This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/PXebpK4YLmT8v8e6p-on58fn1uc.roa File: PXebpK4YLmT8v8e6p-on58fn1uc.roa (raw, json) Hash identifier: pxvReLXuX/gX7pvxMUNrcI2WmPqX2d7accaylNqGte4= Subject key identifier: 3D:77:9B:A4:AE:18:2E:64:FC:BF:C7:BA:A7:EA:27:E7:C7:E7:D6:E7 Certificate issuer: /CN=994b7d30c1c4f6243182d3ecd3d0539f42faacfd Certificate serial: 019B7BA4BDF0EA9BB46EEAF5FBAB2B8B6C64 Authority key identifier: 99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/PXebpK4YLmT8v8e6p-on58fn1uc.roa Signing time: Thu 01 Jan 2026 22:19:12 +0000 ROA not before: Thu 01 Jan 2026 22:19:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51178 IP address blocks: 91.197.192.0/22 maxlen: 24 185.132.196.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/mUt9MMHE9iQxgtPs09BTn0L6rP0.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/mUt9MMHE9iQxgtPs09BTn0L6rP0.mft rsync://rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:bd:f0:ea:9b:b4:6e:ea:f5:fb:ab:2b:8b:6c:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=994b7d30c1c4f6243182d3ecd3d0539f42faacfd Validity Not Before: Jan 1 22:19:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3d779ba4ae182e64fcbfc7baa7ea27e7c7e7d6e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:f9:c0:36:ff:d2:8e:b1:73:dc:a4:5c:eb:ca: c7:26:b7:ae:73:db:ce:25:80:35:d6:a6:48:a8:b7: b5:c8:7e:a2:49:a8:82:87:48:99:fb:8a:91:c6:9a: 8e:cd:ed:2c:3f:f0:22:34:04:dc:14:cd:c4:a9:b2: c7:1a:72:63:a8:a4:87:29:d4:7d:b7:75:e5:67:57: 35:e7:79:9b:fe:fe:06:53:91:55:75:67:84:f5:ef: 7d:a0:ec:43:cc:2e:fd:0c:d3:e3:eb:6f:29:9c:18: dc:61:d3:fb:78:91:dc:b5:09:46:c7:c2:a9:3a:99: eb:8a:c8:81:80:ea:52:11:93:64:c3:c1:99:27:72: d1:e5:2a:f0:f5:2b:43:54:c8:a0:27:f0:72:55:4b: 1c:ce:54:81:9a:db:1d:2b:ae:6b:08:be:08:50:d0: 55:ad:d7:66:28:c4:de:a9:82:4e:6d:43:27:6c:6d: 64:80:bc:71:4e:72:bc:14:bd:53:c2:5b:fa:52:7c: 18:de:3c:2d:3a:3b:40:0c:fc:70:16:25:2a:bc:27: 86:dc:43:cc:b0:a1:d8:c1:3e:d0:47:0f:7b:07:fd: fb:45:7b:00:84:44:0f:4b:3f:43:9f:25:90:ee:0a: 35:f0:57:fa:3e:f2:b0:be:28:58:1e:82:21:18:2d: 12:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:77:9B:A4:AE:18:2E:64:FC:BF:C7:BA:A7:EA:27:E7:C7:E7:D6:E7 X509v3 Authority Key Identifier: keyid:99:4B:7D:30:C1:C4:F6:24:31:82:D3:EC:D3:D0:53:9F:42:FA:AC:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mUt9MMHE9iQxgtPs09BTn0L6rP0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/PXebpK4YLmT8v8e6p-on58fn1uc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/4ab81e-45b8-41a5-aa5e-5646eedd99bf/1/mUt9MMHE9iQxgtPs09BTn0L6rP0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.197.192.0/22 