This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ciiTO845rVYkJe0u36j3U37TUF0.roa File: ciiTO845rVYkJe0u36j3U37TUF0.roa (raw, json) Hash identifier: WHF3T93PicO7CdUac9aA3qwdAcHEB/qjzxdATLs01z4= Subject key identifier: 72:28:93:3B:CE:39:AD:56:24:25:ED:2E:DF:A8:F7:53:7E:D3:50:5D Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467 Certificate serial: 019B7C13438DCF2C04B56B3FF436FF4F92D1 Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ciiTO845rVYkJe0u36j3U37TUF0.roa Signing time: Fri 02 Jan 2026 00:19:55 +0000 ROA not before: Fri 02 Jan 2026 00:19:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 273142 IP address blocks: 45.10.107.0/24 maxlen: 24 201.77.57.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 11:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:43:8d:cf:2c:04:b5:6b:3f:f4:36:ff:4f:92:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467 Validity Not Before: Jan 2 00:19:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7228933bce39ad562425ed2edfa8f7537ed3505d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:f5:d3:64:af:b2:af:0d:ef:4f:50:cc:e9:0b: 8d:2b:f9:ca:42:cc:10:66:67:17:7e:7b:66:d7:5c: e4:cc:1e:32:60:9a:96:39:80:03:ca:64:88:f8:88: 68:a3:3b:ee:8c:bd:a8:f7:e3:df:87:70:e9:05:82: 6e:83:b6:80:82:a2:92:1b:4b:4b:9c:d3:4e:0b:35: eb:2f:3d:12:77:6d:7d:69:d6:88:f6:78:3f:f2:82: a2:f5:14:e0:4f:2d:aa:35:25:8e:57:a1:87:50:68: d9:8f:c3:72:b9:98:e2:e5:73:3a:7e:b6:ff:fa:5f: 68:fa:72:9c:ae:62:4a:eb:b6:5b:af:db:81:79:85: af:9e:b2:e1:19:70:e2:b4:6f:f5:71:f3:8c:dc:e6: 70:cc:99:d1:ea:c5:4c:fe:cd:0f:54:94:0a:f0:d4: f2:5a:7c:c7:32:20:29:98:42:64:9b:c5:a9:ae:31: d7:f5:99:e6:1b:49:57:b9:29:ef:95:ae:77:bb:6a: 2f:2f:07:55:32:34:25:1c:96:88:70:74:82:53:c9: ad:03:34:cf:86:73:e4:bb:e5:23:3f:78:f0:57:4d: 10:dd:ec:57:fb:8d:e2:0e:1a:08:e7:d9:89:a9:51: ab:70:25:2c:c1:a1:5a:e9:64:d0:4c:0f:36:ce:75: 91:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:28:93:3B:CE:39:AD:56:24:25:ED:2E:DF:A8:F7:53:7E:D3:50:5D X509v3 Authority Key Identifier: keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ciiTO845rVYkJe0u36j3U37TUF0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.10.107.0/24 201.77.57.0/24 Signature Algorithm: sha256WithRSAEncryption 26:6a:be:6d:b9:21:63:26:a1:08:5d:ba:77:b2:00:2f:8e:61: d4:b9:e5:de:56:d0:db:83:45:af:a6:56:a0:45:43:84:c0:02: 83:c9:c3:4f:4b:7d:40:a6:0b:ed:85:12:a3:d3:56:2d:c7:99: c9:3b:ca:23:bc:82:e6:27:9b:25:6e:94:c4:b5:08:40:f7:81: d4:c3:f8:fb:92:9e:b6:d3:e7:85:ac:34:29:29:72:17:15:19: 4f:28:b0:7b:18:ea:c1:d8:6a:59:29:28:cc:19:3f:30:d3:af: 80:9f:69:32:38:24:3f:d5:5c:a5:aa:cf:e1:32:7c:b8:db:c8: a9:ac:37:4d:90:6e:2c:57:3b:cf:05:4d:8e:c9:79:67:08:c5: 44:a8:3d:98:01:f3:7f:90:ee:97:e0:66:49:b8:b1:48:c1:08: fc:a0:e2:cc:94:1f:d7:96:fb:95:c4:d9:9b:30:4d:e7:0e:9e: fb:d4:6a:16:4a:a0:e9:c8:b9:f0:0d:d6:ac:fe:f2:ce:6a:e7: af:9b:ee:8f:9b:e4:9c:58:56:bc:b8:8b:4b:55:04:0c:0b:1c: 14:2f:4b:ea:0f:5a:86:1c:e9:8c:1a:d4:2b:91:b5:71:a2:22: c3:af:2e:a1:e0:3c:f2:37:c2:d4:69:14:70:c2:1e:83:90:e2: 85:a5:d9:13 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8E0ONzywEtWs/9Db/T5LRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy N2E0NjcwHhcNMjYwMTAyMDAxOTU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MjI4OTMzYmNlMzlhZDU2MjQyNWVkMmVkZmE4Zjc1MzdlZDM1MDVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/XTZK+yrw3vT1DM6QuNK/nKQswQ ZmcXfntm11zkzB4yYJqWOYADymSI+IhoozvujL2o9+Pfh3DpBYJug7aAgqKSG0tL nNNOCzXrLz0Sd219adaI9ng/8oKi9RTgTy2qNSWOV6GHUGjZj8NyuZji5XM6frb/ +l9o+nKcrmJK67Zbr9uBeYWvnrLhGXDitG/1cfOM3OZwzJnR6sVM/s0PVJQK8NTy WnzHMiApmEJkm8WprjHX9ZnmG0lXuSnvla53u2ovLwdVMjQlHJaIcHSCU8mtAzTP hnPku+UjP3jwV00Q3exX+43iDhoI59mJqVGrcCUswaFa6WTQTA82znWRAwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHIokzvOOa1WJCXtLt+o91N+01BdMB8GA1UdIwQY MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt Y2Q3ZTA2Y2JiNTMxLzEvY2lpVE84NDVyVllrSmUwdTM2ajNVMzdUVUYwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQprAwQA yU05MA0GCSqGSIb3DQEBCwUAA4IBAQAmar5tuSFjJqEIXbp3sgAvjmHUueXeVtDb g0WvplagRUOEwAKDycNPS31ApgvthRKj01Ytx5nJO8ojvILmJ5slbpTEtQhA94HU w/j7kp620+eFrDQpKXIXFRlPKLB7GOrB2GpZKSjMGT8w06+An2kyOCQ/1Vylqs/h Mny428iprDdNkG4sVzvPBU2OyXlnCMVEqD2YAfN/kO6X4GZJuLFIwQj8oOLMlB/X lvuVxNmbME3nDp771GoWSqDpyLnwDdas/vLOauevm+6Pm+ScWFa8uItLVQQMCxwU L0vqD1qGHOmMGtQrkbVxoiLDry6h4DzyN8LUaRRwwh6DkOKFpdkT -----END CERTIFICATE-----Generated at Fri Jan 23 21:38:23 2026 by rpki-client