This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/kaJAlUNXuvgIldw8HKxblZiQ1xY.roa File: kaJAlUNXuvgIldw8HKxblZiQ1xY.roa (raw, json) Hash identifier: sktya3OX64f09BO6r6lg+c9q03KXeV5TYfpw1RTIwcY= Subject key identifier: 91:A2:40:95:43:57:BA:F8:08:95:DC:3C:1C:AC:5B:95:98:90:D7:16 Certificate issuer: /CN=b960b14746c5875244ae3b694162ec6d8c63255e Certificate serial: 019B76EB62A7A9B324C01D5AF8E1C56EBF94 Authority key identifier: B9:60:B1:47:46:C5:87:52:44:AE:3B:69:41:62:EC:6D:8C:63:25:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uWCxR0bFh1JErjtpQWLsbYxjJV4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/kaJAlUNXuvgIldw8HKxblZiQ1xY.roa Signing time: Thu 01 Jan 2026 00:18:16 +0000 ROA not before: Thu 01 Jan 2026 00:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208390 IP address blocks: 45.135.208.0/22 maxlen: 22 45.135.208.0/24 maxlen: 24 45.135.209.0/24 maxlen: 24 2a0e:8ec0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/uWCxR0bFh1JErjtpQWLsbYxjJV4.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/uWCxR0bFh1JErjtpQWLsbYxjJV4.mft rsync://rpki.ripe.net/repository/DEFAULT/uWCxR0bFh1JErjtpQWLsbYxjJV4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:62:a7:a9:b3:24:c0:1d:5a:f8:e1:c5:6e:bf:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b960b14746c5875244ae3b694162ec6d8c63255e Validity Not Before: Jan 1 00:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=91a240954357baf80895dc3c1cac5b959890d716 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:62:84:28:50:b9:f6:cc:6e:2b:b5:f1:62:0a: 8a:6b:3d:88:eb:03:0e:b6:34:f1:30:9c:70:1d:07: 9c:ac:b4:80:da:c1:83:3b:ab:27:ac:72:56:6f:4f: cd:2c:08:f0:11:3f:33:c3:76:1f:6e:2f:57:72:b0: 26:b3:f6:f2:18:6e:c2:7c:41:56:53:4e:25:2e:bd: 95:02:43:8c:7a:87:f6:4a:6c:98:6f:e9:7e:36:be: 7d:a9:2e:8a:fc:8c:21:36:80:cd:c3:3e:d5:b9:e5: d9:a6:41:16:31:cd:d8:47:e2:1c:fa:b5:8f:c7:77: bb:83:1f:07:eb:c0:ee:d5:d4:02:4b:32:17:30:06: 9f:90:83:6b:2c:ae:71:1e:85:29:36:72:68:a6:06: 7d:58:7c:37:3d:cc:67:9a:b9:68:c6:46:44:ef:94: 3c:07:c1:32:1a:ed:d9:d2:79:50:b7:9f:f4:bc:cd: 98:95:8c:5d:e5:6f:08:2c:64:45:db:bb:db:d5:f1: fd:4f:eb:7a:07:75:9a:9b:ca:c1:f6:0c:1a:1a:6d: 46:29:98:c7:8b:17:ff:8c:69:70:79:ed:42:a9:47: 4a:82:12:a7:5e:76:78:0e:1f:5e:77:cb:fd:22:4d: 25:d1:57:22:2b:c8:0a:4a:25:74:70:05:2a:60:65: 16:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:A2:40:95:43:57:BA:F8:08:95:DC:3C:1C:AC:5B:95:98:90:D7:16 X509v3 Authority Key Identifier: keyid:B9:60:B1:47:46:C5:87:52:44:AE:3B:69:41:62:EC:6D:8C:63:25:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uWCxR0bFh1JErjtpQWLsbYxjJV4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/kaJAlUNXuvgIldw8HKxblZiQ1xY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/458078-426e-4449-a2a9-18882a2809b2/1/uWCxR0bFh1JErjtpQWLsbYxjJV4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.135.208.0/22 