185.132.196.0/23 Signature Algorithm: sha256WithRSAEncryption a9:62:ab:8c:eb:55:b0:4f:2c:4b:c4:b8:60:e3:a0:83:22:be: 36:1d:54:8c:80:ea:c7:f5:0d:f8:51:1a:7d:74:a4:e4:75:32: 3b:76:15:c4:10:02:2f:ab:10:98:4f:9c:1a:e1:d6:ae:a6:ce: 69:39:1b:13:ec:5b:96:25:c7:85:31:14:f2:f7:cd:02:c5:77: 3e:a3:3f:c4:2c:75:99:08:ca:ee:f5:55:57:bb:bd:cb:3a:89: 44:26:26:44:7e:b2:60:22:00:7a:b9:20:db:df:7b:32:5d:bb: 00:9d:ef:74:3b:be:a1:a4:92:92:9c:6a:99:2a:6e:af:cc:4a: 53:27:fc:56:db:e6:60:85:8b:b2:b1:a4:6c:57:6a:3d:fa:39: 3f:b2:2d:ee:49:c0:58:dd:8c:54:97:ce:ee:e6:59:f9:23:17: 3c:eb:d5:5b:82:0d:ee:e4:53:0f:38:c4:48:6d:0c:0e:a6:c3: 32:9b:a6:7b:d1:29:03:26:5c:90:29:8e:90:65:40:06:11:7b: aa:f3:ce:ac:55:d6:f2:86:83:bf:1e:90:83:d1:e0:6a:aa:a9: 90:e8:62:c6:ac:8a:04:f4:11:dd:3f:20:a3:47:7e:77:a1:1a: 4a:f5:cc:d1:93:96:14:dd:e6:68:99:c7:99:3d:cc:c1:49:69: 7b:fe:c0:1e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7pL3w6pu0bur1+6sri2xkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5NGI3ZDMwYzFjNGY2MjQzMTgyZDNlY2QzZDA1MzlmNDJm YWFjZmQwHhcNMjYwMTAxMjIxOTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZDc3OWJhNGFlMTgyZTY0ZmNiZmM3YmFhN2VhMjdlN2M3ZTdkNmU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPnANv/SjrFz3KRc68rHJreuc9vO JYA11qZIqLe1yH6iSaiCh0iZ+4qRxpqOze0sP/AiNATcFM3EqbLHGnJjqKSHKdR9 t3XlZ1c153mb/v4GU5FVdWeE9e99oOxDzC79DNPj628pnBjcYdP7eJHctQlGx8Kp OpnrisiBgOpSEZNkw8GZJ3LR5Srw9StDVMigJ/ByVUsczlSBmtsdK65rCL4IUNBV rddmKMTeqYJObUMnbG1kgLxxTnK8FL1Twlv6UnwY3jwtOjtADPxwFiUqvCeG3EPM sKHYwT7QRw97B/37RXsAhEQPSz9DnyWQ7go18Ff6PvKwvihYHoIhGC0SuwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFD13m6SuGC5k/L/HuqfqJ+fH59bnMB8GA1UdIwQY MBaAFJlLfTDBxPYkMYLT7NPQU59C+qz9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbVV0OU1NSEU5aVF4Z3RQczA5QlRuMEw2clAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80YWI4MWUtNDViOC00MWE1LWFhNWUt NTY0NmVlZGQ5OWJmLzEvUFhlYnBLNFlMbVQ4djhlNnAtb241OGZuMXVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy80YWI4MWUtNDViOC00MWE1LWFhNWUtNTY0NmVlZGQ5OWJm LzEvbVV0OU1NSEU5aVF4Z3RQczA5QlRuMEw2clAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8XAAwQB uYTEMA0GCSqGSIb3DQEBCwUAA4IBAQCpYquM61WwTyxLxLhg46CDIr42HVSMgOrH 9Q34URp9dKTkdTI7dhXEEAIvqxCYT5wa4daups5pORsT7FuWJceFMRTy980CxXc+ oz/ELHWZCMru9VVXu73LOolEJiZEfrJgIgB6uSDb33syXbsAne90O76hpJKSnGqZ Km6vzEpTJ/xW2+ZghYuysaRsV2o9+jk/si3uScBY3YxUl87u5ln5Ixc869Vbgg3u 5FMPOMRIbQwOpsMym6Z70SkDJlyQKY6QZUAGEXuq886sVdbyhoO/HpCD0eBqqqmQ 6GLGrIoE9BHdPyCjR353oRpK9czRk5YU3eZomceZPczBSWl7/sAe -----END CERTIFICATE-----Generated at Mon Jan 26 05:14:54 2026 by rpki-client