This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/T7GHpioMRx7PC4mYACYt1geCrE8.roa File: T7GHpioMRx7PC4mYACYt1geCrE8.roa (raw, json) Hash identifier: xIVcFxp/SoIfdEI5b2uBXApYyBBlAfOIpXupiVVrChc= Subject key identifier: 4F:B1:87:A6:2A:0C:47:1E:CF:0B:89:98:00:26:2D:D6:07:82:AC:4F Certificate issuer: /CN=a2f6bc8f163af49c03d9ad69e716b42c5b96ee79 Certificate serial: 019B7AC85367006BF9DB6F01091A6CD80896 Authority key identifier: A2:F6:BC:8F:16:3A:F4:9C:03:D9:AD:69:E7:16:B4:2C:5B:96:EE:79 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ova8jxY69JwD2a1p5xa0LFuW7nk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/T7GHpioMRx7PC4mYACYt1geCrE8.roa Signing time: Thu 01 Jan 2026 18:18:27 +0000 ROA not before: Thu 01 Jan 2026 18:18:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 46.19.168.0/24 maxlen: 24 46.19.169.0/24 maxlen: 24 46.19.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/ova8jxY69JwD2a1p5xa0LFuW7nk.crl rsync://rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/ova8jxY69JwD2a1p5xa0LFuW7nk.mft rsync://rpki.ripe.net/repository/DEFAULT/ova8jxY69JwD2a1p5xa0LFuW7nk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:53:67:00:6b:f9:db:6f:01:09:1a:6c:d8:08:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a2f6bc8f163af49c03d9ad69e716b42c5b96ee79 Validity Not Before: Jan 1 18:18:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4fb187a62a0c471ecf0b899800262dd60782ac4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:ed:36:55:7b:80:da:8c:b6:f6:df:47:9c:91: da:41:34:41:1c:fc:bd:ca:33:32:5f:d4:b6:ff:ff: 7f:c0:a4:3e:3d:eb:ab:33:07:b3:c3:d4:ed:55:65: 89:82:c9:53:59:b9:d7:69:8d:0f:d8:8e:ee:f6:cd: 5c:d2:95:e8:17:63:0c:30:be:f7:6a:72:3e:aa:2f: 9f:9a:c5:11:6c:c5:87:7d:22:d4:83:17:d5:bd:99: c8:00:87:e5:3e:d4:91:a9:b7:1a:95:04:b8:e4:ae: 77:14:30:12:2a:c7:87:d7:64:5d:94:6d:1c:bf:54: 86:e0:03:80:e2:2b:09:4a:33:7e:7d:97:1b:32:f6: 9e:49:f8:a2:5f:a6:08:39:3a:11:75:bb:5d:0d:22: 29:aa:66:ff:d3:85:a1:ec:7b:46:14:53:2a:75:24: f4:b2:be:e7:61:c8:7c:f4:e7:07:43:e3:fd:d9:5a: 1c:a5:b0:18:d5:be:71:09:ec:88:fb:00:fe:d4:05: 8e:ef:61:7e:38:59:09:2b:29:12:38:82:c9:7a:75: 40:82:90:c3:ad:ed:56:e6:fa:bd:9b:6c:ec:3d:49: 9f:6f:56:21:bb:56:cd:92:dc:97:56:28:c5:8a:77: 0e:2b:2c:08:4c:b3:f2:36:b8:55:7e:57:e3:f7:57: 14:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:B1:87:A6:2A:0C:47:1E:CF:0B:89:98:00:26:2D:D6:07:82:AC:4F X509v3 Authority Key Identifier: keyid:A2:F6:BC:8F:16:3A:F4:9C:03:D9:AD:69:E7:16:B4:2C:5B:96:EE:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ova8jxY69JwD2a1p5xa0LFuW7nk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/T7GHpioMRx7PC4mYACYt1geCrE8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/2851b6-2e65-4859-9c05-506bb6c679ce/1/ova8jxY69JwD2a1p5xa0LFuW7nk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.19.168.0/23 