This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9b87d5-3b6b-426e-b3ce-3d0cd986190f/1/xtYobtIx2W6_g9SOOJPQhPICYpQ.roa File: xtYobtIx2W6_g9SOOJPQhPICYpQ.roa (raw, json) Hash identifier: mB2srtxC3TvgB8CL9USorDjZQ7e+W7OquH6xXCy/qr8= Subject key identifier: C6:D6:28:6E:D2:31:D9:6E:BF:83:D4:8E:38:93:D0:84:F2:02:62:94 Certificate issuer: /CN=e01aa3eff475b010bde4154f3bd4743a7c0bae55 Certificate serial: 019B77C6B76B44CA48A0CFA768090ECA3CBA Authority key identifier: E0:1A:A3:EF:F4:75:B0:10:BD:E4:15:4F:3B:D4:74:3A:7C:0B:AE:55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Bqj7_R1sBC95BVPO9R0OnwLrlU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9b87d5-3b6b-426e-b3ce-3d0cd986190f/1/xtYobtIx2W6_g9SOOJPQhPICYpQ.roa Signing time: Thu 01 Jan 2026 04:17:50 +0000 ROA not before: Thu 01 Jan 2026 04:17:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5089 IP address blocks: 91.223.10.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/9b87d5-3b6b-426e-b3ce-3d0cd986190f/1/4Bqj7_R1sBC95BVPO9R0OnwLrlU.crl rsync://rpki.ripe.net/repository/DEFAULT/c5/9b87d5-3b6b-426e-b3ce-3d0cd986190f/1/4Bqj7_R1sBC95BVPO9R0OnwLrlU.mft rsync://rpki.ripe.net/repository/DEFAULT/4Bqj7_R1sBC95BVPO9R0OnwLrlU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:b7:6b:44:ca:48:a0:cf:a7:68:09:0e:ca:3c:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e01aa3eff475b010bde4154f3bd4743a7c0bae55 Validity Not Before: Jan 1 04:17:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c6d6286ed231d96ebf83d48e3893d084f2026294 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:07:f3:8c:4b:51:d9:8e:5d:56:6e:07:13:e6: 96:d0:e6:89:c9:52:1a:83:35:38:4d:90:ae:3d:79: 67:54:54:40:32:f2:f8:d2:c9:2f:78:e6:ef:f4:58: 0c:2e:c9:31:3b:5b:ad:49:d5:ca:36:e7:16:bf:4c: fa:4a:0b:7e:93:47:84:73:5b:ed:b3:a6:a9:bb:fd: 67:97:f6:80:37:9f:c5:55:48:10:fd:13:b2:91:72: bb:b9:4d:e8:eb:6b:45:50:44:1c:ea:28:85:e4:1c: d0:4f:2d:9c:5d:34:4b:9f:67:06:fa:21:89:61:bd: 4e:38:62:ee:8c:ff:eb:50:cf:af:ec:03:0b:e5:57: 36:0e:95:32:dc:cd:ea:ee:c0:34:13:7b:d0:74:80: 06:3a:cd:9f:20:e9:d7:3f:19:59:b2:1e:20:de:59: 33:bc:f0:70:09:5f:0f:ba:d5:3c:be:fd:07:14:9b: 47:74:7e:0b:7a:e6:1d:42:cf:8a:1b:99:46:56:8b: d3:3b:75:ef:3a:27:b4:3c:4d:c6:22:cf:33:42:a0: 1e:1d:8a:d8:f6:43:39:8d:cf:10:ea:39:a9:9e:f2: df:fb:2f:49:57:61:5c:ad:04:73:fe:11:07:e1:e7: ae:14:18:e8:84:39:ec:54:ae:a9:87:e1:4d:3f:46: 8e:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:D6:28:6E:D2:31:D9:6E:BF:83:D4:8E:38:93:D0:84:F2:02:62:94 X509v3 Authority Key Identifier: keyid:E0:1A:A3:EF:F4:75:B0:10:BD:E4:15:4F:3B:D4:74:3A:7C:0B:AE:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Bqj7_R1sBC95BVPO9R0OnwLrlU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9b87d5-3b6b-426e-b3ce-3d0cd986190f/1/xtYobtIx2W6_g9SOOJPQhPICYpQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9b87d5-3b6b-426e-b3ce-3d0cd986190f/1/4Bqj7_R1sBC95BVPO9R0OnwLrlU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.223.10.0/24 