This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/d9OmlBe2GpKLvl3u0mUGOFIDWgo.roa File: d9OmlBe2GpKLvl3u0mUGOFIDWgo.roa (raw, json) Hash identifier: Ba/7rGgRRFa7/HkHrFHCRps9ypeyWifGgSmqxh5y+b8= Subject key identifier: 77:D3:A6:94:17:B6:1A:92:8B:BE:5D:EE:D2:65:06:38:52:03:5A:0A Certificate issuer: /CN=009267f3e3b9e1ebb979969080b0dfab24c3601a Certificate serial: 019B7EA56D51E343439529E5F84342BED6BD Authority key identifier: 00:92:67:F3:E3:B9:E1:EB:B9:79:96:90:80:B0:DF:AB:24:C3:60:1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AJJn8-O54eu5eZaQgLDfqyTDYBo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/d9OmlBe2GpKLvl3u0mUGOFIDWgo.roa Signing time: Fri 02 Jan 2026 12:18:49 +0000 ROA not before: Fri 02 Jan 2026 12:18:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57912 IP address blocks: 91.236.144.0/22 maxlen: 22 91.236.144.0/24 maxlen: 24 91.236.145.0/24 maxlen: 24 91.236.146.0/24 maxlen: 24 91.236.147.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.mft rsync://rpki.ripe.net/repository/DEFAULT/AJJn8-O54eu5eZaQgLDfqyTDYBo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:6d:51:e3:43:43:95:29:e5:f8:43:42:be:d6:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=009267f3e3b9e1ebb979969080b0dfab24c3601a Validity Not Before: Jan 2 12:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=77d3a69417b61a928bbe5deed265063852035a0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:52:f1:67:9e:30:59:40:50:28:57:d2:49:0a: fd:ba:5b:9d:b0:d8:35:74:98:2c:1a:e2:bd:50:01: 08:2e:5a:9d:76:76:84:b1:c9:45:4d:37:4c:70:b7: 6b:e9:0a:c7:23:9d:e2:b3:65:84:b1:82:d8:8e:04: 15:5e:ae:20:e7:cf:eb:c8:2d:1b:65:8c:fc:07:74: f5:a1:e1:99:46:9e:d5:39:20:87:8b:62:0c:10:78: 05:70:16:df:5c:7b:b5:a7:32:61:07:44:75:7b:2b: 87:e0:d6:5e:05:06:15:69:8e:f8:4f:d9:61:f9:61: ac:80:8f:34:97:4f:82:ab:13:81:27:04:4a:2f:8d: 25:12:63:66:ff:5c:32:7c:d3:4d:f2:37:fd:93:93: 20:d9:3e:2a:09:74:91:1f:b5:37:91:13:e4:fd:05: 1d:50:43:27:4d:7d:16:f3:51:6d:ae:d1:5e:6a:5e: b8:fd:b5:41:d7:95:c0:85:75:d8:e6:cd:51:e1:eb: 1e:a6:dc:fa:b5:dc:1b:10:5d:fc:03:62:e2:44:29: 93:20:22:99:a9:d1:a0:35:d0:c1:b7:f5:32:41:45: 3e:21:4a:55:c9:2e:03:02:bb:2b:93:b9:2a:6a:b0: a1:b2:ab:56:04:f1:17:37:f3:b0:76:9a:1e:df:86: ec:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:D3:A6:94:17:B6:1A:92:8B:BE:5D:EE:D2:65:06:38:52:03:5A:0A X509v3 Authority Key Identifier: keyid:00:92:67:F3:E3:B9:E1:EB:B9:79:96:90:80:B0:DF:AB:24:C3:60:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AJJn8-O54eu5eZaQgLDfqyTDYBo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/d9OmlBe2GpKLvl3u0mUGOFIDWgo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f4dba6-6d94-410f-9be2-d6903825018c/1/AJJn8-O54eu5eZaQgLDfqyTDYBo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.236.144.0/22 