This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/VIBDVe2Jq2uKH9k2VWGUppL_ORs.roa File: VIBDVe2Jq2uKH9k2VWGUppL_ORs.roa (raw, json) Hash identifier: JFKIW75lnnJgqoEDj4lWuAXh9bKImppTNDaCMP9jl1Q= Subject key identifier: 54:80:43:55:ED:89:AB:6B:8A:1F:D9:36:55:61:94:A6:92:FF:39:1B Certificate issuer: /CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e Certificate serial: 019B7C12CEAD7050E725EA852717693A6289 Authority key identifier: B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/VIBDVe2Jq2uKH9k2VWGUppL_ORs.roa Signing time: Fri 02 Jan 2026 00:19:25 +0000 ROA not before: Fri 02 Jan 2026 00:19:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 27281 IP address blocks: 91.228.72.0/22 maxlen: 24 91.228.74.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/sbyFDRfKbTx7TQDlAeLTVvCKWF4.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/sbyFDRfKbTx7TQDlAeLTVvCKWF4.mft rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:ce:ad:70:50:e7:25:ea:85:27:17:69:3a:62:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1bc850d17ca6d3c7b4d00e501e2d356f08a585e Validity Not Before: Jan 2 00:19:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=54804355ed89ab6b8a1fd936556194a692ff391b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:48:3e:bb:a7:f2:54:c0:2c:c6:9d:db:98:92: 74:17:5c:e6:04:b7:c6:86:4b:b0:f0:eb:41:98:0a: f8:f6:83:8c:d2:0d:c1:73:a9:12:8a:52:1b:93:5a: 94:93:22:66:47:27:cc:78:09:a9:d5:b0:b8:c6:54: bf:40:6e:94:33:68:d6:de:47:c9:64:28:05:f6:61: 6a:d9:dd:be:91:0c:b2:b8:1b:df:71:fa:0d:46:94: b2:9e:91:a5:ae:59:d1:7d:a5:5b:6a:81:ab:b3:57: 99:36:84:8a:7b:5b:6c:e2:dc:bd:8f:f5:02:66:1b: 03:79:5f:43:45:fc:c8:df:10:db:97:5a:34:37:2f: 50:50:d4:c6:39:41:a0:ba:00:31:0e:6f:4e:c4:88: d2:d0:92:08:d2:f0:d9:f8:d8:ce:2d:90:e5:cd:1c: 50:8d:24:22:29:53:8f:18:35:ef:0a:54:cd:1b:f5: 04:e4:e9:25:69:98:22:bf:a2:15:8b:91:76:ce:11: a6:76:94:57:37:ca:4e:5b:af:b8:82:8f:dd:b3:07: a9:7e:7e:ea:34:a1:c4:21:5e:d1:1e:7e:17:6d:9b: 39:83:e0:1c:9d:94:3a:a9:96:24:98:a6:2c:1a:89: 54:27:19:e9:c4:8e:76:5c:e6:d7:d2:67:f1:02:13: 5f:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:80:43:55:ED:89:AB:6B:8A:1F:D9:36:55:61:94:A6:92:FF:39:1B X509v3 Authority Key Identifier: keyid:B1:BC:85:0D:17:CA:6D:3C:7B:4D:00:E5:01:E2:D3:56:F0:8A:58:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sbyFDRfKbTx7TQDlAeLTVvCKWF4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/VIBDVe2Jq2uKH9k2VWGUppL_ORs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/8aa02d-94c8-4678-92ac-17fb4ffb9fad/1/sbyFDRfKbTx7TQDlAeLTVvCKWF4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.228.72.0/22 