This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/kneTFHssdpRkfp917HvR9pp0knM.roa File: kneTFHssdpRkfp917HvR9pp0knM.roa (raw, json) Hash identifier: Q0Z0lTZO2s3Ki+igcl/rjlfo3o507lYeXHkCl1jp7DE= Subject key identifier: 92:77:93:14:7B:2C:76:94:64:7E:9F:75:EC:7B:D1:F6:9A:74:92:73 Certificate issuer: /CN=fb70de840fd6bf4b0afd1274e44efd1b8665762c Certificate serial: 019B7F13BB49FAD688D3E6FC73E43100C559 Authority key identifier: FB:70:DE:84:0F:D6:BF:4B:0A:FD:12:74:E4:4E:FD:1B:86:65:76:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3DehA_Wv0sK_RJ05E79G4Zldiw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/kneTFHssdpRkfp917HvR9pp0knM.roa Signing time: Fri 02 Jan 2026 14:19:18 +0000 ROA not before: Fri 02 Jan 2026 14:19:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1299 IP address blocks: 46.254.111.0/24 maxlen: 24 2a11:c900::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/1-3DehA_Wv0sK_RJ05E79G4Zldiw.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/1-3DehA_Wv0sK_RJ05E79G4Zldiw.mft rsync://rpki.ripe.net/repository/DEFAULT/1-3DehA_Wv0sK_RJ05E79G4Zldiw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 23:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:bb:49:fa:d6:88:d3:e6:fc:73:e4:31:00:c5:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fb70de840fd6bf4b0afd1274e44efd1b8665762c Validity Not Before: Jan 2 14:19:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=927793147b2c7694647e9f75ec7bd1f69a749273 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:81:01:71:0d:b3:06:cf:11:ce:33:ac:ff:1b:c9: f3:57:14:f4:fb:6d:ff:a9:6a:d2:5d:8c:cb:d8:eb: f2:fa:26:86:40:88:5f:8d:91:68:a2:96:7f:34:cf: 3e:b1:d2:ea:9a:04:9a:cd:24:6f:fe:ad:c5:8c:fa: d1:7d:3e:3d:89:b0:6c:52:7f:ce:f3:2e:81:a9:73: 5d:df:65:96:78:22:3a:83:f0:a2:47:ec:78:14:c3: e1:cf:ed:ce:32:a8:4a:84:21:07:9b:5c:15:3c:46: ab:ec:c6:4d:76:5d:a4:2a:cb:a3:5e:32:7b:09:d2: fe:42:07:45:88:89:4a:38:5f:af:9c:5d:1c:d5:e4: 8e:27:16:ca:0f:5b:83:67:49:4d:de:b9:43:59:52: ed:27:aa:d4:3c:f4:49:af:32:6c:f7:e9:bf:6c:51: e2:83:99:41:22:84:37:e9:a9:0e:20:13:f6:47:c9: 1d:eb:14:c5:7e:6d:bd:70:f9:a7:1a:e0:83:7a:1c: 34:6a:d5:7a:9f:6d:32:f7:16:13:52:9f:07:85:e2: 06:18:c2:6f:d7:65:12:1e:1c:6f:f3:c1:d2:24:47: 51:ea:91:ef:34:51:16:bf:05:d0:ed:44:af:a9:b8: 70:fe:6f:03:c5:4b:fe:c6:3f:a2:d3:5d:89:66:f4: 8b:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:77:93:14:7B:2C:76:94:64:7E:9F:75:EC:7B:D1:F6:9A:74:92:73 X509v3 Authority Key Identifier: keyid:FB:70:DE:84:0F:D6:BF:4B:0A:FD:12:74:E4:4E:FD:1B:86:65:76:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3DehA_Wv0sK_RJ05E79G4Zldiw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/kneTFHssdpRkfp917HvR9pp0knM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/9a3eac-f862-4789-ac21-d9444a3d0ce0/1/1-3DehA_Wv0sK_RJ05E79G4Zldiw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.254.111.0/24 