This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/eaeb83-a20c-4fd8-9314-25d30ebcfcad/1/rAsphywSAM45eBEoOtw-q7qBbQw.roa File: rAsphywSAM45eBEoOtw-q7qBbQw.roa (raw, json) Hash identifier: FZ6A8RzJ7kKd3l/6WGQbggDtZVXr3jcROQOsJNRBJLA= Subject key identifier: AC:0B:29:87:2C:12:00:CE:39:78:11:28:3A:DC:3E:AB:BA:81:6D:0C Certificate issuer: /CN=32afdffacf9c3698ef7a36b2e60be77b80e62d01 Certificate serial: 019B78355F7B52BA75AB1476FDDD0F8AB132 Authority key identifier: 32:AF:DF:FA:CF:9C:36:98:EF:7A:36:B2:E6:0B:E7:7B:80:E6:2D:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mq_f-s-cNpjvejay5gvne4DmLQE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/eaeb83-a20c-4fd8-9314-25d30ebcfcad/1/rAsphywSAM45eBEoOtw-q7qBbQw.roa Signing time: Thu 01 Jan 2026 06:18:42 +0000 ROA not before: Thu 01 Jan 2026 06:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8447 IP address blocks: 91.230.142.0/24 maxlen: 24 2001:67c:238c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/eaeb83-a20c-4fd8-9314-25d30ebcfcad/1/Mq_f-s-cNpjvejay5gvne4DmLQE.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/eaeb83-a20c-4fd8-9314-25d30ebcfcad/1/Mq_f-s-cNpjvejay5gvne4DmLQE.mft rsync://rpki.ripe.net/repository/DEFAULT/Mq_f-s-cNpjvejay5gvne4DmLQE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:35:5f:7b:52:ba:75:ab:14:76:fd:dd:0f:8a:b1:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32afdffacf9c3698ef7a36b2e60be77b80e62d01 Validity Not Before: Jan 1 06:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ac0b29872c1200ce397811283adc3eabba816d0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:c4:f9:9e:38:55:48:de:84:03:d9:5d:b5:85: 5e:df:cc:2e:9c:cf:49:8d:8b:f3:47:81:e9:c7:15: 26:ed:b5:64:3a:dc:e7:dc:94:a6:b3:74:e6:be:38: 0a:4b:b0:48:e5:8f:9a:59:38:7d:5a:fd:f2:98:2b: 49:ba:30:46:20:e7:7a:1b:7b:98:2c:f2:b4:2f:a8: 85:53:c7:6a:50:8c:77:e9:16:af:01:07:97:b1:b3: df:cb:96:1c:6a:e7:17:02:70:92:e5:8d:26:67:5d: cd:17:71:ac:e3:13:b3:35:49:b9:54:ea:48:e2:46: 7d:50:a9:98:f3:ba:9d:c5:19:d1:6e:8b:5e:e3:25: c8:c5:f6:22:a2:48:d6:74:02:94:f9:1c:4a:1c:15: a0:9d:54:52:f5:f3:35:b3:0a:2b:69:15:0b:77:39: f4:e2:c9:65:98:0f:3d:bb:d2:a7:4d:22:86:d7:4b: 7d:91:cd:6f:e5:4d:8a:15:8c:84:ca:fa:af:61:bc: 2e:2c:cd:f0:4d:63:29:ef:16:ba:c6:98:1d:c1:8f: d0:83:2f:19:2f:af:93:67:72:33:05:a7:b1:68:10: 2e:06:33:4f:2f:60:d4:fc:77:3c:b5:21:8e:c0:0f: 08:27:7d:8d:36:d1:a2:90:b3:61:b5:07:67:f2:a0: ec:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:0B:29:87:2C:12:00:CE:39:78:11:28:3A:DC:3E:AB:BA:81:6D:0C X509v3 Authority Key Identifier: keyid:32:AF:DF:FA:CF:9C:36:98:EF:7A:36:B2:E6:0B:E7:7B:80:E6:2D:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mq_f-s-cNpjvejay5gvne4DmLQE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/eaeb83-a20c-4fd8-9314-25d30ebcfcad/1/rAsphywSAM45eBEoOtw-q7qBbQw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/eaeb83-a20c-4fd8-9314-25d30ebcfcad/1/Mq_f-s-cNpjvejay5gvne4DmLQE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.230.142.0/24 