Signature Algorithm: sha256WithRSAEncryption 48:40:ee:64:af:5a:94:16:f0:91:ec:a9:cd:87:4a:b9:35:18: dc:67:ef:3e:68:10:af:64:ff:89:33:b9:e1:73:fb:89:f6:42: e1:93:8a:25:c6:10:4f:62:73:f7:ac:3e:44:81:90:e0:91:4d: 93:38:0b:44:f9:f5:0a:3a:ae:b6:21:3c:93:af:bb:57:53:a7: cb:c0:b3:64:86:26:48:6b:3f:9b:53:5e:bf:30:cf:b3:42:e3: 68:38:a1:a0:44:9f:d6:ca:b0:b8:d7:cd:df:78:01:db:65:29: d0:96:d1:cc:46:12:2c:6f:44:53:c1:de:ab:ac:af:05:e6:c7: 62:f3:ae:64:be:5b:4e:f7:b0:3c:15:88:fa:82:3a:da:f7:41: c5:c5:41:3d:94:45:5f:a3:74:76:c9:40:fe:67:c4:e3:8b:9f: ee:7d:4f:91:71:9f:0b:f1:9e:2c:20:78:33:13:d1:dc:c3:76: bd:ec:4b:e7:51:0c:d9:ba:8b:4b:c9:db:53:b9:e6:2b:bd:06: b3:8c:8a:5b:74:19:cf:7c:02:0c:7f:be:29:e4:07:c9:b7:75: a6:1d:48:98:26:95:f3:a1:52:5e:ad:90:40:00:6a:56:53:24: fc:86:5c:b4:cb:9a:92:c9:0f:91:36:b4:cb:21:a9:7b:18:8f: 32:38:4e:1c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8Es6tcFDnJeqFJxdpOmKJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxYmM4NTBkMTdjYTZkM2M3YjRkMDBlNTAxZTJkMzU2ZjA4 YTU4NWUwHhcNMjYwMTAyMDAxOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1NDgwNDM1NWVkODlhYjZiOGExZmQ5MzY1NTYxOTRhNjkyZmYzOTFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0g+u6fyVMAsxp3bmJJ0F1zmBLfG hkuw8OtBmAr49oOM0g3Bc6kSilIbk1qUkyJmRyfMeAmp1bC4xlS/QG6UM2jW3kfJ ZCgF9mFq2d2+kQyyuBvfcfoNRpSynpGlrlnRfaVbaoGrs1eZNoSKe1ts4ty9j/UC ZhsDeV9DRfzI3xDbl1o0Ny9QUNTGOUGgugAxDm9OxIjS0JII0vDZ+NjOLZDlzRxQ jSQiKVOPGDXvClTNG/UE5OklaZgiv6IVi5F2zhGmdpRXN8pOW6+4go/dswepfn7q NKHEIV7RHn4XbZs5g+AcnZQ6qZYkmKYsGolUJxnpxI52XObX0mfxAhNfoQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFSAQ1Xtiatrih/ZNlVhlKaS/zkbMB8GA1UdIwQY MBaAFLG8hQ0Xym08e00A5QHi01bwilheMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2J5RkRSZktiVHg3VFFEbEFlTFRWdkNLV0Y0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC84YWEwMmQtOTRjOC00Njc4LTkyYWMt MTdmYjRmZmI5ZmFkLzEvVklCRFZlMkpxMnVLSDlrMlZXR1VwcExfT1JzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC84YWEwMmQtOTRjOC00Njc4LTkyYWMtMTdmYjRmZmI5ZmFk LzEvc2J5RkRSZktiVHg3VFFEbEFlTFRWdkNLV0Y0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+RIMA0G CSqGSIb3DQEBCwUAA4IBAQBIQO5kr1qUFvCR7KnNh0q5NRjcZ+8+aBCvZP+JM7nh c/uJ9kLhk4olxhBPYnP3rD5EgZDgkU2TOAtE+fUKOq62ITyTr7tXU6fLwLNkhiZI az+bU16/MM+zQuNoOKGgRJ/WyrC4183feAHbZSnQltHMRhIsb0RTwd6rrK8F5sdi 865kvltO97A8FYj6gjra90HFxUE9lEVfo3R2yUD+Z8Tji5/ufU+RcZ8L8Z4sIHgz E9Hcw3a97EvnUQzZuotLydtTueYrvQazjIpbdBnPfAIMf74p5AfJt3WmHUiYJpXz oVJerZBAAGpWUyT8hly0y5qSyQ+RNrTLIal7GI8yOE4c -----END CERTIFICATE-----Generated at Sun Jan 25 22:50:38 2026 by rpki-client