This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/4CWfekzf4x-HS1fJIidism45k8I.roa File: 4CWfekzf4x-HS1fJIidism45k8I.roa (raw, json) Hash identifier: BHdLLhr5F9G9d810caL7Kieqc8ckL+IwjTONjFXfuYQ= Subject key identifier: E0:25:9F:7A:4C:DF:E3:1F:87:4B:57:C9:22:27:62:B2:6E:39:93:C2 Certificate issuer: /CN=3a685cf88a7fc43fe1c7fe34a6ff3ddbb414f0b5 Certificate serial: 019B79ECA61808BB5AE77D690A455BE31550 Authority key identifier: 3A:68:5C:F8:8A:7F:C4:3F:E1:C7:FE:34:A6:FF:3D:DB:B4:14:F0:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/4CWfekzf4x-HS1fJIidism45k8I.roa Signing time: Thu 01 Jan 2026 14:18:30 +0000 ROA not before: Thu 01 Jan 2026 14:18:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 55195 IP address blocks: 194.0.46.0/24 maxlen: 24 2001:678:74::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Omhc-Ip_xD_hx_40pv8927QU8LU.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Omhc-Ip_xD_hx_40pv8927QU8LU.mft rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 29 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:a6:18:08:bb:5a:e7:7d:69:0a:45:5b:e3:15:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a685cf88a7fc43fe1c7fe34a6ff3ddbb414f0b5 Validity Not Before: Jan 1 14:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e0259f7a4cdfe31f874b57c9222762b26e3993c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:27:26:33:b9:69:bb:9f:3a:dd:ed:a5:c1:e4: ef:51:13:70:58:29:ad:e9:dd:c5:da:29:6a:5e:03: 2a:00:8b:42:3d:d0:93:a2:3e:61:ff:2d:61:cc:e9: c2:6e:12:f2:b2:b1:18:be:e0:08:49:e2:fd:7b:91: ea:ee:2f:9c:bf:3a:bd:66:37:2e:1c:f3:46:fd:85: 84:df:66:02:29:99:6f:20:80:6b:11:eb:cd:cc:98: b0:ae:c4:48:b2:77:fe:1c:2a:bf:94:cc:d2:9d:45: 08:4b:b2:6d:f4:64:d1:79:25:08:05:b3:5b:28:8d: 70:a1:a3:b6:be:e0:ff:ee:0f:0a:62:af:4a:c2:a5: 31:62:c6:25:ea:16:41:85:bc:00:b1:97:87:b6:fd: 35:22:cb:6b:9b:e8:e5:1d:1e:cd:13:d2:82:8c:2f: 2a:ae:3f:de:4e:f3:5b:78:da:a3:10:23:f6:46:6d: e7:9a:8b:4f:5d:27:15:22:b4:ab:78:79:70:17:63: 30:5e:d5:24:ea:bb:c6:b0:73:a1:f1:16:fe:5b:7d: 5d:25:81:e0:d2:76:4b:e7:38:7c:87:8c:e5:6b:69: c2:5c:01:36:01:6c:2b:aa:15:8e:96:ce:71:8b:63: bb:42:a7:fc:6f:73:07:f2:68:ea:e8:69:f9:fa:66: 8f:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:25:9F:7A:4C:DF:E3:1F:87:4B:57:C9:22:27:62:B2:6E:39:93:C2 X509v3 Authority Key Identifier: keyid:3A:68:5C:F8:8A:7F:C4:3F:E1:C7:FE:34:A6:FF:3D:DB:B4:14:F0:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/4CWfekzf4x-HS1fJIidism45k8I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Omhc-Ip_xD_hx_40pv8927QU8LU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.0.46.0/24 IPv6: 