This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4hcFzCzT3OL8yvj-Mh_RTbobPpQ.roa File: 4hcFzCzT3OL8yvj-Mh_RTbobPpQ.roa (raw, json) Hash identifier: 3AoPfJGpuPWXC9ZPNvKyKnpjelwhCGVwgJMsuM1yV+Q= Subject key identifier: E2:17:05:CC:2C:D3:DC:E2:FC:CA:F8:FE:32:1F:D1:4D:BA:1B:3E:94 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5AB5594C94AB54EED4D409001575C2 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4hcFzCzT3OL8yvj-Mh_RTbobPpQ.roa Signing time: Thu 01 Jan 2026 16:18:43 +0000 ROA not before: Thu 01 Jan 2026 16:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197537 IP address blocks: 109.176.203.0/24 maxlen: 24 109.176.230.0/24 maxlen: 24 213.218.247.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 04:45:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:b5:59:4c:94:ab:54:ee:d4:d4:09:00:15:75:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e21705cc2cd3dce2fccaf8fe321fd14dba1b3e94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:4a:9c:58:30:db:aa:c7:b0:8e:ac:3a:67:5e: a6:ce:bc:cb:d3:97:d9:3c:24:61:fc:f2:b7:65:a3: 41:cf:5c:82:e7:1c:0f:46:e8:1f:08:39:c5:18:88: f2:e0:75:36:5c:88:f4:44:fa:68:e3:84:1c:8c:38: e6:0b:ac:07:3d:63:2b:b2:c7:e8:62:12:52:5d:6f: 9c:16:b1:c2:81:f3:0b:6e:c2:88:a9:05:9b:11:22: f0:cb:6c:9e:cb:03:6b:9b:54:b3:28:f3:1b:f7:6d: 9c:e8:b3:7b:a0:0d:08:32:1d:07:1f:c8:13:e5:62: 3c:b0:22:3d:a7:8c:9b:33:1c:97:8f:b5:bc:95:12: 8e:f4:51:d2:c5:78:28:8b:ea:50:5f:11:be:c7:68: 59:22:f0:66:97:60:da:85:1e:19:94:21:5a:44:f1: fc:bd:92:d2:10:b0:98:c4:64:23:a7:2e:08:7d:c0: 16:d5:05:f0:67:83:6e:0d:5f:82:ad:03:07:5a:2d: 85:a3:7f:a0:8a:e2:1b:7a:1a:12:91:8e:0b:72:22: 04:13:0b:9b:0c:bf:8a:86:53:79:85:68:b1:5a:54: dc:4b:d3:57:23:c4:48:87:64:8d:20:64:76:67:cb: 93:bc:dd:eb:16:c7:07:be:20:0e:d7:36:5c:06:e7: 87:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:17:05:CC:2C:D3:DC:E2:FC:CA:F8:FE:32:1F:D1:4D:BA:1B:3E:94 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/4hcFzCzT3OL8yvj-Mh_RTbobPpQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.176.203.0/24 109.176.230.0/24 213.218.247.0/24 Signature Algorithm: sha256WithRSAEncryption 54:d6:2a:8c:e7:96:ad:ba:51:e4:4f:b7:66:98:18:00:7b:25: 0f:01:34:7f:d5:68:d3:11:28:22:30:05:70:e9:ff:ac:76:84: 0f:6d:56:3c:90:b3:a7:5d:e3:d5:5c:1d:ef:3b:b7:1c:d3:b7: 33:a0:53:cf:8d:18:37:20:20:6c:ed:0d:0f:90:0d:39:71:56: d1:14:11:48:d9:17:f5:3c:90:cd:7e:c9:e0:ef:2b:01:e3:7f: 8b:73:6f:d8:64:74:14:c1:56:66:16:a9:6e:ac:8e:ee:43:19: 9a:6e:81:27:60:48:7d:5a:0b:14:85:98:73:f1:c9:28:eb:14: c1:97:65:3c:73:bf:48:56:ba:5e:dc:a5:f5:24:bc:fb:a7:f7: 8f:90:87:2d:fc:e0:4b:fa:de:21:dc:95:b8:7b:1b:c8:0b:a1: 43:f1:dd:59:2a:0a:bf:2b:5b:e2:ed:c1:6c:77:d6:f8:5b:bd: c0:73:4a:56:47:d8:af:bb:7a:8d:04:73:ee:01:9f:b2:30:33: 05:19:02:51:e0:3c:81:e5:f3:2d:a8:67:8f:ec:4c:dc:d6:1d: 20:0c:12:bf:01:8c:86:3d:83:9b:a0:b7:fd:08:77:56:a7:c2: 60:5a:9b:19:55:0a:75:09:88:5d:59:2b:1d:ee:57:b9:3e:80: 59:f6:c8:1d -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt6WrVZTJSrVO7U1AkAFXXCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMjE3MDVjYzJjZDNkY2UyZmNjYWY4ZmUzMjFmZDE0ZGJhMWIzZTk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUqcWDDbqsewjqw6Z16mzrzL05fZ PCRh/PK3ZaNBz1yC5xwPRugfCDnFGIjy4HU2XIj0RPpo44QcjDjmC6wHPWMrssfo YhJSXW+cFrHCgfMLbsKIqQWbESLwy2yeywNrm1SzKPMb922c6LN7oA0IMh0HH8gT 5WI8sCI9p4ybMxyXj7W8lRKO9FHSxXgoi+pQXxG+x2hZIvBml2DahR4ZlCFaRPH8 vZLSELCYxGQjpy4IfcAW1QXwZ4NuDV+CrQMHWi2Fo3+giuIbehoSkY4LciIEEwub DL+KhlN5hWixWlTcS9NXI8RIh2SNIGR2Z8uTvN3rFscHviAO1zZcBueHDQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFOIXBcws09zi/Mr4/jIf0U26Gz6UMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvNGhjRnpDelQzT0w4eXZqLU1oX1JUYm9iUHBRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbbDLAwQA bbDmAwQA1dr3MA0GCSqGSIb3DQEBCwUAA4IBAQBU1iqM55atulHkT7dmmBgAeyUP ATR/1WjTESgiMAVw6f+sdoQPbVY8kLOnXePVXB3vO7cc07czoFPPjRg3ICBs7Q0P kA05cVbRFBFI2Rf1PJDNfsng7ysB43+Lc2/YZHQUwVZmFqlurI7uQxmaboEnYEh9 WgsUhZhz8cko6xTBl2U8c79IVrpe3KX1JLz7p/ePkIct/OBL+t4h3JW4exvIC6FD 8d1ZKgq/K1vi7cFsd9b4W73Ac0pWR9ivu3qNBHPuAZ+yMDMFGQJR4DyB5fMtqGeP 7Ezc1h0gDBK/AYyGPYOboLf9CHdWp8JgWpsZVQp1CYhdWSsd7le5PoBZ9sgd -----END CERTIFICATE-----Generated at Sun Jan 18 10:03:00 2026 by rpki-client