGE2MWYwHhcNMjYwMTAyMDAxOTU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MGE3MDQxZmRlN2VjNTk5MGM0NmFmNjdmMmFjNDk0M2NiNWEwYjQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydO4pMR1q0iJygsgrIrKAVnfJqUa U2tejSpXLyS3m37LE/s6d8jB0npDZLhmUOKLZnDLLbQTv25Zhf/HpJS0gb4ClDaw 5+cTWSdXC1Q2MOtvNAzdptFuL0TFMk9Svht7lG1JKz1ve1HHEi565StaT0E7tdAw uTM1pffQG0JARQ93pX9A0SEpkl7ZdaEJLfwmLs+tMiXqo/Hoe+0jyJOV6srwQJKo 4lbCqWXOX4MgiKwyote14t59We/CWTrbJEbSzQVRSaLUe/Do3E9/1BeR8qzFSqR3 d0CUwe8i0ZN4jK2v6vmyoCEsUWhns/KI8x9x+y3r0tGBDsA01e1507ELcwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHCnBB/efsWZDEavZ/KsSUPLWgtCMB8GA1UdIwQY MBaAFBqThJv/M334uLC9GuJS7mEZ2KYfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3BPRW1fOHpmZmk0c0wwYTRsTHVZUm5ZcGg4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kNDQ5N2EtMTFmMi00OWFjLWFlZjkt NDNlNjdkNWQwYTg1LzEvY0tjRUg5NS14WmtNUnE5bjhxeEpROHRhQzBJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi9kNDQ5N2EtMTFmMi00OWFjLWFlZjktNDNlNjdkNWQwYTg1 LzEvR3BPRW1fOHpmZmk0c0wwYTRsTHVZUm5ZcGg4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8gyMA0G CSqGSIb3DQEBCwUAA4IBAQAN2JGW1QTZdlKMP4ykomPIUT4chGUN/9d2gBmmq5Td 9j8MnGAJsQvxdi/TpfiUA5lLrUKUMMtH6k92JZw6gHrAduxraX0MXDQXRRIcF5ei didY+Z3TPYCdUY914sI4xGB8rJYpphYc/9hzIn/f/GZgQQE8l3jZyRaH0c/wTH3k fPnyMfRSET8VCSVK6ngSs9NxKfJvlkYJRLxkdPJNnsMTTdRHm4VL/wrynmCs2Ja2 syZ9Tho7YvnpYi2rb27PkABQrj/gC4CU+xxY/tl2RvC/2L4J/lauK+tO8SrEmQdL SVITwCNt7kdBd5WIg4e1lYsMiIy7e0/vSzAAQd7WDhVt -----END CERTIFICATE-----Generated at Mon Jan 26 05:55:41 2026 by rpki-client