46.19.171.0/24 Signature Algorithm: sha256WithRSAEncryption d1:b9:ce:63:d4:63:b3:2a:d0:76:03:84:a3:46:c8:0f:d1:b9: 28:d6:df:c3:87:a7:20:f2:1a:35:76:a8:f4:e4:ac:40:6c:2c: 33:a6:b6:07:5c:de:7c:d4:d7:10:eb:60:d1:4c:2a:d8:8b:ad: ca:70:93:e0:99:01:44:1c:cf:3c:30:2e:9f:99:28:67:29:8c: e5:81:e9:5d:a0:49:d3:a5:44:83:c0:53:4d:06:6e:3d:d2:b6: 2f:19:60:3a:5e:72:9e:e7:4d:eb:8e:f6:b1:84:e2:06:86:ef: 9a:8b:df:b8:7c:68:14:c9:68:dc:20:3b:61:e3:ee:55:f9:5a: 61:15:fe:6c:4d:a7:be:09:3a:eb:83:41:89:0e:76:35:80:24: 76:9f:8a:90:25:e7:86:06:94:1b:be:7a:ab:d6:42:d0:80:ca: a0:37:cb:d0:74:73:55:8e:bd:30:28:49:18:9c:85:aa:cf:a4: 3e:84:bd:2c:8d:a7:79:3b:4c:aa:3b:89:22:62:30:69:26:3a: 75:ef:fe:b2:ed:3d:1f:67:e9:33:e1:c5:f8:8b:a8:17:ad:1b: bf:49:21:ad:ad:e3:2a:de:d9:4a:52:44:29:e7:4c:fe:7d:bf: 0b:c5:ea:5c:53:9f:88:64:37:09:c2:d3:13:dd:c8:60:26:50: ee:a7:c5:3d -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6yFNnAGv5228BCRps2AiWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyZjZiYzhmMTYzYWY0OWMwM2Q5YWQ2OWU3MTZiNDJjNWI5 NmVlNzkwHhcNMjYwMTAxMTgxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0ZmIxODdhNjJhMGM0NzFlY2YwYjg5OTgwMDI2MmRkNjA3ODJhYzRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO02VXuA2oy29t9HnJHaQTRBHPy9 yjMyX9S2//9/wKQ+PeurMwezw9TtVWWJgslTWbnXaY0P2I7u9s1c0pXoF2MMML73 anI+qi+fmsURbMWHfSLUgxfVvZnIAIflPtSRqbcalQS45K53FDASKseH12RdlG0c v1SG4AOA4isJSjN+fZcbMvaeSfiiX6YIOToRdbtdDSIpqmb/04Wh7HtGFFMqdST0 sr7nYch89OcHQ+P92VocpbAY1b5xCeyI+wD+1AWO72F+OFkJKykSOILJenVAgpDD re1W5vq9m2zsPUmfb1Yhu1bNktyXVijFincOKywITLPyNrhVflfj91cURwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFE+xh6YqDEcezwuJmAAmLdYHgqxPMB8GA1UdIwQY MBaAFKL2vI8WOvScA9mtaecWtCxblu55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb3ZhOGp4WTY5SndEMmExcDV4YTBMRnVXN25rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yODUxYjYtMmU2NS00ODU5LTljMDUt NTA2YmI2YzY3OWNlLzEvVDdHSHBpb01SeDdQQzRtWUFDWXQxZ2VDckU4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny8yODUxYjYtMmU2NS00ODU5LTljMDUtNTA2YmI2YzY3OWNl LzEvb3ZhOGp4WTY5SndEMmExcDV4YTBMRnVXN25rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLhOoAwQA LhOrMA0GCSqGSIb3DQEBCwUAA4IBAQDRuc5j1GOzKtB2A4SjRsgP0bko1t/Dh6cg 8ho1dqj05KxAbCwzprYHXN581NcQ62DRTCrYi63KcJPgmQFEHM88MC6fmShnKYzl geldoEnTpUSDwFNNBm490rYvGWA6XnKe503rjvaxhOIGhu+ai9+4fGgUyWjcIDth 4+5V+VphFf5sTae+CTrrg0GJDnY1gCR2n4qQJeeGBpQbvnqr1kLQgMqgN8vQdHNV jr0wKEkYnIWqz6Q+hL0sjad5O0yqO4kiYjBpJjp17/6y7T0fZ+kz4cX4i6gXrRu/ SSGtreMq3tlKUkQp50z+fb8LxepcU5+IZDcJwtMT3chgJlDup8U9 -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:24 2026 by rpki-client