This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/47aa2f-6b6f-4ef5-9b99-bc9ecc2adb43/1/mSaJNzvw1TRw2Tyl8PqHmQloT2Y.roa File: mSaJNzvw1TRw2Tyl8PqHmQloT2Y.roa (raw, json) Hash identifier: akcjPInjpbgBMW37u3Gc+pCADgLD4wA1ZjBiqTCia3E= Subject key identifier: 99:26:89:37:3B:F0:D5:34:70:D9:3C:A5:F0:FA:87:99:09:68:4F:66 Certificate issuer: /CN=4413bdf4dc7435faf51ba934d65570f71c21731a Certificate serial: 019B797F37BF0C132839CBCD54DE1B291A0E Authority key identifier: 44:13:BD:F4:DC:74:35:FA:F5:1B:A9:34:D6:55:70:F7:1C:21:73:1A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RBO99Nx0Nfr1G6k01lVw9xwhcxo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/47aa2f-6b6f-4ef5-9b99-bc9ecc2adb43/1/mSaJNzvw1TRw2Tyl8PqHmQloT2Y.roa Signing time: Thu 01 Jan 2026 12:18:59 +0000 ROA not before: Thu 01 Jan 2026 12:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43648 IP address blocks: 45.131.236.0/23 maxlen: 24 185.78.16.0/22 maxlen: 24 2a05:6680::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/47aa2f-6b6f-4ef5-9b99-bc9ecc2adb43/1/RBO99Nx0Nfr1G6k01lVw9xwhcxo.crl rsync://rpki.ripe.net/repository/DEFAULT/00/47aa2f-6b6f-4ef5-9b99-bc9ecc2adb43/1/RBO99Nx0Nfr1G6k01lVw9xwhcxo.mft rsync://rpki.ripe.net/repository/DEFAULT/RBO99Nx0Nfr1G6k01lVw9xwhcxo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:37:bf:0c:13:28:39:cb:cd:54:de:1b:29:1a:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4413bdf4dc7435faf51ba934d65570f71c21731a Validity Not Before: Jan 1 12:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=992689373bf0d53470d93ca5f0fa879909684f66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:39:59:6c:24:6d:af:de:1f:fb:0e:31:9d:ce: d8:42:29:95:f3:aa:51:6b:3f:51:59:24:8a:69:9b: 4a:b5:a2:09:1d:f5:ac:0b:e7:af:02:11:3a:d7:93: b1:a4:06:e0:29:30:7a:fe:7e:97:89:d9:b9:16:cf: da:38:27:37:5d:b0:7f:5b:cb:12:e5:a1:ee:26:1e: f5:4a:f0:4f:f7:c0:10:34:64:eb:3f:e5:5f:7b:17: af:b4:25:08:34:f3:7c:eb:62:30:f8:54:4f:7f:48: 22:14:b6:bf:aa:7f:5d:c8:9a:94:cf:7d:98:a3:d1: 59:0b:b4:01:f3:05:39:1f:6d:35:c3:b7:8c:d4:d7: 0e:80:a5:5c:bd:77:60:33:3a:b8:d5:b5:58:98:6f: 20:08:7c:b5:c6:45:d3:12:90:e0:8b:f5:94:09:40: c9:b4:f6:76:3d:95:d1:d7:e6:f0:d2:75:73:e1:d2: ea:2e:33:d6:2b:55:3a:c3:40:f4:a8:36:67:17:ce: 37:30:14:5d:0c:8c:ba:44:49:ed:29:df:99:09:4e: 34:5f:c6:2b:be:2b:5b:ad:b7:70:a6:66:20:23:89: 1c:e2:fe:4c:34:1d:af:d3:a8:a7:7b:e4:c6:fa:6c: e4:ec:99:13:20:b0:2f:99:8c:ea:e5:2e:56:44:76: 45:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:26:89:37:3B:F0:D5:34:70:D9:3C:A5:F0:FA:87:99:09:68:4F:66 X509v3 Authority Key Identifier: keyid:44:13:BD:F4:DC:74:35:FA:F5:1B:A9:34:D6:55:70:F7:1C:21:73:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RBO99Nx0Nfr1G6k01lVw9xwhcxo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/47aa2f-6b6f-4ef5-9b99-bc9ecc2adb43/1/mSaJNzvw1TRw2Tyl8PqHmQloT2Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/47aa2f-6b6f-4ef5-9b99-bc9ecc2adb43/1/RBO99Nx0Nfr1G6k01lVw9xwhcxo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.131.236.0/23 