This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4anZiDch9d6oi83TQFLyB4qT99g.roa File: 4anZiDch9d6oi83TQFLyB4qT99g.roa (raw, json) Hash identifier: gEOKEHS2zoAD8h95bY8JWc94frKYylDhR359To9K6dI= Subject key identifier: E1:A9:D9:88:37:21:F5:DE:A8:8B:CD:D3:40:52:F2:07:8A:93:F7:D8 Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Certificate serial: 019B78A276E4154B97984E959BC9CCDF885B Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4anZiDch9d6oi83TQFLyB4qT99g.roa Signing time: Thu 01 Jan 2026 08:17:51 +0000 ROA not before: Thu 01 Jan 2026 08:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21859 IP address blocks: 192.145.69.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:76:e4:15:4b:97:98:4e:95:9b:c9:cc:df:88:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Validity Not Before: Jan 1 08:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e1a9d9883721f5dea88bcdd34052f2078a93f7d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:bd:8d:c4:5d:9a:3f:ea:2d:f9:49:cc:55:02: 57:49:87:e1:bb:a5:16:a4:1e:f9:09:8e:5a:c4:a5: 73:2b:42:fb:30:0c:0a:4b:fb:73:58:d8:c8:53:38: f5:27:dd:32:4e:0b:01:1b:9e:57:e1:a9:5b:8a:2d: 72:10:95:f7:f9:f6:df:16:d5:f2:41:53:66:24:76: 4f:35:c2:3b:ff:02:fd:9c:a8:c6:ee:2f:e1:d8:0f: f7:b6:f0:12:38:dd:19:a7:76:3a:a7:a0:44:14:4c: 47:cc:da:94:dd:44:0f:e5:46:45:b9:ac:76:22:15: e1:bf:e0:b0:7f:46:09:d2:22:4c:cf:85:4f:d4:3e: 65:a0:f9:6e:f9:64:f5:eb:24:6f:ca:99:25:43:06: 5b:5f:ed:0e:bb:3b:8d:40:9a:80:bd:f1:e0:b7:9a: cc:a5:ef:e6:b3:42:a7:74:64:2d:03:ec:9d:67:c3: 68:65:c1:58:bb:0a:28:1a:53:2e:7f:07:78:ef:a1: 01:00:ac:7b:63:9a:84:1a:6c:fe:b9:9a:98:64:99: 8c:73:b6:79:e4:53:ad:d8:51:c9:14:45:eb:73:06: 61:15:ae:4e:95:57:8a:44:65:a9:0b:32:6c:32:c6: 7f:fa:c7:f0:42:79:6a:2b:a1:36:c3:7d:d0:69:38: 26:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:A9:D9:88:37:21:F5:DE:A8:8B:CD:D3:40:52:F2:07:8A:93:F7:D8 X509v3 Authority Key Identifier: keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4anZiDch9d6oi83TQFLyB4qT99g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.145.69.0/24 Signature Algorithm: sha256WithRSAEncryption 1b:1e:04:39:20:5e:1d:9f:ef:53:9c:39:f2:d5:93:27:c1:92: 85:6c:f5:96:37:17:08:1c:ad:47:e9:b6:e3:22:39:17:34:58: bc:5e:5a:d3:0e:a5:50:9e:e6:35:c7:75:ea:af:83:95:45:16: 5d:ea:32:1e:56:f6:5b:a2:bf:ef:0e:b8:ec:4a:94:83:7f:f1: 66:4e:e2:2d:32:eb:8d:da:26:b4:5a:34:a3:96:09:01:30:15: ed:07:d6:a5:04:61:a0:d0:85:ab:e2:61:ca:45:35:30:e4:92: e3:ba:3d:89:ea:48:ae:2b:eb:73:c8:af:df:37:f2:4d:98:f3: 94:a7:d1:78:8f:bf:d8:38:eb:ba:a2:b3:af:0c:ee:13:3c:85: 3b:fb:dd:c4:c9:69:37:ce:5e:5d:0d:ef:db:06:c7:8e:4e:07: da:3b:1f:0f:c3:1f:cf:4a:83:4e:e0:08:bd:8b:04:ac:ed:38: 94:38:94:0f:a0:2c:a9:b8:a1:1f:27:10:da:8c:7f:19:a4:f2: 21:4e:14:04:b1:7d:47:7b:76:be:39:c8:43:64:6b:22:b4:48: 7d:de:9e:a9:52:d7:f3:f9:d9:35:80:41:98:54:31:25:24:af: 57:ea:6d:fd:b4:c5:8c:f6:75:26:fa:41:47:99:ef:bd:8e:bf: 75:1e:77:a5 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4onbkFUuXmE6Vm8nM34hbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy ZGJmMDcwHhcNMjYwMTAxMDgxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMWE5ZDk4ODM3MjFmNWRlYTg4YmNkZDM0MDUyZjIwNzhhOTNmN2Q4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmb2NxF2aP+ot+UnMVQJXSYfhu6UW pB75CY5axKVzK0L7MAwKS/tzWNjIUzj1J90yTgsBG55X4albii1yEJX3+fbfFtXy QVNmJHZPNcI7/wL9nKjG7i/h2A/3tvASON0Zp3Y6p6BEFExHzNqU3UQP5UZFuax2 IhXhv+Cwf0YJ0iJMz4VP1D5loPlu+WT16yRvypklQwZbX+0OuzuNQJqAvfHgt5rM pe/ms0KndGQtA+ydZ8NoZcFYuwooGlMufwd476EBAKx7Y5qEGmz+uZqYZJmMc7Z5 5FOt2FHJFEXrcwZhFa5OlVeKRGWpCzJsMsZ/+sfwQnlqK6E2w33QaTgm1QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOGp2Yg3IfXeqIvN00BS8geKk/fYMB8GA1UdIwQY MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt ZjNlNTA2YWVhYTAxLzEvNGFuWmlEY2g5ZDZvaTgzVFFGTHlCNHFUOTlnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwJFFMA0G CSqGSIb3DQEBCwUAA4IBAQAbHgQ5IF4dn+9TnDny1ZMnwZKFbPWWNxcIHK1H6bbj IjkXNFi8XlrTDqVQnuY1x3Xqr4OVRRZd6jIeVvZbor/vDrjsSpSDf/FmTuItMuuN 2ia0WjSjlgkBMBXtB9alBGGg0IWr4mHKRTUw5JLjuj2J6kiuK+tzyK/fN/JNmPOU p9F4j7/YOOu6orOvDO4TPIU7+93EyWk3zl5dDe/bBseOTgfaOx8Pwx/PSoNO4Ai9 iwSs7TiUOJQPoCypuKEfJxDajH8ZpPIhThQEsX1He3a+OchDZGsitEh93p6pUtfz +dk1gEGYVDElJK9X6m39tMWM9nUm+kFHme+9jr91Hnel -----END CERTIFICATE-----Generated at Thu Jan 8 17:25:06 2026 by rpki-client