This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/254ea2-974f-44b1-b239-5a377c8791f5/1/4lr4lTLzUsl_oOphlDzjGarGvD0.roa File: 4lr4lTLzUsl_oOphlDzjGarGvD0.roa (raw, json) Hash identifier: vcrliew1ggAomICQ3Ll7G98Kkg8l5iMJ9jax8lEhRcs= Subject key identifier: E2:5A:F8:95:32:F3:52:C9:7F:A0:EA:61:94:3C:E3:19:AA:C6:BC:3D Certificate issuer: /CN=03536e1a68e944b2347908b8bdfe7740d8e8aa43 Certificate serial: 019B7D5BBB5F87B14EEBE9FAF4A33B162B01 Authority key identifier: 03:53:6E:1A:68:E9:44:B2:34:79:08:B8:BD:FE:77:40:D8:E8:AA:43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A1NuGmjpRLI0eQi4vf53QNjoqkM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/254ea2-974f-44b1-b239-5a377c8791f5/1/4lr4lTLzUsl_oOphlDzjGarGvD0.roa Signing time: Fri 02 Jan 2026 06:18:42 +0000 ROA not before: Fri 02 Jan 2026 06:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43118 IP address blocks: 46.187.128.0/17 maxlen: 17 78.152.0.0/19 maxlen: 19 91.203.244.0/22 maxlen: 22 95.108.0.0/17 maxlen: 17 195.42.140.0/23 maxlen: 23 2a02:2a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/254ea2-974f-44b1-b239-5a377c8791f5/1/A1NuGmjpRLI0eQi4vf53QNjoqkM.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/254ea2-974f-44b1-b239-5a377c8791f5/1/A1NuGmjpRLI0eQi4vf53QNjoqkM.mft rsync://rpki.ripe.net/repository/DEFAULT/A1NuGmjpRLI0eQi4vf53QNjoqkM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:bb:5f:87:b1:4e:eb:e9:fa:f4:a3:3b:16:2b:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03536e1a68e944b2347908b8bdfe7740d8e8aa43 Validity Not Before: Jan 2 06:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e25af89532f352c97fa0ea61943ce319aac6bc3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:85:c3:2a:5f:08:9e:e7:25:88:1c:49:c4:a2: 76:b3:8a:4d:5a:ca:67:98:11:9a:ad:5e:65:eb:32: 52:ce:71:ea:0f:fb:c9:49:41:ee:df:0a:41:69:f9: cf:28:85:98:8f:7f:94:ed:07:63:05:4b:1c:b5:d1: 1b:70:60:01:24:bb:ff:f7:2f:61:72:cb:a3:36:f3: be:45:11:a2:bb:66:c5:44:6a:a1:7f:c8:8a:24:d9: 04:04:f1:6f:7c:93:08:3b:67:ca:6b:b5:d4:de:28: 37:21:a3:05:b8:55:9a:5a:55:c9:2a:fe:73:3f:17: 95:bf:4d:9e:47:f8:07:3b:c5:6f:62:a5:dd:e3:08: d6:fd:6c:d5:86:84:c4:3c:1c:b4:ad:91:88:33:8d: 95:0a:6b:fc:35:d4:a0:f6:d0:19:be:d2:0e:37:f2: 07:b2:ca:ea:65:98:bc:f7:fc:85:ae:c3:7b:24:82: d4:83:0b:c7:f5:d5:ab:14:d0:cd:45:01:b5:fd:37: 47:94:89:64:65:d8:7e:31:61:9d:18:34:ca:8c:42: 5a:92:25:75:36:4c:b5:8f:e2:78:a5:25:e1:b5:e7: 54:7a:da:84:d2:69:8c:99:f4:3a:b2:82:a2:e9:4f: 5e:1e:ba:25:2c:b4:34:a6:b2:b9:11:87:5d:12:e5: 72:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:5A:F8:95:32:F3:52:C9:7F:A0:EA:61:94:3C:E3:19:AA:C6:BC:3D X509v3 Authority Key Identifier: keyid:03:53:6E:1A:68:E9:44:B2:34:79:08:B8:BD:FE:77:40:D8:E8:AA:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1NuGmjpRLI0eQi4vf53QNjoqkM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/254ea2-974f-44b1-b239-5a377c8791f5/1/4lr4lTLzUsl_oOphlDzjGarGvD0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/254ea2-974f-44b1-b239-5a377c8791f5/1/A1NuGmjpRLI0eQi4vf53QNjoqkM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.187.128.0/17 