This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/g4xjb4e47FjJKWJTrcOzbEKGcYM.roa File: g4xjb4e47FjJKWJTrcOzbEKGcYM.roa (raw, json) Hash identifier: Vadq8UA+c7ZsdSe4j5kxXAgAyPf++4Wc9tdJZHjBAKg= Subject key identifier: 83:8C:63:6F:87:B8:EC:58:C9:29:62:53:AD:C3:B3:6C:42:86:71:83 Certificate issuer: /CN=29197bc7330ea99900f4fc91033a3317e56f75e2 Certificate serial: 019B7A5B6455DAECA0FE66D1DE8BD5F6D834 Authority key identifier: 29:19:7B:C7:33:0E:A9:99:00:F4:FC:91:03:3A:33:17:E5:6F:75:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRl7xzMOqZkA9PyRAzozF-VvdeI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/g4xjb4e47FjJKWJTrcOzbEKGcYM.roa Signing time: Thu 01 Jan 2026 16:19:28 +0000 ROA not before: Thu 01 Jan 2026 16:19:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208319 IP address blocks: 45.128.88.0/22 maxlen: 22 45.128.88.0/24 maxlen: 24 45.128.89.0/24 maxlen: 24 45.128.90.0/24 maxlen: 24 45.128.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/KRl7xzMOqZkA9PyRAzozF-VvdeI.crl rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/KRl7xzMOqZkA9PyRAzozF-VvdeI.mft rsync://rpki.ripe.net/repository/DEFAULT/KRl7xzMOqZkA9PyRAzozF-VvdeI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:64:55:da:ec:a0:fe:66:d1:de:8b:d5:f6:d8:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29197bc7330ea99900f4fc91033a3317e56f75e2 Validity Not Before: Jan 1 16:19:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=838c636f87b8ec58c9296253adc3b36c42867183 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:31:39:9a:1b:26:b3:50:4f:27:3e:cb:00:7c: bf:a6:6b:a8:92:b0:54:58:bd:31:ea:f9:9c:c0:16: 1d:15:a5:ea:4f:73:f1:1b:a0:77:02:04:d0:04:bb: bb:9b:82:90:90:5a:a0:d5:6b:ba:d0:8c:a1:e2:32: 92:ca:ba:71:ed:89:95:e4:82:2c:ed:97:9e:5f:4a: 8e:84:7f:5f:a3:43:bc:2b:34:f3:e4:18:37:22:fa: 94:44:30:89:74:8d:c0:8a:34:ab:f2:db:6c:58:73: 65:bf:4d:b9:1b:c5:37:56:d0:e3:79:d9:eb:05:df: 2e:91:5d:e8:dd:42:9d:5c:ef:9e:33:cc:ea:d9:e3: 25:4e:1e:d1:52:0c:ef:d5:91:95:65:9e:30:39:d2: 53:14:81:57:9d:91:8c:48:40:db:3d:ba:bc:82:27: 67:6c:f0:ca:f3:a2:e4:27:f8:5c:12:af:00:77:ff: 2d:46:31:ce:db:06:33:4b:7a:fa:32:8d:05:52:b4: f2:9e:7f:cb:94:ae:2d:91:35:15:7d:36:96:58:7e: 5a:93:27:f2:3b:af:f9:f6:2d:b2:e3:75:1d:ac:a3: cd:8a:4f:55:f1:af:42:f0:78:e6:e1:2a:69:9b:86: da:a9:65:ea:25:2c:5c:ed:8c:c1:15:5c:1b:86:6b: 39:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:8C:63:6F:87:B8:EC:58:C9:29:62:53:AD:C3:B3:6C:42:86:71:83 X509v3 Authority Key Identifier: keyid:29:19:7B:C7:33:0E:A9:99:00:F4:FC:91:03:3A:33:17:E5:6F:75:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRl7xzMOqZkA9PyRAzozF-VvdeI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/g4xjb4e47FjJKWJTrcOzbEKGcYM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1043a7-b276-40dc-9f67-35004af5c935/1/KRl7xzMOqZkA9PyRAzozF-VvdeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.128.88.0/22 