This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/aB8YsQajO5vsG_dGMtQzCv70utE.roa File: aB8YsQajO5vsG_dGMtQzCv70utE.roa (raw, json) Hash identifier: ucgRD6r1Y1kDsBy85mHGSMRU5Fdf30W1uPDxejD/J18= Subject key identifier: 68:1F:18:B1:06:A3:3B:9B:EC:1B:F7:46:32:D4:33:0A:FE:F4:BA:D1 Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2 Certificate serial: 019B7DCB2132F020580DCA64EB04447FA17A Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/aB8YsQajO5vsG_dGMtQzCv70utE.roa Signing time: Fri 02 Jan 2026 08:20:22 +0000 ROA not before: Fri 02 Jan 2026 08:20:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42708 IP address blocks: 45.11.182.0/24 maxlen: 24 91.242.219.0/24 maxlen: 24 109.230.199.0/24 maxlen: 24 194.76.224.0/24 maxlen: 24 2a0b:7140:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.mft rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:21:32:f0:20:58:0d:ca:64:eb:04:44:7f:a1:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2 Validity Not Before: Jan 2 08:20:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=681f18b106a33b9bec1bf74632d4330afef4bad1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:33:23:51:c3:ad:14:86:39:da:00:2d:93:b6: 66:30:15:11:e1:05:48:43:82:09:4b:13:7e:87:fe: b7:41:49:20:9b:67:19:a6:e4:7f:78:ae:23:23:e1: 11:73:4d:fb:e7:fe:32:14:f2:c4:01:ac:57:ef:c4: 93:01:aa:6c:78:d4:bb:62:8e:ac:53:3d:cc:97:ad: af:e9:bc:c7:22:31:1d:14:0a:12:46:ec:90:16:88: 39:59:37:21:13:b7:66:4b:3e:ba:b2:24:2b:ab:07: 11:aa:1a:f1:16:db:f0:df:18:56:92:0a:e4:30:62: a5:74:ee:84:b7:7f:c0:3d:59:da:d6:78:79:ab:74: 48:6a:0f:24:bf:32:62:6c:2a:93:db:be:97:87:34: 46:40:d8:d7:49:fc:81:73:cf:44:44:49:8f:8d:f0: 70:02:6c:b2:0a:dd:c6:bc:7c:32:db:77:12:b6:cc: 07:37:a6:2e:b0:47:f8:ce:92:9a:a5:1f:1e:b7:1d: 57:36:d9:17:cc:fc:dd:56:b6:6f:01:a8:8a:96:53: 76:03:2f:ad:25:12:1e:07:fa:48:29:52:a7:a7:1f: e1:b2:0e:fa:1e:89:15:29:1e:8a:04:6f:0d:dd:db: aa:06:a6:27:ad:bb:00:9f:f0:4c:ce:5c:79:b7:a7: 12:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:1F:18:B1:06:A3:3B:9B:EC:1B:F7:46:32:D4:33:0A:FE:F4:BA:D1 X509v3 Authority Key Identifier: keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/aB8YsQajO5vsG_dGMtQzCv70utE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.11.182.0/24 91.242.219.0/24 109.230.199.0/24 194.76.224.0/24 IPv6: 2a0b:7140:3::/48 Signature Algorithm: sha256WithRSAEncryption a3:86:40:92:cd:0e:de:5a:6f:8b:0e:77:61:d9:b4:ab:cb:c8: 70:d6:1b:cd:0d:e5:76:93:3e:88:a2:db:bb:09:6b:56:14:63: ec:81:26:f7:5d:5b:67:c8:a5:5e:20:36:07:3f:14:f2:c4:45: 72:e9:e5:d0:2d:ed:14:b5:59:ca:cd:21:1d:dd:a7:3e:9a:38: 2c:13:34:b6:80:e3:67:fc:77:81:19:4d:26:a6:ff:eb:6a:9b: 28:95:88:ce:d8:47:26:af:e3:11:fb:2a:fa:8a:57:5d:1c:3a: 1d:53:8e:5b:c8:d3:3f:fb:c7:72:2e:43:74:97:09:59:6c:a3: 20:1d:10:24:4c:e2:03:32:75:0b:78:75:e2:a5:4a:fb:4b:94: 6f:b4:22:fb:51:db:06:e6:37:b5:5a:b7:57:fe:5e:4d:0c:8f: 28:82:2d:de:d3:1a:a8:73:0f:12:b0:a1:c9:d1:7d:ff:08:1c: 53:91:e7:ca:98:ad:db:04:da:99:eb:da:73:64:69:1b:4f:00: 5d:5f:3e:c8:0f:b0:d7:63:ae:b7:56:7b:5a:df:b1:7c:eb:c8: e0:c9:d1:db:25:2e:32:39:99:2d:77:5b:ca:32:7d:78:cf:01: 3e:b8:09:b7:1f:5e:57:b9:39:de:a8:a9:55:98:22:dc:61:53: b1:09:65:93 -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZt9yyEy8CBYDcpk6wREf6F6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy MWZjZjIwHhcNMjYwMTAyMDgyMDIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODFmMThiMTA2YTMzYjliZWMxYmY3NDYzMmQ0MzMwYWZlZjRiYWQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjMjUcOtFIY52gAtk7ZmMBUR4QVI Q4IJSxN+h/63QUkgm2cZpuR/eK4jI+ERc0375/4yFPLEAaxX78STAapseNS7Yo6s Uz3Ml62v6bzHIjEdFAoSRuyQFog5WTchE7dmSz66siQrqwcRqhrxFtvw3xhWkgrk MGKldO6Et3/APVna1nh5q3RIag8kvzJibCqT276XhzRGQNjXSfyBc89EREmPjfBw AmyyCt3GvHwy23cStswHN6YusEf4zpKapR8etx1XNtkXzPzdVrZvAaiKllN2Ay+t JRIeB/pIKVKnpx/hsg76HokVKR6KBG8N3duqBqYnrbsAn/BMzlx5t6cSLwIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFGgfGLEGozub7Bv3RjLUMwr+9LrRMB8GA1UdIwQY MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt Mzk1NTk1OWVhZjgxLzEvYUI4WXNRYWpPNXZzR19kR010UXpDdjcwdXRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQALQu2AwQA W/LbAwQAbebHAwQAwkzgMA8EAgACMAkDBwAqC3FAAAMwDQYJKoZIhvcNAQELBQAD ggEBAKOGQJLNDt5ab4sOd2HZtKvLyHDWG80N5XaTPoii27sJa1YUY+yBJvddW2fI pV4gNgc/FPLERXLp5dAt7RS1WcrNIR3dpz6aOCwTNLaA42f8d4EZTSam/+tqmyiV iM7YRyav4xH7KvqKV10cOh1TjlvI0z/7x3IuQ3SXCVlsoyAdECRM4gMydQt4deKl SvtLlG+0IvtR2wbmN7Vat1f+Xk0MjyiCLd7TGqhzDxKwocnRff8IHFOR58qYrdsE 2pnr2nNkaRtPAF1fPsgPsNdjrrdWe1rfsXzryODJ0dslLjI5mS13W8oyfXjPAT64 CbcfXle5Od6oqVWYItxhU7EJZZM= -----END CERTIFICATE-----Generated at Mon Jan 19 17:50:59 2026 by rpki-client