This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4eafc9-5473-4602-a149-922a16d117dd/1/p0fL_-s25OijH9UglPLyGf3hQ3k.roa File: p0fL_-s25OijH9UglPLyGf3hQ3k.roa (raw, json) Hash identifier: sp4Y+8h1IocJtG1a3SfrXHCpPOK9+n80lPdEb2+Nl4c= Subject key identifier: A7:47:CB:FF:EB:36:E4:E8:A3:1F:D5:20:94:F2:F2:19:FD:E1:43:79 Certificate issuer: /CN=d261cfbc07ec306377dcb16a97a1160c7a6d82cc Certificate serial: 019B7B3683F433B18846DBA05491D7460C0D Authority key identifier: D2:61:CF:BC:07:EC:30:63:77:DC:B1:6A:97:A1:16:0C:7A:6D:82:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mHPvAfsMGN33LFql6EWDHptgsw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4eafc9-5473-4602-a149-922a16d117dd/1/p0fL_-s25OijH9UglPLyGf3hQ3k.roa Signing time: Thu 01 Jan 2026 20:18:48 +0000 ROA not before: Thu 01 Jan 2026 20:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43495 IP address blocks: 91.197.88.0/22 maxlen: 22 194.4.60.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4eafc9-5473-4602-a149-922a16d117dd/1/0mHPvAfsMGN33LFql6EWDHptgsw.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/4eafc9-5473-4602-a149-922a16d117dd/1/0mHPvAfsMGN33LFql6EWDHptgsw.mft rsync://rpki.ripe.net/repository/DEFAULT/0mHPvAfsMGN33LFql6EWDHptgsw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 05:02:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:83:f4:33:b1:88:46:db:a0:54:91:d7:46:0c:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d261cfbc07ec306377dcb16a97a1160c7a6d82cc Validity Not Before: Jan 1 20:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a747cbffeb36e4e8a31fd52094f2f219fde14379 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:3b:84:a1:df:e3:c0:a5:42:1b:02:b8:fc:0a: f1:b0:ef:c8:38:29:0e:a7:92:a8:1d:8b:c1:c7:49: af:4e:1e:4e:88:9b:00:ad:3f:2d:f7:e2:f5:f2:30: c4:4f:d6:87:c1:89:61:69:95:82:63:9f:78:98:4a: b5:16:7a:6b:ee:05:7d:69:e5:d3:9f:c8:e5:40:95: 76:e4:fb:84:71:2b:91:e9:86:28:2f:c4:24:ef:79: c5:17:59:7d:99:40:ad:e8:bf:b7:5f:23:e4:3b:55: 26:23:0c:2b:63:7e:4b:16:5c:78:a1:67:a9:28:1f: 1c:68:2f:de:86:91:d0:9a:ba:48:1d:f7:36:6b:72: 17:90:71:48:c8:86:41:6f:59:49:8d:df:23:b5:fd: 02:df:0a:80:f1:e6:94:10:f5:d7:f1:9f:de:47:8d: 74:59:69:26:d6:d4:47:ba:dd:c4:1e:43:f4:23:d1: d8:29:84:31:c1:11:5b:ea:0a:8a:e3:64:f5:e2:0a: 4a:6a:54:38:10:8a:24:3f:ec:2f:d0:3e:30:1b:44: e5:e1:f7:8c:a4:23:71:26:ac:df:95:26:15:2e:e4: 64:69:50:29:b0:f3:5e:b1:98:21:35:35:f9:76:70: 2b:98:19:9c:bf:3a:6e:f4:c7:e7:b5:7d:3f:05:67: bd:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:47:CB:FF:EB:36:E4:E8:A3:1F:D5:20:94:F2:F2:19:FD:E1:43:79 X509v3 Authority Key Identifier: keyid:D2:61:CF:BC:07:EC:30:63:77:DC:B1:6A:97:A1:16:0C:7A:6D:82:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mHPvAfsMGN33LFql6EWDHptgsw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4eafc9-5473-4602-a149-922a16d117dd/1/p0fL_-s25OijH9UglPLyGf3hQ3k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4eafc9-5473-4602-a149-922a16d117dd/1/0mHPvAfsMGN33LFql6EWDHptgsw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.197.88.0/22 194.4.60.0/22 Signature Algorithm: sha256WithRSAEncryption 62:9c:9c:90:16:cd:27:e2:70:62:c6:11:4c:2e:d1:e1:6c:b3: 6d:ed:61:33:ea:e8:3a:c5:31:f1:9e:ea:7a:5a:9b:d9:3d:31: cc:b0:7d:4f:b5:53:4f:df:77:97:9a:9c:2f:20:b5:6e:1f:1b: 9b:b2:b3:ce:01:77:40:f6:74:4f:b8:3d:4a:d3:53:2a:e5:f1: 4d:e2:21:c8:13:6f:44:6f:56:23:c2:6e:0e:9a:ec:25:8a:f7: 0f:ae:df:7e:60:96:8c:a8:6c:14:bb:14:01:d8:9f:62:44:d1: f3:af:2a:73:4f:bf:97:52:db:be:2b:2b:7c:22:a1:c6:5b:2c: 42:a8:09:d9:af:17:f9:93:68:41:e9:58:54:2d:04:0e:6f:ba: 42:e6:fe:2b:d8:1c:ec:f1:74:b2:e7:a4:83:1d:d9:96:20:4a: e2:6c:70:5b:f3:5e:3a:69:94:26:d1:85:3c:36:5c:a7:cf:3d: 17:e1:35:f3:c0:0b:7f:9a:d9:dc:72:55:3b:d3:65:c6:c9:14: 5d:7a:f2:76:3b:12:16:84:e7:5a:66:60:66:10:b5:7a:bc:07: 9d:d2:60:53:9d:6d:89:c5:b8:bf:96:42:a1:21:f8:83:d1:5f: b2:a7:a2:c0:77:6d:7f:d4:78:26:15:88:62:d0:8b:d3:b2:10: af:51:ac:53 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7NoP0M7GIRtugVJHXRgwNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyNjFjZmJjMDdlYzMwNjM3N2RjYjE2YTk3YTExNjBjN2E2 ZDgyY2MwHhcNMjYwMTAxMjAxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNzQ3Y2JmZmViMzZlNGU4YTMxZmQ1MjA5NGYyZjIxOWZkZTE0Mzc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjuEod/jwKVCGwK4/ArxsO/IOCkO p5KoHYvBx0mvTh5OiJsArT8t9+L18jDET9aHwYlhaZWCY594mEq1Fnpr7gV9aeXT n8jlQJV25PuEcSuR6YYoL8Qk73nFF1l9mUCt6L+3XyPkO1UmIwwrY35LFlx4oWep KB8caC/ehpHQmrpIHfc2a3IXkHFIyIZBb1lJjd8jtf0C3wqA8eaUEPXX8Z/eR410 WWkm1tRHut3EHkP0I9HYKYQxwRFb6gqK42T14gpKalQ4EIokP+wv0D4wG0Tl4feM pCNxJqzflSYVLuRkaVApsPNesZghNTX5dnArmBmcvzpu9MfntX0/BWe9XQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFKdHy//rNuToox/VIJTy8hn94UN5MB8GA1UdIwQY MBaAFNJhz7wH7DBjd9yxapehFgx6bYLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMG1IUHZBZnNNR04zM0xGcWw2RVdESHB0Z3N3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80ZWFmYzktNTQ3My00NjAyLWExNDkt OTIyYTE2ZDExN2RkLzEvcDBmTF8tczI1T2lqSDlVZ2xQTHlHZjNoUTNrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS80ZWFmYzktNTQ3My00NjAyLWExNDktOTIyYTE2ZDExN2Rk LzEvMG1IUHZBZnNNR04zM0xGcWw2RVdESHB0Z3N3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8VYAwQC wgQ8MA0GCSqGSIb3DQEBCwUAA4IBAQBinJyQFs0n4nBixhFMLtHhbLNt7WEz6ug6 xTHxnup6WpvZPTHMsH1PtVNP33eXmpwvILVuHxubsrPOAXdA9nRPuD1K01Mq5fFN 4iHIE29Eb1Yjwm4OmuwlivcPrt9+YJaMqGwUuxQB2J9iRNHzrypzT7+XUtu+Kyt8 IqHGWyxCqAnZrxf5k2hB6VhULQQOb7pC5v4r2Bzs8XSy56SDHdmWIEribHBb8146 aZQm0YU8Nlynzz0X4TXzwAt/mtncclU702XGyRRdevJ2OxIWhOdaZmBmELV6vAed 0mBTnW2Jxbi/lkKhIfiD0V+yp6LAd21/1HgmFYhi0IvTshCvUaxT -----END CERTIFICATE-----Generated at Thu Jan 8 13:45:31 2026 by rpki-client