This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/S4RQtuZRJfsn5pCSOhLo3GCLnRs.roa File: S4RQtuZRJfsn5pCSOhLo3GCLnRs.roa (raw, json) Hash identifier: J969uvOOjMxmLam91mq14STKrrErN1aKZ7dPQDpgBQo= Subject key identifier: 4B:84:50:B6:E6:51:25:FB:27:E6:90:92:3A:12:E8:DC:60:8B:9D:1B Certificate issuer: /CN=2dc291b8db6cfddf6dd2a1d55b226d49492a2705 Certificate serial: 019B7C7FF8AEA011A95F2FEC2897180B9BDB Authority key identifier: 2D:C2:91:B8:DB:6C:FD:DF:6D:D2:A1:D5:5B:22:6D:49:49:2A:27:05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/S4RQtuZRJfsn5pCSOhLo3GCLnRs.roa Signing time: Fri 02 Jan 2026 02:18:40 +0000 ROA not before: Fri 02 Jan 2026 02:18:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211393 IP address blocks: 45.9.23.0/24 maxlen: 24 193.36.4.0/22 maxlen: 22 2a0b:6dc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/LcKRuNts_d9t0qHVWyJtSUkqJwU.crl rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/LcKRuNts_d9t0qHVWyJtSUkqJwU.mft rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 14:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:f8:ae:a0:11:a9:5f:2f:ec:28:97:18:0b:9b:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2dc291b8db6cfddf6dd2a1d55b226d49492a2705 Validity Not Before: Jan 2 02:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4b8450b6e65125fb27e690923a12e8dc608b9d1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:24:37:1c:69:27:49:81:1b:60:a2:41:22:b6: a5:8e:74:ab:cf:94:dd:fb:21:07:70:6a:6b:7d:90: b6:fd:4f:eb:94:b0:4e:02:8e:40:7a:38:9b:08:40: 1c:28:a3:58:af:74:30:35:5b:1e:cd:02:40:5b:6c: 42:30:f8:8c:33:e9:f0:cd:65:1a:d8:13:bd:65:46: 87:4d:04:23:55:ef:fa:c2:ef:7d:b2:7b:55:fd:bf: 3c:6d:31:40:b2:9d:24:29:80:15:d4:52:b4:a5:86: 28:da:af:53:6a:cf:e7:f2:3f:28:a4:be:dc:b3:b5: 60:6b:de:a7:c2:13:7c:51:6c:0d:62:74:b5:fc:f7: 79:c9:e6:a9:b7:82:4f:75:93:f8:e0:5b:b2:9b:b1: f7:21:25:c7:98:53:cd:99:78:1f:1e:a3:1d:f1:27: 07:92:5e:56:7c:69:d3:23:ff:76:1c:29:2d:19:28: 37:cc:5e:72:ab:ee:85:19:a0:93:76:8c:73:0f:ac: 9e:75:91:0d:ab:78:35:a1:bf:da:db:da:39:9b:43: 87:0b:39:38:40:85:d8:05:90:b8:fd:55:69:a5:65: c7:ae:a8:c7:09:e5:ef:79:5b:15:6e:62:31:e7:2e: 33:c2:c1:4d:44:6f:25:c6:6c:2e:da:0a:6b:12:77: 77:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:84:50:B6:E6:51:25:FB:27:E6:90:92:3A:12:E8:DC:60:8B:9D:1B X509v3 Authority Key Identifier: keyid:2D:C2:91:B8:DB:6C:FD:DF:6D:D2:A1:D5:5B:22:6D:49:49:2A:27:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/S4RQtuZRJfsn5pCSOhLo3GCLnRs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/LcKRuNts_d9t0qHVWyJtSUkqJwU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.9.23.0/24 