This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/0TK3c5i8HR_A-PsT2oVGhcZw6cM.roa File: 0TK3c5i8HR_A-PsT2oVGhcZw6cM.roa (raw, json) Hash identifier: h0uiRwWUdBUK99Ks+Y8sh+LxhfXczzzvDGj593a9g3k= Subject key identifier: D1:32:B7:73:98:BC:1D:1F:C0:F8:FB:13:DA:85:46:85:C6:70:E9:C3 Certificate issuer: /CN=64d864ae92bd7ceab5083bcc71101ef04676f8ac Certificate serial: 019B7F8297BB3E497D4C5CC5E7F90E93EA59 Authority key identifier: 64:D8:64:AE:92:BD:7C:EA:B5:08:3B:CC:71:10:1E:F0:46:76:F8:AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/0TK3c5i8HR_A-PsT2oVGhcZw6cM.roa Signing time: Fri 02 Jan 2026 16:20:23 +0000 ROA not before: Fri 02 Jan 2026 16:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209015 IP address blocks: 45.10.200.0/24 maxlen: 24 45.10.201.0/24 maxlen: 24 45.10.203.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.crl rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.mft rsync://rpki.ripe.net/repository/DEFAULT/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:97:bb:3e:49:7d:4c:5c:c5:e7:f9:0e:93:ea:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64d864ae92bd7ceab5083bcc71101ef04676f8ac Validity Not Before: Jan 2 16:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d132b77398bc1d1fc0f8fb13da854685c670e9c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:f2:c1:fb:27:7f:d3:75:5c:37:28:c7:23:8e: 90:0a:f3:72:f7:86:cf:ea:50:d6:57:44:01:71:15: d2:11:cd:19:e1:1c:c1:2f:c3:1c:46:06:a4:34:fa: 30:97:60:72:93:a3:9a:81:2b:76:60:87:e2:e4:c8: 0f:12:b1:c6:60:68:ec:7a:06:d3:1f:6a:f5:b9:41: 6f:da:26:73:b8:3a:40:cc:31:b7:a8:4d:ee:6b:ca: 05:60:c4:01:3d:73:de:ad:3c:3f:a0:e3:d8:fd:cf: 1a:cd:d3:e6:f9:5a:63:b4:45:bd:b5:bd:b9:af:91: 61:00:ac:f4:77:1d:53:12:15:04:a3:80:18:36:56: c2:fa:b9:d5:b1:ce:06:e5:68:e2:34:e4:9b:35:2e: 18:6d:ca:5b:69:7f:a8:f1:2b:3e:a3:94:c8:23:27: 79:6e:b4:99:34:d2:c1:15:be:c1:31:3f:e8:bf:e1: 34:40:7a:e9:ff:12:9e:c7:64:43:88:cd:2a:e0:aa: 76:49:93:0e:06:b8:b7:29:dd:d7:30:da:cc:ec:ca: f1:90:6e:f5:cd:66:68:18:57:99:b7:7f:8a:0c:75: c5:be:3a:7f:13:44:96:63:e1:f8:5b:04:f0:bc:41: e5:82:29:d9:41:b6:b6:0f:d3:4d:f4:9a:73:e7:ac: ed:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:32:B7:73:98:BC:1D:1F:C0:F8:FB:13:DA:85:46:85:C6:70:E9:C3 X509v3 Authority Key Identifier: keyid:64:D8:64:AE:92:BD:7C:EA:B5:08:3B:CC:71:10:1E:F0:46:76:F8:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/0TK3c5i8HR_A-PsT2oVGhcZw6cM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/96/70b2c4-1d4a-4b91-b0d0-2c05cc922001/1/ZNhkrpK9fOq1CDvMcRAe8EZ2-Kw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.10.200.0/23 