This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/g4SzlhCPIBPTWzhLzvg0Mla6rd0.roa File: g4SzlhCPIBPTWzhLzvg0Mla6rd0.roa (raw, json) Hash identifier: lsHSjkdXxhWXO6fb14cra9U4N7hwRfXKjnAIELO45S8= Subject key identifier: 83:84:B3:96:10:8F:20:13:D3:5B:38:4B:CE:F8:34:32:56:BA:AD:DD Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5 Certificate serial: 019B7C803187FEEA2B22720717B8537D92E9 Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/g4SzlhCPIBPTWzhLzvg0Mla6rd0.roa Signing time: Fri 02 Jan 2026 02:18:54 +0000 ROA not before: Fri 02 Jan 2026 02:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215023 IP address blocks: 2a0f:7802:e200::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.mft rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 04:45:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:31:87:fe:ea:2b:22:72:07:17:b8:53:7d:92:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfcead390625edba1408108df57cea47160d70e5 Validity Not Before: Jan 2 02:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8384b396108f2013d35b384bcef8343256baaddd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:1a:e0:80:6b:82:ab:dc:00:e3:be:48:66:3a: fa:28:0c:13:79:48:ec:a7:74:1a:9e:ae:b0:13:d4: 6d:ac:4c:65:c5:d3:e4:f8:e7:8a:cc:ad:af:b0:e1: b3:e3:ad:e8:5d:f2:2f:2c:82:52:1e:fe:41:1e:f8: 88:b6:d3:51:ff:bb:99:53:87:1e:5e:10:22:24:d3: 09:8a:51:92:cc:f8:13:78:78:95:3b:ea:74:d9:96: 99:ec:a7:26:ad:df:e4:31:f5:14:7d:8b:db:11:a8: 6d:b4:16:35:42:1b:a4:99:33:e7:66:dc:20:71:b5: 0b:cf:c0:bc:56:57:ad:fb:04:6e:e9:9d:bf:f1:1d: 78:5f:2e:a7:85:04:8b:30:4f:6e:ec:ed:2b:a4:c8: 1e:8b:40:cf:6e:dc:d8:ac:9e:0e:7f:f3:05:4d:be: 3c:54:78:e1:bc:d8:3d:f5:ed:51:46:69:fc:b9:d8: 0e:87:b2:4a:ce:35:73:cd:dd:83:ac:49:91:b8:24: 0f:92:b2:f0:32:1a:b3:b2:fc:01:20:14:e2:e7:52: e1:00:ef:01:a7:3f:1a:2c:44:dc:b6:e6:87:83:04: f2:8a:bf:0f:75:91:a3:f5:98:ca:1d:07:ab:42:70: 7a:e7:66:ad:b5:12:4d:dc:bf:91:ab:a8:e7:15:82: 40:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:84:B3:96:10:8F:20:13:D3:5B:38:4B:CE:F8:34:32:56:BA:AD:DD X509v3 Authority Key Identifier: keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/g4SzlhCPIBPTWzhLzvg0Mla6rd0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:7802:e200::/40 Signature Algorithm: sha256WithRSAEncryption 88:c6:af:27:6e:bf:61:95:05:26:c8:98:6c:c9:37:18:0b:41: 56:d3:9b:27:5d:48:55:94:57:1f:ba:b0:fc:63:26:b7:02:90: cb:d8:e7:81:26:c6:2c:6e:85:cb:ae:63:e0:3f:7e:e1:f5:4d: 72:3b:ad:4f:d2:a7:24:bc:44:79:90:76:06:14:05:be:39:5b: b6:71:d8:82:47:97:82:02:94:e2:6c:60:e7:65:68:7d:87:09: 47:e4:2f:44:a8:07:14:2a:64:98:b3:b5:f6:cc:9f:2b:40:d6: 53:fe:3f:17:9f:a2:9b:19:ce:e0:3a:6b:54:8c:b7:fb:95:48: 20:2c:3c:a0:1e:4d:3a:6e:8e:1d:0e:db:c5:dd:10:d6:e7:4d: 7b:0b:55:70:fe:ce:5e:80:d7:86:ed:ba:1d:55:0c:04:2e:6a: ae:e6:04:8e:fd:70:0e:c6:6f:0c:8b:83:14:a0:ed:33:db:65: ad:04:8f:90:d5:ef:22:40:1f:52:dd:61:a0:65:87:6f:cf:a2: a6:fd:d1:bf:5f:bc:57:8d:b2:97:18:01:7d:6b:34:d2:c3:bc: 8b:f6:f4:03:64:fb:f8:b1:2a:56:df:46:1c:af:5f:47:97:40: 0a:fe:b2:5d:be:6c:ff:4a:19:03:0c:95:be:48:10:80:92:cd: 21:7a:dc:7e -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt8gDGH/uorInIHF7hTfZLpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw ZDcwZTUwHhcNMjYwMTAyMDIxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4Mzg0YjM5NjEwOGYyMDEzZDM1YjM4NGJjZWY4MzQzMjU2YmFhZGRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxrggGuCq9wA475IZjr6KAwTeUjs p3Qanq6wE9RtrExlxdPk+OeKzK2vsOGz463oXfIvLIJSHv5BHviIttNR/7uZU4ce XhAiJNMJilGSzPgTeHiVO+p02ZaZ7Kcmrd/kMfUUfYvbEahttBY1QhukmTPnZtwg cbULz8C8Vlet+wRu6Z2/8R14Xy6nhQSLME9u7O0rpMgei0DPbtzYrJ4Of/MFTb48 VHjhvNg99e1RRmn8udgOh7JKzjVzzd2DrEmRuCQPkrLwMhqzsvwBIBTi51LhAO8B pz8aLETctuaHgwTyir8PdZGj9ZjKHQerQnB652attRJN3L+Rq6jnFYJAmQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFIOEs5YQjyAT01s4S874NDJWuq3dMB8GA1UdIwQY MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt ZjViNmE3MThmNGI1LzEvZzRTemxoQ1BJQlBUV3poTHp2ZzBNbGE2cmQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1 LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg94AuIw DQYJKoZIhvcNAQELBQADggEBAIjGryduv2GVBSbImGzJNxgLQVbTmyddSFWUVx+6 sPxjJrcCkMvY54EmxixuhcuuY+A/fuH1TXI7rU/SpyS8RHmQdgYUBb45W7Zx2IJH l4IClOJsYOdlaH2HCUfkL0SoBxQqZJiztfbMnytA1lP+PxefopsZzuA6a1SMt/uV SCAsPKAeTTpujh0O28XdENbnTXsLVXD+zl6A14btuh1VDAQuaq7mBI79cA7GbwyL gxSg7TPbZa0Ej5DV7yJAH1LdYaBlh2/Poqb90b9fvFeNspcYAX1rNNLDvIv29ANk +/ixKlbfRhyvX0eXQAr+sl2+bP9KGQMMlb5IEICSzSF63H4= -----END CERTIFICATE-----Generated at Sun Jan 18 08:54:51 2026 by rpki-client