This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/a9-K1ivOCvz-9NS5y-m9N_wQbLg.roa File: a9-K1ivOCvz-9NS5y-m9N_wQbLg.roa (raw, json) Hash identifier: AgOLgLCoRLeLBpsFxIaxdPidPtjKcQxD7cSUkwZOIgo= Subject key identifier: 6B:DF:8A:D6:2B:CE:0A:FC:FE:F4:D4:B9:CB:E9:BD:37:FC:10:6C:B8 Certificate issuer: /CN=035e5285dedc35ab63527048b366ee553806ce04 Certificate serial: 019B7B36B13941A1B0616CA854CA0103B689 Authority key identifier: 03:5E:52:85:DE:DC:35:AB:63:52:70:48:B3:66:EE:55:38:06:CE:04 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A15Shd7cNatjUnBIs2buVTgGzgQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/a9-K1ivOCvz-9NS5y-m9N_wQbLg.roa Signing time: Thu 01 Jan 2026 20:19:00 +0000 ROA not before: Thu 01 Jan 2026 20:19:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31463 IP address blocks: 91.213.208.0/24 maxlen: 24 91.213.215.0/24 maxlen: 24 91.213.217.0/24 maxlen: 24 91.213.220.0/24 maxlen: 24 2a0f:64c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/A15Shd7cNatjUnBIs2buVTgGzgQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/A15Shd7cNatjUnBIs2buVTgGzgQ.mft rsync://rpki.ripe.net/repository/DEFAULT/A15Shd7cNatjUnBIs2buVTgGzgQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:b1:39:41:a1:b0:61:6c:a8:54:ca:01:03:b6:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=035e5285dedc35ab63527048b366ee553806ce04 Validity Not Before: Jan 1 20:19:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6bdf8ad62bce0afcfef4d4b9cbe9bd37fc106cb8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:d0:43:e6:d7:07:71:68:5c:aa:9e:ec:50:39: 8e:cf:57:f6:75:d0:43:cd:d4:72:0f:06:61:c1:cf: 85:8e:46:92:59:bf:1c:85:21:83:2f:6a:be:20:98: 14:6d:9d:95:30:1f:44:c9:99:9d:b0:e9:9d:eb:65: 4b:c3:9c:38:aa:2c:bf:ca:21:16:4a:6c:a0:eb:30: 45:f7:94:71:a6:0f:e5:c9:4b:73:44:27:f6:92:60: 95:72:c3:f3:21:ba:39:1c:a3:4c:f2:8b:71:3b:b4: 3a:52:71:4c:e3:1a:f7:55:27:27:f2:b8:f0:38:b0: d8:7d:ee:38:b2:87:f9:61:11:a2:4b:66:17:d0:73: 80:22:52:b5:1b:c0:40:64:62:4e:db:08:22:41:e2: 76:9c:50:53:ce:38:59:7e:c1:9b:2c:ec:ec:dc:d0: 05:dc:a3:8a:fe:da:32:df:59:e4:8e:8e:8a:ff:ba: 8c:76:f9:ec:65:5b:df:74:aa:38:87:43:62:06:a1: 54:df:e4:5f:df:af:c6:28:1f:7a:c2:c6:a3:c6:a1: 3e:72:83:41:8a:d2:d0:48:99:19:bb:db:7d:b8:bf: 81:47:3b:d7:89:cc:c1:9c:d1:2e:ca:b1:fd:1b:89: 47:77:2a:44:25:40:ad:d4:87:ca:e4:df:c4:ff:72: 39:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:DF:8A:D6:2B:CE:0A:FC:FE:F4:D4:B9:CB:E9:BD:37:FC:10:6C:B8 X509v3 Authority Key Identifier: keyid:03:5E:52:85:DE:DC:35:AB:63:52:70:48:B3:66:EE:55:38:06:CE:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A15Shd7cNatjUnBIs2buVTgGzgQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/a9-K1ivOCvz-9NS5y-m9N_wQbLg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f1944b-101a-4181-a36b-2c2707736fdb/1/A15Shd7cNatjUnBIs2buVTgGzgQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.213.208.0/24 