This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/4DavIRBSgZJRou5_5pXE0gpp9TU.roa File: 4DavIRBSgZJRou5_5pXE0gpp9TU.roa (raw, json) Hash identifier: S+MQh3x3BbVlY1FrerJ280vTss7JYvL8Z4S9DdFZKIM= Subject key identifier: E0:36:AF:21:10:52:81:92:51:A2:EE:7F:E6:95:C4:D2:0A:69:F5:35 Certificate issuer: /CN=b230c8fd0205ecf0ef6b56e037d5629b17b275ee Certificate serial: 019B7E3798EB730360D71E4F04134D2DD429 Authority key identifier: B2:30:C8:FD:02:05:EC:F0:EF:6B:56:E0:37:D5:62:9B:17:B2:75:EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/4DavIRBSgZJRou5_5pXE0gpp9TU.roa Signing time: Fri 02 Jan 2026 10:18:51 +0000 ROA not before: Fri 02 Jan 2026 10:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43824 IP address blocks: 185.99.32.0/24 maxlen: 24 185.99.33.0/24 maxlen: 24 185.99.34.0/24 maxlen: 24 185.99.35.0/24 maxlen: 24 2a0a:c0:ffff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/sjDI_QIF7PDva1bgN9Vimxeyde4.crl rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/sjDI_QIF7PDva1bgN9Vimxeyde4.mft rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:98:eb:73:03:60:d7:1e:4f:04:13:4d:2d:d4:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b230c8fd0205ecf0ef6b56e037d5629b17b275ee Validity Not Before: Jan 2 10:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e036af211052819251a2ee7fe695c4d20a69f535 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b2:de:21:40:ac:27:cc:f1:d9:18:50:f8:2e: be:9f:83:66:b5:35:e0:d4:23:63:d1:c6:1d:5a:9e: 5d:b6:a9:36:04:bd:84:99:b2:52:07:21:da:12:1f: 18:02:38:d9:52:48:d8:15:2b:97:d1:c2:10:6e:a4: e6:4b:b4:60:e4:3e:ce:90:14:38:7d:7e:04:87:42: 46:8e:93:ab:a0:1f:47:b6:fd:66:5d:d7:7a:c0:1b: bf:48:e0:cb:24:1e:18:74:e2:b1:a3:24:a3:d1:40: 45:26:08:cf:1b:7e:82:d0:8b:fe:70:83:7e:47:2f: d6:d6:a8:bf:52:a2:f8:be:7a:22:99:9d:a3:da:f4: 2d:e2:c3:0d:36:37:17:34:ed:dd:3b:b9:7c:43:88: 2c:8c:0e:f4:68:47:b7:cc:9b:2e:d9:6f:cb:03:47: 76:f8:00:65:13:1a:46:e0:d8:26:52:e2:a7:47:37: 63:f9:ce:a5:56:55:2d:b8:bf:30:89:e7:4b:ca:77: bf:43:76:31:6c:ad:f8:bf:22:eb:9a:5d:33:12:b5: 70:11:2b:4d:09:61:e3:1b:66:eb:4d:33:ca:79:b9: 7e:7e:41:da:cf:b1:a9:c7:7a:2a:37:52:1a:f1:42: 68:af:fb:8f:a9:a4:9d:3f:3a:63:fe:e9:b5:e1:39: e8:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:36:AF:21:10:52:81:92:51:A2:EE:7F:E6:95:C4:D2:0A:69:F5:35 X509v3 Authority Key Identifier: keyid:B2:30:C8:FD:02:05:EC:F0:EF:6B:56:E0:37:D5:62:9B:17:B2:75:EE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sjDI_QIF7PDva1bgN9Vimxeyde4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/4DavIRBSgZJRou5_5pXE0gpp9TU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/ca1797-616f-4973-b740-c8b5dfc5a13f/1/sjDI_QIF7PDva1bgN9Vimxeyde4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.99.32.0/22 