This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/AAcHQS1tIhOWG55bKe25TNFdQHQ.roa File: AAcHQS1tIhOWG55bKe25TNFdQHQ.roa (raw, json) Hash identifier: 7krRFD4vMNzkfPj2l6jOxzAtWHJOeMZBRp81r6anoMI= Subject key identifier: 00:07:07:41:2D:6D:22:13:96:1B:9E:5B:29:ED:B9:4C:D1:5D:40:74 Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4 Certificate serial: 019B77C6A1F2F23EE0508ABC5B0A41D36BBD Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/AAcHQS1tIhOWG55bKe25TNFdQHQ.roa Signing time: Thu 01 Jan 2026 04:17:44 +0000 ROA not before: Thu 01 Jan 2026 04:17:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56701 IP address blocks: 46.8.60.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:a1:f2:f2:3e:e0:50:8a:bc:5b:0a:41:d3:6b:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4 Validity Not Before: Jan 1 04:17:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=000707412d6d2213961b9e5b29edb94cd15d4074 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:c3:f5:c4:77:aa:21:70:d4:9e:f3:ea:7f:50: b5:c0:0e:e4:52:12:b3:c9:1f:1c:84:72:00:d7:a6: cc:33:3d:38:54:4e:f4:04:c2:df:90:13:fe:10:7b: a1:37:e0:97:71:e6:59:c3:8b:6f:d7:50:8c:96:3d: a1:ce:25:1e:6e:f6:9a:1f:68:6d:f6:e6:14:c3:71: 57:c8:4e:c4:c4:fc:5f:90:31:67:8b:fd:7a:42:2a: ef:e3:ff:54:a3:ff:d0:07:e0:0f:9a:c6:14:6e:e1: 1d:00:f6:56:5f:c5:79:75:28:93:45:cf:d3:79:74: 09:be:93:32:15:3c:70:3b:85:01:04:5d:6e:a6:5e: 31:f1:9e:24:c0:bc:48:a0:38:1e:52:b4:60:6f:04: 47:8d:0b:ca:61:e3:49:de:35:7e:d7:b0:83:bb:b1: 2f:0d:39:3e:36:54:5c:19:28:87:02:7a:31:74:37: 2b:b5:ef:5f:a0:cb:0b:4f:b1:0c:b9:32:e0:b5:20: cc:bd:15:8d:6b:4f:0f:b5:e1:d2:5a:c3:18:f6:b4: b7:b5:5e:f1:fb:73:06:30:1e:d6:45:01:f7:bc:61: 9b:9e:d1:3a:df:63:27:ef:45:a3:2b:f8:0c:87:95: 72:7e:28:e1:95:9e:66:f2:a5:e4:92:ec:a4:44:7a: a5:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:07:07:41:2D:6D:22:13:96:1B:9E:5B:29:ED:B9:4C:D1:5D:40:74 X509v3 Authority Key Identifier: keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/AAcHQS1tIhOWG55bKe25TNFdQHQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.8.60.0/24 Signature Algorithm: sha256WithRSAEncryption 68:63:0f:62:d5:ed:2f:6b:c5:ac:5c:32:41:d9:99:a8:ff:c9: da:de:57:c3:db:99:70:0d:bc:49:6f:d4:2d:11:99:ad:2e:c4: 93:8f:59:80:53:2c:3a:c3:fe:3e:41:6a:6d:63:4a:3a:02:6b: 9a:ea:bd:84:a4:9c:a4:2a:98:b5:24:33:8d:83:6d:f3:d2:28: e4:31:32:ee:45:5a:53:64:05:27:53:0a:08:98:04:47:87:cf: c6:4f:b3:53:66:2c:5d:21:5e:47:3b:9c:64:ef:b6:77:5d:82: af:26:ea:ed:80:b1:a0:ce:8f:43:00:cb:2c:45:9c:35:03:2a: c9:87:bc:4c:77:10:dd:52:f6:39:e0:76:8e:e7:ba:cb:5e:39: 3f:6b:c5:83:2d:88:5c:17:8c:ac:07:20:2f:69:5d:ec:c1:7d: ab:1f:65:91:30:d6:55:b9:e8:b1:83:14:ec:ab:58:e2:e9:4d: a6:8a:b6:c9:c4:f4:b3:26:d7:15:bc:aa:90:1b:09:ed:27:ad: 7a:7a:d4:7b:c5:c4:5b:e4:d3:f5:7d:0d:92:e3:21:b0:56:10: 92:1f:fa:9d:b1:4c:bc:85:0d:1c:57:0a:9b:fc:96:5e:40:50: 36:11:8b:60:f0:a1:f2:f0:89:04:ca:f8:8d:2b:f9:68:7c:37: 4c:7f:7b:14 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3xqHy8j7gUIq8WwpB02u9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0 MjAzYjQwHhcNMjYwMTAxMDQxNzQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMDA3MDc0MTJkNmQyMjEzOTYxYjllNWIyOWVkYjk0Y2QxNWQ0MDc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cP1xHeqIXDUnvPqf1C1wA7kUhKz yR8chHIA16bMMz04VE70BMLfkBP+EHuhN+CXceZZw4tv11CMlj2hziUebvaaH2ht 9uYUw3FXyE7ExPxfkDFni/16Qirv4/9Uo//QB+APmsYUbuEdAPZWX8V5dSiTRc/T eXQJvpMyFTxwO4UBBF1upl4x8Z4kwLxIoDgeUrRgbwRHjQvKYeNJ3jV+17CDu7Ev DTk+NlRcGSiHAnoxdDcrte9foMsLT7EMuTLgtSDMvRWNa08PteHSWsMY9rS3tV7x +3MGMB7WRQH3vGGbntE632Mn70WjK/gMh5VyfijhlZ5m8qXkkuykRHqlZQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAAHB0EtbSITlhueWyntuUzRXUB0MB8GA1UdIwQY MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt MTY2OTljOTZkZDVlLzEvQUFjSFFTMXRJaE9XRzU1YktlMjVUTkZkUUhRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALgg8MA0G CSqGSIb3DQEBCwUAA4IBAQBoYw9i1e0va8WsXDJB2Zmo/8na3lfD25lwDbxJb9Qt EZmtLsSTj1mAUyw6w/4+QWptY0o6Amua6r2EpJykKpi1JDONg23z0ijkMTLuRVpT ZAUnUwoImARHh8/GT7NTZixdIV5HO5xk77Z3XYKvJurtgLGgzo9DAMssRZw1AyrJ h7xMdxDdUvY54HaO57rLXjk/a8WDLYhcF4ysByAvaV3swX2rH2WRMNZVueixgxTs q1ji6U2mirbJxPSzJtcVvKqQGwntJ616etR7xcRb5NP1fQ2S4yGwVhCSH/qdsUy8 hQ0cVwqb/JZeQFA2EYtg8KHy8IkEyviNK/lofDdMf3sU -----END CERTIFICATE-----Generated at Sun Jan 25 22:41:40 2026 by rpki-client