This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/l1aBuRnedhAskEGRcshIEjo2E3g.roa File: l1aBuRnedhAskEGRcshIEjo2E3g.roa (raw, json) Hash identifier: YYm2/E6T+tTNIGVCNIyraxC923h/UBWvD/1U8+i9zGU= Subject key identifier: 97:56:81:B9:19:DE:76:10:2C:90:41:91:72:C8:48:12:3A:36:13:78 Certificate issuer: /CN=2793bde946ae936d3cacc136a5f3239edf2431f4 Certificate serial: 019AC60E7895ED2A84CA4DEFBA2CBE00F7EC Authority key identifier: 27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/l1aBuRnedhAskEGRcshIEjo2E3g.roa Signing time: Thu 27 Nov 2025 16:03:48 +0000 ROA not before: Thu 27 Nov 2025 16:03:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 213772 IP address blocks: 91.188.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/J5O96Uauk208rME2pfMjnt8kMfQ.crl rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/J5O96Uauk208rME2pfMjnt8kMfQ.mft rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:c6:0e:78:95:ed:2a:84:ca:4d:ef:ba:2c:be:00:f7:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2793bde946ae936d3cacc136a5f3239edf2431f4 Validity Not Before: Nov 27 16:03:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=975681b919de76102c90419172c848123a361378 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:63:0d:55:2d:fc:4c:63:01:fd:79:79:ea:35: 7b:e9:d9:a3:5d:d9:ea:99:f8:32:ad:ac:f5:01:fd: f0:ab:df:7f:eb:3a:3b:42:15:51:b3:7f:d1:b9:49: f4:23:66:11:71:97:f3:ec:0c:3b:97:dc:30:17:bf: 43:d4:e9:4e:f1:e4:cb:9c:02:ef:d6:4b:53:2c:17: 8d:26:03:d8:4f:df:f1:a2:13:00:14:c6:6c:50:cf: 85:67:b4:13:85:ff:7d:a4:cf:b8:64:89:aa:9a:8c: 15:0e:16:79:cc:6b:8a:b7:5f:91:90:22:a6:3f:37: 03:8c:57:71:48:63:bb:40:14:1b:7c:2b:b7:86:ba: 1c:fa:7d:b4:2d:b2:7e:cd:cf:35:01:5e:2a:7a:f4: da:57:4c:0c:0b:96:ce:e3:46:19:73:57:7f:a4:9c: 28:c6:35:e9:c8:7f:7d:41:f9:a1:fb:9a:6c:4a:fa: 77:7f:0d:d7:9c:9c:2c:31:71:ea:19:ae:f3:77:a6: 3c:1f:45:f4:7e:10:d2:bc:6d:19:27:7e:e6:02:80: 66:35:1b:80:52:a6:18:18:4d:a7:37:99:58:6c:e6: db:5b:6e:8d:29:4d:77:a5:76:2a:8c:15:8a:23:dd: 75:ae:58:30:99:68:69:a1:6c:cd:af:93:82:54:dc: a5:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:56:81:B9:19:DE:76:10:2C:90:41:91:72:C8:48:12:3A:36:13:78 X509v3 Authority Key Identifier: keyid:27:93:BD:E9:46:AE:93:6D:3C:AC:C1:36:A5:F3:23:9E:DF:24:31:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5O96Uauk208rME2pfMjnt8kMfQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/l1aBuRnedhAskEGRcshIEjo2E3g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/bf58da-a9d2-421a-b43a-92c3bf74a97b/1/J5O96Uauk208rME2pfMjnt8kMfQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.188.254.0/24 