This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/680589-8472-43eb-b034-21769de4a1a8/1/ch1WA8KPWtT4lbnmhdRbUoInvrQ.roa File: ch1WA8KPWtT4lbnmhdRbUoInvrQ.roa (raw, json) Hash identifier: KNYvYxr90wZ08HAn6IO/kJkxO2ei4FC5py65h6CmekA= Subject key identifier: 72:1D:56:03:C2:8F:5A:D4:F8:95:B9:E6:85:D4:5B:52:82:27:BE:B4 Certificate issuer: /CN=9f87521f15e0457288a9f196a8c8865c36922150 Certificate serial: 019B7F159117D8D35D35409049FC578EF793 Authority key identifier: 9F:87:52:1F:15:E0:45:72:88:A9:F1:96:A8:C8:86:5C:36:92:21:50 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n4dSHxXgRXKIqfGWqMiGXDaSIVA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/680589-8472-43eb-b034-21769de4a1a8/1/ch1WA8KPWtT4lbnmhdRbUoInvrQ.roa Signing time: Fri 02 Jan 2026 14:21:18 +0000 ROA not before: Fri 02 Jan 2026 14:21:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50984 IP address blocks: 91.216.75.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/680589-8472-43eb-b034-21769de4a1a8/1/n4dSHxXgRXKIqfGWqMiGXDaSIVA.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/680589-8472-43eb-b034-21769de4a1a8/1/n4dSHxXgRXKIqfGWqMiGXDaSIVA.mft rsync://rpki.ripe.net/repository/DEFAULT/n4dSHxXgRXKIqfGWqMiGXDaSIVA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:91:17:d8:d3:5d:35:40:90:49:fc:57:8e:f7:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f87521f15e0457288a9f196a8c8865c36922150 Validity Not Before: Jan 2 14:21:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=721d5603c28f5ad4f895b9e685d45b528227beb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:68:09:26:84:fb:fe:fd:e5:f9:ff:b5:ba:92: 1c:d0:2f:7e:05:63:89:35:a6:57:23:22:74:2a:15: 56:98:d2:ca:8b:93:e0:24:15:68:f6:e0:e4:fa:f1: 69:ca:c9:62:07:19:4d:a1:3a:47:bc:61:cb:ff:64: fa:d2:d4:82:c6:3c:49:a2:fb:7d:91:f9:58:02:71: 6a:12:19:cb:71:d6:b6:ff:ed:a8:12:27:f7:8d:3d: 8e:4a:81:ff:c9:02:c5:68:f4:4c:19:f5:54:4a:6b: 21:54:a0:ff:62:34:59:6f:e4:d9:4e:6c:db:8a:6f: 55:8b:13:04:23:8c:84:8f:f1:14:82:6a:b5:05:a5: 5b:f4:a0:d9:97:5e:b8:62:e5:89:a2:f3:83:05:a0: 1d:58:4f:d6:2e:4d:2b:fa:c1:fc:17:63:b4:34:03: 49:1b:f8:03:7b:fe:d8:5a:40:a9:6f:0b:38:7d:0b: db:3b:f8:fe:b9:e1:d2:89:31:22:37:36:7b:ff:8e: 77:b8:26:f5:1e:09:a5:54:f0:c9:69:7a:a4:02:88: 84:a9:fc:b1:b5:92:a4:db:4d:82:c6:e2:76:57:f0: d7:e1:9a:7c:9b:d0:b5:7c:6f:f2:1b:ac:94:eb:4d: e3:2f:40:e1:2a:9f:98:12:d3:9e:30:60:d2:a7:02: 2c:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:1D:56:03:C2:8F:5A:D4:F8:95:B9:E6:85:D4:5B:52:82:27:BE:B4 X509v3 Authority Key Identifier: keyid:9F:87:52:1F:15:E0:45:72:88:A9:F1:96:A8:C8:86:5C:36:92:21:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n4dSHxXgRXKIqfGWqMiGXDaSIVA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/680589-8472-43eb-b034-21769de4a1a8/1/ch1WA8KPWtT4lbnmhdRbUoInvrQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/680589-8472-43eb-b034-21769de4a1a8/1/n4dSHxXgRXKIqfGWqMiGXDaSIVA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.216.75.0/24 