This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/aaBKRBdEokmI1YebEe2qpwWm1LU.roa File: aaBKRBdEokmI1YebEe2qpwWm1LU.roa (raw, json) Hash identifier: W0VKJflIrnpYpIB94urNDehev59jsZlXXi8glok95Zw= Subject key identifier: 69:A0:4A:44:17:44:A2:49:88:D5:87:9B:11:ED:AA:A7:05:A6:D4:B5 Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4 Certificate serial: 019B79ECBDE419F9D226419A8956C6BEEB5A Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/aaBKRBdEokmI1YebEe2qpwWm1LU.roa Signing time: Thu 01 Jan 2026 14:18:36 +0000 ROA not before: Thu 01 Jan 2026 14:18:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34494 IP address blocks: 91.211.100.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.mft rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:bd:e4:19:f9:d2:26:41:9a:89:56:c6:be:eb:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4 Validity Not Before: Jan 1 14:18:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=69a04a441744a24988d5879b11edaaa705a6d4b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:f7:1a:dc:1e:78:28:57:c9:53:b0:19:25:08: cc:58:82:8e:f4:be:fd:31:bb:44:34:b0:2c:4d:44: 70:3a:98:ad:2a:0d:84:d5:7e:14:ea:20:ec:4d:b8: da:d4:e1:78:6a:3b:7c:70:49:6a:89:eb:65:79:ea: 6b:af:7f:b2:30:68:d7:8f:ae:a3:d0:9b:97:1a:07: 3a:da:bf:d4:d0:0f:fb:28:df:36:e0:f5:37:de:ee: 6f:2c:6c:89:ed:7c:20:66:9f:29:de:3a:b5:81:e7: 53:e3:ca:8f:c8:56:b2:45:9b:d9:6e:c6:5a:4c:cd: 10:1a:64:84:9f:f6:48:f7:46:3f:23:7c:fa:c5:be: 4e:f1:be:cc:04:1e:b3:4a:47:56:50:56:10:c2:2e: 1d:0b:43:76:59:22:0f:80:14:ad:2b:53:60:31:29: 5c:82:c9:20:44:88:b9:ff:d7:d7:29:9e:bd:4d:fa: 91:20:bc:f5:5c:24:63:d3:e1:57:ce:a4:05:52:47: 5a:70:03:eb:94:e6:5f:85:55:d3:33:99:57:4f:2e: b5:2f:d7:f5:ff:62:e1:27:c4:67:fd:c5:d0:89:d0: 21:70:28:ea:b9:b8:82:1e:14:d7:76:ce:e8:39:78: e5:a7:a1:2b:3a:38:48:2e:60:e2:14:14:38:85:eb: 8d:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:A0:4A:44:17:44:A2:49:88:D5:87:9B:11:ED:AA:A7:05:A6:D4:B5 X509v3 Authority Key Identifier: keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/aaBKRBdEokmI1YebEe2qpwWm1LU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.211.100.0/22 Signature Algorithm: sha256WithRSAEncryption 12:0c:49:78:59:a8:87:90:39:c3:b5:02:aa:db:fa:17:6b:80: b9:33:54:80:a1:da:03:15:32:46:7f:a4:2a:78:1d:ea:dc:6e: 60:3b:85:ad:6a:b3:08:83:84:96:c3:26:4a:9e:0a:38:19:15: 1a:96:ee:13:47:dd:6c:8b:49:b3:89:d3:cc:fa:11:16:e9:c2: 81:99:e8:0b:0d:8c:9c:56:df:77:18:68:7c:d2:bc:09:78:70: ea:9a:be:31:b9:67:c6:85:12:82:ed:94:cf:d2:e1:47:de:cf: 2f:65:5a:4e:86:00:cb:fa:dd:28:d1:16:82:5d:b7:d2:ea:4e: b9:7e:ed:57:66:0f:b9:bd:28:d0:a6:fa:2e:7b:e8:81:bc:bc: f3:35:7b:19:4d:11:75:b9:93:12:7e:65:02:11:18:c3:8e:0d: 48:72:1d:ad:a4:5d:e2:e3:df:9f:e4:9c:ca:f8:dd:a0:7e:a9: a3:73:8c:cd:3b:ad:a7:b1:87:ab:e8:91:da:f9:b2:cf:76:93: d5:34:0a:e2:b2:93:dd:e5:9d:2a:73:8e:7d:aa:36:5a:42:08: d1:ab:ee:37:5b:92:91:c3:9c:e9:4c:6c:ed:54:2c:1f:1a:00: 9c:0b:0e:15:80:37:0f:a5:09:30:67:4a:fa:bf:58:ff:9c:15: 68:47:2a:e6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt57L3kGfnSJkGaiVbGvutaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl NTQ2YTQwHhcNMjYwMTAxMTQxODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OWEwNGE0NDE3NDRhMjQ5ODhkNTg3OWIxMWVkYWFhNzA1YTZkNGI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvca3B54KFfJU7AZJQjMWIKO9L79 MbtENLAsTURwOpitKg2E1X4U6iDsTbja1OF4ajt8cElqietleeprr3+yMGjXj66j 0JuXGgc62r/U0A/7KN824PU33u5vLGyJ7XwgZp8p3jq1gedT48qPyFayRZvZbsZa TM0QGmSEn/ZI90Y/I3z6xb5O8b7MBB6zSkdWUFYQwi4dC0N2WSIPgBStK1NgMSlc gskgRIi5/9fXKZ69TfqRILz1XCRj0+FXzqQFUkdacAPrlOZfhVXTM5lXTy61L9f1 /2LhJ8Rn/cXQidAhcCjqubiCHhTXds7oOXjlp6ErOjhILmDiFBQ4heuNyQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGmgSkQXRKJJiNWHmxHtqqcFptS1MB8GA1UdIwQY MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt MjMwNDllNGQyZjEyLzEvYWFCS1JCZEVva21JMVllYkVlMnFwd1dtMUxVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9NkMA0G CSqGSIb3DQEBCwUAA4IBAQASDEl4WaiHkDnDtQKq2/oXa4C5M1SAodoDFTJGf6Qq eB3q3G5gO4WtarMIg4SWwyZKngo4GRUalu4TR91si0mzidPM+hEW6cKBmegLDYyc Vt93GGh80rwJeHDqmr4xuWfGhRKC7ZTP0uFH3s8vZVpOhgDL+t0o0RaCXbfS6k65 fu1XZg+5vSjQpvoue+iBvLzzNXsZTRF1uZMSfmUCERjDjg1Ich2tpF3i49+f5JzK +N2gfqmjc4zNO62nsYer6JHa+bLPdpPVNArispPd5Z0qc459qjZaQgjRq+43W5KR w5zpTGztVCwfGgCcCw4VgDcPpQkwZ0r6v1j/nBVoRyrm -----END CERTIFICATE-----Generated at Mon Jan 26 05:31:49 2026 by rpki-client