91.213.215.0/24 91.213.217.0/24 91.213.220.0/24 IPv6: 2a0f:64c0::/29 Signature Algorithm: sha256WithRSAEncryption 90:20:94:48:9b:f9:cc:e2:7c:3e:be:cd:9a:07:43:53:3f:34: cd:b4:b5:25:d7:39:3e:dc:da:1e:6d:a0:fd:55:dd:c5:5d:43: 88:ca:8a:3d:13:7b:35:b6:21:94:f1:ac:82:0f:1f:7a:a7:15: 34:e4:e3:df:ce:b2:ba:f4:a9:7e:18:7b:5e:c2:fd:75:98:cc: 4a:7a:ee:0c:08:22:6b:7a:a0:38:92:0c:ab:ec:23:91:5c:0e: dd:48:57:2f:88:a7:0d:f2:c0:f9:91:b6:92:11:d6:0c:68:8b: 0c:a3:d0:e0:3b:30:30:e2:54:a7:48:1d:5f:99:63:88:0b:32: de:6c:22:e4:62:13:dc:3d:4e:3a:86:9f:aa:c8:48:d1:7d:16: 52:16:1d:81:e6:50:c4:a6:6c:72:e5:55:da:7a:c6:1f:1e:6b: d6:0e:82:48:9d:68:a2:85:60:ba:39:b2:ab:6e:c9:52:ca:23: 57:08:43:5d:3c:dc:bb:34:21:96:4a:1f:88:85:94:7b:98:26: 43:c4:87:aa:9f:0e:93:cb:49:8b:06:75:ae:55:2a:47:6a:e1: a1:d8:96:02:97:5e:8a:f6:ac:64:d7:9e:dd:65:56:2f:91:c0: c4:f5:0f:34:4c:90:b0:0d:f8:ea:18:ea:cd:be:07:ab:4e:6f: a7:fa:de:2f -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt7NrE5QaGwYWyoVMoBA7aJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzNWU1Mjg1ZGVkYzM1YWI2MzUyNzA0OGIzNjZlZTU1Mzgw NmNlMDQwHhcNMjYwMTAxMjAxOTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YmRmOGFkNjJiY2UwYWZjZmVmNGQ0YjljYmU5YmQzN2ZjMTA2Y2I4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNBD5tcHcWhcqp7sUDmOz1f2ddBD zdRyDwZhwc+FjkaSWb8chSGDL2q+IJgUbZ2VMB9EyZmdsOmd62VLw5w4qiy/yiEW Smyg6zBF95Rxpg/lyUtzRCf2kmCVcsPzIbo5HKNM8otxO7Q6UnFM4xr3VScn8rjw OLDYfe44sof5YRGiS2YX0HOAIlK1G8BAZGJO2wgiQeJ2nFBTzjhZfsGbLOzs3NAF 3KOK/toy31nkjo6K/7qMdvnsZVvfdKo4h0NiBqFU3+Rf36/GKB96wsajxqE+coNB itLQSJkZu9t9uL+BRzvXiczBnNEuyrH9G4lHdypEJUCt1IfK5N/E/3I5hwIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFGvfitYrzgr8/vTUucvpvTf8EGy4MB8GA1UdIwQY MBaAFANeUoXe3DWrY1JwSLNm7lU4Bs4EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQTE1U2hkN2NOYXRqVW5CSXMyYnVWVGdHemdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mMTk0NGItMTAxYS00MTgxLWEzNmIt MmMyNzA3NzM2ZmRiLzEvYTktSzFpdk9DdnotOU5TNXktbTlOX3dRYkxnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZC9mMTk0NGItMTAxYS00MTgxLWEzNmItMmMyNzA3NzM2ZmRi LzEvQTE1U2hkN2NOYXRqVW5CSXMyYnVWVGdHemdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9XQAwQA W9XXAwQAW9XZAwQAW9XcMA0EAgACMAcDBQMqD2TAMA0GCSqGSIb3DQEBCwUAA4IB AQCQIJRIm/nM4nw+vs2aB0NTPzTNtLUl1zk+3NoebaD9Vd3FXUOIyoo9E3s1tiGU 8ayCDx96pxU05OPfzrK69Kl+GHtewv11mMxKeu4MCCJreqA4kgyr7CORXA7dSFcv iKcN8sD5kbaSEdYMaIsMo9DgOzAw4lSnSB1fmWOICzLebCLkYhPcPU46hp+qyEjR fRZSFh2B5lDEpmxy5VXaesYfHmvWDoJInWiihWC6ObKrbslSyiNXCENdPNy7NCGW Sh+IhZR7mCZDxIeqnw6Ty0mLBnWuVSpHauGh2JYCl16K9qxk157dZVYvkcDE9Q80 TJCwDfjqGOrNvgerTm+n+t4v -----END CERTIFICATE-----Generated at Mon Jan 26 09:23:36 2026 by rpki-client