Signature Algorithm: sha256WithRSAEncryption a8:b3:73:50:88:a4:79:0c:1e:81:b7:06:b7:22:71:42:f6:ff: df:b9:fe:78:9d:04:cd:c7:58:9a:63:f2:55:c0:3b:57:7a:47: 0e:bc:2f:9f:07:4b:81:4e:a6:1c:49:57:0e:a1:df:38:f3:5f: 86:cd:68:30:f7:5f:04:94:a5:f5:aa:e2:04:a1:f9:79:67:67: 31:84:1f:85:a1:12:de:a8:09:71:99:d4:35:aa:9e:17:05:fb: d9:44:e3:5f:00:ec:4f:cf:a1:c8:8f:63:b3:2a:ef:19:e7:d7: 26:ee:55:23:9c:ce:c3:42:d0:f8:9c:ea:d4:08:fc:3f:82:74: c0:8c:1d:dc:99:2f:c0:98:2e:16:f1:84:48:49:6c:22:bc:11: 99:e0:2d:83:dc:4a:90:2e:18:8b:83:a8:43:4e:c8:b0:c0:8c: 93:44:26:d7:13:fa:df:64:7c:45:9a:b3:53:0a:ea:62:a4:81: da:70:3e:be:64:65:be:7a:a1:90:ac:75:6a:6f:2d:21:f6:4a: 5d:15:27:99:99:ba:ec:13:4e:12:08:3f:ec:b7:d6:70:23:80: 0f:bd:40:ef:26:3e:5b:0d:83:b1:81:55:0b:dd:96:7d:f6:33: 24:25:30:44:6b:9b:a0:f4:f7:c1:e8:1b:95:cf:ac:69:81:8e: a8:60:a2:e8 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FZEX2NNdNUCQSfxXjveTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmODc1MjFmMTVlMDQ1NzI4OGE5ZjE5NmE4Yzg4NjVjMzY5 MjIxNTAwHhcNMjYwMTAyMTQyMTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MjFkNTYwM2MyOGY1YWQ0Zjg5NWI5ZTY4NWQ0NWI1MjgyMjdiZWI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2gJJoT7/v3l+f+1upIc0C9+BWOJ NaZXIyJ0KhVWmNLKi5PgJBVo9uDk+vFpysliBxlNoTpHvGHL/2T60tSCxjxJovt9 kflYAnFqEhnLcda2/+2oEif3jT2OSoH/yQLFaPRMGfVUSmshVKD/YjRZb+TZTmzb im9VixMEI4yEj/EUgmq1BaVb9KDZl164YuWJovODBaAdWE/WLk0r+sH8F2O0NANJ G/gDe/7YWkCpbws4fQvbO/j+ueHSiTEiNzZ7/453uCb1HgmlVPDJaXqkAoiEqfyx tZKk202CxuJ2V/DX4Zp8m9C1fG/yG6yU603jL0DhKp+YEtOeMGDSpwIsMwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHIdVgPCj1rU+JW55oXUW1KCJ760MB8GA1UdIwQY MBaAFJ+HUh8V4EVyiKnxlqjIhlw2kiFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbjRkU0h4WGdSWEtJcWZHV3FNaUdYRGFTSVZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS82ODA1ODktODQ3Mi00M2ViLWIwMzQt MjE3NjlkZTRhMWE4LzEvY2gxV0E4S1BXdFQ0bGJubWhkUmJVb0ludnJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS82ODA1ODktODQ3Mi00M2ViLWIwMzQtMjE3NjlkZTRhMWE4 LzEvbjRkU0h4WGdSWEtJcWZHV3FNaUdYRGFTSVZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9hLMA0G CSqGSIb3DQEBCwUAA4IBAQCos3NQiKR5DB6Btwa3InFC9v/fuf54nQTNx1iaY/JV wDtXekcOvC+fB0uBTqYcSVcOod8481+GzWgw918ElKX1quIEofl5Z2cxhB+FoRLe qAlxmdQ1qp4XBfvZRONfAOxPz6HIj2OzKu8Z59cm7lUjnM7DQtD4nOrUCPw/gnTA jB3cmS/AmC4W8YRISWwivBGZ4C2D3EqQLhiLg6hDTsiwwIyTRCbXE/rfZHxFmrNT CupipIHacD6+ZGW+eqGQrHVqby0h9kpdFSeZmbrsE04SCD/st9ZwI4APvUDvJj5b DYOxgVUL3ZZ99jMkJTBEa5ug9PfB6BuVz6xpgY6oYKLo -----END CERTIFICATE-----Generated at Mon Jan 12 03:11:34 2026 by rpki-client