This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4tAI9NJYthjVo2sd_V-zxA6az80.roa File: 4tAI9NJYthjVo2sd_V-zxA6az80.roa (raw, json) Hash identifier: EYLR8chMId91oS5nV9uTVdfuZa95j3g5dBI5/cVaQvc= Subject key identifier: E2:D0:08:F4:D2:58:B6:18:D5:A3:6B:1D:FD:5F:B3:C4:0E:9A:CF:CD Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467 Certificate serial: 019B7C134101002A586F10E5DA65B5E5986C Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4tAI9NJYthjVo2sd_V-zxA6az80.roa Signing time: Fri 02 Jan 2026 00:19:55 +0000 ROA not before: Fri 02 Jan 2026 00:19:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 272939 IP address blocks: 171.22.166.0/23 maxlen: 23 171.22.166.0/24 maxlen: 24 171.22.167.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 11:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:41:01:00:2a:58:6f:10:e5:da:65:b5:e5:98:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467 Validity Not Before: Jan 2 00:19:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e2d008f4d258b618d5a36b1dfd5fb3c40e9acfcd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:09:30:e7:47:c8:5e:32:3a:37:71:e0:dc:0f: 74:cc:71:00:f5:5f:b9:ef:6f:ed:b9:1d:36:4a:1c: 27:5b:f3:09:11:b6:e7:58:34:e0:81:ee:c0:c7:14: 3d:bf:d4:8e:10:5e:d7:42:09:bb:28:5b:29:2a:8d: a4:a0:8d:12:c4:71:d1:02:28:a4:d1:84:5b:22:dd: 1e:de:a8:ca:02:f8:b2:38:13:71:63:0a:f2:39:12: 91:11:08:23:2b:6e:36:f3:bc:18:41:d2:4e:68:21: f1:80:ab:29:d2:97:ec:dd:44:22:18:5f:ee:29:8a: 4a:d0:e2:ca:ce:71:60:7e:b6:c4:57:d9:81:c3:d5: da:fb:cd:39:7e:8a:4d:27:19:e3:c6:56:b9:ae:5c: dd:b6:c2:ce:39:2d:4e:2b:39:2b:02:f4:43:e8:86: 42:42:32:fe:c0:8b:37:aa:07:38:b9:75:0a:a6:1c: 0f:7a:5e:3e:1c:c8:87:a0:05:f8:c1:c0:5a:c4:17: 32:68:1e:bf:f1:00:2c:ef:61:50:c2:be:f5:58:7c: 02:21:6e:9e:a1:25:7a:46:2a:02:88:8f:10:60:8d: 00:1d:28:4b:fc:4c:00:ce:3f:3f:03:18:4d:a6:77: 0c:15:df:00:64:ba:3f:f2:12:f1:b5:5e:03:a4:d6: 43:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:D0:08:F4:D2:58:B6:18:D5:A3:6B:1D:FD:5F:B3:C4:0E:9A:CF:CD X509v3 Authority Key Identifier: keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4tAI9NJYthjVo2sd_V-zxA6az80.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 171.22.166.0/23 Signature Algorithm: sha256WithRSAEncryption 12:09:9a:ef:19:ad:e1:71:7e:d0:19:ff:fe:5c:13:63:05:41: 46:90:20:68:e7:4e:35:e2:57:20:b7:05:41:06:22:25:55:ee: 97:14:2b:ec:5b:b5:c8:d4:2e:36:9f:5c:b1:e0:66:54:60:51: 4d:a5:81:7b:5c:ca:20:fa:40:49:31:70:c3:b3:3a:7a:5f:c9: a1:63:96:e2:2c:84:b2:5e:a5:18:e7:2c:95:09:3b:30:86:8d: 90:d9:99:d2:26:c8:9d:84:ae:7b:8d:f8:e6:9a:26:f9:4c:4a: a2:e2:3b:0c:ef:2f:a0:59:10:56:a1:f3:54:1e:cb:26:2c:94: f0:d9:5b:a3:8d:da:ba:b2:62:09:f7:e5:f8:70:f7:93:cd:a9: c3:a8:04:0b:bc:77:0c:72:76:ce:23:95:db:ff:cc:e9:98:41: a0:ba:b9:b7:22:77:78:c1:6f:76:fe:f8:f8:99:35:3a:66:e7: f8:c3:3a:b4:54:8c:f8:4a:f8:74:bc:8f:56:4a:77:57:89:d3: 20:e0:77:15:5f:6d:9a:07:e9:7b:64:96:af:83:fc:57:fa:45: 14:81:21:e7:81:52:f3:5c:96:88:d1:67:05:b8:68:e7:fb:d9: 54:88:e5:d5:e7:99:6e:79:ef:eb:b5:cd:6b:48:d6:48:85:26: c1:6e:aa:43 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8E0EBACpYbxDl2mW15ZhsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy N2E0NjcwHhcNMjYwMTAyMDAxOTU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMmQwMDhmNGQyNThiNjE4ZDVhMzZiMWRmZDVmYjNjNDBlOWFjZmNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQkw50fIXjI6N3Hg3A90zHEA9V+5 72/tuR02ShwnW/MJEbbnWDTgge7AxxQ9v9SOEF7XQgm7KFspKo2koI0SxHHRAiik 0YRbIt0e3qjKAviyOBNxYwryORKREQgjK24287wYQdJOaCHxgKsp0pfs3UQiGF/u KYpK0OLKznFgfrbEV9mBw9Xa+805fopNJxnjxla5rlzdtsLOOS1OKzkrAvRD6IZC QjL+wIs3qgc4uXUKphwPel4+HMiHoAX4wcBaxBcyaB6/8QAs72FQwr71WHwCIW6e oSV6RioCiI8QYI0AHShL/EwAzj8/AxhNpncMFd8AZLo/8hLxtV4DpNZDlwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOLQCPTSWLYY1aNrHf1fs8QOms/NMB8GA1UdIwQY MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt Y2Q3ZTA2Y2JiNTMxLzEvNHRBSTlOSll0aGpWbzJzZF9WLXp4QTZhejgwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBqxamMA0G CSqGSIb3DQEBCwUAA4IBAQASCZrvGa3hcX7QGf/+XBNjBUFGkCBo50414lcgtwVB BiIlVe6XFCvsW7XI1C42n1yx4GZUYFFNpYF7XMog+kBJMXDDszp6X8mhY5biLISy XqUY5yyVCTswho2Q2ZnSJsidhK57jfjmmib5TEqi4jsM7y+gWRBWofNUHssmLJTw 2Vujjdq6smIJ9+X4cPeTzanDqAQLvHcMcnbOI5Xb/8zpmEGgurm3Ind4wW92/vj4 mTU6Zuf4wzq0VIz4Svh0vI9WSndXidMg4HcVX22aB+l7ZJavg/xX+kUUgSHngVLz XJaI0WcFuGjn+9lUiOXV55luee/rtc1rSNZIhSbBbqpD -----END CERTIFICATE-----Generated at Fri Jan 23 21:37:19 2026 by rpki-client