This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/WjHsZr2LYotu7UixbhUPmyhufyM.roa File: WjHsZr2LYotu7UixbhUPmyhufyM.roa (raw, json) Hash identifier: UbFC6dvqvKaXgJmhKzkqauNjGk31aKocZ5d+hid0GEk= Subject key identifier: 5A:31:EC:66:BD:8B:62:8B:6E:ED:48:B1:6E:15:0F:9B:28:6E:7F:23 Certificate issuer: /CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec Certificate serial: 019B7FC46B9B13D182492E706448D7EFE757 Authority key identifier: 46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/WjHsZr2LYotu7UixbhUPmyhufyM.roa Signing time: Fri 02 Jan 2026 17:32:17 +0000 ROA not before: Fri 02 Jan 2026 17:32:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47674 IP address blocks: 185.61.136.0/22 maxlen: 24 185.61.137.0/24 maxlen: 24 185.61.138.0/24 maxlen: 24 185.61.139.0/24 maxlen: 24 2a02:7a60::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.mft rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 10:59:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:c4:6b:9b:13:d1:82:49:2e:70:64:48:d7:ef:e7:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec Validity Not Before: Jan 2 17:32:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5a31ec66bd8b628b6eed48b16e150f9b286e7f23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:d2:70:ec:34:b3:b3:ad:18:13:61:d2:8f:7d: bd:8f:05:05:3b:59:aa:d4:eb:5b:a7:19:60:ca:23: d0:33:c9:6c:1e:3b:cf:e1:38:b4:e0:06:4f:df:80: 6d:3e:b4:2f:b5:5a:ea:20:4a:f0:2d:f6:4c:bf:d9: c6:26:07:cb:c4:30:2c:9a:9a:67:e2:a8:62:54:5d: f4:a8:7c:46:7b:c5:42:e2:79:25:4b:90:37:5a:4f: d9:47:f3:42:32:ea:25:df:fa:ab:9a:65:21:32:8f: a2:6a:f4:ac:7e:cc:10:a4:ff:f0:af:45:3b:ba:29: fd:ce:b8:1d:91:53:67:d4:cf:3e:5b:88:39:d9:2f: 24:fe:33:22:64:0e:fc:25:65:13:5c:6a:1a:bb:51: b4:01:27:78:4f:fe:d1:d0:5c:61:44:d2:b2:98:2a: dd:2a:0b:69:94:5a:2d:23:cb:57:6d:77:6f:d5:95: b3:b0:32:5c:1a:7a:5c:3f:c3:48:64:aa:2e:75:ac: a1:d0:01:60:48:cb:33:a3:47:2c:d0:66:14:3f:3d: 6f:1a:39:e6:bf:16:7d:f0:94:73:84:ae:ed:92:59: 90:5b:45:d5:c2:7c:45:3b:07:20:7a:f2:b2:15:cf: ad:99:36:9b:c7:cc:69:52:35:44:6a:16:9e:47:64: cb:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:31:EC:66:BD:8B:62:8B:6E:ED:48:B1:6E:15:0F:9B:28:6E:7F:23 X509v3 Authority Key Identifier: keyid:46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/WjHsZr2LYotu7UixbhUPmyhufyM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.61.136.0/22 IPv6: 2a02:7a60::/32 Signature Algorithm: sha256WithRSAEncryption 