This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/4g2KoICvRhAlF5rUzbxNV7SMp8U.roa File: 4g2KoICvRhAlF5rUzbxNV7SMp8U.roa (raw, json) Hash identifier: Ctanikf8U9Sdy0xnpwf0T9RlsG+za8SDalPfgQYX/Y4= Subject key identifier: E2:0D:8A:A0:80:AF:46:10:25:17:9A:D4:CD:BC:4D:57:B4:8C:A7:C5 Certificate issuer: /CN=a749aca85dc66c83ce55ecdc045c96075ca7debc Certificate serial: 019B7D5ACE886E39641BF12D0DA253E5A82A Authority key identifier: A7:49:AC:A8:5D:C6:6C:83:CE:55:EC:DC:04:5C:96:07:5C:A7:DE:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0msqF3GbIPOVezcBFyWB1yn3rw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/4g2KoICvRhAlF5rUzbxNV7SMp8U.roa Signing time: Fri 02 Jan 2026 06:17:41 +0000 ROA not before: Fri 02 Jan 2026 06:17:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39122 IP address blocks: 185.17.238.0/23 maxlen: 23 2a03:dd41::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/p0msqF3GbIPOVezcBFyWB1yn3rw.crl rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/p0msqF3GbIPOVezcBFyWB1yn3rw.mft rsync://rpki.ripe.net/repository/DEFAULT/p0msqF3GbIPOVezcBFyWB1yn3rw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5a:ce:88:6e:39:64:1b:f1:2d:0d:a2:53:e5:a8:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a749aca85dc66c83ce55ecdc045c96075ca7debc Validity Not Before: Jan 2 06:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e20d8aa080af461025179ad4cdbc4d57b48ca7c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:91:1e:35:b3:38:9a:5c:e3:87:8f:cd:38:72: 0d:c8:83:fe:67:a2:23:6b:ca:dd:f5:55:92:7d:cb: d2:0c:cf:f7:09:fa:fe:00:b9:07:44:ff:71:fe:69: 36:45:4c:6a:a7:15:d9:e2:69:09:c2:23:55:11:c4: bc:00:95:86:4a:a1:2c:44:b3:70:4f:36:e1:e8:a9: 4e:29:1a:ae:c0:16:98:0d:8f:78:ba:d8:af:0e:ab: af:71:7e:be:36:f4:06:3c:2c:98:0c:45:b0:d8:88: 7d:66:87:eb:5e:66:b4:00:81:6b:fa:43:08:cc:4c: 3b:65:d9:b3:69:16:88:9b:da:c0:9e:cc:96:e7:23: 51:70:62:02:5a:f8:02:71:c7:5e:65:f4:2b:a1:a9: 66:67:f5:28:0b:7f:7f:b3:e8:84:05:9b:0c:a9:d1: d3:cb:76:3a:64:cc:34:96:c2:79:03:27:43:c0:0d: a3:67:bb:94:c4:03:89:54:bc:40:3a:d0:6f:f1:3c: b9:41:f6:0c:6a:e5:b0:bc:99:bb:18:0e:2d:de:76: 8e:a4:83:5d:19:a5:4c:52:e7:a2:d3:30:79:63:a3: f2:98:06:d1:a7:62:0e:7a:3f:e3:0e:67:45:05:14: 67:73:ac:5b:bc:4b:9d:80:34:82:e3:1f:13:1b:03: 7a:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:0D:8A:A0:80:AF:46:10:25:17:9A:D4:CD:BC:4D:57:B4:8C:A7:C5 X509v3 Authority Key Identifier: keyid:A7:49:AC:A8:5D:C6:6C:83:CE:55:EC:DC:04:5C:96:07:5C:A7:DE:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0msqF3GbIPOVezcBFyWB1yn3rw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/4g2KoICvRhAlF5rUzbxNV7SMp8U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/p0msqF3GbIPOVezcBFyWB1yn3rw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.17.238.0/23 