This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/CtXB1y_WiGwg9xFRHui6XM2zZos.roa File: CtXB1y_WiGwg9xFRHui6XM2zZos.roa (raw, json) Hash identifier: akg6U1CtXak5LkwHmU54KWXlOWQ+wwDwzm5wZMHKxY4= Subject key identifier: 0A:D5:C1:D7:2F:D6:88:6C:20:F7:11:51:1E:E8:BA:5C:CD:B3:66:8B Certificate issuer: /CN=df8f961c6efbb7f9ce74217b1d5dbb54e981c6f2 Certificate serial: 019B7F13A74CE052C00682A9E46F4967DB91 Authority key identifier: DF:8F:96:1C:6E:FB:B7:F9:CE:74:21:7B:1D:5D:BB:54:E9:81:C6:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/CtXB1y_WiGwg9xFRHui6XM2zZos.roa Signing time: Fri 02 Jan 2026 14:19:13 +0000 ROA not before: Fri 02 Jan 2026 14:19:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203020 IP address blocks: 46.232.208.0/23 maxlen: 32 185.246.172.0/22 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/34-WHG77t_nOdCF7HV27VOmBxvI.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/34-WHG77t_nOdCF7HV27VOmBxvI.mft rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:a7:4c:e0:52:c0:06:82:a9:e4:6f:49:67:db:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df8f961c6efbb7f9ce74217b1d5dbb54e981c6f2 Validity Not Before: Jan 2 14:19:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0ad5c1d72fd6886c20f711511ee8ba5ccdb3668b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:26:64:4f:2e:76:50:35:30:19:a7:e5:d9:d3: 1a:39:df:50:a6:9d:0c:f1:2f:6b:1e:31:b5:c4:3b: 11:8c:29:5f:4b:15:39:45:55:cb:e4:71:5e:5b:76: 51:62:c1:92:67:f8:7a:91:7b:ce:76:d0:0a:10:22: c8:d2:f0:35:01:70:91:22:dc:f4:ce:20:55:3e:1b: ec:8d:45:6f:30:e9:d6:5b:ca:57:63:cf:5a:b3:fa: 8c:38:4c:d7:a3:9c:3a:21:09:89:64:a7:1e:4c:d9: 9b:30:af:4f:6f:21:53:30:cb:d8:8a:e6:c6:02:b9: 88:50:ef:a0:bf:46:39:e0:66:aa:1f:53:cb:ba:da: 40:4f:5a:d6:f4:73:14:30:4c:c2:2c:50:fe:68:24: 75:9c:1a:2a:34:fa:f4:d8:bd:e6:57:ae:1f:90:cd: d9:42:c2:5a:8d:28:a2:51:44:d7:8c:bb:cf:c0:e5: d7:14:2b:4c:f1:7f:e0:f7:0b:72:27:29:df:e4:bf: 8c:06:69:eb:08:db:d5:b6:46:d0:d2:bf:7b:7f:48: 85:0c:ab:17:92:1f:72:df:53:c2:b8:20:ac:02:9f: 02:b2:97:cb:09:59:4d:ae:36:ed:88:eb:d5:97:bf: 97:ad:1c:a6:84:9f:e8:f8:c1:80:17:46:42:11:fa: 0a:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:D5:C1:D7:2F:D6:88:6C:20:F7:11:51:1E:E8:BA:5C:CD:B3:66:8B X509v3 Authority Key Identifier: keyid:DF:8F:96:1C:6E:FB:B7:F9:CE:74:21:7B:1D:5D:BB:54:E9:81:C6:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34-WHG77t_nOdCF7HV27VOmBxvI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/CtXB1y_WiGwg9xFRHui6XM2zZos.