49:bf:a8:e2:b8:de:49:99:31:b4:99:f0:e4:e8:41:98:e4:54: 9b:9f:dd:da:3e:9f:6b:34:c9:80:3d:5a:7e:83:6c:74:8a:76: 56:3a:c8:ca:b8:fe:18:16:db:d3:70:32:4e:80:6d:09:c7:8e: 73:b0:af:24:77:de:ac:9b:e9:d6:96:a7:c9:bf:7e:0b:f6:70: 1d:6a:2d:a8:56:8e:cc:37:3f:7d:0b:be:c6:e7:df:77:0c:79: bb:b4:53:b0:ea:bf:72:ee:e9:3d:24:81:e7:dd:90:19:40:43: 44:d3:d8:f4:12:a7:23:80:b9:72:60:8b:9f:f4:7c:83:11:d5: e4:92:dd:5c:cf:be:df:5b:3b:6b:98:fd:56:61:c2:c1:0f:e7: 3f:94:27:e3:dc:44:7d:f6:eb:5d:27:78:f1:fa:5e:5a:d6:39: 87:27:45:99:60:6a:d3:0a:7b:6e:d1:5f:3b:cc:d8:4e:45:4c: 21:68:f0:6f:1c:be:a1:c6:4a:5c:bd:b6:82:6b:94:2a:13:d6: 5b:3b:0d:b2:23:b9:5d:60:c9:d5:23:98:30:1e:91:c8:57:bc: 77:de:57:ca:f5:d0:03:0d:70:54:ae:29:0f:c7:f4:b6:59:6c: 75:d6:08:aa:b0:07:04:5d:3e:ac:b2:bd:a8:d0:53:ff:de:6c: e3:f7:2f:2a -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/xGubE9GCSS5wZEjX7+dXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2Yzk4YjJlNGEzZTA2MGRlZjQ1YWJjNjJjMGUzNDVmYWE4 MGI1ZWMwHhcNMjYwMTAyMTczMjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YTMxZWM2NmJkOGI2MjhiNmVlZDQ4YjE2ZTE1MGY5YjI4NmU3ZjIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9Jw7DSzs60YE2HSj329jwUFO1mq 1OtbpxlgyiPQM8lsHjvP4Ti04AZP34BtPrQvtVrqIErwLfZMv9nGJgfLxDAsmppn 4qhiVF30qHxGe8VC4nklS5A3Wk/ZR/NCMuol3/qrmmUhMo+iavSsfswQpP/wr0U7 uin9zrgdkVNn1M8+W4g52S8k/jMiZA78JWUTXGoau1G0ASd4T/7R0FxhRNKymCrd KgtplFotI8tXbXdv1ZWzsDJcGnpcP8NIZKoudayh0AFgSMszo0cs0GYUPz1vGjnm vxZ98JRzhK7tklmQW0XVwnxFOwcgevKyFc+tmTabx8xpUjVEahaeR2TL2wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFFox7Ga9i2KLbu1IsW4VD5sobn8jMB8GA1UdIwQY MBaAFEbJiy5KPgYN70WrxiwONF+qgLXsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEt MzQ0OTUyMjcxMGU3LzEvV2pIc1pyMkxZb3R1N1VpeGJoVVBteWh1ZnlNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC8yYWE4ZDEtY2I3MS00OTA0LWE1OTEtMzQ0OTUyMjcxMGU3 LzEvUnNtTExrby1CZzN2UmF2R0xBNDBYNnFBdGV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuT2IMA0E AgACMAcDBQAqAnpgMA0GCSqGSIb3DQEBCwUAA4IBAQBJv6jiuN5JmTG0mfDk6EGY 5FSbn93aPp9rNMmAPVp+g2x0inZWOsjKuP4YFtvTcDJOgG0Jx45zsK8kd96sm+nW lqfJv34L9nAdai2oVo7MNz99C77G5993DHm7tFOw6r9y7uk9JIHn3ZAZQENE09j0 EqcjgLlyYIuf9HyDEdXkkt1cz77fWztrmP1WYcLBD+c/lCfj3ER99utdJ3jx+l5a 1jmHJ0WZYGrTCntu0V87zNhORUwhaPBvHL6hxkpcvbaCa5QqE9ZbOw2yI7ldYMnV I5gwHpHIV7x33lfK9dADDXBUrikPx/S2WWx11giqsAcEXT6ssr2o0FP/3mzj9y8q -----END CERTIFICATE-----Generated at Fri Jan 9 13:31:30 2026 by rpki-client