This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/4QHKJAt_J6Dk7DS-fI90Y5fyecM.roa File: 4QHKJAt_J6Dk7DS-fI90Y5fyecM.roa (raw, json) Hash identifier: /2OJEfbC2dma7BW4mnYblDtLqxXKsA1Bb6esmzFMKVw= Subject key identifier: E1:01:CA:24:0B:7F:27:A0:E4:EC:34:BE:7C:8F:74:63:97:F2:79:C3 Certificate issuer: /CN=a2893a4b284acb5d8a4164289045492109511688 Certificate serial: 019B7834B3D5BE533A5F847AAF95D77892F0 Authority key identifier: A2:89:3A:4B:28:4A:CB:5D:8A:41:64:28:90:45:49:21:09:51:16:88 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/4QHKJAt_J6Dk7DS-fI90Y5fyecM.roa Signing time: Thu 01 Jan 2026 06:17:58 +0000 ROA not before: Thu 01 Jan 2026 06:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9009 IP address blocks: 45.67.101.0/24 maxlen: 24 45.67.102.0/24 maxlen: 24 45.67.103.0/24 maxlen: 24 45.87.168.0/22 maxlen: 24 95.214.136.0/22 maxlen: 24 185.25.156.0/22 maxlen: 24 185.25.157.0/24 maxlen: 24 185.25.158.0/24 maxlen: 24 185.25.159.0/24 maxlen: 24 185.175.160.0/22 maxlen: 24 185.182.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/ook6SyhKy12KQWQokEVJIQlRFog.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/ook6SyhKy12KQWQokEVJIQlRFog.mft rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 03:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:b3:d5:be:53:3a:5f:84:7a:af:95:d7:78:92:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2893a4b284acb5d8a4164289045492109511688 Validity Not Before: Jan 1 06:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e101ca240b7f27a0e4ec34be7c8f746397f279c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:3c:b1:3f:65:3e:a0:6d:5b:42:8b:be:3b:0a: 5e:8e:ba:b4:c1:37:24:31:54:3b:99:38:af:7e:88: 30:ec:71:f3:e7:d8:ed:f9:4a:ab:66:54:7f:34:0b: fe:1a:13:6d:36:a8:47:1e:b7:2f:f5:65:46:44:21: 08:10:3d:14:11:de:80:2e:ef:fd:53:39:6b:4a:51: 9a:3a:e9:22:6e:37:1d:40:0c:9c:54:5d:b5:fe:98: 0e:b1:35:7d:57:b5:98:5f:f8:bb:0e:bc:f1:53:00: ae:5a:d0:84:cb:03:f2:f7:8b:82:a9:17:b6:65:c9: 0d:18:30:ff:e8:71:81:81:22:18:5b:68:74:47:b4: a5:2d:bf:de:30:1a:ab:c0:60:da:9c:3e:70:26:87: d0:a5:49:43:32:ce:cb:e2:1c:6f:00:1c:7e:58:ce: 6c:a0:8a:2a:98:78:6a:43:50:ac:67:f4:6a:12:13: b4:c8:4d:e4:0a:57:a3:61:e8:15:8b:e7:88:b0:cc: 31:11:4f:5d:2c:73:3f:93:67:ea:68:74:27:bb:f6: ef:52:6e:0b:37:6d:0c:20:5d:05:e8:93:1a:22:17: d3:65:ee:f0:53:4e:ab:57:32:39:c9:97:e4:d5:1c: 04:43:f4:26:ad:aa:9e:4a:01:1a:42:d0:8e:19:38: b1:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:01:CA:24:0B:7F:27:A0:E4:EC:34:BE:7C:8F:74:63:97:F2:79:C3 X509v3 Authority Key Identifier: keyid:A2:89:3A:4B:28:4A:CB:5D:8A:41:64:28:90:45:49:21:09:51:16:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ook6SyhKy12KQWQokEVJIQlRFog.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/4QHKJAt_J6Dk7DS-fI90Y5fyecM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/b487ab-5e31-4117-ada8-a5d3cb918206/1/ook6SyhKy12KQWQokEVJIQlRFog.