This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/F01GHOyuJBLUlg7qAG2uaVKGXH8.roa File: F01GHOyuJBLUlg7qAG2uaVKGXH8.roa (raw, json) Hash identifier: RH44KjMYj+U72Me1IT5a7+Eosv9hqq0RjzRouPfyWEk= Subject key identifier: 17:4D:46:1C:EC:AE:24:12:D4:96:0E:EA:00:6D:AE:69:52:86:5C:7F Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Certificate serial: 019B7BA5405E473F323D46BED227B82F6481 Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/F01GHOyuJBLUlg7qAG2uaVKGXH8.roa Signing time: Thu 01 Jan 2026 22:19:46 +0000 ROA not before: Thu 01 Jan 2026 22:19:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197050 IP address blocks: 95.43.232.0/22 maxlen: 24 213.16.45.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:40:5e:47:3f:32:3d:46:be:d2:27:b8:2f:64:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Validity Not Before: Jan 1 22:19:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=174d461cecae2412d4960eea006dae6952865c7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ac:2f:51:57:b0:68:ae:a2:4a:ea:ee:de:f8: 45:bc:5b:d1:e2:47:90:12:32:a0:7b:85:33:38:10: b1:36:e3:5f:8c:54:33:ff:0a:f9:43:99:14:d0:88: 2a:db:ea:a2:12:22:74:1a:e2:23:91:cd:ab:04:5b: 5b:5c:7e:7c:cb:ae:47:e8:26:7e:2d:94:33:5b:7e: 25:84:a6:cb:fc:bf:fa:82:29:e3:53:95:8a:9f:2d: 44:01:a9:a6:0d:19:04:0d:9c:ac:8c:eb:95:2d:a3: 8e:52:aa:17:0c:b5:87:9b:70:65:d4:8f:28:3e:90: 57:62:d5:75:c4:a7:d1:2d:89:3f:c7:c9:87:bf:3f: b6:4f:b3:1d:0c:a5:fa:ea:7a:07:94:48:cf:ae:97: 8d:a1:62:9f:20:30:65:e4:05:6b:61:cc:8a:9a:d6: cd:18:58:70:a5:24:c6:c0:ab:f9:1b:ce:d6:dc:77: 55:d4:d2:aa:67:9e:e0:8b:31:ad:ec:f2:70:8b:ff: a7:2c:41:39:4c:e3:4b:36:1b:5e:16:0d:cc:f4:60: ca:45:3a:19:8f:3d:75:a7:cb:80:85:45:a6:90:3c: d7:09:7c:9e:be:27:d1:d5:d3:32:21:e8:35:5a:3b: aa:10:0e:36:10:e1:95:e8:42:c3:2e:d7:01:fc:e1: 77:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:4D:46:1C:EC:AE:24:12:D4:96:0E:EA:00:6D:AE:69:52:86:5C:7F X509v3 Authority Key Identifier: keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/F01GHOyuJBLUlg7qAG2uaVKGXH8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.43.232.0/22 213.16.45.0/24 Signature Algorithm: sha256WithRSAEncryption ab:be:91:b3:47:da:73:40:15:e3:b9:a4:c7:e3:b7:69:a0:09: 9d:16:7f:55:5f:3e:a0:85:7e:31:db:86:21:e3:23:cb:69:1f: 2a:b6:c8:c5:a2:bf:5f:9f:ec:ea:fd:86:e4:12:68:be:6a:3a: 7f:aa:bc:4f:48:af:91:de:2f:9f:9e:e1:49:b8:db:d2:d7:3c: 95:21:2e:60:f5:7e:c8:c9:d2:ea:7e:5e:6e:f5:e7:56:51:f1: 4c:c1:27:a8:14:ec:fc:d7:79:11:03:97:97:c3:d0:63:d0:c1: b5:ee:35:f5:37:88:0f:bf:f6:37:36:8d:e2:fc:bf:ab:38:57: ff:72:fb:95:38:18:33:73:53:ac:ae:cc:f2:b7:2a:42:61:58: 44:7d:54:b4:ca:5b:a3:28:ba:9e:e7:8a:b3:66:b3:42:ef:02: 64:9d:26:27:1b:e9:97:96:06:e5:93:49:eb:7e:c1:16:17:15: 93:74:44:b4:f5:3f:09:13:56:c3:55:f5:cf:8e:b6:a3:0c:23: 12:e0:1e:a8:d9:0f:c8:9a:82:a4:7c:ac:ff:3c:0c:7d:e2:5c: 64:e7:a4:12:fb:13:36:67:0a:39:e8:b7:57:5d:b6:01:d5:a1: f1:a2:87:74:91:1e:84:f5:7f:bd:11:3b:74:9c:9d:c4:e6:27: 26:56:e0:a7 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7pUBeRz8yPUa+0ie4L2SBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4 ZmI0YzQwHhcNMjYwMTAxMjIxOTQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNzRkNDYxY2VjYWUyNDEyZDQ5NjBlZWEwMDZkYWU2OTUyODY1YzdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKwvUVewaK6iSuru3vhFvFvR4keQ EjKge4UzOBCxNuNfjFQz/wr5Q5kU0Igq2+qiEiJ0GuIjkc2rBFtbXH58y65H6CZ+ LZQzW34lhKbL/L/6ginjU5WKny1EAammDRkEDZysjOuVLaOOUqoXDLWHm3Bl1I8o PpBXYtV1xKfRLYk/x8mHvz+2T7MdDKX66noHlEjPrpeNoWKfIDBl5AVrYcyKmtbN GFhwpSTGwKv5G87W3HdV1NKqZ57gizGt7PJwi/+nLEE5TONLNhteFg3M9GDKRToZ jz11p8uAhUWmkDzXCXyevifR1dMyIeg1WjuqEA42EOGV6ELDLtcB/OF3bQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFBdNRhzsriQS1JYO6gBtrmlShlx/MB8GA1UdIwQY MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct ODcyYmEyZDlmNDRjLzEvRjAxR0hPeXVKQkxVbGc3cUFHMnVhVktHWEg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXyvoAwQA 1RAtMA0GCSqGSIb3DQEBCwUAA4IBAQCrvpGzR9pzQBXjuaTH47dpoAmdFn9VXz6g hX4x24Yh4yPLaR8qtsjFor9fn+zq/YbkEmi+ajp/qrxPSK+R3i+fnuFJuNvS1zyV IS5g9X7IydLqfl5u9edWUfFMwSeoFOz813kRA5eXw9Bj0MG17jX1N4gPv/Y3No3i /L+rOFf/cvuVOBgzc1OsrszytypCYVhEfVS0ylujKLqe54qzZrNC7wJknSYnG+mX lgblk0nrfsEWFxWTdES09T8JE1bDVfXPjrajDCMS4B6o2Q/ImoKkfKz/PAx94lxk 56QS+xM2Zwo56LdXXbYB1aHxood0kR6E9X+9ETt0nJ3E5icmVuCn -----END CERTIFICATE-----Generated at Mon Jan 26 10:24:55 2026 by rpki-client