This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/9kKHpOhtBjezk9yFRy3s1CnUzCs.roa File: 9kKHpOhtBjezk9yFRy3s1CnUzCs.roa (raw, json) Hash identifier: QSt/YnCVmn0FcbGN3iyh0NHED7YUEP7jyMqq1w8Dldw= Subject key identifier: F6:42:87:A4:E8:6D:06:37:B3:93:DC:85:47:2D:EC:D4:29:D4:CC:2B Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d Certificate serial: 019B7F842605E8FC80DC4D11474CA9E0338E Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/9kKHpOhtBjezk9yFRy3s1CnUzCs.roa Signing time: Fri 02 Jan 2026 16:22:05 +0000 ROA not before: Fri 02 Jan 2026 16:22:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206830 IP address blocks: 46.24.148.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.mft rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:26:05:e8:fc:80:dc:4d:11:47:4c:a9:e0:33:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d Validity Not Before: Jan 2 16:22:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f64287a4e86d0637b393dc85472decd429d4cc2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:94:76:77:05:ce:cd:0b:59:cf:d4:2d:6e:79: aa:fe:45:07:39:da:66:f2:b1:02:55:1c:f5:03:74: c1:cd:99:24:28:79:ac:57:e2:d8:2b:59:34:d3:ef: 19:82:87:c4:e0:b7:72:d3:68:ca:36:f5:9f:1f:8f: 01:3e:96:b8:31:cf:16:97:2e:fb:8f:69:4b:44:81: f7:ad:04:46:c2:20:65:f4:fa:1b:0c:59:28:b9:d0: 6e:e6:85:77:46:eb:82:ee:e8:08:84:b3:66:4e:04: 6e:72:55:ef:a0:16:df:33:46:d0:19:e1:a5:0c:19: d1:6f:2a:9e:d8:e2:c4:01:8d:45:00:82:34:9a:de: 83:7c:fa:61:06:76:ba:0c:3f:95:c3:b6:9e:ba:ef: 49:85:38:12:35:87:72:db:10:b9:63:1d:29:a6:04: 2e:67:ce:eb:68:b3:4f:f6:a0:6c:a7:ff:0c:04:08: 7a:37:f4:b5:8e:5b:4a:5c:e2:5c:26:2c:4d:9d:65: aa:31:7d:3d:06:39:bc:72:1a:85:93:75:4f:d7:81: 9f:79:82:c2:55:db:4b:57:05:0b:0a:e3:75:24:ed: 2d:c9:d4:68:39:2a:92:fc:6e:a0:cb:86:f3:55:62: 04:9b:f2:92:dc:5f:7a:42:ec:12:4b:5c:c4:cf:86: 19:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:42:87:A4:E8:6D:06:37:B3:93:DC:85:47:2D:EC:D4:29:D4:CC:2B X509v3 Authority Key Identifier: keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/9kKHpOhtBjezk9yFRy3s1CnUzCs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.24.148.0/24 Signature Algorithm: sha256WithRSAEncryption 37:89:f1:9d:a8:7e:d5:ea:14:5a:64:e3:23:d0:f9:e4:22:a3: 32:58:66:d4:a4:2f:cf:ca:30:ed:c8:16:c4:2e:8c:06:c8:7f: a2:61:62:d9:a6:a5:9c:f4:8a:93:d5:59:be:e7:34:10:0d:12: 66:00:22:52:4a:37:88:39:62:db:b5:18:c1:d2:d0:c5:c0:d3: be:32:66:eb:0f:61:21:91:a1:37:29:26:52:aa:3a:50:17:51: dd:4b:3d:24:e4:5b:4d:57:54:69:e6:20:35:94:8c:a1:a7:2b: 69:7c:53:b6:dc:fb:50:24:54:31:97:29:b5:f7:53:34:ad:a5: fb:d1:4e:11:28:23:bc:83:2e:df:7c:8c:51:44:04:bc:12:6a: cd:6d:f4:d7:61:bf:22:00:2a:45:3f:00:68:d9:1a:70:01:51: 5e:03:51:cf:77:0c:ba:a2:ef:11:f7:c8:43:9c:3b:74:9c:ed: e5:34:73:1c:40:df:3f:bd:1c:7c:d9:e6:6b:ff:0f:b8:5d:fb: df:63:b4:06:0f:46:14:e5:d7:67:1c:83:d3:d2:c8:f1:1d:cb: 6f:36:d9:f4:60:55:de:a7:6d:eb:79:0a:3d:fe:88:24:f6:96: 02:45:18:df:f7:11:95:46:80:fd:77:9a:7f:61:c5:65:e6:f9: dc:c2:76:14 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hCYF6PyA3E0RR0yp4DOOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3 NGM4N2QwHhcNMjYwMTAyMTYyMjA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNjQyODdhNGU4NmQwNjM3YjM5M2RjODU0NzJkZWNkNDI5ZDRjYzJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15R2dwXOzQtZz9Qtbnmq/kUHOdpm 8rECVRz1A3TBzZkkKHmsV+LYK1k00+8ZgofE4Ldy02jKNvWfH48BPpa4Mc8Wly77 j2lLRIH3rQRGwiBl9PobDFkoudBu5oV3RuuC7ugIhLNmTgRuclXvoBbfM0bQGeGl DBnRbyqe2OLEAY1FAII0mt6DfPphBna6DD+Vw7aeuu9JhTgSNYdy2xC5Yx0ppgQu Z87raLNP9qBsp/8MBAh6N/S1jltKXOJcJixNnWWqMX09Bjm8chqFk3VP14GfeYLC VdtLVwULCuN1JO0tydRoOSqS/G6gy4bzVWIEm/KS3F96QuwSS1zEz4YZzwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFPZCh6TobQY3s5PchUct7NQp1MwrMB8GA1UdIwQY MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt MjUwNTBjNTkzYWExLzEvOWtLSHBPaHRCamV6azl5RlJ5M3MxQ25VekNzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhiUMA0G CSqGSIb3DQEBCwUAA4IBAQA3ifGdqH7V6hRaZOMj0PnkIqMyWGbUpC/PyjDtyBbE LowGyH+iYWLZpqWc9IqT1Vm+5zQQDRJmACJSSjeIOWLbtRjB0tDFwNO+MmbrD2Eh kaE3KSZSqjpQF1HdSz0k5FtNV1Rp5iA1lIyhpytpfFO23PtQJFQxlym191M0raX7 0U4RKCO8gy7ffIxRRAS8EmrNbfTXYb8iACpFPwBo2RpwAVFeA1HPdwy6ou8R98hD nDt0nO3lNHMcQN8/vRx82eZr/w+4XfvfY7QGD0YU5ddnHIPT0sjxHctvNtn0YFXe p23reQo9/ogk9pYCRRjf9xGVRoD9d5p/YcVl5vncwnYU -----END CERTIFICATE-----Generated at Mon Jan 26 06:03:17 2026 by rpki-client