193.36.4.0/22 IPv6: 2a0b:6dc0::/29 Signature Algorithm: sha256WithRSAEncryption 36:20:15:ba:3c:e8:e4:a1:3a:c5:b7:29:23:ef:dc:b9:d4:6e: 90:bf:60:25:ec:db:fb:72:c7:21:43:75:4c:80:48:0a:8a:83: a6:9f:66:f4:02:eb:5b:ff:cb:09:3e:16:73:d0:1f:e5:6d:50: 8d:b9:16:72:b6:a9:73:ed:58:27:32:ca:47:ea:bf:4d:0b:b3: 06:b5:16:4c:11:fa:ce:fc:ed:58:e2:66:ae:3f:bb:e2:39:36: 67:c5:b9:98:f7:c4:f5:68:0b:4d:b7:64:b7:15:6b:a2:13:df: 12:d9:88:be:a8:40:c8:3c:86:23:29:6a:a1:db:bb:e3:19:19: 41:38:41:73:21:a2:de:0e:b7:73:ec:80:23:9f:35:62:11:7e: 3e:58:70:30:a5:2b:2e:85:26:3f:a9:fb:d5:45:59:4c:9f:04: 65:8f:f2:7f:50:49:bd:30:e4:a8:7c:40:7f:5d:60:19:24:90: 12:e3:a3:25:35:5a:bd:06:16:e7:ec:db:0d:f8:ec:78:69:58: 1d:0c:49:b4:84:1d:75:25:f6:af:f7:61:e1:f4:56:b6:80:bb: 73:87:3d:13:5f:29:9a:b5:56:85:ab:26:f6:e1:83:23:08:a2: b9:e1:bd:43:8b:1e:ee:19:84:fc:9c:e3:5c:ef:5b:89:e7:1e: cf:fe:a2:ea -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8f/iuoBGpXy/sKJcYC5vbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkYzI5MWI4ZGI2Y2ZkZGY2ZGQyYTFkNTViMjI2ZDQ5NDky YTI3MDUwHhcNMjYwMTAyMDIxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0Yjg0NTBiNmU2NTEyNWZiMjdlNjkwOTIzYTEyZThkYzYwOGI5ZDFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCQ3HGknSYEbYKJBIraljnSrz5Td +yEHcGprfZC2/U/rlLBOAo5AejibCEAcKKNYr3QwNVsezQJAW2xCMPiMM+nwzWUa 2BO9ZUaHTQQjVe/6wu99sntV/b88bTFAsp0kKYAV1FK0pYYo2q9Tas/n8j8opL7c s7Vga96nwhN8UWwNYnS1/Pd5yeapt4JPdZP44Fuym7H3ISXHmFPNmXgfHqMd8ScH kl5WfGnTI/92HCktGSg3zF5yq+6FGaCTdoxzD6yedZENq3g1ob/a29o5m0OHCzk4 QIXYBZC4/VVppWXHrqjHCeXveVsVbmIx5y4zwsFNRG8lxmwu2gprEnd36wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFEuEULbmUSX7J+aQkjoS6Nxgi50bMB8GA1UdIwQY MBaAFC3CkbjbbP3fbdKh1VsibUlJKicFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTGNLUnVOdHNfZDl0MHFIVld5SnRTVWtxSndVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80MWE4NDMtNzUyNC00NTViLWJlMjIt MmIxNzBlOTVjMmI3LzEvUzRSUXR1WlJKZnNuNXBDU09oTG8zR0NMblJzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NC80MWE4NDMtNzUyNC00NTViLWJlMjItMmIxNzBlOTVjMmI3 LzEvTGNLUnVOdHNfZDl0MHFIVld5SnRTVWtxSndVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALQkXAwQC wSQEMA0EAgACMAcDBQMqC23AMA0GCSqGSIb3DQEBCwUAA4IBAQA2IBW6POjkoTrF tykj79y51G6Qv2Al7Nv7cschQ3VMgEgKioOmn2b0Autb/8sJPhZz0B/lbVCNuRZy tqlz7VgnMspH6r9NC7MGtRZMEfrO/O1Y4mauP7viOTZnxbmY98T1aAtNt2S3FWui E98S2Yi+qEDIPIYjKWqh27vjGRlBOEFzIaLeDrdz7IAjnzViEX4+WHAwpSsuhSY/ qfvVRVlMnwRlj/J/UEm9MOSofEB/XWAZJJAS46MlNVq9Bhbn7NsN+Ox4aVgdDEm0 hB11Jfav92Hh9Fa2gLtzhz0TXymatVaFqyb24YMjCKK54b1Dix7uGYT8nONc71uJ 5x7P/qLq -----END CERTIFICATE-----Generated at Tue Feb 3 00:15:16 2026 by rpki-client