This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/d8275e-c479-4ed8-beea-da89ed2eb55e/1/WBZ4Ns1KlqrebDqaMN4GOQg5rUw.roa File: WBZ4Ns1KlqrebDqaMN4GOQg5rUw.roa (raw, json) Hash identifier: yOstMXBtzsYtaixKzlv1YIAu5cES+ZEO3HPCVKprX3s= Subject key identifier: 58:16:78:36:CD:4A:96:AA:DE:6C:3A:9A:30:DE:06:39:08:39:AD:4C Certificate issuer: /CN=af46fb8d41a47242ae3ee8ce1f0fa8ef811698b5 Certificate serial: 019B7B35EEC7BD3E9E9BE1A93DEFEE127C8A Authority key identifier: AF:46:FB:8D:41:A4:72:42:AE:3E:E8:CE:1F:0F:A8:EF:81:16:98:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r0b7jUGkckKuPujOHw-o74EWmLU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/d8275e-c479-4ed8-beea-da89ed2eb55e/1/WBZ4Ns1KlqrebDqaMN4GOQg5rUw.roa Signing time: Thu 01 Jan 2026 20:18:10 +0000 ROA not before: Thu 01 Jan 2026 20:18:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209535 IP address blocks: 45.92.24.0/22 maxlen: 24 147.78.24.0/22 maxlen: 24 193.33.6.0/23 maxlen: 23 193.33.6.0/24 maxlen: 24 193.33.7.0/24 maxlen: 24 193.33.40.0/23 maxlen: 23 193.33.40.0/24 maxlen: 24 193.33.41.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/d8275e-c479-4ed8-beea-da89ed2eb55e/1/r0b7jUGkckKuPujOHw-o74EWmLU.crl rsync://rpki.ripe.net/repository/DEFAULT/38/d8275e-c479-4ed8-beea-da89ed2eb55e/1/r0b7jUGkckKuPujOHw-o74EWmLU.mft rsync://rpki.ripe.net/repository/DEFAULT/r0b7jUGkckKuPujOHw-o74EWmLU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:ee:c7:bd:3e:9e:9b:e1:a9:3d:ef:ee:12:7c:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af46fb8d41a47242ae3ee8ce1f0fa8ef811698b5 Validity Not Before: Jan 1 20:18:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=58167836cd4a96aade6c3a9a30de06390839ad4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:9b:01:d7:68:42:46:23:6f:ad:4a:c6:5d:65: 0f:43:7f:76:d4:b7:3c:58:f9:72:87:27:bd:ae:ae: 6e:90:7a:fe:f8:18:07:69:f4:c3:42:1c:bf:25:5b: 58:ca:24:48:39:9d:c8:15:50:26:3c:af:9d:00:2b: c7:7f:30:aa:44:6d:4a:fa:fd:9c:a0:23:ed:10:07: 9b:b0:cf:e1:f5:43:9e:d9:a9:13:85:ee:97:0f:cc: 1f:eb:3b:c4:d3:a6:0e:7f:00:86:33:a4:96:bc:9d: a9:e7:62:dc:08:8d:34:c6:51:e3:89:99:6b:65:c9: 78:a4:08:fa:6a:fd:22:8a:c1:27:bc:59:c7:1a:8c: ac:f5:0c:87:c7:a0:38:68:58:58:8d:db:7d:1d:49: 39:3b:47:09:12:77:8c:82:48:61:a0:85:2d:b8:37: 2d:aa:76:6f:ce:61:ac:24:4b:82:a0:ab:72:3b:78: 3a:94:0e:a5:90:66:b2:e6:86:92:d7:8d:90:87:90: d6:24:36:21:f3:80:e5:ea:79:23:c8:74:59:d9:ed: 5c:35:d8:82:a3:dc:81:09:90:47:eb:da:7a:7b:13: a7:de:90:6a:5f:e1:3d:50:d5:db:20:0f:62:c5:ab: 58:94:c8:e6:7f:76:a7:96:6d:be:a7:f6:5a:93:75: bf:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:16:78:36:CD:4A:96:AA:DE:6C:3A:9A:30:DE:06:39:08:39:AD:4C X509v3 Authority Key Identifier: keyid:AF:46:FB:8D:41:A4:72:42:AE:3E:E8:CE:1F:0F:A8:EF:81:16:98:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r0b7jUGkckKuPujOHw-o74EWmLU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d8275e-c479-4ed8-beea-da89ed2eb55e/1/WBZ4Ns1KlqrebDqaMN4GOQg5rUw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/d8275e-c479-4ed8-beea-da89ed2eb55e/1/r0b7jUGkckKuPujOHw-o74EWmLU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.92.24.0/22 147.78.24.0/22 193.33.6.0/23 193.33.40.0/23 Signature Algorithm: sha256WithRSAEncryption 05:c3:41:2d:41:80:d9:58:e5:a4:83:cc:2e:ca:2c:40:f1:3c: de:2a:dd:01:92:21:9c:bb:71:62:3d:dc:82:5c:cc:ef:aa:8a: dd:73:c2:b5:70:8a:f9:a7:ed:85:30:74:db:ac:f7:ef:be:d3: 2a:c8:62:ab:e8:09:98:46:d8:59:5a:ef:2f:b5:b2:ba:cd:22: a0:96:80:3e:35:b3:41:62:15:e8:d6:60:c6:a4:0b:b1:b0:b4: 5c:2d:c1:40:ae:b7:18:6d:ee:50:dd:57:91:83:48:db:45:db: 7f:d4:df:4e:bb:2a:d2:10:93:75:3f:dd:b5:04:ec:aa:54:92: 45:5c:89:91:a1:61:9e:80:e9:9d:d9:d4:bb:29:e5:b5:7e:92: ec:fb:34:98:3a:e6:bf:7d:c9:59:63:72:d8:c8:60:84:e9:24: 97:9a:da:4c:03:0f:52:36:df:b7:ff:43:b0:d8:2c:86:7c:07: 53:28:c6:db:4d:13:61:c2:44:ef:3e:be:88:3c:ae:79:f5:60: 7f:d9:98:a9:82:1c:13:98:c6:4b:72:ce:cf:9e:f3:c8:5d:12: f4:f4:14:56:ce:ef:0d:30:37:94:37:7b:4b:8c:83:c3:1f:11: 19:92:69:72:a6:62:f5:52:1b:ea:5a:ce:0f:bf:92:fe:c8:ea: e4:b3:db:36 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt7Ne7HvT6em+GpPe/uEnyKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmNDZmYjhkNDFhNDcyNDJhZTNlZThjZTFmMGZhOGVmODEx Njk4YjUwHhcNMjYwMTAxMjAxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ODE2NzgzNmNkNGE5NmFhZGU2YzNhOWEzMGRlMDYzOTA4MzlhZDRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJsB12hCRiNvrUrGXWUPQ3921Lc8 WPlyhye9rq5ukHr++BgHafTDQhy/JVtYyiRIOZ3IFVAmPK+dACvHfzCqRG1K+v2c oCPtEAebsM/h9UOe2akThe6XD8wf6zvE06YOfwCGM6SWvJ2p52LcCI00xlHjiZlr Zcl4pAj6av0iisEnvFnHGoys9QyHx6A4aFhYjdt9HUk5O0cJEneMgkhhoIUtuDct qnZvzmGsJEuCoKtyO3g6lA6lkGay5oaS142Qh5DWJDYh84Dl6nkjyHRZ2e1cNdiC o9yBCZBH69p6exOn3pBqX+E9UNXbIA9ixatYlMjmf3anlm2+p/Zak3W/VQIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFFgWeDbNSpaq3mw6mjDeBjkIOa1MMB8GA1UdIwQY MBaAFK9G+41BpHJCrj7ozh8PqO+BFpi1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjBiN2pVR2tja0t1UHVqT0h3LW83NEVXbUxVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kODI3NWUtYzQ3OS00ZWQ4LWJlZWEt ZGE4OWVkMmViNTVlLzEvV0JaNE5zMUtscXJlYkRxYU1ONEdPUWc1clV3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC9kODI3NWUtYzQ3OS00ZWQ4LWJlZWEtZGE4OWVkMmViNTVl LzEvcjBiN2pVR2tja0t1UHVqT0h3LW83NEVXbUxVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVwYAwQC k04YAwQBwSEGAwQBwSEoMA0GCSqGSIb3DQEBCwUAA4IBAQAFw0EtQYDZWOWkg8wu yixA8TzeKt0BkiGcu3FiPdyCXMzvqordc8K1cIr5p+2FMHTbrPfvvtMqyGKr6AmY RthZWu8vtbK6zSKgloA+NbNBYhXo1mDGpAuxsLRcLcFArrcYbe5Q3VeRg0jbRdt/ 1N9OuyrSEJN1P921BOyqVJJFXImRoWGegOmd2dS7KeW1fpLs+zSYOua/fclZY3LY yGCE6SSXmtpMAw9SNt+3/0Ow2CyGfAdTKMbbTRNhwkTvPr6IPK559WB/2ZipghwT mMZLcs7PnvPIXRL09BRWzu8NMDeUN3tLjIPDHxEZkmlypmL1UhvqWs4Pv5L+yOrk s9s2 -----END CERTIFICATE-----Generated at Sun Jan 25 19:16:10 2026 by rpki-client