IPv6: 2a03:dd41::/32 Signature Algorithm: sha256WithRSAEncryption 27:61:db:17:d0:e0:bc:57:a1:64:3d:b4:08:87:cf:0d:ee:22: 2a:98:47:66:e2:2d:e0:bf:30:7c:f2:6f:05:e5:13:f7:e4:6b: 57:49:35:a1:f0:45:db:b3:a8:fd:32:76:93:9c:db:cd:59:08: 33:15:80:f7:10:59:05:d3:6f:94:25:13:e0:53:ac:6a:74:3b: 93:87:b5:43:c8:b9:e4:ef:6a:62:e2:33:2c:92:58:b7:36:03: a3:91:0a:1c:32:3b:91:ca:6e:0b:b8:c1:24:05:f6:a0:cd:0d: 6f:28:44:02:07:69:73:cf:78:f5:e3:b1:0c:30:50:48:21:72: 3b:28:41:36:5a:f9:b8:d7:13:48:33:9a:c7:ad:05:94:22:64: eb:57:d0:11:46:db:e6:e5:22:f8:2f:00:96:ff:a0:66:75:51: a2:a2:23:f4:11:3d:11:f7:51:12:bf:7a:d3:4e:68:ce:59:16: 46:88:2c:69:b9:ca:ef:d5:3e:d0:52:82:87:68:05:26:5b:b6: 53:95:fb:b4:99:19:73:75:f0:a6:ae:03:ae:25:22:0e:70:61: d3:cb:6b:ba:77:c8:e7:b1:28:b9:94:b6:c2:54:4e:52:3d:9c: 3b:05:48:08:95:d4:b1:7b:24:5c:af:ee:86:70:4c:da:b0:5c: 9a:8c:41:05 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9Ws6IbjlkG/EtDaJT5agqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3NDlhY2E4NWRjNjZjODNjZTU1ZWNkYzA0NWM5NjA3NWNh N2RlYmMwHhcNMjYwMTAyMDYxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMjBkOGFhMDgwYWY0NjEwMjUxNzlhZDRjZGJjNGQ1N2I0OGNhN2M1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+JEeNbM4mlzjh4/NOHINyIP+Z6Ij a8rd9VWSfcvSDM/3Cfr+ALkHRP9x/mk2RUxqpxXZ4mkJwiNVEcS8AJWGSqEsRLNw Tzbh6KlOKRquwBaYDY94utivDquvcX6+NvQGPCyYDEWw2Ih9ZofrXma0AIFr+kMI zEw7ZdmzaRaIm9rAnsyW5yNRcGICWvgCccdeZfQroalmZ/UoC39/s+iEBZsMqdHT y3Y6ZMw0lsJ5AydDwA2jZ7uUxAOJVLxAOtBv8Ty5QfYMauWwvJm7GA4t3naOpINd GaVMUuei0zB5Y6PymAbRp2IOej/jDmdFBRRnc6xbvEudgDSC4x8TGwN6NwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFOINiqCAr0YQJRea1M28TVe0jKfFMB8GA1UdIwQY MBaAFKdJrKhdxmyDzlXs3ARclgdcp968MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcDBtc3FGM0diSVBPVmV6Y0JGeVdCMXluM3J3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zM2U1MDgtMTI3ZC00OTQ2LWIzY2Mt NGM5ZjQzZjg3OGFiLzEvNGcyS29JQ3ZSaEFsRjVyVXpieE5WN1NNcDhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy8zM2U1MDgtMTI3ZC00OTQ2LWIzY2MtNGM5ZjQzZjg3OGFi LzEvcDBtc3FGM0diSVBPVmV6Y0JGeVdCMXluM3J3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuRHuMA0E AgACMAcDBQAqA91BMA0GCSqGSIb3DQEBCwUAA4IBAQAnYdsX0OC8V6FkPbQIh88N 7iIqmEdm4i3gvzB88m8F5RP35GtXSTWh8EXbs6j9MnaTnNvNWQgzFYD3EFkF02+U JRPgU6xqdDuTh7VDyLnk72pi4jMskli3NgOjkQocMjuRym4LuMEkBfagzQ1vKEQC B2lzz3j147EMMFBIIXI7KEE2Wvm41xNIM5rHrQWUImTrV9ARRtvm5SL4LwCW/6Bm dVGioiP0ET0R91ESv3rTTmjOWRZGiCxpucrv1T7QUoKHaAUmW7ZTlfu0mRlzdfCm rgOuJSIOcGHTy2u6d8jnsSi5lLbCVE5SPZw7BUgIldSxeyRcr+6GcEzasFyajEEF -----END CERTIFICATE-----Generated at Sun Jan 25 23:32:35 2026 by rpki-client