185.78.16.0/22 IPv6: 2a05:6680::/29 Signature Algorithm: sha256WithRSAEncryption 00:8c:3e:29:ea:1b:a7:9e:bf:51:1d:21:ed:1f:b0:e0:dc:e1: 96:17:42:67:cc:89:83:91:1c:5b:7d:14:18:70:a5:4c:88:6c: ac:87:f1:b8:8f:0b:28:1e:fe:da:b3:04:2d:b7:35:29:7c:3e: 17:80:26:0b:91:39:e9:eb:5d:ee:e1:a2:ab:30:24:7f:e2:72: 96:83:e9:c3:52:de:30:01:14:be:89:0a:ec:6e:be:a7:93:de: de:99:3a:66:72:e5:da:c4:9f:e8:8f:a2:70:a2:f2:86:65:25: a6:b7:17:37:e8:4c:e4:37:bb:f0:1d:86:57:8d:8b:54:b3:95: 84:72:5b:0f:fc:ba:4b:98:9b:9f:53:16:45:ae:b6:6a:de:d4: a6:2b:1c:e7:57:6c:04:46:8a:73:6f:4e:ae:83:1e:9a:14:b7: 4f:23:13:a6:f8:99:00:7a:de:83:d7:d0:49:74:36:63:a9:36: ec:74:b5:f7:d7:71:56:0c:d4:cb:c7:81:7b:21:ac:83:33:4a: aa:12:0c:d5:51:cc:bf:b7:19:3a:16:da:7e:ea:51:22:29:99: 42:ca:e6:ea:7b:f4:6b:3a:44:86:28:2e:57:75:56:9f:40:7f: 46:59:8b:cf:18:fa:06:ff:b7:20:36:e4:9d:d0:01:89:21:ad: 71:bd:3f:87 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5fze/DBMoOcvNVN4bKRoOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0MTNiZGY0ZGM3NDM1ZmFmNTFiYTkzNGQ2NTU3MGY3MWMy MTczMWEwHhcNMjYwMTAxMTIxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5OTI2ODkzNzNiZjBkNTM0NzBkOTNjYTVmMGZhODc5OTA5Njg0ZjY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozlZbCRtr94f+w4xnc7YQimV86pR az9RWSSKaZtKtaIJHfWsC+evAhE615OxpAbgKTB6/n6Xidm5Fs/aOCc3XbB/W8sS 5aHuJh71SvBP98AQNGTrP+VfexevtCUINPN862Iw+FRPf0giFLa/qn9dyJqUz32Y o9FZC7QB8wU5H201w7eM1NcOgKVcvXdgMzq41bVYmG8gCHy1xkXTEpDgi/WUCUDJ tPZ2PZXR1+bw0nVz4dLqLjPWK1U6w0D0qDZnF843MBRdDIy6REntKd+ZCU40X8Yr vitbrbdwpmYgI4kc4v5MNB2v06ine+TG+mzk7JkTILAvmYzq5S5WRHZFSwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFJkmiTc78NU0cNk8pfD6h5kJaE9mMB8GA1UdIwQY MBaAFEQTvfTcdDX69RupNNZVcPccIXMaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUkJPOTlOeDBOZnIxRzZrMDFsVnc5eHdoY3hvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80N2FhMmYtNmI2Zi00ZWY1LTliOTkt YmM5ZWNjMmFkYjQzLzEvbVNhSk56dncxVFJ3MlR5bDhQcUhtUWxvVDJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC80N2FhMmYtNmI2Zi00ZWY1LTliOTktYmM5ZWNjMmFkYjQz LzEvUkJPOTlOeDBOZnIxRzZrMDFsVnc5eHdoY3hvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLYPsAwQC uU4QMA0EAgACMAcDBQMqBWaAMA0GCSqGSIb3DQEBCwUAA4IBAQAAjD4p6hunnr9R HSHtH7Dg3OGWF0JnzImDkRxbfRQYcKVMiGysh/G4jwsoHv7aswQttzUpfD4XgCYL kTnp613u4aKrMCR/4nKWg+nDUt4wARS+iQrsbr6nk97emTpmcuXaxJ/oj6JwovKG ZSWmtxc36EzkN7vwHYZXjYtUs5WEclsP/LpLmJufUxZFrrZq3tSmKxznV2wERopz b06ugx6aFLdPIxOm+JkAet6D19BJdDZjqTbsdLX313FWDNTLx4F7IayDM0qqEgzV Ucy/txk6Ftp+6lEiKZlCyubqe/RrOkSGKC5XdVafQH9GWYvPGPoG/7cgNuSd0AGJ Ia1xvT+H -----END CERTIFICATE-----Generated at Mon Jan 26 10:14:02 2026 by rpki-client