IPv6: 2a0a:c0:ffff::/48 Signature Algorithm: sha256WithRSAEncryption 43:89:36:3a:e1:82:f3:72:18:c4:66:4c:22:12:6c:84:b2:ae: e2:d0:88:c2:6d:c3:1f:b7:1b:41:2b:a1:61:18:1f:60:cc:dd: cc:cd:dc:7b:04:1b:41:c1:e7:ef:02:f2:23:87:7b:ac:47:0d: 4d:fc:3f:8c:8e:3e:0c:40:2f:87:ad:ff:db:aa:75:64:21:cf: 44:fe:60:20:87:8c:6d:0e:8c:5f:5c:33:6c:ef:f5:39:6b:a0: ae:ee:41:04:2f:89:c5:8b:c0:f3:83:78:33:c4:ed:0b:91:c2: 26:65:d6:fc:db:9d:02:55:ec:28:76:82:22:6f:f2:e5:73:c1: d0:0e:b6:07:64:8e:c3:66:90:3c:b6:e4:d7:cd:f9:df:86:c8: 5c:fe:71:8b:eb:74:fc:46:3f:2c:d6:4c:0f:dc:f3:65:9a:43: 5b:ea:f1:dd:43:f6:58:c5:00:a6:f5:a4:20:9b:5b:6d:d5:7f: 6a:a1:a8:cd:3e:46:6e:56:71:87:89:af:8c:47:b0:c1:33:8d: 65:61:05:98:15:9c:38:ce:7e:7c:99:2f:8a:78:bb:2b:92:00: 3c:eb:e6:6f:38:0e:58:47:52:f3:40:f4:f9:4c:77:ce:dc:e3: 5b:2e:e9:f0:d0:02:cb:54:df:f1:78:dc:de:66:c9:15:75:e3: d8:95:de:50 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+N5jrcwNg1x5PBBNNLdQpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyMzBjOGZkMDIwNWVjZjBlZjZiNTZlMDM3ZDU2MjliMTdi Mjc1ZWUwHhcNMjYwMTAyMTAxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMDM2YWYyMTEwNTI4MTkyNTFhMmVlN2ZlNjk1YzRkMjBhNjlmNTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurLeIUCsJ8zx2RhQ+C6+n4NmtTXg 1CNj0cYdWp5dtqk2BL2EmbJSByHaEh8YAjjZUkjYFSuX0cIQbqTmS7Rg5D7OkBQ4 fX4Eh0JGjpOroB9Htv1mXdd6wBu/SODLJB4YdOKxoySj0UBFJgjPG36C0Iv+cIN+ Ry/W1qi/UqL4vnoimZ2j2vQt4sMNNjcXNO3dO7l8Q4gsjA70aEe3zJsu2W/LA0d2 +ABlExpG4NgmUuKnRzdj+c6lVlUtuL8wiedLyne/Q3YxbK34vyLrml0zErVwEStN CWHjG2brTTPKebl+fkHaz7Gpx3oqN1Ia8UJor/uPqaSdPzpj/um14TnosQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFOA2ryEQUoGSUaLuf+aVxNIKafU1MB8GA1UdIwQY MBaAFLIwyP0CBezw72tW4DfVYpsXsnXuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2pESV9RSUY3UER2YTFiZ045VmlteGV5ZGU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9jYTE3OTctNjE2Zi00OTczLWI3NDAt YzhiNWRmYzVhMTNmLzEvNERhdklSQlNnWkpSb3U1XzVwWEUwZ3BwOVRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi9jYTE3OTctNjE2Zi00OTczLWI3NDAtYzhiNWRmYzVhMTNm LzEvc2pESV9RSUY3UER2YTFiZ045VmlteGV5ZGU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuWMgMA8E AgACMAkDBwAqCgDA//8wDQYJKoZIhvcNAQELBQADggEBAEOJNjrhgvNyGMRmTCIS bISyruLQiMJtwx+3G0EroWEYH2DM3czN3HsEG0HB5+8C8iOHe6xHDU38P4yOPgxA L4et/9uqdWQhz0T+YCCHjG0OjF9cM2zv9TlroK7uQQQvicWLwPODeDPE7QuRwiZl 1vzbnQJV7Ch2giJv8uVzwdAOtgdkjsNmkDy25NfN+d+GyFz+cYvrdPxGPyzWTA/c 82WaQ1vq8d1D9ljFAKb1pCCbW23Vf2qhqM0+Rm5WcYeJr4xHsMEzjWVhBZgVnDjO fnyZL4p4uyuSADzr5m84DlhHUvNA9PlMd87c41su6fDQAstU3/F43N5myRV149iV 3lA= -----END CERTIFICATE-----Generated at Sun Jan 25 18:06:37 2026 by rpki-client