This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/4pGvXs49YI8yk2z7iMe2w_b3ME8.roa File: 4pGvXs49YI8yk2z7iMe2w_b3ME8.roa (raw, json) Hash identifier: 00+UArGuOsJw8ESY6uvQo/LXZz/3ZRDrz0qSe3DG7Eo= Subject key identifier: E2:91:AF:5E:CE:3D:60:8F:32:93:6C:FB:88:C7:B6:C3:F6:F7:30:4F Certificate issuer: /CN=9bad10f972e6789e2a4377a2c29ee08bc3a367ca Certificate serial: 019B7C1363F6EADF13DCE9F539D4634776B6 Authority key identifier: 9B:AD:10:F9:72:E6:78:9E:2A:43:77:A2:C2:9E:E0:8B:C3:A3:67:CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/4pGvXs49YI8yk2z7iMe2w_b3ME8.roa Signing time: Fri 02 Jan 2026 00:20:04 +0000 ROA not before: Fri 02 Jan 2026 00:20:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205908 IP address blocks: 23.252.72.0/24 maxlen: 24 167.160.18.0/24 maxlen: 24 2a10:4cc0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.crl rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.mft rsync://rpki.ripe.net/repository/DEFAULT/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 18:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:63:f6:ea:df:13:dc:e9:f5:39:d4:63:47:76:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9bad10f972e6789e2a4377a2c29ee08bc3a367ca Validity Not Before: Jan 2 00:20:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e291af5ece3d608f32936cfb88c7b6c3f6f7304f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:70:ef:21:f4:fb:89:2c:7f:ed:02:fc:46:78: c3:cb:5a:bd:c0:39:07:bd:3f:51:b3:6d:ef:db:27: bc:38:f6:f0:2f:b0:07:0c:10:c9:4b:be:61:0e:29: 52:39:75:25:34:1d:71:5a:34:b6:d7:b1:83:19:21: 81:a3:5f:ec:db:d2:ab:e1:8a:41:1b:37:b3:8a:ae: a3:27:56:e9:d5:6f:ee:58:ad:76:17:e6:71:cf:99: 3a:e3:87:a3:4c:d5:4d:06:53:ab:ac:69:23:4d:67: 2a:78:c4:83:f4:23:31:dc:f0:46:98:5c:87:11:c6: f9:c3:76:ca:40:1a:f8:fa:5a:29:cf:83:7b:9b:d0: 0f:4e:19:e6:8e:8e:84:c1:b3:cd:74:48:38:95:af: 7f:c2:b0:74:fe:74:8d:f4:49:d4:90:5f:e4:30:4c: 85:ea:3e:f5:c8:1f:d1:4c:03:26:5b:e1:45:c0:1c: 28:43:0f:2a:16:20:7e:21:35:99:41:a4:91:c5:26: 92:07:4a:75:89:08:d2:57:77:9e:ec:07:56:fb:00: bb:2a:8a:c0:91:6c:61:c9:44:10:c8:22:72:6c:e8: 39:86:3f:99:a4:c0:20:59:7b:b5:0a:48:63:43:d5: 74:25:4a:b5:80:71:c0:7f:7b:d7:3c:ab:1a:19:06: 5e:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:91:AF:5E:CE:3D:60:8F:32:93:6C:FB:88:C7:B6:C3:F6:F7:30:4F X509v3 Authority Key Identifier: keyid:9B:AD:10:F9:72:E6:78:9E:2A:43:77:A2:C2:9E:E0:8B:C3:A3:67:CA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/4pGvXs49YI8yk2z7iMe2w_b3ME8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/48/b4f6d3-a4c0-437c-b4c6-0d3814ea73c7/1/m60Q-XLmeJ4qQ3eiwp7gi8OjZ8o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 