Signature Algorithm: sha256WithRSAEncryption 16:1f:25:e2:cb:e9:0a:a8:c0:49:7f:85:8e:6a:82:7d:32:35: 0f:f7:e5:c7:71:f3:26:b2:22:b8:14:f8:0a:cb:2b:d8:2a:c0: a1:43:9a:73:c2:fe:17:7c:01:cf:11:02:1c:8e:ae:3c:4a:6f: ec:52:06:68:eb:d3:b6:38:31:5f:d4:c9:82:c0:b7:94:33:89: 13:54:0a:7b:4e:c7:8f:45:81:22:97:dd:9f:fd:5d:f1:78:58: 94:37:5e:66:30:8f:20:57:7e:47:66:68:0f:cc:03:fc:d4:52: 19:33:fb:4b:0c:9b:79:91:c1:4b:23:35:8a:d5:ae:9f:94:7b: 45:b4:33:2d:3c:0d:2b:23:c1:9d:2d:1f:2d:9b:cb:ba:89:9b: cc:37:24:26:05:9c:9f:48:d2:6e:eb:38:5d:c6:fd:12:35:75: 0c:b5:b1:7d:1e:92:31:94:54:61:9e:b8:47:2e:88:82:e1:cd: f0:b5:b8:cd:7a:a4:2f:b6:99:75:af:63:10:84:6e:32:4c:95: cb:22:58:e7:fb:75:ef:f9:55:d9:ea:13:6d:dc:09:ff:46:e7: 0a:7a:aa:55:74:b6:8f:2a:a1:3e:cb:d9:77:61:f3:15:58:81: 75:a5:39:17:d5:31:e1:50:19:eb:36:79:d5:73:1b:db:7d:ec: ca:3d:f2:e4 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pW1R40NDlSnl+ENCvta9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwOTI2N2YzZTNiOWUxZWJiOTc5OTY5MDgwYjBkZmFiMjRj MzYwMWEwHhcNMjYwMTAyMTIxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3N2QzYTY5NDE3YjYxYTkyOGJiZTVkZWVkMjY1MDYzODUyMDM1YTBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVLxZ54wWUBQKFfSSQr9uludsNg1 dJgsGuK9UAEILlqddnaEsclFTTdMcLdr6QrHI53is2WEsYLYjgQVXq4g58/ryC0b ZYz8B3T1oeGZRp7VOSCHi2IMEHgFcBbfXHu1pzJhB0R1eyuH4NZeBQYVaY74T9lh +WGsgI80l0+CqxOBJwRKL40lEmNm/1wyfNNN8jf9k5Mg2T4qCXSRH7U3kRPk/QUd UEMnTX0W81FtrtFeal64/bVB15XAhXXY5s1R4eseptz6tdwbEF38A2LiRCmTICKZ qdGgNdDBt/UyQUU+IUpVyS4DArsrk7kqarChsqtWBPEXN/Owdpoe34bsnQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHfTppQXthqSi75d7tJlBjhSA1oKMB8GA1UdIwQY MBaAFACSZ/PjueHruXmWkICw36skw2AaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUpKbjgtTzU0ZXU1ZVphUWdMRGZxeVREWUJvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9mNGRiYTYtNmQ5NC00MTBmLTliZTIt ZDY5MDM4MjUwMThjLzEvZDlPbWxCZTJHcEtMdmwzdTBtVUdPRklEV2dvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS9mNGRiYTYtNmQ5NC00MTBmLTliZTItZDY5MDM4MjUwMThj LzEvQUpKbjgtTzU0ZXU1ZVphUWdMRGZxeVREWUJvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+yQMA0G CSqGSIb3DQEBCwUAA4IBAQAWHyXiy+kKqMBJf4WOaoJ9MjUP9+XHcfMmsiK4FPgK yyvYKsChQ5pzwv4XfAHPEQIcjq48Sm/sUgZo69O2ODFf1MmCwLeUM4kTVAp7TseP RYEil92f/V3xeFiUN15mMI8gV35HZmgPzAP81FIZM/tLDJt5kcFLIzWK1a6flHtF tDMtPA0rI8GdLR8tm8u6iZvMNyQmBZyfSNJu6zhdxv0SNXUMtbF9HpIxlFRhnrhH LoiC4c3wtbjNeqQvtpl1r2MQhG4yTJXLIljn+3Xv+VXZ6hNt3An/RucKeqpVdLaP KqE+y9l3YfMVWIF1pTkX1THhUBnrNnnVcxvbfezKPfLk -----END CERTIFICATE-----Generated at Sun Jan 25 23:48:46 2026 by rpki-client