This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/W-iGdfrXWzVhktlrOj6ji9PTTVI.roa File: W-iGdfrXWzVhktlrOj6ji9PTTVI.roa (raw, json) Hash identifier: LisKv+NARInTtmqbTfKgDTZvU5Ejrq0c/4kFI8VtQYo= Subject key identifier: 5B:E8:86:75:FA:D7:5B:35:61:92:D9:6B:3A:3E:A3:8B:D3:D3:4D:52 Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Certificate serial: 019B77C74B3BBEC4531DFF73BA651F856F86 Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/W-iGdfrXWzVhktlrOj6ji9PTTVI.roa Signing time: Thu 01 Jan 2026 04:18:28 +0000 ROA not before: Thu 01 Jan 2026 04:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199737 IP address blocks: 89.42.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 13:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:4b:3b:be:c4:53:1d:ff:73:ba:65:1f:85:6f:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Validity Not Before: Jan 1 04:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5be88675fad75b356192d96b3a3ea38bd3d34d52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:0c:07:5a:21:2b:ab:be:49:c0:47:bd:0f:20: de:f2:b8:62:b7:0e:98:fb:aa:b0:1e:64:19:20:ae: 52:ba:56:4b:c7:f4:e9:7d:03:e4:d1:79:e9:b6:eb: 76:b3:12:50:59:1a:49:f3:57:f4:26:a0:c2:f6:2d: fa:77:0e:3a:aa:ac:75:d8:bf:98:5c:90:d7:9f:0a: 0b:16:ea:03:88:e7:b5:14:4e:13:7d:c6:62:70:5a: 94:2b:7d:8e:61:04:4f:a9:b6:3f:a6:ad:ca:d6:93: 25:2f:6f:29:75:54:81:9e:a3:68:c1:42:42:cb:46: cb:55:fa:2f:f3:95:51:a0:e7:55:87:06:b1:15:36: 49:ec:36:00:68:55:e4:87:bc:d4:54:19:fb:5d:0f: 19:50:d7:90:f8:2e:7d:0c:5f:11:8a:23:05:5a:a0: 6b:e7:9d:28:e0:1d:b6:a9:41:69:76:a1:60:4d:fe: 52:c1:70:fa:92:78:84:96:ef:30:6c:25:73:75:12: bb:f6:72:6f:c3:d9:d9:44:7d:47:f9:fa:f6:83:14: f3:88:c4:88:ef:90:dc:2e:7b:3c:7c:92:72:31:5e: 58:7f:f5:df:d6:87:bc:a0:e8:60:11:b8:74:ee:01: 5a:9b:82:3f:6e:ab:3c:cd:2b:7e:02:ee:04:21:3f: a6:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:E8:86:75:FA:D7:5B:35:61:92:D9:6B:3A:3E:A3:8B:D3:D3:4D:52 X509v3 Authority Key Identifier: keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/W-iGdfrXWzVhktlrOj6ji9PTTVI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.42.29.0/24 Signature Algorithm: sha256WithRSAEncryption 0e:1b:b7:f2:0a:9b:c1:8e:ae:1a:9c:6f:6a:36:d0:1b:35:3d: 79:51:50:9c:13:df:13:bd:00:76:8f:89:fe:28:4d:a9:38:c4: 2e:6e:2b:10:47:38:5c:66:9d:d4:6f:37:16:c3:bc:7a:74:a8: 4e:93:ce:e9:b4:b1:17:5a:96:66:68:e0:c6:ea:db:25:f6:fb: 67:ae:7f:f2:fe:d8:e5:8c:b3:68:41:1e:db:53:b8:f0:9f:5d: 5d:7e:1f:74:4d:49:3b:c0:87:62:f8:59:51:a0:c5:a7:19:fa: 32:5b:b4:be:fd:c4:94:b8:04:fd:cf:a7:64:cf:7f:93:2a:c6: 62:fd:7c:48:42:a3:16:12:3f:95:52:69:a6:64:82:1e:c4:af: cf:0d:d3:38:38:ac:8e:ba:14:ac:cd:29:a6:a5:87:f8:3b:84: fd:33:be:32:b8:4a:98:ae:95:79:e2:86:42:17:7b:41:fb:43: 2f:b1:74:94:86:5b:1f:33:9e:34:42:27:d0:42:ec:63:26:59: 8f:5e:05:72:84:9a:33:b0:fe:d1:f1:c9:ce:ad:af:b7:e7:b6: 4f:10:d3:e7:b3:f0:e3:f9:73:0d:47:20:ee:da:f5:42:c9:69: bb:0c:18:3c:71:4e:44:46:7a:2f:ae:be:e2:90:b5:a4:73:4a: a6:e8:8d:24 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3x0s7vsRTHf9zumUfhW+GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi NWRlZTQwHhcNMjYwMTAxMDQxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YmU4ODY3NWZhZDc1YjM1NjE5MmQ5NmIzYTNlYTM4YmQzZDM0ZDUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQwHWiErq75JwEe9DyDe8rhitw6Y +6qwHmQZIK5SulZLx/TpfQPk0Xnptut2sxJQWRpJ81f0JqDC9i36dw46qqx12L+Y XJDXnwoLFuoDiOe1FE4TfcZicFqUK32OYQRPqbY/pq3K1pMlL28pdVSBnqNowUJC y0bLVfov85VRoOdVhwaxFTZJ7DYAaFXkh7zUVBn7XQ8ZUNeQ+C59DF8RiiMFWqBr 550o4B22qUFpdqFgTf5SwXD6kniElu8wbCVzdRK79nJvw9nZRH1H+fr2gxTziMSI 75DcLns8fJJyMV5Yf/Xf1oe8oOhgEbh07gFam4I/bqs8zSt+Au4EIT+mSwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFvohnX611s1YZLZazo+o4vT001SMB8GA1UdIwQY MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt NTlmNTk4NGI2NGVhLzEvVy1pR2RmclhXelZoa3Rsck9qNmppOVBUVFZJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSodMA0G CSqGSIb3DQEBCwUAA4IBAQAOG7fyCpvBjq4anG9qNtAbNT15UVCcE98TvQB2j4n+ KE2pOMQubisQRzhcZp3UbzcWw7x6dKhOk87ptLEXWpZmaODG6tsl9vtnrn/y/tjl jLNoQR7bU7jwn11dfh90TUk7wIdi+FlRoMWnGfoyW7S+/cSUuAT9z6dkz3+TKsZi /XxIQqMWEj+VUmmmZIIexK/PDdM4OKyOuhSszSmmpYf4O4T9M74yuEqYrpV54oZC F3tB+0MvsXSUhlsfM540QifQQuxjJlmPXgVyhJozsP7R8cnOra+357ZPENPns/Dj +XMNRyDu2vVCyWm7DBg8cU5ERnovrr7ikLWkc0qm6I0k -----END CERTIFICATE-----Generated at Thu Jan 1 20:25:46 2026 by rpki-client