Signature Algorithm: sha256WithRSAEncryption bc:a4:e2:d5:7a:6a:df:d1:46:5f:ae:18:e4:37:f8:f2:ca:a6: b2:be:22:e6:47:16:ff:e5:ab:6c:2e:d0:f1:0e:ed:b5:9c:df: 5b:7c:14:59:1a:74:cc:b8:e6:8a:1c:dd:db:cb:83:77:23:c4: 2f:b4:18:24:50:6f:e4:2f:85:89:79:fb:fb:9e:46:d7:20:a3: 2a:ed:08:02:26:a4:70:bb:45:08:61:65:36:c8:e3:f0:74:f3: 23:78:c3:75:54:e2:03:0d:2d:50:f5:b7:70:be:3a:fb:75:f5: 86:23:5e:46:2f:b0:b0:b1:ce:42:7c:21:42:39:18:5b:bd:de: cf:ce:8a:9d:58:97:1f:dc:e9:39:8c:62:72:05:31:e5:20:d9: a7:b5:11:e0:e3:81:8e:83:df:7a:3c:66:a1:7c:4a:98:b0:5a: 55:07:83:15:6b:ba:b7:d2:da:82:03:ce:95:01:9e:b9:ad:ec: 00:3e:e0:0a:20:5b:8f:f7:dd:59:a7:44:6c:65:e9:d8:b0:58: 2d:3f:ad:57:f6:e5:77:fa:8b:26:a7:9d:be:56:37:06:ce:79: bc:37:34:38:bb:6e:fd:21:ff:09:dd:67:87:b8:d4:85:ce:23: 95:bd:4d:17:19:71:f8:c9:2a:03:b4:56:d3:69:ba:3a:71:28: 4d:45:a8:5f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3xrdrRMpIoM+naAkOyjy6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwMWFhM2VmZjQ3NWIwMTBiZGU0MTU0ZjNiZDQ3NDNhN2Mw YmFlNTUwHhcNMjYwMTAxMDQxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNmQ2Mjg2ZWQyMzFkOTZlYmY4M2Q0OGUzODkzZDA4NGYyMDI2Mjk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgfzjEtR2Y5dVm4HE+aW0OaJyVIa gzU4TZCuPXlnVFRAMvL40skveObv9FgMLskxO1utSdXKNucWv0z6Sgt+k0eEc1vt s6apu/1nl/aAN5/FVUgQ/ROykXK7uU3o62tFUEQc6iiF5BzQTy2cXTRLn2cG+iGJ Yb1OOGLujP/rUM+v7AML5Vc2DpUy3M3q7sA0E3vQdIAGOs2fIOnXPxlZsh4g3lkz vPBwCV8PutU8vv0HFJtHdH4LeuYdQs+KG5lGVovTO3XvOie0PE3GIs8zQqAeHYrY 9kM5jc8Q6jmpnvLf+y9JV2FcrQRz/hEH4eeuFBjohDnsVK6ph+FNP0aO6wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMbWKG7SMdluv4PUjjiT0ITyAmKUMB8GA1UdIwQY MBaAFOAao+/0dbAQveQVTzvUdDp8C65VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEJxajdfUjFzQkM5NUJWUE85UjBPbndMcmxVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85Yjg3ZDUtM2I2Yi00MjZlLWIzY2Ut M2QwY2Q5ODYxOTBmLzEveHRZb2J0SXgyVzZfZzlTT09KUFFoUElDWXBRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNS85Yjg3ZDUtM2I2Yi00MjZlLWIzY2UtM2QwY2Q5ODYxOTBm LzEvNEJxajdfUjFzQkM5NUJWUE85UjBPbndMcmxVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW98KMA0G CSqGSIb3DQEBCwUAA4IBAQC8pOLVemrf0UZfrhjkN/jyyqayviLmRxb/5atsLtDx Du21nN9bfBRZGnTMuOaKHN3by4N3I8QvtBgkUG/kL4WJefv7nkbXIKMq7QgCJqRw u0UIYWU2yOPwdPMjeMN1VOIDDS1Q9bdwvjr7dfWGI15GL7Cwsc5CfCFCORhbvd7P zoqdWJcf3Ok5jGJyBTHlINmntRHg44GOg996PGahfEqYsFpVB4MVa7q30tqCA86V AZ65rewAPuAKIFuP991Zp0RsZenYsFgtP61X9uV3+osmp52+VjcGznm8NzQ4u279 If8J3WeHuNSFziOVvU0XGXH4ySoDtFbTabo6cShNRahf -----END CERTIFICATE-----Generated at Sun Jan 25 11:42:07 2026 by rpki-client