23.252.72.0/24 167.160.18.0/24 IPv6: 2a10:4cc0::/29 Signature Algorithm: sha256WithRSAEncryption 74:03:30:b6:8f:35:88:93:89:ed:ac:cc:61:fc:17:ca:7a:80: f3:4b:0c:75:57:0f:f3:33:07:3e:c8:8b:1c:59:e9:b2:a3:c2: 2b:d9:bb:b8:b2:13:49:c6:ad:2d:b8:35:70:58:a2:55:49:3e: 24:5b:13:da:00:45:88:9c:05:a1:73:cd:16:b4:26:7b:82:4e: 03:34:93:b9:8d:4b:c5:96:77:45:0e:2c:30:c6:8b:0f:ee:7e: 9e:5e:8f:1e:2b:97:83:b5:46:3d:cd:e9:2f:18:59:b9:72:52: 6c:93:04:e0:cf:5d:e3:c0:ae:b3:01:7c:26:3d:8d:a7:3d:ba: 6a:d1:b5:e5:f4:41:80:4a:0d:a2:03:be:dd:b6:c1:c6:e2:23: e2:22:c4:65:d4:7c:c2:43:80:73:b8:cc:f5:af:4b:51:31:c9: b1:5f:3b:27:ef:9b:f4:81:b7:58:6a:23:06:fb:8a:df:55:c7: cd:0b:51:10:10:8a:a3:63:53:61:1b:f3:b4:6c:81:17:df:80: 69:b7:0f:34:60:23:18:f1:85:e9:36:b7:68:45:f1:a8:4b:52: 22:ad:a5:4d:a1:e7:cf:23:c6:74:01:55:1e:5e:9c:18:a9:9d: 34:52:97:eb:66:9e:57:8d:40:2a:7c:13:25:80:7b:87:3c:ad: 95:e4:de:07 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8E2P26t8T3On1OdRjR3a2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDliYWQxMGY5NzJlNjc4OWUyYTQzNzdhMmMyOWVlMDhiYzNh MzY3Y2EwHhcNMjYwMTAyMDAyMDA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMjkxYWY1ZWNlM2Q2MDhmMzI5MzZjZmI4OGM3YjZjM2Y2ZjczMDRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3DvIfT7iSx/7QL8RnjDy1q9wDkH vT9Rs23v2ye8OPbwL7AHDBDJS75hDilSOXUlNB1xWjS217GDGSGBo1/s29Kr4YpB Gzeziq6jJ1bp1W/uWK12F+Zxz5k644ejTNVNBlOrrGkjTWcqeMSD9CMx3PBGmFyH Ecb5w3bKQBr4+lopz4N7m9APThnmjo6EwbPNdEg4la9/wrB0/nSN9EnUkF/kMEyF 6j71yB/RTAMmW+FFwBwoQw8qFiB+ITWZQaSRxSaSB0p1iQjSV3ee7AdW+wC7KorA kWxhyUQQyCJybOg5hj+ZpMAgWXu1CkhjQ9V0JUq1gHHAf3vXPKsaGQZerwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFOKRr17OPWCPMpNs+4jHtsP29zBPMB8GA1UdIwQY MBaAFJutEPly5nieKkN3osKe4IvDo2fKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbTYwUS1YTG1lSjRxUTNlaXdwN2dpOE9qWjhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9iNGY2ZDMtYTRjMC00MzdjLWI0YzYt MGQzODE0ZWE3M2M3LzEvNHBHdlhzNDlZSTh5azJ6N2lNZTJ3X2IzTUU4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OC9iNGY2ZDMtYTRjMC00MzdjLWI0YzYtMGQzODE0ZWE3M2M3 LzEvbTYwUS1YTG1lSjRxUTNlaXdwN2dpOE9qWjhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAF/xIAwQA p6ASMA0EAgACMAcDBQMqEEzAMA0GCSqGSIb3DQEBCwUAA4IBAQB0AzC2jzWIk4nt rMxh/BfKeoDzSwx1Vw/zMwc+yIscWemyo8Ir2bu4shNJxq0tuDVwWKJVST4kWxPa AEWInAWhc80WtCZ7gk4DNJO5jUvFlndFDiwwxosP7n6eXo8eK5eDtUY9zekvGFm5 clJskwTgz13jwK6zAXwmPY2nPbpq0bXl9EGASg2iA77dtsHG4iPiIsRl1HzCQ4Bz uMz1r0tRMcmxXzsn75v0gbdYaiMG+4rfVcfNC1EQEIqjY1NhG/O0bIEX34Bptw80 YCMY8YXpNrdoRfGoS1IiraVNoefPI8Z0AVUeXpwYqZ00UpfrZp5XjUAqfBMlgHuH PK2V5N4H -----END CERTIFICATE-----Generated at Tue Jan 27 03:57:55 2026 by rpki-client