78.152.0.0/19 91.203.244.0/22 95.108.0.0/17 195.42.140.0/23 IPv6: 2a02:2a0::/32 Signature Algorithm: sha256WithRSAEncryption 63:bc:bf:12:ed:e8:e9:e4:c2:c3:5d:26:58:46:aa:ae:40:e6: 0b:d3:19:11:78:5b:c2:90:11:d7:64:ef:44:ab:5a:2f:94:f5: 0e:c6:b8:71:f4:15:33:f1:4c:06:0c:90:46:e4:c5:6b:e5:22: cd:6c:fc:f1:44:ba:42:14:93:88:73:db:d3:db:bc:03:19:01: b9:d2:64:f3:42:fc:3b:d9:69:62:d7:0c:ef:65:d8:8a:56:24: 5d:93:0d:08:c0:50:7f:ea:e9:2c:6d:14:0f:bb:55:35:1c:6c: 46:93:67:87:d9:d7:c8:fb:74:82:0e:7a:ea:9d:40:a4:da:75: c2:a8:9d:3a:19:c3:8b:2d:4e:3d:9b:b0:6a:6b:0e:72:8e:7d: 4c:ec:c4:44:87:39:d2:63:2e:6f:ac:e9:e8:d2:a1:12:e3:fa: d4:b5:b4:a4:7f:c9:47:ae:ee:61:c0:3e:da:90:6f:a2:a8:c1: c8:2c:8e:17:ae:6d:0e:76:b9:83:44:b1:57:d8:09:4a:97:64: a3:fb:6d:1b:dc:24:79:ea:fd:98:ba:38:8f:8d:31:0f:88:b5: fe:8f:ee:f0:a0:92:32:90:c5:1a:b7:29:e2:17:b6:68:88:ca: 3e:17:d5:d6:99:3d:6c:34:46:58:31:46:08:bf:15:e4:ad:a4: f0:2f:b3:28 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt9W7tfh7FO6+n69KM7FisBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzNTM2ZTFhNjhlOTQ0YjIzNDc5MDhiOGJkZmU3NzQwZDhl OGFhNDMwHhcNMjYwMTAyMDYxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMjVhZjg5NTMyZjM1MmM5N2ZhMGVhNjE5NDNjZTMxOWFhYzZiYzNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4XDKl8InucliBxJxKJ2s4pNWspn mBGarV5l6zJSznHqD/vJSUHu3wpBafnPKIWYj3+U7QdjBUsctdEbcGABJLv/9y9h csujNvO+RRGiu2bFRGqhf8iKJNkEBPFvfJMIO2fKa7XU3ig3IaMFuFWaWlXJKv5z PxeVv02eR/gHO8VvYqXd4wjW/WzVhoTEPBy0rZGIM42VCmv8NdSg9tAZvtION/IH ssrqZZi89/yFrsN7JILUgwvH9dWrFNDNRQG1/TdHlIlkZdh+MWGdGDTKjEJakiV1 Nky1j+J4pSXhtedUetqE0mmMmfQ6soKi6U9eHrolLLQ0prK5EYddEuVy2QIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFOJa+JUy81LJf6DqYZQ84xmqxrw9MB8GA1UdIwQY MBaAFANTbhpo6USyNHkIuL3+d0DY6KpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQTFOdUdtanBSTEkwZVFpNHZmNTNRTmpvcWtNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8yNTRlYTItOTc0Zi00NGIxLWIyMzkt NWEzNzdjODc5MWY1LzEvNGxyNGxUTHpVc2xfb09waGxEempHYXJHdkQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS8yNTRlYTItOTc0Zi00NGIxLWIyMzktNWEzNzdjODc5MWY1 LzEvQTFOdUdtanBSTEkwZVFpNHZmNTNRTmpvcWtNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQHLruAAwQF TpgAAwQCW8v0AwQHX2wAAwQBwyqMMA0EAgACMAcDBQAqAgKgMA0GCSqGSIb3DQEB CwUAA4IBAQBjvL8S7ejp5MLDXSZYRqquQOYL0xkReFvCkBHXZO9Eq1ovlPUOxrhx 9BUz8UwGDJBG5MVr5SLNbPzxRLpCFJOIc9vT27wDGQG50mTzQvw72Wli1wzvZdiK ViRdkw0IwFB/6uksbRQPu1U1HGxGk2eH2dfI+3SCDnrqnUCk2nXCqJ06GcOLLU49 m7Bqaw5yjn1M7MREhznSYy5vrOno0qES4/rUtbSkf8lHru5hwD7akG+iqMHILI4X rm0OdrmDRLFX2AlKl2Sj+20b3CR56v2YujiPjTEPiLX+j+7woJIykMUatyniF7Zo iMo+F9XWmT1sNEZYMUYIvxXkraTwL7Mo -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:50 2026 by rpki-client