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/90e70f-85dc-44a9-bb23-27f2bc162a07/1/34-WHG77t_nOdCF7HV27VOmBxvI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.232.208.0/23 185.246.172.0/22 Signature Algorithm: sha256WithRSAEncryption d3:b5:12:68:0f:f1:68:7c:ca:05:01:95:ce:b6:78:d9:8a:97: 15:74:23:af:33:56:16:cb:c1:27:12:6b:b6:25:73:32:e7:f9: d3:8d:92:d0:50:96:db:ab:c3:42:0d:f0:71:81:44:f7:b8:be: ba:1b:f3:19:29:90:b8:44:a3:c1:94:95:99:9e:d6:65:f3:05: 67:7c:b3:3c:80:72:7e:fc:1f:2f:87:d2:f9:c5:18:63:27:3e: 50:da:a4:d1:f3:f9:28:34:de:6f:cc:94:f9:fd:01:23:1f:d8: 56:55:ef:8d:ec:aa:73:b3:0c:fd:c6:a8:93:56:43:58:75:7e: 65:35:49:3e:66:ec:97:8e:f9:30:da:66:9c:84:49:de:46:9d: a3:48:32:00:90:73:9c:06:2f:38:1b:b4:d8:61:6e:29:ca:c2: 0d:c2:e8:4b:9c:05:e1:0f:66:e0:39:db:ee:49:95:fa:1b:be: ff:44:59:0c:25:e0:a3:6e:45:33:36:7d:e8:34:79:07:e7:da: 40:e3:b0:ea:8a:38:34:0b:77:08:c6:87:d4:e6:cf:10:d2:33: 8f:a3:c3:21:47:2d:c5:fc:a0:05:93:7c:35:9e:a9:4a:bf:f6: 63:e9:d3:53:22:c3:e1:38:10:15:2a:f8:44:e0:93:4c:80:87: 8d:45:4b:4f -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/E6dM4FLABoKp5G9JZ9uRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmOGY5NjFjNmVmYmI3ZjljZTc0MjE3YjFkNWRiYjU0ZTk4 MWM2ZjIwHhcNMjYwMTAyMTQxOTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYWQ1YzFkNzJmZDY4ODZjMjBmNzExNTExZWU4YmE1Y2NkYjM2NjhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCZkTy52UDUwGafl2dMaOd9Qpp0M 8S9rHjG1xDsRjClfSxU5RVXL5HFeW3ZRYsGSZ/h6kXvOdtAKECLI0vA1AXCRItz0 ziBVPhvsjUVvMOnWW8pXY89as/qMOEzXo5w6IQmJZKceTNmbMK9PbyFTMMvYiubG ArmIUO+gv0Y54GaqH1PLutpAT1rW9HMUMEzCLFD+aCR1nBoqNPr02L3mV64fkM3Z QsJajSiiUUTXjLvPwOXXFCtM8X/g9wtyJynf5L+MBmnrCNvVtkbQ0r97f0iFDKsX kh9y31PCuCCsAp8CspfLCVlNrjbtiOvVl7+XrRymhJ/o+MGAF0ZCEfoK/QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFArVwdcv1ohsIPcRUR7oulzNs2aLMB8GA1UdIwQY MBaAFN+Plhxu+7f5znQhex1du1TpgcbyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMzQtV0hHNzd0X25PZENGN0hWMjdWT21CeHZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi85MGU3MGYtODVkYy00NGE5LWJiMjMt MjdmMmJjMTYyYTA3LzEvQ3RYQjF5X1dpR3dnOXhGUkh1aTZYTTJ6Wm9zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi85MGU3MGYtODVkYy00NGE5LWJiMjMtMjdmMmJjMTYyYTA3 LzEvMzQtV0hHNzd0X25PZENGN0hWMjdWT21CeHZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLujQAwQC ufasMA0GCSqGSIb3DQEBCwUAA4IBAQDTtRJoD/FofMoFAZXOtnjZipcVdCOvM1YW y8EnEmu2JXMy5/nTjZLQUJbbq8NCDfBxgUT3uL66G/MZKZC4RKPBlJWZntZl8wVn fLM8gHJ+/B8vh9L5xRhjJz5Q2qTR8/koNN5vzJT5/QEjH9hWVe+N7Kpzswz9xqiT VkNYdX5lNUk+ZuyXjvkw2machEneRp2jSDIAkHOcBi84G7TYYW4pysINwuhLnAXh D2bgOdvuSZX6G77/RFkMJeCjbkUzNn3oNHkH59pA47Dqijg0C3cIxofU5s8Q0jOP o8MhRy3F/KAFk3w1nqlKv/Zj6dNTIsPhOBAVKvhE4JNMgIeNRUtP -----END CERTIFICATE-----Generated at Sun Jan 18 10:46:24 2026 by rpki-client