This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/891fnCNTe0IKQYnO-ZqvxNgk-7k.roa File: 891fnCNTe0IKQYnO-ZqvxNgk-7k.roa (raw, json) Hash identifier: VPRQl1y1jooeZjbup+JMP7DkoiYT1QAj+vISvPCzQ5U= Subject key identifier: F3:DD:5F:9C:23:53:7B:42:0A:41:89:CE:F9:9A:AF:C4:D8:24:FB:B9 Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a Certificate serial: 019B7FF2742CCF570D8E6DF213238CB4193A Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/891fnCNTe0IKQYnO-ZqvxNgk-7k.roa Signing time: Fri 02 Jan 2026 18:22:34 +0000 ROA not before: Fri 02 Jan 2026 18:22:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49849 IP address blocks: 89.252.224.0/24 maxlen: 24 89.252.225.0/24 maxlen: 24 89.252.226.0/24 maxlen: 24 194.12.232.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.mft rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:74:2c:cf:57:0d:8e:6d:f2:13:23:8c:b4:19:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a Validity Not Before: Jan 2 18:22:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f3dd5f9c23537b420a4189cef99aafc4d824fbb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:5b:f7:f6:0e:4f:ba:9c:e8:5b:e6:2e:ba:47: 7d:c8:f6:59:05:02:f2:85:5e:df:e3:88:84:ae:e7: 5e:e8:53:3a:7e:3c:45:6e:62:dd:a4:41:a2:d4:35: a7:f0:46:47:a2:8f:a3:19:bc:a4:3f:95:8a:61:e6: 8d:7f:68:f5:38:44:a8:61:3e:d5:2e:e8:84:fe:4b: f6:5e:a4:75:50:62:b5:8e:fd:d3:89:9e:d5:30:ad: 60:9b:90:d8:3e:9d:78:35:5c:5a:03:0a:15:ef:65: bd:64:44:7d:46:26:09:af:7f:9e:a9:a6:f4:d2:0d: 2e:12:17:7a:5a:bc:8a:7d:dd:04:cf:f4:03:12:73: 01:5b:3f:e6:32:db:c3:d5:9c:a2:2a:74:15:1b:db: ca:05:53:fd:c2:51:84:8d:8a:f9:f3:df:35:00:78: 8f:5f:27:68:4a:4c:c7:32:eb:6b:86:08:dc:eb:22: b7:57:f2:ce:b8:80:e6:f8:aa:ac:8c:8e:38:72:e6: ec:c7:95:71:ad:ac:01:7f:94:8c:59:0c:51:b4:bf: 87:3b:ec:3a:a9:50:61:d0:08:46:24:e6:0c:6e:3d: 88:e6:83:d8:b5:68:ba:a6:6a:f2:3c:70:94:f3:04: e7:d4:4b:31:4c:bb:c7:f5:78:e8:1f:fe:23:69:34: b9:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:DD:5F:9C:23:53:7B:42:0A:41:89:CE:F9:9A:AF:C4:D8:24:FB:B9 X509v3 Authority Key Identifier: keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/891fnCNTe0IKQYnO-ZqvxNgk-7k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.252.224.0-89.252.226.255 194.12.232.0/24 Signature Algorithm: sha256WithRSAEncryption aa:c9:4b:97:b3:ef:99:0c:de:ad:01:78:21:99:31:24:1d:f7: fb:88:c5:e7:54:17:d1:ba:a0:05:6a:8a:0e:ad:b6:89:9e:ce: 2c:58:8b:bd:41:f3:47:34:65:1a:b1:f6:35:c5:ad:e6:e4:b2: 7d:73:3e:69:75:a8:e0:5b:3a:8c:e8:0e:4a:86:f7:72:e2:83: 4d:f5:3b:52:ce:62:fb:51:c5:14:e0:dd:9b:98:77:25:a0:f6: 91:85:60:de:0c:90:cd:ea:23:72:f7:36:08:eb:35:9a:96:20: 4b:22:71:bc:43:ec:f9:45:47:ad:4f:66:f0:4c:7a:b8:72:f1: ba:91:08:ac:c9:a6:ef:aa:95:67:9c:2e:76:c6:ab:54:5b:3b: b0:88:f6:02:41:2d:99:be:7f:9e:71:e7:bc:db:ed:a0:41:5c: 5f:87:06:47:0d:60:3a:aa:6b:bc:ce:2e:b5:c9:df:d3:31:55: c3:d3:b5:45:49:4a:a6:6b:1d:fd:b1:64:e2:0f:2b:b5:4a:26: c2:6a:24:30:9a:8f:87:55:16:ed:61:84:1a:a1:84:14:1c:14: ef:8d:20:43:5f:6c:d5:a7:ac:a3:35:f4:f3:d7:c7:b4:ad:90: be:3a:4a:af:84:38:2d:59:a6:55:ca:5c:05:17:5f:9c:68:e6: 70:56:bb:40 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt/8nQsz1cNjm3yEyOMtBk6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj M2YwMGEwHhcNMjYwMTAyMTgyMjM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmM2RkNWY5YzIzNTM3YjQyMGE0MTg5Y2VmOTlhYWZjNGQ4MjRmYmI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklv39g5PupzoW+Yuukd9yPZZBQLy hV7f44iErude6FM6fjxFbmLdpEGi1DWn8EZHoo+jGbykP5WKYeaNf2j1OESoYT7V LuiE/kv2XqR1UGK1jv3TiZ7VMK1gm5DYPp14NVxaAwoV72W9ZER9RiYJr3+eqab0 0g0uEhd6WryKfd0Ez/QDEnMBWz/mMtvD1ZyiKnQVG9vKBVP9wlGEjYr58981AHiP XydoSkzHMutrhgjc6yK3V/LOuIDm+KqsjI44cubsx5VxrawBf5SMWQxRtL+HO+w6 qVBh0AhGJOYMbj2I5oPYtWi6pmryPHCU8wTn1EsxTLvH9XjoH/4jaTS5ewIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFPPdX5wjU3tCCkGJzvmar8TYJPu5MB8GA1UdIwQY MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt YjI3ZDZlMjc4ZTE4LzEvODkxZm5DTlRlMElLUVluTy1acXZ4TmdrLTdrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4 LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVZ/OAD BABZ/OIDBADCDOgwDQYJKoZIhvcNAQELBQADggEBAKrJS5ez75kM3q0BeCGZMSQd 9/uIxedUF9G6oAVqig6ttomezixYi71B80c0ZRqx9jXFrebksn1zPml1qOBbOozo DkqG93Lig031O1LOYvtRxRTg3ZuYdyWg9pGFYN4MkM3qI3L3NgjrNZqWIEsicbxD 7PlFR61PZvBMerhy8bqRCKzJpu+qlWecLnbGq1RbO7CI9gJBLZm+f55x57zb7aBB XF+HBkcNYDqqa7zOLrXJ39MxVcPTtUVJSqZrHf2xZOIPK7VKJsJqJDCaj4dVFu1h hBqhhBQcFO+NIENfbNWnrKM19PPXx7StkL46Sq+EOC1ZplXKXAUXX5xo5nBWu0A= -----END CERTIFICATE-----Generated at Mon Jan 26 01:43:12 2026 by rpki-client