45.10.203.0/24 Signature Algorithm: sha256WithRSAEncryption a0:03:b0:89:e6:eb:3e:ed:21:f2:ba:58:36:2e:db:e7:b9:33: 4a:63:8e:18:ae:01:c4:eb:85:57:12:81:e4:90:f8:1a:8e:36: b5:52:0f:bf:5b:f0:4a:35:be:dd:c8:e7:2a:c0:cb:4c:aa:8a: f7:79:98:c1:04:7c:0b:19:39:e6:5e:d9:f0:65:8b:b4:18:05: 89:cd:59:b9:e6:73:07:9f:dd:38:f5:f7:85:e6:2b:b3:40:50: f4:93:65:45:74:fa:ba:d7:d9:2d:b4:34:09:47:da:84:4a:16: 77:7f:0a:17:75:cb:5c:84:f9:61:a7:98:bb:7c:0e:5e:5d:33: 3c:ba:6d:f4:37:c1:36:e9:c0:0c:8d:a7:47:f7:8c:4f:de:9a: bf:eb:7d:0b:52:d1:77:bb:dc:80:71:b7:a3:34:37:43:35:5f: f1:fb:58:15:02:a6:10:91:43:96:82:09:c9:00:db:a0:35:02: 8d:94:ac:8d:ce:0d:ed:01:15:c6:5c:db:26:e6:0a:d8:c6:62: 46:0f:bc:48:5b:60:49:be:44:1b:6d:93:4a:ac:83:57:7e:e3: 09:f2:79:8e:40:58:3c:cb:c9:94:f0:c2:75:45:dd:5f:51:23: ea:0f:cc:d5:ea:cb:19:5b:ba:1b:1c:db:9b:ba:8b:43:99:ec: 9c:5b:dd:65 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/gpe7Pkl9TFzF5/kOk+pZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0ZDg2NGFlOTJiZDdjZWFiNTA4M2JjYzcxMTAxZWYwNDY3 NmY4YWMwHhcNMjYwMTAyMTYyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMTMyYjc3Mzk4YmMxZDFmYzBmOGZiMTNkYTg1NDY4NWM2NzBlOWMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPLB+yd/03VcNyjHI46QCvNy94bP 6lDWV0QBcRXSEc0Z4RzBL8McRgakNPowl2Byk6OagSt2YIfi5MgPErHGYGjsegbT H2r1uUFv2iZzuDpAzDG3qE3ua8oFYMQBPXPerTw/oOPY/c8azdPm+VpjtEW9tb25 r5FhAKz0dx1TEhUEo4AYNlbC+rnVsc4G5WjiNOSbNS4YbcpbaX+o8Ss+o5TIIyd5 brSZNNLBFb7BMT/ov+E0QHrp/xKex2RDiM0q4Kp2SZMOBri3Kd3XMNrM7MrxkG71 zWZoGFeZt3+KDHXFvjp/E0SWY+H4WwTwvEHlginZQba2D9NN9Jpz56ztiQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNEyt3OYvB0fwPj7E9qFRoXGcOnDMB8GA1UdIwQY MBaAFGTYZK6SvXzqtQg7zHEQHvBGdvisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWk5oa3JwSzlmT3ExQ0R2TWNSQWU4RVoyLUt3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni83MGIyYzQtMWQ0YS00YjkxLWIwZDAt MmMwNWNjOTIyMDAxLzEvMFRLM2M1aThIUl9BLVBzVDJvVkdoY1p3NmNNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ni83MGIyYzQtMWQ0YS00YjkxLWIwZDAtMmMwNWNjOTIyMDAx LzEvWk5oa3JwSzlmT3ExQ0R2TWNSQWU4RVoyLUt3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLQrIAwQA LQrLMA0GCSqGSIb3DQEBCwUAA4IBAQCgA7CJ5us+7SHyulg2LtvnuTNKY44YrgHE 64VXEoHkkPgajja1Ug+/W/BKNb7dyOcqwMtMqor3eZjBBHwLGTnmXtnwZYu0GAWJ zVm55nMHn9049feF5iuzQFD0k2VFdPq619kttDQJR9qEShZ3fwoXdctchPlhp5i7 fA5eXTM8um30N8E26cAMjadH94xP3pq/630LUtF3u9yAcbejNDdDNV/x+1gVAqYQ kUOWggnJANugNQKNlKyNzg3tARXGXNsm5grYxmJGD7xIW2BJvkQbbZNKrINXfuMJ 8nmOQFg8y8mU8MJ1Rd1fUSPqD8zV6ssZW7obHNubuotDmeycW91l -----END CERTIFICATE-----Generated at Tue Jan 20 04:47:43 2026 by rpki-client