Signature Algorithm: sha256WithRSAEncryption 25:6b:b1:ec:c1:01:71:3b:a5:02:1e:b7:76:7e:5d:cf:2b:d9: c8:2d:d9:7c:27:26:7f:10:5f:33:14:cc:8d:5a:e3:4e:10:49: f2:a8:cd:b0:6a:f9:4c:d4:2e:a1:a3:d3:94:00:6f:be:b2:75: 26:9a:53:6a:20:7f:fa:48:2b:32:36:75:50:18:42:98:fe:ec: 31:72:58:85:ae:23:f8:15:3e:5e:4d:07:ba:6b:f1:66:2f:7c: 7d:72:a1:29:7b:73:a0:c5:d1:23:3e:d4:e3:b0:af:9a:9a:7d: 7c:37:d3:2f:99:16:e6:00:70:29:84:62:2c:b9:d6:d9:3d:84: d8:06:46:fa:5e:b2:5f:5b:b7:35:06:23:91:fe:0a:c2:ba:ee: d3:7e:62:84:15:83:92:4c:e2:27:57:fe:6c:50:90:e4:fc:b2: c7:be:86:0c:be:38:4d:66:95:15:23:d1:2f:d5:61:d1:a6:55: 5e:98:db:57:8d:d1:22:ea:92:67:05:29:bd:e6:05:ec:51:47: a8:28:46:fa:33:b3:66:40:d7:e4:ef:2a:8f:f7:23:29:2e:4d: c1:fb:91:a1:ef:9d:58:1b:d7:a0:7a:ae:b5:6f:a9:f5:a6:f0: cf:4f:a4:1b:ce:e4:e2:ff:88:04:e0:bf:69:22:89:92:cb:f4: b8:f3:05:27 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6W2RV2uyg/mbR3ovV9tg0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MTk3YmM3MzMwZWE5OTkwMGY0ZmM5MTAzM2EzMzE3ZTU2 Zjc1ZTIwHhcNMjYwMTAxMTYxOTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MzhjNjM2Zjg3YjhlYzU4YzkyOTYyNTNhZGMzYjM2YzQyODY3MTgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTE5mhsms1BPJz7LAHy/pmuokrBU WL0x6vmcwBYdFaXqT3PxG6B3AgTQBLu7m4KQkFqg1Wu60Iyh4jKSyrpx7YmV5IIs 7ZeeX0qOhH9fo0O8KzTz5Bg3IvqURDCJdI3AijSr8ttsWHNlv025G8U3VtDjednr Bd8ukV3o3UKdXO+eM8zq2eMlTh7RUgzv1ZGVZZ4wOdJTFIFXnZGMSEDbPbq8gidn bPDK86LkJ/hcEq8Ad/8tRjHO2wYzS3r6Mo0FUrTynn/LlK4tkTUVfTaWWH5akyfy O6/59i2y43UdrKPNik9V8a9C8Hjm4Sppm4baqWXqJSxc7YzBFVwbhms5ewIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIOMY2+HuOxYySliU63Ds2xChnGDMB8GA1UdIwQY MBaAFCkZe8czDqmZAPT8kQM6Mxflb3XiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1JsN3h6TU9xWmtBOVB5UkF6b3pGLVZ2ZGVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xMDQzYTctYjI3Ni00MGRjLTlmNjct MzUwMDRhZjVjOTM1LzEvZzR4amI0ZTQ3RmpKS1dKVHJjT3piRUtHY1lNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS8xMDQzYTctYjI3Ni00MGRjLTlmNjctMzUwMDRhZjVjOTM1 LzEvS1JsN3h6TU9xWmtBOVB5UkF6b3pGLVZ2ZGVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLYBYMA0G CSqGSIb3DQEBCwUAA4IBAQAla7HswQFxO6UCHrd2fl3PK9nILdl8JyZ/EF8zFMyN WuNOEEnyqM2wavlM1C6ho9OUAG++snUmmlNqIH/6SCsyNnVQGEKY/uwxcliFriP4 FT5eTQe6a/FmL3x9cqEpe3OgxdEjPtTjsK+amn18N9MvmRbmAHAphGIsudbZPYTY Bkb6XrJfW7c1BiOR/grCuu7TfmKEFYOSTOInV/5sUJDk/LLHvoYMvjhNZpUVI9Ev 1WHRplVemNtXjdEi6pJnBSm95gXsUUeoKEb6M7NmQNfk7yqP9yMpLk3B+5Gh751Y G9egeq61b6n1pvDPT6QbzuTi/4gE4L9pIomSy/S48wUn -----END CERTIFICATE-----Generated at Mon Feb 9 18:21:44 2026 by rpki-client