IPv6: 2a0e:8ec0::/29 Signature Algorithm: sha256WithRSAEncryption ba:dd:af:87:31:f5:31:c8:5b:22:71:c0:89:54:37:9d:0c:20: b6:25:80:13:8e:fc:ca:a4:97:2d:89:00:98:bc:7a:b2:4c:a9: 52:d7:4a:d5:31:48:da:33:04:78:ac:f7:c6:87:bb:17:2b:ec: c2:ac:cc:01:f6:d3:9d:b1:a6:87:c2:53:81:c1:1a:d6:32:74: 39:6a:e8:c7:c3:3a:cb:f9:eb:aa:b4:fc:d4:b6:c7:07:e3:ad: bb:7d:04:49:73:40:1c:46:21:bc:2c:00:bf:c2:19:f1:45:5f: 35:1c:0d:d9:cd:c2:b8:e0:0b:0a:3b:8d:4f:73:f9:52:49:a1: f0:d9:e9:39:79:e4:52:89:6d:0f:a8:f3:0a:51:8e:47:e7:4f: aa:da:ad:9e:fd:79:f5:cd:90:ca:47:7a:4d:ab:f7:09:f6:a9: 01:b7:24:37:8e:73:0c:16:7d:22:9c:c7:0e:8e:2d:31:44:8e: fd:a2:13:1e:c4:9d:ec:db:22:b9:d3:ed:78:dd:e2:98:87:c9: fe:21:a7:f1:0b:36:10:20:19:86:78:15:46:2b:ce:fa:ee:a3: 7f:68:78:78:13:79:80:81:bb:4b:7f:09:7f:5e:f2:65:57:84: 7a:bf:6d:f5:a7:4e:14:fe:e8:fc:02:ee:64:fb:5a:24:32:f4: 6e:f9:ea:62 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt262KnqbMkwB1a+OHFbr+UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI5NjBiMTQ3NDZjNTg3NTI0NGFlM2I2OTQxNjJlYzZkOGM2 MzI1NWUwHhcNMjYwMTAxMDAxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MWEyNDA5NTQzNTdiYWY4MDg5NWRjM2MxY2FjNWI5NTk4OTBkNzE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2KEKFC59sxuK7XxYgqKaz2I6wMO tjTxMJxwHQecrLSA2sGDO6snrHJWb0/NLAjwET8zw3Yfbi9XcrAms/byGG7CfEFW U04lLr2VAkOMeof2SmyYb+l+Nr59qS6K/IwhNoDNwz7VueXZpkEWMc3YR+Ic+rWP x3e7gx8H68Du1dQCSzIXMAafkINrLK5xHoUpNnJopgZ9WHw3PcxnmrloxkZE75Q8 B8EyGu3Z0nlQt5/0vM2YlYxd5W8ILGRF27vb1fH9T+t6B3Wam8rB9gwaGm1GKZjH ixf/jGlwee1CqUdKghKnXnZ4Dh9ed8v9Ik0l0VciK8gKSiV0cAUqYGUWAwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJGiQJVDV7r4CJXcPBysW5WYkNcWMB8GA1UdIwQY MBaAFLlgsUdGxYdSRK47aUFi7G2MYyVeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdVdDeFIwYkZoMUpFcmp0cFFXTHNiWXhqSlY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80NTgwNzgtNDI2ZS00NDQ5LWEyYTkt MTg4ODJhMjgwOWIyLzEva2FKQWxVTlh1dmdJbGR3OEhLeGJsWmlRMXhZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy80NTgwNzgtNDI2ZS00NDQ5LWEyYTktMTg4ODJhMjgwOWIy LzEvdVdDeFIwYkZoMUpFcmp0cFFXTHNiWXhqSlY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYfQMA0E AgACMAcDBQMqDo7AMA0GCSqGSIb3DQEBCwUAA4IBAQC63a+HMfUxyFsiccCJVDed DCC2JYATjvzKpJctiQCYvHqyTKlS10rVMUjaMwR4rPfGh7sXK+zCrMwB9tOdsaaH wlOBwRrWMnQ5aujHwzrL+euqtPzUtscH4627fQRJc0AcRiG8LAC/whnxRV81HA3Z zcK44AsKO41Pc/lSSaHw2ek5eeRSiW0PqPMKUY5H50+q2q2e/Xn1zZDKR3pNq/cJ 9qkBtyQ3jnMMFn0inMcOji0xRI79ohMexJ3s2yK50+143eKYh8n+IafxCzYQIBmG eBVGK8767qN/aHh4E3mAgbtLfwl/XvJlV4R6v231p04U/uj8Au5k+1okMvRu+epi -----END CERTIFICATE-----Generated at Tue Jan 27 03:06:58 2026 by rpki-client