IPv6: 2a11:c900::/29 Signature Algorithm: sha256WithRSAEncryption 97:62:8e:0c:d7:7e:18:f2:a8:80:31:12:a9:13:e1:63:3c:7b: 17:ee:d9:a3:3d:7c:46:88:15:de:6f:e3:01:ab:56:08:dc:78: 0f:2c:51:b0:ed:44:2e:2e:2a:e6:b1:e8:33:6c:cf:94:3f:47: e6:3a:69:60:a7:49:8f:7d:a0:68:5a:be:5c:85:fe:b1:a4:c4: 96:8e:ed:24:18:eb:12:57:d8:8c:07:ed:24:7a:b7:ab:e4:20: 50:96:a4:ea:7b:1f:df:1a:1c:21:f1:69:b0:4b:a8:2d:33:6f: 2b:47:ef:ce:36:8c:4e:eb:3c:cc:80:10:bb:91:04:4e:8e:dc: ac:d8:9f:46:f9:58:f4:fd:ea:5a:13:d6:bc:d3:44:3b:1d:0e: cc:65:ec:97:3c:84:16:8c:47:ed:64:86:16:5d:cd:a0:e7:32: d1:09:b5:8c:b0:eb:34:29:c6:95:86:4b:5f:3b:6c:31:15:80: 06:b1:ea:56:44:2b:b5:f2:41:9e:32:c0:10:e6:6c:56:d2:c9: 9e:02:fd:0b:e6:86:5f:66:45:65:d8:fa:13:93:69:ee:cf:e8: d8:0e:59:52:40:be:b0:2c:23:3f:4f:d4:72:69:93:09:ca:a8: 2c:b0:06:ee:10:9b:65:8a:54:1d:39:f3:2b:2b:b6:a5:45:6f: 7c:a9:73:95 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/E7tJ+taI0+b8c+QxAMVZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZiNzBkZTg0MGZkNmJmNGIwYWZkMTI3NGU0NGVmZDFiODY2 NTc2MmMwHhcNMjYwMTAyMTQxOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Mjc3OTMxNDdiMmM3Njk0NjQ3ZTlmNzVlYzdiZDFmNjlhNzQ5MjczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQFxDbMGzxHOM6z/G8nzVxT0+23/ qWrSXYzL2Ovy+iaGQIhfjZFoopZ/NM8+sdLqmgSazSRv/q3FjPrRfT49ibBsUn/O 8y6BqXNd32WWeCI6g/CiR+x4FMPhz+3OMqhKhCEHm1wVPEar7MZNdl2kKsujXjJ7 CdL+QgdFiIlKOF+vnF0c1eSOJxbKD1uDZ0lN3rlDWVLtJ6rUPPRJrzJs9+m/bFHi g5lBIoQ36akOIBP2R8kd6xTFfm29cPmnGuCDehw0atV6n20y9xYTUp8HheIGGMJv 12USHhxv88HSJEdR6pHvNFEWvwXQ7USvqbhw/m8DxUv+xj+i012JZvSLiQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFJJ3kxR7LHaUZH6fdex70faadJJzMB8GA1UdIwQY MBaAFPtw3oQP1r9LCv0SdORO/RuGZXYsMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS0zRGVoQV9XdjBzS19SSjA1RTc5RzRabGRpdy5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEvOWEzZWFjLWY4NjItNDc4OS1hYzIx LWQ5NDQ0YTNkMGNlMC8xL2tuZVRGSHNzZHBSa2ZwOTE3SHZSOXBwMGtuTS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNGEvOWEzZWFjLWY4NjItNDc4OS1hYzIxLWQ5NDQ0YTNkMGNl MC8xLzEtM0RlaEFfV3Ywc0tfUkowNUU3OUc0WmxkaXcuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAAu/m8w DQQCAAIwBwMFAyoRyQAwDQYJKoZIhvcNAQELBQADggEBAJdijgzXfhjyqIAxEqkT 4WM8exfu2aM9fEaIFd5v4wGrVgjceA8sUbDtRC4uKuax6DNsz5Q/R+Y6aWCnSY99 oGhavlyF/rGkxJaO7SQY6xJX2IwH7SR6t6vkIFCWpOp7H98aHCHxabBLqC0zbytH 7842jE7rPMyAELuRBE6O3KzYn0b5WPT96loT1rzTRDsdDsxl7Jc8hBaMR+1khhZd zaDnMtEJtYyw6zQpxpWGS187bDEVgAax6lZEK7XyQZ4ywBDmbFbSyZ4C/Qvmhl9m RWXY+hOTae7P6NgOWVJAvrAsIz9P1HJpkwnKqCywBu4Qm2WKVB058ysrtqVFb3yp c5U= -----END CERTIFICATE-----Generated at Wed Jan 21 07:23:23 2026 by rpki-client