This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/ceKjGHCvCXf_MEK8NMfyXBnLoVU.roa File: ceKjGHCvCXf_MEK8NMfyXBnLoVU.roa (raw, json) Hash identifier: hhPEmrABIH3Expe/KF3PZ8pAmJCxcVnuEeGLXskO2EU= Subject key identifier: 71:E2:A3:18:70:AF:09:77:FF:30:42:BC:34:C7:F2:5C:19:CB:A1:55 Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13 Certificate serial: 019B7DC97E583018CDBFC372B3ADCD2C76B1 Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/ceKjGHCvCXf_MEK8NMfyXBnLoVU.roa Signing time: Fri 02 Jan 2026 08:18:35 +0000 ROA not before: Fri 02 Jan 2026 08:18:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 174 IP address blocks: 158.46.196.0/22 maxlen: 22 178.171.0.0/20 maxlen: 20 178.171.104.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.mft rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 17:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c9:7e:58:30:18:cd:bf:c3:72:b3:ad:cd:2c:76:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13 Validity Not Before: Jan 2 08:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=71e2a31870af0977ff3042bc34c7f25c19cba155 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:84:3b:c7:ae:91:09:f5:da:e9:31:69:93:74: f9:a2:9b:7b:fa:de:bf:d0:b5:fc:27:1f:81:db:4f: a1:70:a2:70:fd:f0:84:f4:63:76:16:96:53:4c:f5: 39:13:5c:4b:5e:95:4b:ff:55:85:e9:c1:93:47:c2: 96:62:60:51:8d:fb:c5:59:b2:d1:02:56:04:18:bf: 73:ee:2b:8e:9a:c2:1e:b4:ba:1d:41:0c:13:26:5f: 16:99:e5:f3:f3:f7:69:b5:cd:5c:ef:1b:67:b0:f4: cf:56:a3:e8:05:70:67:f4:a8:70:3e:f6:cf:3e:9c: 2d:5c:ec:5a:f2:83:c9:14:93:cc:76:36:c9:a1:5a: 0d:2f:b7:e6:62:01:89:8c:fd:50:db:e4:76:4c:0c: c6:4b:36:7d:db:fd:58:92:2a:c9:77:aa:c5:9e:4b: 7d:6b:20:a9:2f:63:2f:6c:34:36:04:14:44:77:77: 6d:25:cb:c6:35:b6:6e:1b:2e:02:c7:3c:82:97:b8: 1c:18:be:a6:b6:fd:34:ea:35:5d:6a:d9:7e:a7:f8: a5:61:05:bd:e1:64:e7:19:a9:68:1e:38:4f:01:69: 5e:d2:d4:f7:3f:f4:65:62:16:a9:f7:1d:98:dc:c7: ff:45:d4:ef:f3:78:b2:53:07:9a:5a:54:f8:27:35: 76:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:E2:A3:18:70:AF:09:77:FF:30:42:BC:34:C7:F2:5C:19:CB:A1:55 X509v3 Authority Key Identifier: keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/ceKjGHCvCXf_MEK8NMfyXBnLoVU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.46.196.0/22 178.171.0.0/20 178.171.104.0/24 Signature Algorithm: sha256WithRSAEncryption 4d:23:f7:90:d3:61:4b:93:fd:56:65:08:86:da:cb:95:44:56: c1:28:8c:a9:49:40:ef:15:9c:49:db:1b:6e:1a:bb:33:e6:e5: f8:c2:f6:4b:32:e8:f2:8f:e3:0f:a4:d6:67:53:87:05:ae:dd: 52:e3:b5:7b:c0:e4:98:d2:b1:ef:9b:c8:c9:80:8b:ad:1b:c1: d7:f1:b5:d3:cf:88:8d:3e:13:44:b3:db:a3:52:dc:9a:51:ff: 88:a7:ca:82:4c:f1:55:5d:bb:4a:90:4a:d3:a2:da:8a:44:27: df:f6:24:87:3c:b9:2b:04:80:64:eb:4f:a4:71:ff:dd:ac:cc: e0:c8:3f:0d:19:d5:c5:cb:9d:71:ea:47:5d:ad:4f:97:b4:2d: 79:9a:25:e2:8a:b5:90:6d:56:25:dd:f4:62:55:e8:ff:0e:bd: 26:c7:b8:b1:47:83:ad:f1:5c:2b:df:39:d9:16:22:5d:43:a8: 6b:c3:2b:63:3a:e1:ad:8d:ed:3e:9c:a3:91:02:67:5d:b9:f5: 0e:dd:ff:28:dc:21:f1:10:bf:93:16:e0:aa:04:a3:37:6c:42: 24:b8:d5:13:5c:1e:e4:91:a4:0b:6d:22:30:1b:e2:e0:39:68: 97:59:49:37:5e:b4:cc:78:1a:78:e9:4b:5f:ed:8c:1e:c8:35: 44:63:8e:06 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9yX5YMBjNv8Nys63NLHaxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl NjNjMTMwHhcNMjYwMTAyMDgxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MWUyYTMxODcwYWYwOTc3ZmYzMDQyYmMzNGM3ZjI1YzE5Y2JhMTU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloQ7x66RCfXa6TFpk3T5opt7+t6/ 0LX8Jx+B20+hcKJw/fCE9GN2FpZTTPU5E1xLXpVL/1WF6cGTR8KWYmBRjfvFWbLR AlYEGL9z7iuOmsIetLodQQwTJl8WmeXz8/dptc1c7xtnsPTPVqPoBXBn9KhwPvbP PpwtXOxa8oPJFJPMdjbJoVoNL7fmYgGJjP1Q2+R2TAzGSzZ92/1YkirJd6rFnkt9 ayCpL2MvbDQ2BBREd3dtJcvGNbZuGy4CxzyCl7gcGL6mtv006jVdatl+p/ilYQW9 4WTnGaloHjhPAWle0tT3P/RlYhap9x2Y3Mf/RdTv83iyUweaWlT4JzV26QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFHHioxhwrwl3/zBCvDTH8lwZy6FVMB8GA1UdIwQY MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt YmE3NzFmZmQyNjljLzEvY2VLakdIQ3ZDWGZfTUVLOE5NZnlYQm5Mb1ZVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCni7EAwQE sqsAAwQAsqtoMA0GCSqGSIb3DQEBCwUAA4IBAQBNI/eQ02FLk/1WZQiG2suVRFbB KIypSUDvFZxJ2xtuGrsz5uX4wvZLMujyj+MPpNZnU4cFrt1S47V7wOSY0rHvm8jJ gIutG8HX8bXTz4iNPhNEs9ujUtyaUf+Ip8qCTPFVXbtKkErTotqKRCff9iSHPLkr BIBk60+kcf/drMzgyD8NGdXFy51x6kddrU+XtC15miXiirWQbVYl3fRiVej/Dr0m x7ixR4Ot8Vwr3znZFiJdQ6hrwytjOuGtje0+nKORAmddufUO3f8o3CHxEL+TFuCq BKM3bEIkuNUTXB7kkaQLbSIwG+LgOWiXWUk3XrTMeBp46Utf7YweyDVEY44G -----END CERTIFICATE-----Generated at Mon Jan 12 00:54:08 2026 by rpki-client