This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/4_Hs_qWX8LMFMBOdMWupc1COrZw.roa File: 4_Hs_qWX8LMFMBOdMWupc1COrZw.roa (raw, json) Hash identifier: W+UOeuskG88MJklXzCx9HgorURDeXLbXHLC4PO76/y4= Subject key identifier: E3:F1:EC:FE:A5:97:F0:B3:05:30:13:9D:31:6B:A9:73:50:8E:AD:9C Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10 Certificate serial: 019B77C6CCE7C765EE9F2F354A8E209D6A6A Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/4_Hs_qWX8LMFMBOdMWupc1COrZw.roa Signing time: Thu 01 Jan 2026 04:17:55 +0000 ROA not before: Thu 01 Jan 2026 04:17:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198507 IP address blocks: 2a04:a147::/32 maxlen: 32 2a05:2d07::/32 maxlen: 32 2a06:3e87::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.mft rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 10:11:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:cc:e7:c7:65:ee:9f:2f:35:4a:8e:20:9d:6a:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10 Validity Not Before: Jan 1 04:17:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e3f1ecfea597f0b30530139d316ba973508ead9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:60:a8:dd:1b:d3:8d:e8:db:89:47:52:aa:d9: e8:73:ee:0e:0a:1d:ff:14:8d:53:cb:f8:3c:08:98: 76:1d:1f:3a:00:f6:56:59:e6:a6:4c:58:f6:0e:a5: cd:14:ba:18:bf:e7:33:6a:72:8b:14:76:4e:ba:68: 80:83:98:d6:fc:19:e1:15:67:ba:d2:89:93:2c:5f: 30:9d:3b:89:f1:f8:c2:5c:fe:b7:37:37:9f:76:41: 48:64:99:19:49:6e:e9:cb:28:f7:5d:4f:59:5a:bb: 49:a8:59:51:0e:34:07:f0:55:3f:18:07:82:fa:09: a0:7f:46:5b:86:3d:d5:fd:1b:fd:66:2f:6e:04:88: 54:df:98:7c:43:00:95:17:c0:1b:0f:8c:d8:86:a3: 51:c6:60:60:9b:2b:ec:11:9b:87:ce:f6:95:b5:68: a3:60:0c:9d:5b:b1:d6:2a:d1:73:83:97:9b:0b:69: 6f:9d:0b:76:04:8c:21:10:c1:80:f1:2a:80:d2:cb: bd:3f:6f:18:4a:d0:56:a0:eb:16:78:66:93:27:84: 20:91:47:4a:d0:25:c3:1b:03:4a:9b:d0:11:01:c9: 23:c4:75:c5:21:48:1c:98:86:2d:8c:53:4d:50:07: 66:b7:f4:00:7d:90:7c:67:dc:31:c2:36:87:10:66: b7:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:F1:EC:FE:A5:97:F0:B3:05:30:13:9D:31:6B:A9:73:50:8E:AD:9C X509v3 Authority Key Identifier: keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/4_Hs_qWX8LMFMBOdMWupc1COrZw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a04:a147::/32 2a05:2d07::/32 2a06:3e87::/32 Signature Algorithm: sha256WithRSAEncryption 3d:c6:7e:bb:e4:e9:b2:19:44:e1:16:a6:65:31:ab:07:a8:f8: 48:69:b7:89:47:7a:af:f1:03:5e:f4:38:41:37:52:64:19:b4: 48:89:81:3b:67:61:ee:74:fa:60:af:8c:96:86:64:9e:71:e8: 48:e4:e9:12:cf:5e:aa:7e:70:dd:29:ff:99:6f:de:c9:fa:d5: 92:2c:e4:56:12:ea:8a:1a:1d:1c:13:ad:d2:1e:77:f7:d4:1b: e6:24:50:cf:78:9b:5e:4e:f6:67:66:96:54:59:5f:3a:42:44: 09:21:6e:15:49:7c:22:ab:28:54:45:d3:93:b9:c3:4d:b7:82: 41:da:18:48:9c:23:32:54:29:b9:82:9b:82:4a:02:0f:e2:92: fa:2d:9d:c8:96:16:ab:25:76:4d:6e:3a:88:be:de:72:0b:18: 85:d2:42:fe:95:cc:ec:68:ef:16:00:94:62:e2:07:39:c3:8d: b6:85:4a:44:35:83:38:ba:15:68:14:ba:7c:c1:d2:ff:3d:34: 31:5d:9d:e0:00:bc:44:0b:3d:33:ae:7e:2f:6b:20:e0:b9:b7: 6f:69:a5:33:26:c8:82:b8:69:cd:e4:36:91:42:71:85:91:77: a3:18:69:ba:71:e0:66:f4:b5:4d:18:35:40:f6:c4:98:04:7f: 86:1d:36:de -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3xsznx2Xuny81So4gnWpqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy NzFlMTAwHhcNMjYwMTAxMDQxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlM2YxZWNmZWE1OTdmMGIzMDUzMDEzOWQzMTZiYTk3MzUwOGVhZDljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WCo3RvTjejbiUdSqtnoc+4OCh3/ FI1Ty/g8CJh2HR86APZWWeamTFj2DqXNFLoYv+czanKLFHZOumiAg5jW/BnhFWe6 0omTLF8wnTuJ8fjCXP63NzefdkFIZJkZSW7pyyj3XU9ZWrtJqFlRDjQH8FU/GAeC +gmgf0Zbhj3V/Rv9Zi9uBIhU35h8QwCVF8AbD4zYhqNRxmBgmyvsEZuHzvaVtWij YAydW7HWKtFzg5ebC2lvnQt2BIwhEMGA8SqA0su9P28YStBWoOsWeGaTJ4QgkUdK 0CXDGwNKm9ARAckjxHXFIUgcmIYtjFNNUAdmt/QAfZB8Z9wxwjaHEGa3wQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFOPx7P6ll/CzBTATnTFrqXNQjq2cMB8GA1UdIwQY MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt NjM0MTEzNjdkOTBhLzEvNF9Ic19xV1g4TE1GTUJPZE1XdXBjMUNPclp3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgShRwMF ACoFLQcDBQAqBj6HMA0GCSqGSIb3DQEBCwUAA4IBAQA9xn675OmyGUThFqZlMasH qPhIabeJR3qv8QNe9DhBN1JkGbRIiYE7Z2HudPpgr4yWhmSecehI5OkSz16qfnDd Kf+Zb97J+tWSLORWEuqKGh0cE63SHnf31BvmJFDPeJteTvZnZpZUWV86QkQJIW4V SXwiqyhURdOTucNNt4JB2hhInCMyVCm5gpuCSgIP4pL6LZ3IlharJXZNbjqIvt5y CxiF0kL+lczsaO8WAJRi4gc5w422hUpENYM4uhVoFLp8wdL/PTQxXZ3gALxECz0z rn4vayDgubdvaaUzJsiCuGnN5DaRQnGFkXejGGm6ceBm9LVNGDVA9sSYBH+GHTbe -----END CERTIFICATE-----Generated at Tue Jan 20 17:06:27 2026 by rpki-client