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.67.101.0-45.67.103.255 45.87.168.0/22 95.214.136.0/22 185.25.156.0/22 185.175.160.0/22 185.182.240.0/22 Signature Algorithm: sha256WithRSAEncryption 72:10:a6:c2:6c:78:2b:7c:c1:e0:d9:ff:93:d7:10:02:1d:88: 9f:59:81:e8:75:78:53:48:3b:06:9b:24:c2:c1:64:51:a9:f6: 3c:f9:0f:09:a4:ef:84:a7:bd:6a:43:5b:1d:d2:01:27:36:6f: 07:d6:cd:d8:47:e0:59:f4:8c:97:a7:67:24:b5:05:69:4e:55: 4b:9e:2c:e3:40:c5:94:f6:7d:90:dd:db:38:2f:22:7d:c6:51: e2:c3:08:80:a8:eb:fe:61:9d:3c:bf:51:7d:13:19:42:ec:71: a1:c6:15:88:80:18:b9:6c:92:8a:db:a0:df:c1:23:7f:12:10: fd:52:ac:dd:b0:d4:7b:ed:01:40:07:f5:0b:54:e3:14:79:d5: 45:ff:6e:38:49:a1:bd:19:83:b7:31:70:a6:fb:8f:a1:cd:42: 41:45:d3:30:d6:3e:a1:af:19:4f:3d:68:99:5b:04:af:78:41: a0:a8:95:fa:6e:29:79:21:56:99:ef:15:73:6d:0e:f1:2e:2e: 73:a3:7f:0f:a3:1c:eb:f0:f4:6e:0b:49:12:84:9f:49:b5:d3: fb:f3:a7:75:7e:00:52:08:26:89:1b:fb:df:31:50:e0:82:1b: d9:ea:84:b1:99:4d:7d:77:7a:a5:38:32:3a:b4:bf:71:35:11: 59:6e:7c:2c -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAZt4NLPVvlM6X4R6r5XXeJLwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyODkzYTRiMjg0YWNiNWQ4YTQxNjQyODkwNDU0OTIxMDk1 MTE2ODgwHhcNMjYwMTAxMDYxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMTAxY2EyNDBiN2YyN2EwZTRlYzM0YmU3YzhmNzQ2Mzk3ZjI3OWMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzyxP2U+oG1bQou+Owpejrq0wTck MVQ7mTivfogw7HHz59jt+UqrZlR/NAv+GhNtNqhHHrcv9WVGRCEIED0UEd6ALu/9 UzlrSlGaOukibjcdQAycVF21/pgOsTV9V7WYX/i7DrzxUwCuWtCEywPy94uCqRe2 ZckNGDD/6HGBgSIYW2h0R7SlLb/eMBqrwGDanD5wJofQpUlDMs7L4hxvABx+WM5s oIoqmHhqQ1CsZ/RqEhO0yE3kClejYegVi+eIsMwxEU9dLHM/k2fqaHQnu/bvUm4L N20MIF0F6JMaIhfTZe7wU06rVzI5yZfk1RwEQ/QmraqeSgEaQtCOGTix8QIDAQAB o4ICLzCCAiswHQYDVR0OBBYEFOEByiQLfyeg5Ow0vnyPdGOX8nnDMB8GA1UdIwQY MBaAFKKJOksoSstdikFkKJBFSSEJURaIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb29rNlN5aEt5MTJLUVdRb2tFVkpJUWxSRm9nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iNDg3YWItNWUzMS00MTE3LWFkYTgt YTVkM2NiOTE4MjA2LzEvNFFIS0pBdF9KNkRrN0RTLWZJOTBZNWZ5ZWNNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC9iNDg3YWItNWUzMS00MTE3LWFkYTgtYTVkM2NiOTE4MjA2 LzEvb29rNlN5aEt5MTJLUVdRb2tFVkpJUWxSRm9nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAAtQ2UD BAMtQ2ADBAItV6gDBAJf1ogDBAK5GZwDBAK5r6ADBAK5tvAwDQYJKoZIhvcNAQEL BQADggEBAHIQpsJseCt8weDZ/5PXEAIdiJ9Zgeh1eFNIOwabJMLBZFGp9jz5Dwmk 74SnvWpDWx3SASc2bwfWzdhH4Fn0jJenZyS1BWlOVUueLONAxZT2fZDd2zgvIn3G UeLDCICo6/5hnTy/UX0TGULscaHGFYiAGLlskorboN/BI38SEP1SrN2w1HvtAUAH 9QtU4xR51UX/bjhJob0Zg7cxcKb7j6HNQkFF0zDWPqGvGU89aJlbBK94QaColfpu KXkhVpnvFXNtDvEuLnOjfw+jHOvw9G4LSRKEn0m10/vzp3V+AFIIJokb+98xUOCC G9nqhLGZTX13eqU4Mjq0v3E1EVlufCw= -----END CERTIFICATE-----Generated at Sun Jan 18 08:54:48 2026 by rpki-client