This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/R-Ms9tnwVFr5zGPdMpveWYmvzTU.roa File: R-Ms9tnwVFr5zGPdMpveWYmvzTU.roa (raw, json) Hash identifier: 4hVn6BmRDmF60zXMMdHkc2jChJsAngJEvYhtXGC9Vjo= Subject key identifier: 47:E3:2C:F6:D9:F0:54:5A:F9:CC:63:DD:32:9B:DE:59:89:AF:CD:35 Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396 Certificate serial: 019B797DE7C788B61B972350DB19BF291CBB Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/R-Ms9tnwVFr5zGPdMpveWYmvzTU.roa Signing time: Thu 01 Jan 2026 12:17:33 +0000 ROA not before: Thu 01 Jan 2026 12:17:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48037 IP address blocks: 144.43.0.0/16 maxlen: 24 144.43.0.0/17 maxlen: 24 144.43.128.0/18 maxlen: 24 144.43.192.0/19 maxlen: 24 144.43.224.0/20 maxlen: 24 144.43.248.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.mft rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 21:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7d:e7:c7:88:b6:1b:97:23:50:db:19:bf:29:1c:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396 Validity Not Before: Jan 1 12:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=47e32cf6d9f0545af9cc63dd329bde5989afcd35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:49:69:a7:3c:94:e6:e1:63:d0:40:4d:e4:3f: db:f4:c5:10:b8:70:9d:42:2d:a4:8c:bd:dc:f9:64: 44:88:af:69:25:57:45:a9:3d:8b:3f:2e:54:32:6d: 4a:e1:53:30:16:a5:97:c7:33:8a:2c:35:44:9a:62: 8e:d6:23:4d:96:87:5f:f1:f7:49:08:dd:ae:1a:23: 9f:95:4c:43:b3:4e:53:84:d2:76:0b:44:6e:df:01: 0a:e5:be:d3:ca:3d:a4:64:d2:07:e9:40:2d:f3:f8: 94:a7:ab:fb:09:22:88:a6:1c:90:66:36:8e:fc:ac: 41:10:10:72:48:0a:7e:4e:ac:28:b4:fa:02:fa:9a: a0:5c:4a:c8:67:8e:49:7c:21:91:98:0b:ad:a0:b6: ea:eb:d9:c5:5d:9d:28:31:50:59:38:d0:0d:da:df: fb:65:cc:7b:a8:e1:81:1e:ab:d2:a0:ad:97:a8:5c: 7d:d1:b0:46:1b:eb:b8:2e:18:2e:a5:aa:8f:0d:ea: 3e:be:96:b7:3a:b5:3c:3d:f3:e6:94:10:73:fd:f7: 1d:5e:5f:a3:cb:3d:37:84:73:77:69:4c:fb:f9:5f: 39:87:97:e9:b4:78:62:c1:fd:80:bc:55:54:aa:e8: 60:d2:26:68:26:fa:34:ac:bd:35:84:d2:9c:88:2d: 77:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:E3:2C:F6:D9:F0:54:5A:F9:CC:63:DD:32:9B:DE:59:89:AF:CD:35 X509v3 Authority Key Identifier: keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/R-Ms9tnwVFr5zGPdMpveWYmvzTU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 144.43.0.0/16 Signature Algorithm: sha256WithRSAEncryption 69:85:f3:5e:a2:5e:bb:73:8a:05:3f:18:46:fd:30:80:37:0c: 8e:fd:72:d7:77:1b:b6:32:e8:c0:95:04:da:f0:08:16:29:43: 85:10:b9:3e:c3:73:44:1e:a5:fd:82:11:bf:a6:09:7b:69:04: 54:6a:a1:97:9c:f7:57:f2:de:81:b1:df:74:c6:c3:5f:12:61: b2:75:58:c4:7d:b2:6e:33:2b:12:c8:f3:e1:9c:6a:30:0b:6d: bd:65:6b:dc:f4:f9:a4:cd:ea:31:61:93:89:9b:3d:11:8c:61: 1a:b1:92:81:f5:d7:44:0d:b2:a4:8f:a6:9a:9d:24:67:63:32: 7c:c5:14:19:5a:21:70:c0:04:da:74:52:7f:f3:b5:e2:50:5c: fe:90:45:2a:4d:d1:6e:54:15:74:26:81:4f:f2:b2:89:4f:5b: 30:3e:14:46:e4:f0:a6:f1:0f:d3:e4:f6:69:c8:c4:1e:ad:6b: 14:de:d1:3a:89:56:0e:47:8b:d8:7e:fd:90:0b:52:ff:97:4f: 5b:78:96:dd:42:5c:e9:e9:5c:52:a0:ea:d0:d3:a8:ed:af:01: f3:8c:7d:7d:65:59:f8:e7:d4:c3:f7:97:05:83:c7:cb:f7:b5: fd:7b:3a:ce:ca:67:b8:87:6a:db:10:de:e5:0a:c9:d2:74:a1: a7:85:7f:b7 -----BEGIN CERTIFICATE----- MIIE/DCCA+SgAwIBAgISAZt5fefHiLYblyNQ2xm/KRy7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl MTEzOTYwHhcNMjYwMTAxMTIxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0N2UzMmNmNmQ5ZjA1NDVhZjljYzYzZGQzMjliZGU1OTg5YWZjZDM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0lppzyU5uFj0EBN5D/b9MUQuHCd Qi2kjL3c+WREiK9pJVdFqT2LPy5UMm1K4VMwFqWXxzOKLDVEmmKO1iNNlodf8fdJ CN2uGiOflUxDs05ThNJ2C0Ru3wEK5b7Tyj2kZNIH6UAt8/iUp6v7CSKIphyQZjaO /KxBEBBySAp+TqwotPoC+pqgXErIZ45JfCGRmAutoLbq69nFXZ0oMVBZONAN2t/7 Zcx7qOGBHqvSoK2XqFx90bBGG+u4LhgupaqPDeo+vpa3OrU8PfPmlBBz/fcdXl+j yz03hHN3aUz7+V85h5fptHhiwf2AvFVUquhg0iZoJvo0rL01hNKciC13bwIDAQAB o4ICCDCCAgQwHQYDVR0OBBYEFEfjLPbZ8FRa+cxj3TKb3lmJr801MB8GA1UdIwQY MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt N2JmZjI5NmM2YjAyLzEvUi1Nczl0bndWRnI1ekdQZE1wdmVXWW12elRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkCswDQYJ KoZIhvcNAQELBQADggEBAGmF816iXrtzigU/GEb9MIA3DI79ctd3G7Yy6MCVBNrw CBYpQ4UQuT7Dc0Qepf2CEb+mCXtpBFRqoZec91fy3oGx33TGw18SYbJ1WMR9sm4z KxLI8+GcajALbb1la9z0+aTN6jFhk4mbPRGMYRqxkoH110QNsqSPppqdJGdjMnzF FBlaIXDABNp0Un/zteJQXP6QRSpN0W5UFXQmgU/ysolPWzA+FEbk8KbxD9Pk9mnI xB6taxTe0TqJVg5Hi9h+/ZALUv+XT1t4lt1CXOnpXFKg6tDTqO2vAfOMfX1lWfjn 1MP3lwWDx8v3tf17Os7KZ7iHatsQ3uUKydJ0oaeFf7c= -----END CERTIFICATE-----Generated at Tue Jan 20 07:46:26 2026 by rpki-client