Signature Algorithm: sha256WithRSAEncryption 24:6a:c0:ac:13:cc:50:3c:d8:1a:7a:f5:bb:32:f1:2a:de:9f: 63:9c:7f:7d:66:85:ce:c3:d7:26:be:72:bb:91:15:72:0f:34: 46:7f:94:91:d4:c4:7c:31:fa:af:5c:6d:7d:31:f2:b5:c0:1f: c9:b2:db:e7:81:d1:16:04:80:69:56:fc:d6:57:07:3d:85:0c: 14:26:d4:03:2d:cd:fb:8b:f2:04:9f:47:8d:84:ed:92:0c:c0: 23:b6:15:4b:76:c4:a3:fb:02:84:53:bc:95:53:a1:46:84:90: 7c:19:12:20:3b:36:ae:cb:c8:3b:d2:18:97:9b:e8:d3:78:ed: 15:97:fb:49:e4:96:8e:01:22:2f:99:29:59:1f:76:df:e0:3f: 0d:18:ec:3f:46:5f:fc:ca:40:b9:cc:86:bf:95:fe:43:40:f8: 2b:80:fc:6c:1f:89:56:3e:9f:84:50:1e:c4:e9:ac:88:19:5f: 04:4b:c6:a8:eb:51:36:01:69:77:a6:3b:57:e6:e4:c4:99:fa: 5e:0a:9a:ce:81:56:cc:0b:18:e0:e2:0c:98:d7:66:89:8f:c9: fd:69:8b:fd:f6:0d:f9:ac:32:3e:c7:aa:97:6b:25:cc:42:bd: f0:71:2f:67:98:45:94:b0:aa:43:0d:6e:a5:8d:21:52:52:a6: 01:67:fc:ba -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZrGDniV7SqEyk3vuiy+APfsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI3OTNiZGU5NDZhZTkzNmQzY2FjYzEzNmE1ZjMyMzllZGYy NDMxZjQwHhcNMjUxMTI3MTYwMzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NzU2ODFiOTE5ZGU3NjEwMmM5MDQxOTE3MmM4NDgxMjNhMzYxMzc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmMNVS38TGMB/Xl56jV76dmjXdnq mfgyraz1Af3wq99/6zo7QhVRs3/RuUn0I2YRcZfz7Aw7l9wwF79D1OlO8eTLnALv 1ktTLBeNJgPYT9/xohMAFMZsUM+FZ7QThf99pM+4ZImqmowVDhZ5zGuKt1+RkCKm PzcDjFdxSGO7QBQbfCu3hroc+n20LbJ+zc81AV4qevTaV0wMC5bO40YZc1d/pJwo xjXpyH99Qfmh+5psSvp3fw3XnJwsMXHqGa7zd6Y8H0X0fhDSvG0ZJ37mAoBmNRuA UqYYGE2nN5lYbObbW26NKU13pXYqjBWKI911rlgwmWhpoWzNr5OCVNyl8QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJdWgbkZ3nYQLJBBkXLISBI6NhN4MB8GA1UdIwQY MBaAFCeTvelGrpNtPKzBNqXzI57fJDH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2Et OTJjM2JmNzRhOTdiLzEvbDFhQnVSbmVkaEFza0VHUmNzaElFam8yRTNnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Zi9iZjU4ZGEtYTlkMi00MjFhLWI0M2EtOTJjM2JmNzRhOTdi LzEvSjVPOTZVYXVrMjA4ck1FMnBmTWpudDhrTWZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW7z+MA0G CSqGSIb3DQEBCwUAA4IBAQAkasCsE8xQPNgaevW7MvEq3p9jnH99ZoXOw9cmvnK7 kRVyDzRGf5SR1MR8MfqvXG19MfK1wB/JstvngdEWBIBpVvzWVwc9hQwUJtQDLc37 i/IEn0eNhO2SDMAjthVLdsSj+wKEU7yVU6FGhJB8GRIgOzauy8g70hiXm+jTeO0V l/tJ5JaOASIvmSlZH3bf4D8NGOw/Rl/8ykC5zIa/lf5DQPgrgPxsH4lWPp+EUB7E 6ayIGV8ES8ao61E2AWl3pjtX5uTEmfpeCprOgVbMCxjg4gyY12aJj8n9aYv99g35 rDI+x6qXayXMQr3wcS9nmEWUsKpDDW6ljSFSUqYBZ/y6 -----END CERTIFICATE-----Generated at Sat Dec 6 16:26:29 2025 by rpki-client