This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/mSITfRwbb8ZHt-pwYfiXpFChSTI.roa File: mSITfRwbb8ZHt-pwYfiXpFChSTI.roa (raw, json) Hash identifier: yPx6Gi8e/gIQWjOW8YCvRrJsinN5Jn9iPGgZ1AhXq1Y= Subject key identifier: 99:22:13:7D:1C:1B:6F:C6:47:B7:EA:70:61:F8:97:A4:50:A1:49:32 Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4 Certificate serial: 019B77C6A3BFB8F2F84E0251290E058D0A85 Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/mSITfRwbb8ZHt-pwYfiXpFChSTI.roa Signing time: Thu 01 Jan 2026 04:17:45 +0000 ROA not before: Thu 01 Jan 2026 04:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57494 IP address blocks: 46.8.97.0/24 maxlen: 24 46.8.99.0/24 maxlen: 24 46.8.196.0/23 maxlen: 24 46.8.203.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 07:50:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:a3:bf:b8:f2:f8:4e:02:51:29:0e:05:8d:0a:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4 Validity Not Before: Jan 1 04:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9922137d1c1b6fc647b7ea7061f897a450a14932 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:54:40:31:f2:db:ca:4f:b6:3d:08:34:bc:ad: 75:47:ac:aa:6c:6d:88:28:65:4d:f5:33:ee:1e:98: 9e:8b:de:6d:ae:0c:90:dd:e4:21:63:3d:0c:76:90: f6:02:66:a3:00:b4:e6:e7:f6:80:60:90:49:b2:4a: 90:ec:9f:28:c1:83:c5:12:e9:af:e0:c0:d2:c8:d5: 2e:5f:84:cb:18:e7:10:e9:b9:79:e8:7e:83:97:ae: 92:2c:0c:47:b2:3f:1a:4e:c8:28:75:54:e0:16:c6: d6:08:24:a0:6b:3a:1e:68:c7:42:dd:92:64:10:96: 16:7b:09:8d:4c:45:78:b2:31:b7:4b:24:f0:79:30: db:ec:ef:11:68:85:e4:b1:12:9f:bd:c5:4d:eb:1c: c9:5e:2e:f3:ac:e0:4f:eb:07:9d:73:1d:91:d3:f1: 18:bc:95:16:2c:a2:7b:52:0e:a7:8d:58:2e:e5:82: a8:91:de:87:1e:d5:5e:b2:c5:20:40:00:54:14:65: 66:71:96:bb:fc:3b:cf:d9:d1:3a:6c:64:e6:6a:10: f0:c7:38:39:70:39:32:27:2d:39:05:35:82:e2:83: 5b:24:00:c1:f1:52:28:8d:80:5e:90:66:74:e5:1a: c6:e2:a0:ae:b7:e6:33:43:b7:12:aa:7c:ab:60:d1: a6:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:22:13:7D:1C:1B:6F:C6:47:B7:EA:70:61:F8:97:A4:50:A1:49:32 X509v3 Authority Key Identifier: keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/mSITfRwbb8ZHt-pwYfiXpFChSTI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.8.97.0/24 46.8.99.0/24 46.8.196.0/23 46.8.203.0/24 Signature Algorithm: sha256WithRSAEncryption 33:6e:99:78:a2:02:ff:89:29:37:2a:8f:3c:9d:2b:d2:13:72: 81:97:77:b4:73:6c:2e:c4:ce:7b:28:e0:51:95:c0:ff:e6:97: 05:46:92:eb:6b:ea:25:2b:84:93:ba:69:85:f1:d7:26:86:47: e7:0b:75:c8:18:da:74:03:87:c3:8a:e0:12:de:05:72:b8:66: b4:00:dc:a0:49:e9:c3:78:78:d4:00:fb:72:18:70:8d:83:ef: ef:49:a2:d3:a9:24:f4:af:dd:24:08:9e:b2:ec:6f:1c:90:08: f1:37:5c:45:f0:89:b4:0b:1d:8a:a7:02:b8:87:60:02:69:6e: 9a:d5:55:68:ec:d6:f2:0a:f2:7a:ce:10:c3:36:43:8a:cb:9c: 26:33:d3:49:fc:cb:35:18:8d:48:bb:0a:4c:fb:bb:cc:6c:d7: 2e:1f:82:b3:44:f8:f4:85:6e:a5:0e:90:b8:42:7f:6c:a3:9e: 09:4b:95:e4:c6:01:2d:ca:5a:27:96:10:e0:eb:9e:16:90:46: c5:a7:51:16:98:00:d7:ac:17:7c:ef:79:75:a9:e9:3f:a0:eb: 2a:03:9d:d3:75:0c:12:8c:0d:62:7f:d8:e9:5e:de:8e:3c:43: 7d:92:71:8c:07:a7:b4:55:16:b9:e8:e1:93:43:78:88:70:e3: 07:79:07:1a -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt3xqO/uPL4TgJRKQ4FjQqFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0 MjAzYjQwHhcNMjYwMTAxMDQxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5OTIyMTM3ZDFjMWI2ZmM2NDdiN2VhNzA2MWY4OTdhNDUwYTE0OTMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1RAMfLbyk+2PQg0vK11R6yqbG2I KGVN9TPuHpiei95trgyQ3eQhYz0MdpD2AmajALTm5/aAYJBJskqQ7J8owYPFEumv 4MDSyNUuX4TLGOcQ6bl56H6Dl66SLAxHsj8aTsgodVTgFsbWCCSgazoeaMdC3ZJk EJYWewmNTEV4sjG3SyTweTDb7O8RaIXksRKfvcVN6xzJXi7zrOBP6wedcx2R0/EY vJUWLKJ7Ug6njVgu5YKokd6HHtVessUgQABUFGVmcZa7/DvP2dE6bGTmahDwxzg5 cDkyJy05BTWC4oNbJADB8VIojYBekGZ05RrG4qCut+YzQ7cSqnyrYNGmJwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFJkiE30cG2/GR7fqcGH4l6RQoUkyMB8GA1UdIwQY MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt MTY2OTljOTZkZDVlLzEvbVNJVGZSd2JiOFpIdC1wd1lmaVhwRkNoU1RJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALghhAwQA LghjAwQBLgjEAwQALgjLMA0GCSqGSIb3DQEBCwUAA4IBAQAzbpl4ogL/iSk3Ko88 nSvSE3KBl3e0c2wuxM57KOBRlcD/5pcFRpLra+olK4STummF8dcmhkfnC3XIGNp0 A4fDiuAS3gVyuGa0ANygSenDeHjUAPtyGHCNg+/vSaLTqST0r90kCJ6y7G8ckAjx N1xF8Im0Cx2KpwK4h2ACaW6a1VVo7NbyCvJ6zhDDNkOKy5wmM9NJ/Ms1GI1IuwpM +7vMbNcuH4KzRPj0hW6lDpC4Qn9so54JS5XkxgEtylonlhDg654WkEbFp1EWmADX rBd873l1qek/oOsqA53TdQwSjA1if9jpXt6OPEN9knGMB6e0VRa56OGTQ3iIcOMH eQca -----END CERTIFICATE-----Generated at Wed Jan 21 16:56:55 2026 by rpki-client