2001:678:74::/48 Signature Algorithm: sha256WithRSAEncryption 19:c0:90:4b:a3:a8:8a:bb:a7:0d:d1:99:3b:70:5e:38:d5:6f: 40:0c:28:15:7d:5d:f4:c6:20:4a:3c:19:01:3a:4b:3e:79:49: c3:62:1d:6d:11:d3:59:c4:98:e7:63:08:21:fc:c9:1c:9b:46: e5:49:86:ab:5f:b2:94:fc:d8:e4:52:e4:7e:04:cd:04:6a:01: 9e:81:e0:34:96:7d:03:e7:2d:5f:26:c6:8d:63:6a:63:ac:1a: 7d:e7:17:a2:18:c0:0e:5d:73:a5:8b:31:9f:18:2c:d8:5b:0a: 04:05:0b:db:ff:8c:fd:82:06:06:6f:52:73:2c:a5:2e:07:a1: 33:f5:45:d5:9f:c0:16:f8:3d:68:21:1b:cc:7c:f1:5e:14:b6: 3e:06:94:2b:29:15:e5:01:db:da:e4:e4:9c:ac:e8:d0:c4:d3: db:55:a4:61:5d:83:b2:44:9f:d1:f5:1f:35:ad:44:21:8e:1a: ce:b0:3b:29:c3:0c:64:b2:e7:a1:74:85:84:a3:12:8a:c9:f4: 74:fc:b3:24:45:18:41:c4:e8:60:3b:7c:44:b7:a4:c0:b0:36: fb:63:05:62:e5:ce:7e:0d:76:89:aa:2f:23:51:a0:3a:8e:dc: a0:a2:8d:0a:eb:dd:b6:a5:fa:c3:15:d6:63:1b:1f:1e:be:d1: 6c:38:9d:be -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt57KYYCLta531pCkVb4xVQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhNjg1Y2Y4OGE3ZmM0M2ZlMWM3ZmUzNGE2ZmYzZGRiYjQx NGYwYjUwHhcNMjYwMTAxMTQxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMDI1OWY3YTRjZGZlMzFmODc0YjU3YzkyMjI3NjJiMjZlMzk5M2MyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzycmM7lpu5863e2lweTvURNwWCmt 6d3F2ilqXgMqAItCPdCToj5h/y1hzOnCbhLysrEYvuAISeL9e5Hq7i+cvzq9Zjcu HPNG/YWE32YCKZlvIIBrEevNzJiwrsRIsnf+HCq/lMzSnUUIS7Jt9GTReSUIBbNb KI1woaO2vuD/7g8KYq9KwqUxYsYl6hZBhbwAsZeHtv01Istrm+jlHR7NE9KCjC8q rj/eTvNbeNqjECP2Rm3nmotPXScVIrSreHlwF2MwXtUk6rvGsHOh8Rb+W31dJYHg 0nZL5zh8h4zla2nCXAE2AWwrqhWOls5xi2O7Qqf8b3MH8mjq6Gn5+maP4QIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFOAln3pM3+Mfh0tXySInYrJuOZPCMB8GA1UdIwQY MBaAFDpoXPiKf8Q/4cf+NKb/Pdu0FPC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT21oYy1JcF94RF9oeF80MHB2ODkyN1FVOExVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lNjVjMjctYWVmNS00ODZkLWI1ZDct NTlkNmNhNjVjY2JjLzEvNENXZmVremY0eC1IUzFmSklpZGlzbTQ1azhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy9lNjVjMjctYWVmNS00ODZkLWI1ZDctNTlkNmNhNjVjY2Jj LzEvT21oYy1JcF94RF9oeF80MHB2ODkyN1FVOExVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgAuMA8E AgACMAkDBwAgAQZ4AHQwDQYJKoZIhvcNAQELBQADggEBABnAkEujqIq7pw3RmTtw XjjVb0AMKBV9XfTGIEo8GQE6Sz55ScNiHW0R01nEmOdjCCH8yRybRuVJhqtfspT8 2ORS5H4EzQRqAZ6B4DSWfQPnLV8mxo1jamOsGn3nF6IYwA5dc6WLMZ8YLNhbCgQF C9v/jP2CBgZvUnMspS4HoTP1RdWfwBb4PWghG8x88V4Utj4GlCspFeUB29rk5Jys 6NDE09tVpGFdg7JEn9H1HzWtRCGOGs6wOynDDGSy56F0hYSjEorJ9HT8syRFGEHE 6GA7fES3pMCwNvtjBWLlzn4NdomqLyNRoDqO3KCijQrr3bal+sMV1mMbHx6+0Ww4 nb4= -----END CERTIFICATE-----Generated at Wed Jan 28 08:28:41 2026 by rpki-client