This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e3c971-5324-4134-bead-597c43598577/1/smH8IDaU7mi6eo7ubYIhaO6o_IM.roa File: smH8IDaU7mi6eo7ubYIhaO6o_IM.roa (raw, json) Hash identifier: zUmgtKSpqk5n2lEgS4LMSnmGpaSRvnHOfoCAI5v+7/g= Subject key identifier: B2:61:FC:20:36:94:EE:68:BA:7A:8E:EE:6D:82:21:68:EE:A8:FC:83 Certificate issuer: /CN=bf1f6cd6fab95d241cd9ac5f85f4d05f9de58f9b Certificate serial: 019B7AC79BAC2510908EC05FE2CB7553344E Authority key identifier: BF:1F:6C:D6:FA:B9:5D:24:1C:D9:AC:5F:85:F4:D0:5F:9D:E5:8F:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vx9s1vq5XSQc2axfhfTQX53lj5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e3c971-5324-4134-bead-597c43598577/1/smH8IDaU7mi6eo7ubYIhaO6o_IM.roa Signing time: Thu 01 Jan 2026 18:17:40 +0000 ROA not before: Thu 01 Jan 2026 18:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213172 IP address blocks: 91.217.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/e3c971-5324-4134-bead-597c43598577/1/vx9s1vq5XSQc2axfhfTQX53lj5s.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/e3c971-5324-4134-bead-597c43598577/1/vx9s1vq5XSQc2axfhfTQX53lj5s.mft rsync://rpki.ripe.net/repository/DEFAULT/vx9s1vq5XSQc2axfhfTQX53lj5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 12:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:9b:ac:25:10:90:8e:c0:5f:e2:cb:75:53:34:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bf1f6cd6fab95d241cd9ac5f85f4d05f9de58f9b Validity Not Before: Jan 1 18:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b261fc203694ee68ba7a8eee6d822168eea8fc83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:7d:50:e7:68:c3:79:ce:8b:6d:3a:27:c8:20: bb:2e:8b:6a:9f:0d:d8:e0:a3:77:b0:c9:f2:56:82: 81:b4:a3:71:d6:9c:d6:4b:56:d0:dd:50:d6:9e:85: 55:d0:e9:25:f9:ac:13:1b:c4:72:b8:6f:c4:ec:2b: d6:d5:c7:2c:23:cf:5a:66:14:39:eb:8d:55:fb:e3: 0e:f9:e8:33:3b:6a:33:33:1b:e6:4e:18:4d:da:f2: 77:3c:51:26:78:1c:a9:71:f1:19:4a:fe:98:54:42: 91:d7:8b:85:14:5b:91:9a:00:29:72:e8:b2:a2:79: 20:aa:ec:a0:96:ce:d9:ba:a4:97:cf:0b:d2:82:c0: f1:41:e7:24:3b:e0:32:01:3b:58:47:47:80:b3:d0: 44:5b:fd:f3:1b:a7:1b:33:d5:8b:9c:77:32:7b:aa: 85:ca:e0:36:f6:9b:8d:f0:09:62:cf:81:2a:91:13: 81:9a:9c:27:c5:03:ce:23:28:2b:fd:21:72:8c:69: d7:eb:ac:49:b1:48:c7:63:49:37:93:b6:43:6c:1a: d2:59:c5:c7:83:ca:d9:07:3f:78:a9:d3:98:b0:ea: 8e:b6:92:0d:d4:30:37:d5:f2:ec:e3:61:58:5e:a9: 82:b2:c8:53:0f:fb:37:2f:38:6e:bc:61:4e:c9:a8: 4c:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:61:FC:20:36:94:EE:68:BA:7A:8E:EE:6D:82:21:68:EE:A8:FC:83 X509v3 Authority Key Identifier: keyid:BF:1F:6C:D6:FA:B9:5D:24:1C:D9:AC:5F:85:F4:D0:5F:9D:E5:8F:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx9s1vq5XSQc2axfhfTQX53lj5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e3c971-5324-4134-bead-597c43598577/1/smH8IDaU7mi6eo7ubYIhaO6o_IM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e3c971-5324-4134-bead-597c43598577/1/vx9s1vq5XSQc2axfhfTQX53lj5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.217.240.0/24 Signature Algorithm: sha256WithRSAEncryption bd:97:56:03:ee:a9:0d:1c:9a:c2:ac:79:4a:db:ee:5b:8c:0c: 32:83:c0:bc:00:a4:71:42:f5:f6:16:db:3e:8c:7d:05:6f:7d: 37:14:41:cd:44:13:79:d2:d3:8c:08:48:2b:aa:7f:6b:f5:39: 08:31:78:e4:24:4b:19:20:e2:7c:b7:41:17:f4:88:77:5b:80: c7:50:c7:2c:71:8f:d5:73:86:47:66:a2:ea:36:fc:58:96:58: 74:9d:03:6c:af:60:05:e4:30:c4:9b:d4:b1:c8:02:a0:1c:41: c0:30:b0:8b:a2:56:93:37:85:56:f8:c2:2d:b4:e9:3a:d9:ed: 2a:14:f9:59:81:0c:2f:45:2b:90:83:c5:62:d5:2e:82:18:a2: d8:8e:02:e0:37:3e:d3:87:18:ba:10:8c:1b:dd:76:03:f0:00: e6:94:94:9a:de:52:15:06:96:14:71:bf:83:c1:81:db:ba:f2: 94:19:42:7f:5b:aa:af:48:29:6b:e3:27:c5:b1:34:df:aa:23: 10:83:74:8e:aa:79:45:0b:51:d5:af:7d:d9:e1:5f:c0:53:2a: bb:33:ba:d3:91:86:c7:bf:88:54:5f:f2:1c:e4:7a:74:3c:03: fe:56:4e:c3:c0:59:97:1d:0e:b4:64:79:4e:13:e9:a0:bc:4b: 43:24:8b:ce -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6x5usJRCQjsBf4st1UzROMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmMWY2Y2Q2ZmFiOTVkMjQxY2Q5YWM1Zjg1ZjRkMDVmOWRl NThmOWIwHhcNMjYwMTAxMTgxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMjYxZmMyMDM2OTRlZTY4YmE3YThlZWU2ZDgyMjE2OGVlYThmYzgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5H1Q52jDec6LbTonyCC7Lotqnw3Y 4KN3sMnyVoKBtKNx1pzWS1bQ3VDWnoVV0Okl+awTG8RyuG/E7CvW1ccsI89aZhQ5 641V++MO+egzO2ozMxvmThhN2vJ3PFEmeBypcfEZSv6YVEKR14uFFFuRmgApcuiy onkgquygls7ZuqSXzwvSgsDxQeckO+AyATtYR0eAs9BEW/3zG6cbM9WLnHcye6qF yuA29puN8Aliz4EqkROBmpwnxQPOIygr/SFyjGnX66xJsUjHY0k3k7ZDbBrSWcXH g8rZBz94qdOYsOqOtpIN1DA31fLs42FYXqmCsshTD/s3LzhuvGFOyahMZwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLJh/CA2lO5ounqO7m2CIWjuqPyDMB8GA1UdIwQY MBaAFL8fbNb6uV0kHNmsX4X00F+d5Y+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdng5czF2cTVYU1FjMmF4ZmhmVFFYNTNsajVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lM2M5NzEtNTMyNC00MTM0LWJlYWQt NTk3YzQzNTk4NTc3LzEvc21IOElEYVU3bWk2ZW83dWJZSWhhTzZvX0lNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy9lM2M5NzEtNTMyNC00MTM0LWJlYWQtNTk3YzQzNTk4NTc3 LzEvdng5czF2cTVYU1FjMmF4ZmhmVFFYNTNsajVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9nwMA0G CSqGSIb3DQEBCwUAA4IBAQC9l1YD7qkNHJrCrHlK2+5bjAwyg8C8AKRxQvX2Fts+ jH0Fb303FEHNRBN50tOMCEgrqn9r9TkIMXjkJEsZIOJ8t0EX9Ih3W4DHUMcscY/V c4ZHZqLqNvxYllh0nQNsr2AF5DDEm9SxyAKgHEHAMLCLolaTN4VW+MIttOk62e0q FPlZgQwvRSuQg8Vi1S6CGKLYjgLgNz7Thxi6EIwb3XYD8ADmlJSa3lIVBpYUcb+D wYHbuvKUGUJ/W6qvSClr4yfFsTTfqiMQg3SOqnlFC1HVr33Z4V/AUyq7M7rTkYbH v4hUX/Ic5Hp0PAP+Vk7DwFmXHQ60ZHlOE+mgvEtDJIvO -----END CERTIFICATE-----Generated at Sun Jan 11 20:35:09 2026 by rpki-client