This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/06c734-09a1-4da3-8992-bd4d54445a95/1/4-k2BQwcooezjDVQqn3GH7FYIyg.roa File: 4-k2BQwcooezjDVQqn3GH7FYIyg.roa (raw, json) Hash identifier: u1bK1aC0Jx5hdjBp120tHkvEXpneiYzeiUJqLBrJ+rY= Subject key identifier: E3:E9:36:05:0C:1C:A2:87:B3:8C:35:50:AA:7D:C6:1F:B1:58:23:28 Certificate issuer: /CN=d703ceac906d07f74ca94c446303d954666b583a Certificate serial: 019B7DCB3A6A8490B74848AA274F4BBF6AE5 Authority key identifier: D7:03:CE:AC:90:6D:07:F7:4C:A9:4C:44:63:03:D9:54:66:6B:58:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wPOrJBtB_dMqUxEYwPZVGZrWDo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/06c734-09a1-4da3-8992-bd4d54445a95/1/4-k2BQwcooezjDVQqn3GH7FYIyg.roa Signing time: Fri 02 Jan 2026 08:20:29 +0000 ROA not before: Fri 02 Jan 2026 08:20:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62571 IP address blocks: 185.64.8.0/24 maxlen: 24 185.64.9.0/24 maxlen: 24 185.64.10.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/06c734-09a1-4da3-8992-bd4d54445a95/1/1wPOrJBtB_dMqUxEYwPZVGZrWDo.crl rsync://rpki.ripe.net/repository/DEFAULT/45/06c734-09a1-4da3-8992-bd4d54445a95/1/1wPOrJBtB_dMqUxEYwPZVGZrWDo.mft rsync://rpki.ripe.net/repository/DEFAULT/1wPOrJBtB_dMqUxEYwPZVGZrWDo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:3a:6a:84:90:b7:48:48:aa:27:4f:4b:bf:6a:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d703ceac906d07f74ca94c446303d954666b583a Validity Not Before: Jan 2 08:20:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e3e936050c1ca287b38c3550aa7dc61fb1582328 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:91:17:02:b7:81:f2:0a:09:04:75:6c:32:73: d0:e5:8b:95:0c:18:49:3b:f7:d3:f5:24:cc:97:1b: 42:35:78:af:9f:8f:af:c6:a0:f9:d2:3e:6f:04:a5: d0:b5:cc:40:2d:ed:3b:7d:7a:92:f9:43:84:3a:c1: ec:b9:37:e8:96:4f:a0:97:fd:cf:55:54:2f:47:ef: 04:76:40:d9:ae:08:81:4d:d6:1a:91:11:9d:be:6d: 27:db:cb:48:11:ff:57:e4:f2:a8:76:7c:93:e6:38: cd:7d:28:1d:9b:17:df:35:5e:8c:eb:bf:45:55:4e: 09:b9:fa:03:83:59:5a:98:57:81:44:cc:b7:a3:4c: 1e:86:b9:7a:08:f2:f7:71:3f:37:62:e1:9c:09:d2: 49:1a:c1:54:58:8d:81:92:be:3e:28:10:51:5c:74: 7e:5f:2d:72:81:8c:ba:10:cd:fe:19:1f:08:e3:24: fe:9d:08:5e:3b:5b:42:d1:c9:06:ab:31:20:f8:1f: 67:01:45:86:ae:45:97:a0:01:f0:2a:d3:bc:55:93: 5a:a7:10:83:aa:3d:f4:a4:2c:93:0b:ba:4f:5a:a7: c6:3a:ef:40:bf:ae:3f:e9:23:7c:81:48:d6:81:3f: 30:19:a6:bd:c0:ca:6f:70:99:96:94:19:4c:4e:da: 13:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:E9:36:05:0C:1C:A2:87:B3:8C:35:50:AA:7D:C6:1F:B1:58:23:28 X509v3 Authority Key Identifier: keyid:D7:03:CE:AC:90:6D:07:F7:4C:A9:4C:44:63:03:D9:54:66:6B:58:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wPOrJBtB_dMqUxEYwPZVGZrWDo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/06c734-09a1-4da3-8992-bd4d54445a95/1/4-k2BQwcooezjDVQqn3GH7FYIyg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/06c734-09a1-4da3-8992-bd4d54445a95/1/1wPOrJBtB_dMqUxEYwPZVGZrWDo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.64.8.0-185.64.10.255 Signature Algorithm: sha256WithRSAEncryption 8d:d8:65:09:3b:c1:5a:da:7b:8d:b7:00:d6:2f:80:46:1b:45: 55:93:f1:fe:cf:5d:d0:bb:75:fa:78:d6:fb:f9:a7:14:91:25: df:2d:ef:35:28:a1:5f:4f:1c:81:a6:a1:62:ac:a0:1d:3e:f6: 0b:8a:69:86:c0:cc:3b:93:fb:dc:ce:8f:be:2d:d8:ea:7b:4e: bb:55:4b:c0:07:ef:77:45:94:03:16:7f:d8:86:2d:4a:8b:88: 06:c9:98:51:27:d7:92:dc:a8:ff:fe:d5:b4:0c:91:56:a9:a3: 6f:57:12:9d:0e:ad:b5:f1:b8:1a:e0:43:71:77:bf:ee:8b:6e: f9:04:6b:72:b8:31:56:7c:f4:a4:1e:d4:fc:d4:34:33:a7:4a: 86:16:2e:18:eb:16:fe:a0:ae:37:51:e7:ac:56:90:72:2d:90: 06:40:8b:91:47:3e:60:08:de:be:f8:e8:9a:a8:90:8c:ef:7f: 05:ee:45:7d:61:f3:6a:47:19:3a:ae:b2:4c:3a:78:e5:fb:40: aa:a3:50:a2:b2:99:52:a0:a3:aa:4d:41:2a:fd:65:c7:91:bf: 02:83:92:e6:60:a4:24:05:ae:f6:a0:25:00:d6:da:01:21:a7: 53:aa:74:fd:d6:17:ab:06:36:d1:09:c6:70:0c:31:3f:93:2d: 88:09:b3:19 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt9yzpqhJC3SEiqJ09Lv2rlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3MDNjZWFjOTA2ZDA3Zjc0Y2E5NGM0NDYzMDNkOTU0NjY2 YjU4M2EwHhcNMjYwMTAyMDgyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlM2U5MzYwNTBjMWNhMjg3YjM4YzM1NTBhYTdkYzYxZmIxNTgyMzI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZEXAreB8goJBHVsMnPQ5YuVDBhJ O/fT9STMlxtCNXivn4+vxqD50j5vBKXQtcxALe07fXqS+UOEOsHsuTfolk+gl/3P VVQvR+8EdkDZrgiBTdYakRGdvm0n28tIEf9X5PKodnyT5jjNfSgdmxffNV6M679F VU4JufoDg1lamFeBRMy3o0wehrl6CPL3cT83YuGcCdJJGsFUWI2Bkr4+KBBRXHR+ Xy1ygYy6EM3+GR8I4yT+nQheO1tC0ckGqzEg+B9nAUWGrkWXoAHwKtO8VZNapxCD qj30pCyTC7pPWqfGOu9Av64/6SN8gUjWgT8wGaa9wMpvcJmWlBlMTtoTRwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFOPpNgUMHKKHs4w1UKp9xh+xWCMoMB8GA1UdIwQY MBaAFNcDzqyQbQf3TKlMRGMD2VRma1g6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMXdQT3JKQnRCX2RNcVV4RVl3UFpWR1pyV0RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8wNmM3MzQtMDlhMS00ZGEzLTg5OTIt YmQ0ZDU0NDQ1YTk1LzEvNC1rMkJRd2Nvb2V6akRWUXFuM0dIN0ZZSXlnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS8wNmM3MzQtMDlhMS00ZGEzLTg5OTItYmQ0ZDU0NDQ1YTk1 LzEvMXdQT3JKQnRCX2RNcVV4RVl3UFpWR1pyV0RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5QAgD BAC5QAowDQYJKoZIhvcNAQELBQADggEBAI3YZQk7wVrae423ANYvgEYbRVWT8f7P XdC7dfp41vv5pxSRJd8t7zUooV9PHIGmoWKsoB0+9guKaYbAzDuT+9zOj74t2Op7 TrtVS8AH73dFlAMWf9iGLUqLiAbJmFEn15LcqP/+1bQMkVapo29XEp0OrbXxuBrg Q3F3v+6LbvkEa3K4MVZ89KQe1PzUNDOnSoYWLhjrFv6grjdR56xWkHItkAZAi5FH PmAI3r746JqokIzvfwXuRX1h82pHGTquskw6eOX7QKqjUKKymVKgo6pNQSr9ZceR vwKDkuZgpCQFrvagJQDW2gEhp1OqdP3WF6sGNtEJxnAMMT+TLYgJsxk= -----END CERTIFICATE-----Generated at Sun Jan 25 15:37:50 2026 by rpki-client