This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/pBq3W9xPZuycWXuqkD961L-mWtw.roa File: pBq3W9xPZuycWXuqkD961L-mWtw.roa (raw, json) Hash identifier: UcttI+nS2NhvK4pCjq/sa+PPYwZRzwG7hdOjojDGC14= Subject key identifier: A4:1A:B7:5B:DC:4F:66:EC:9C:59:7B:AA:90:3F:7A:D4:BF:A6:5A:DC Certificate issuer: /CN=894928a39627cd5ee5f975bd897c2d775ab29940 Certificate serial: 019B7CEE4BE8B17C33020F1F9C3688CC0202 Authority key identifier: 89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/pBq3W9xPZuycWXuqkD961L-mWtw.roa Signing time: Fri 02 Jan 2026 04:19:10 +0000 ROA not before: Fri 02 Jan 2026 04:19:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 134854 IP address blocks: 192.48.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.crl rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.mft rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:4b:e8:b1:7c:33:02:0f:1f:9c:36:88:cc:02:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=894928a39627cd5ee5f975bd897c2d775ab29940 Validity Not Before: Jan 2 04:19:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a41ab75bdc4f66ec9c597baa903f7ad4bfa65adc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:6b:a0:f7:b1:90:e6:ad:b5:16:ff:47:e8:86: 28:bb:e5:79:d2:7b:ea:01:bc:5b:8a:0b:4a:83:10: 03:11:d2:8e:32:bc:d4:c8:04:2a:9f:cb:70:d8:ec: 28:1c:92:b4:68:66:c3:20:9a:93:54:fc:ae:2e:48: d6:c8:6d:6d:d1:f2:b8:4f:a5:5d:66:5b:b9:61:ac: df:54:d8:63:ed:cd:fc:b7:42:3a:4d:44:cc:6b:fd: 87:88:c2:e8:1d:9f:2e:c6:03:f4:5d:c9:a9:db:a7: de:3a:30:65:55:8d:4f:c8:ad:e3:db:f5:7b:5d:7d: be:d3:75:2c:38:be:2a:9e:12:70:6e:a0:b0:d6:30: f8:cf:f9:53:ed:48:d6:e4:0c:ad:b4:58:0f:18:2e: af:60:ad:ae:0a:21:c0:57:6e:e6:20:53:59:93:cd: 1b:f6:ba:46:fb:b4:57:6f:14:3b:37:c6:af:32:2f: 89:81:29:6a:00:37:2c:93:d7:f9:b4:05:c5:13:33: 1a:28:58:78:28:16:de:2f:2e:de:e4:62:0b:39:e4: 67:72:6d:db:40:e6:e1:7b:ee:a7:8c:40:31:99:e8: e6:1f:01:b4:a2:7f:7b:d1:b0:f4:2d:9b:d0:fc:84: 25:42:6c:1d:37:6f:ca:ad:21:bd:60:c2:c1:21:16: ef:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:1A:B7:5B:DC:4F:66:EC:9C:59:7B:AA:90:3F:7A:D4:BF:A6:5A:DC X509v3 Authority Key Identifier: keyid:89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/pBq3W9xPZuycWXuqkD961L-mWtw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.48.31.0/24 Signature Algorithm: sha256WithRSAEncryption aa:86:43:18:2d:6f:3b:8b:4c:b8:26:09:ab:77:f8:04:2f:be: a2:ac:df:0e:e2:16:55:d3:48:6d:f5:59:01:ab:a2:56:b9:7d: 0f:de:98:6e:53:e6:44:42:57:54:2f:fd:ff:0b:ae:e7:12:ba: 72:99:26:cb:2b:5d:f4:f0:0f:c0:2b:61:18:6e:16:bb:50:ff: 30:a8:d5:54:e2:1d:89:4d:71:d1:bc:97:b4:f0:48:29:8f:ed: 7f:38:bb:8d:dc:11:82:65:9f:9b:52:17:a9:b9:8c:7e:46:7b: e7:40:2d:15:49:5b:d6:f0:db:44:aa:25:0f:27:2b:6e:1a:47: 3f:cc:36:ec:6e:9c:62:47:af:ac:ef:24:d6:1e:e2:c9:b9:2a: ee:d1:f7:5f:ad:41:a0:2f:4d:ab:fa:cc:74:74:07:45:49:a1: ed:7b:6f:37:8a:75:40:4a:70:8e:d1:58:6a:d3:94:5a:6c:44: b6:09:d6:66:0c:be:e0:3a:31:92:61:24:6e:17:42:40:20:b8: 22:8a:77:56:42:05:9d:2c:ea:8b:0f:37:79:58:43:ab:91:44: 78:18:be:3d:78:0c:cb:24:77:d5:6d:fa:92:c7:05:5a:ba:0e: 3c:18:f0:77:57:cb:dc:1c:1d:89:5f:f3:3b:ac:48:e2:55:d9: 63:f2:8b:f8 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87kvosXwzAg8fnDaIzAICMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5NDkyOGEzOTYyN2NkNWVlNWY5NzViZDg5N2MyZDc3NWFi Mjk5NDAwHhcNMjYwMTAyMDQxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNDFhYjc1YmRjNGY2NmVjOWM1OTdiYWE5MDNmN2FkNGJmYTY1YWRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmug97GQ5q21Fv9H6IYou+V50nvq AbxbigtKgxADEdKOMrzUyAQqn8tw2OwoHJK0aGbDIJqTVPyuLkjWyG1t0fK4T6Vd Zlu5YazfVNhj7c38t0I6TUTMa/2HiMLoHZ8uxgP0Xcmp26feOjBlVY1PyK3j2/V7 XX2+03UsOL4qnhJwbqCw1jD4z/lT7UjW5AyttFgPGC6vYK2uCiHAV27mIFNZk80b 9rpG+7RXbxQ7N8avMi+JgSlqADcsk9f5tAXFEzMaKFh4KBbeLy7e5GILOeRncm3b QObhe+6njEAxmejmHwG0on970bD0LZvQ/IQlQmwdN2/KrSG9YMLBIRbvkQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKQat1vcT2bsnFl7qpA/etS/plrcMB8GA1UdIwQY MBaAFIlJKKOWJ81e5fl1vYl8LXdasplAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEt MTU5M2Q0MDQ1Y2JjLzEvcEJxM1c5eFBadXljV1h1cWtEOTYxTC1tV3R3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEtMTU5M2Q0MDQ1Y2Jj LzEvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwDAfMA0G CSqGSIb3DQEBCwUAA4IBAQCqhkMYLW87i0y4Jgmrd/gEL76irN8O4hZV00ht9VkB q6JWuX0P3phuU+ZEQldUL/3/C67nErpymSbLK1308A/AK2EYbha7UP8wqNVU4h2J TXHRvJe08Egpj+1/OLuN3BGCZZ+bUhepuYx+RnvnQC0VSVvW8NtEqiUPJytuGkc/ zDbsbpxiR6+s7yTWHuLJuSru0fdfrUGgL02r+sx0dAdFSaHte283inVASnCO0Vhq 05RabES2CdZmDL7gOjGSYSRuF0JAILgiindWQgWdLOqLDzd5WEOrkUR4GL49eAzL JHfVbfqSxwVaug48GPB3V8vcHB2JX/M7rEjiVdlj8ov4 -----END CERTIFICATE-----Generated at Tue Jan 20 02:57:49 2026 by rpki-client