This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/4hgz4QMM31Dnzsk16v76ApMHw1Q.roa File: 4hgz4QMM31Dnzsk16v76ApMHw1Q.roa (raw, json) Hash identifier: uTIYHBVMNL1a8dqc59Xavlk6v2XFQUwkIp5IXWbQIxQ= Subject key identifier: E2:18:33:E1:03:0C:DF:50:E7:CE:C9:35:EA:FE:FA:02:93:07:C3:54 Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02 Certificate serial: 019B7EA557C0C3CC4D4B537FB07C6F7DFFBE Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/4hgz4QMM31Dnzsk16v76ApMHw1Q.roa Signing time: Fri 02 Jan 2026 12:18:43 +0000 ROA not before: Fri 02 Jan 2026 12:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198831 IP address blocks: 2a10:4646:2d0::/44 maxlen: 44 2a10:4646:3f0::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.mft rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:57:c0:c3:cc:4d:4b:53:7f:b0:7c:6f:7d:ff:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02 Validity Not Before: Jan 2 12:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e21833e1030cdf50e7cec935eafefa029307c354 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:71:0f:43:35:14:6c:7e:ff:40:41:9a:8f:f9: e5:69:d1:9d:8a:ed:0a:e1:3e:4e:32:9c:23:e1:eb: e1:2a:6b:ee:e5:ff:a2:33:0e:1f:ba:d5:47:7e:ec: 6b:1e:27:45:a3:82:50:04:39:e6:9a:e8:9b:3b:4b: 41:5f:1f:56:ed:e0:e0:9c:35:89:e1:e1:33:da:8d: 50:33:24:d0:5f:c9:8e:6c:51:c6:a7:ec:0a:8d:ed: aa:70:f0:5e:94:b4:1b:d5:75:31:09:a0:20:09:d1: 39:29:b0:97:6a:d4:e6:94:31:60:cb:e0:13:57:c2: ca:6c:c9:3d:35:25:08:04:a9:12:5d:e1:34:f6:c9: ee:21:3d:65:b0:40:8b:49:c7:ec:5a:a9:4b:6a:e5: 40:89:8b:e2:72:f3:c2:c3:cb:36:6e:3c:4e:86:48: f6:08:63:83:c1:f4:f5:58:35:fb:cd:5a:98:25:78: 12:2e:58:21:14:b5:76:1d:1b:60:87:b2:5a:b8:2b: d0:d6:f3:c1:6c:cb:e1:c4:67:e6:e0:1e:69:43:62: 0f:d9:13:8c:29:ab:81:f0:af:66:2e:ce:d2:32:38: f8:76:36:6c:d4:38:7f:1e:89:5e:77:bc:a7:4d:b7: 8f:b5:45:2b:de:1e:6e:21:9a:24:38:d4:00:d7:e0: 34:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:18:33:E1:03:0C:DF:50:E7:CE:C9:35:EA:FE:FA:02:93:07:C3:54 X509v3 Authority Key Identifier: keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/4hgz4QMM31Dnzsk16v76ApMHw1Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:4646:2d0::/44 2a10:4646:3f0::/44 Signature Algorithm: sha256WithRSAEncryption 28:d6:32:3c:76:b2:68:e7:cf:9e:8e:c9:b5:91:45:c3:95:f7: 7d:0e:59:82:00:65:b5:4d:10:9c:91:78:84:9b:ff:c6:8c:4e: 4d:32:10:2b:66:c5:51:bb:b2:bd:27:b8:17:2a:d7:2a:0d:78: 40:94:78:ac:dd:44:73:a3:b1:94:ff:0b:de:5d:e2:fc:17:ad: 4e:bf:4a:e2:02:bd:25:19:72:00:25:63:6c:72:e9:0d:fa:b5: 77:8a:0b:a5:20:6e:90:8e:54:88:b8:7f:ca:ac:32:ed:d8:1d: ec:a1:57:35:c5:72:0c:a3:1c:7e:b8:b5:ac:11:9e:c3:0e:31: 34:2b:1d:00:48:a5:1c:97:3b:b5:5a:a3:b6:08:52:2f:5c:76: 6b:90:41:48:a7:0d:30:fc:d7:97:9f:88:a6:0b:76:16:88:94: e7:23:26:ac:24:e0:1d:ce:06:91:c5:9c:47:73:89:f5:7c:85: 0f:20:f5:ff:61:b0:2c:f1:e3:ff:d8:fe:b8:ce:2c:02:69:3e: 01:ba:f7:41:4c:66:e1:55:b6:53:93:78:a5:b4:d2:01:46:ef: ee:81:88:63:4a:b3:aa:9e:97:85:d5:15:53:ab:63:16:74:41: 96:42:6a:a6:39:4b:73:8c:b7:b3:46:01:c2:49:dc:29:80:d1: 6c:0c:4d:c8 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+pVfAw8xNS1N/sHxvff++MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2 N2RmMDIwHhcNMjYwMTAyMTIxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMjE4MzNlMTAzMGNkZjUwZTdjZWM5MzVlYWZlZmEwMjkzMDdjMzU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XEPQzUUbH7/QEGaj/nladGdiu0K 4T5OMpwj4evhKmvu5f+iMw4futVHfuxrHidFo4JQBDnmmuibO0tBXx9W7eDgnDWJ 4eEz2o1QMyTQX8mObFHGp+wKje2qcPBelLQb1XUxCaAgCdE5KbCXatTmlDFgy+AT V8LKbMk9NSUIBKkSXeE09snuIT1lsECLScfsWqlLauVAiYvicvPCw8s2bjxOhkj2 CGODwfT1WDX7zVqYJXgSLlghFLV2HRtgh7JauCvQ1vPBbMvhxGfm4B5pQ2IP2ROM KauB8K9mLs7SMjj4djZs1Dh/Holed7ynTbePtUUr3h5uIZokONQA1+A05wIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFOIYM+EDDN9Q587JNer++gKTB8NUMB8GA1UdIwQY MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt YWU5MjgzZTc5NjRlLzEvNGhnejRRTU0zMURuenNrMTZ2NzZBcE1IdzFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKhBGRgLQ AwcEKhBGRgPwMA0GCSqGSIb3DQEBCwUAA4IBAQAo1jI8drJo58+ejsm1kUXDlfd9 DlmCAGW1TRCckXiEm//GjE5NMhArZsVRu7K9J7gXKtcqDXhAlHis3URzo7GU/wve XeL8F61Ov0riAr0lGXIAJWNscukN+rV3igulIG6QjlSIuH/KrDLt2B3soVc1xXIM oxx+uLWsEZ7DDjE0Kx0ASKUclzu1WqO2CFIvXHZrkEFIpw0w/NeXn4imC3YWiJTn IyasJOAdzgaRxZxHc4n1fIUPIPX/YbAs8eP/2P64ziwCaT4BuvdBTGbhVbZTk3il tNIBRu/ugYhjSrOqnpeF1RVTq2MWdEGWQmqmOUtzjLezRgHCSdwpgNFsDE3I -----END CERTIFICATE-----Generated at Sun Jan 25 14:40:08 2026 by rpki-client