IPv6: 2001:67c:238c::/48 Signature Algorithm: sha256WithRSAEncryption 59:32:67:9a:ff:fe:9a:07:08:76:57:6f:02:80:b3:7f:b0:0d: 40:6a:79:a1:58:c2:1b:17:9e:53:b4:e9:56:b9:75:0a:09:c3: 30:5c:d0:04:6a:e4:62:fb:d0:c5:68:e1:f5:d6:93:ed:b1:b2: f4:ce:6f:ed:1e:9b:14:0f:3a:7e:aa:d3:e0:52:77:aa:10:f7: c3:19:0d:9f:88:2d:a3:e3:81:fc:da:19:18:58:42:e6:26:16: 0f:3e:0b:8a:c0:f2:ea:69:5f:0f:a5:e3:40:8c:9c:25:ab:0e: 34:30:1d:fb:b9:49:c6:37:16:71:63:c0:56:10:ac:1a:a2:52: 19:9a:f3:1b:ea:1e:92:92:76:c4:81:64:c5:c2:fe:ec:7f:e8: 8e:4d:80:34:ec:d0:18:9e:50:7d:f9:1c:f0:6f:a5:5e:43:e3: bc:ba:2e:eb:2c:ea:c2:0a:56:19:b3:35:17:ab:82:f8:14:09: 88:f8:0b:ce:83:22:21:1c:ba:97:ed:9b:7f:80:e7:ae:b0:6e: 70:a2:cf:51:ce:8f:6e:03:9e:b9:f5:69:81:06:c5:7f:f9:71: 57:f0:bd:ac:c7:64:87:90:92:c4:9e:65:24:d2:09:ef:5c:c5: 39:c2:05:26:09:8f:21:b5:62:cd:f6:7c:52:bf:24:ca:02:13: 74:53:9f:bd -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt4NV97Urp1qxR2/d0PirEyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyYWZkZmZhY2Y5YzM2OThlZjdhMzZiMmU2MGJlNzdiODBl NjJkMDEwHhcNMjYwMTAxMDYxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYzBiMjk4NzJjMTIwMGNlMzk3ODExMjgzYWRjM2VhYmJhODE2ZDBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cT5njhVSN6EA9ldtYVe38wunM9J jYvzR4HpxxUm7bVkOtzn3JSms3TmvjgKS7BI5Y+aWTh9Wv3ymCtJujBGIOd6G3uY LPK0L6iFU8dqUIx36RavAQeXsbPfy5YcaucXAnCS5Y0mZ13NF3Gs4xOzNUm5VOpI 4kZ9UKmY87qdxRnRbote4yXIxfYiokjWdAKU+RxKHBWgnVRS9fM1sworaRULdzn0 4sllmA89u9KnTSKG10t9kc1v5U2KFYyEyvqvYbwuLM3wTWMp7xa6xpgdwY/Qgy8Z L6+TZ3IzBaexaBAuBjNPL2DU/Hc8tSGOwA8IJ32NNtGikLNhtQdn8qDsywIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFKwLKYcsEgDOOXgRKDrcPqu6gW0MMB8GA1UdIwQY MBaAFDKv3/rPnDaY73o2suYL53uA5i0BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTXFfZi1zLWNOcGp2ZWpheTVndm5lNERtTFFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9lYWViODMtYTIwYy00ZmQ4LTkzMTQt MjVkMzBlYmNmY2FkLzEvckFzcGh5d1NBTTQ1ZUJFb090dy1xN3FCYlF3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9lYWViODMtYTIwYy00ZmQ4LTkzMTQtMjVkMzBlYmNmY2Fk LzEvTXFfZi1zLWNOcGp2ZWpheTVndm5lNERtTFFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+aOMA8E AgACMAkDBwAgAQZ8I4wwDQYJKoZIhvcNAQELBQADggEBAFkyZ5r//poHCHZXbwKA s3+wDUBqeaFYwhsXnlO06Va5dQoJwzBc0ARq5GL70MVo4fXWk+2xsvTOb+0emxQP On6q0+BSd6oQ98MZDZ+ILaPjgfzaGRhYQuYmFg8+C4rA8uppXw+l40CMnCWrDjQw Hfu5ScY3FnFjwFYQrBqiUhma8xvqHpKSdsSBZMXC/ux/6I5NgDTs0BieUH35HPBv pV5D47y6Luss6sIKVhmzNRergvgUCYj4C86DIiEcupftm3+A566wbnCiz1HOj24D nrn1aYEGxX/5cVfwvazHZIeQksSeZSTSCe9cxTnCBSYJjyG1Ys32fFK/JMoCE3RT n70= -----END CERTIFICATE-----Generated at Sun Jan 25 16:09:46 2026 by rpki-client