This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/S7RcXMyiVxlze6GVvWUy2ASQtA4.roa File: S7RcXMyiVxlze6GVvWUy2ASQtA4.roa (raw, json) Hash identifier: 9nQ7JQOoqPESGeYG/+m0xunoEX7zzRQueykeebjY92Q= Subject key identifier: 4B:B4:5C:5C:CC:A2:57:19:73:7B:A1:95:BD:65:32:D8:04:90:B4:0E Certificate issuer: /CN=5990c1553762ac9af57df9b58d9dc50af409c566 Certificate serial: 019B78A34BBFBEBB0DBF9FEFC04BF70BC69B Authority key identifier: 59:90:C1:55:37:62:AC:9A:F5:7D:F9:B5:8D:9D:C5:0A:F4:09:C5:66 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WZDBVTdirJr1ffm1jZ3FCvQJxWY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/S7RcXMyiVxlze6GVvWUy2ASQtA4.roa Signing time: Thu 01 Jan 2026 08:18:46 +0000 ROA not before: Thu 01 Jan 2026 08:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41227 IP address blocks: 193.29.17.0/24 maxlen: 24 193.29.18.0/24 maxlen: 24 193.29.24.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/WZDBVTdirJr1ffm1jZ3FCvQJxWY.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/WZDBVTdirJr1ffm1jZ3FCvQJxWY.mft rsync://rpki.ripe.net/repository/DEFAULT/WZDBVTdirJr1ffm1jZ3FCvQJxWY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:4b:bf:be:bb:0d:bf:9f:ef:c0:4b:f7:0b:c6:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5990c1553762ac9af57df9b58d9dc50af409c566 Validity Not Before: Jan 1 08:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4bb45c5ccca25719737ba195bd6532d80490b40e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:4f:c1:95:6b:37:dd:9d:67:ab:da:3e:06:87: de:06:fe:b2:f4:1e:44:78:e1:5e:d1:56:85:9e:dc: 32:da:bb:54:c4:34:0c:0c:26:dd:99:db:86:f4:20: fa:af:be:61:83:66:0b:48:9a:0a:51:b4:a2:43:a7: 48:24:e7:85:3d:95:d3:e8:61:47:eb:6d:fd:b7:73: 9c:2b:86:11:f9:4d:f2:71:17:23:0c:70:70:3d:86: f0:0e:7e:ff:53:01:17:c3:f9:84:a9:02:7d:6c:e9: 25:f7:cd:58:da:23:6e:46:66:29:b7:10:f5:c3:a5: 1d:f9:c6:f6:d9:94:26:6e:a6:7b:e7:af:41:4e:9c: 74:e8:85:2a:89:d9:29:f6:79:41:ba:02:dd:05:02: 58:f4:ee:c2:0d:c3:01:36:09:4d:9c:fc:5a:7f:bf: 87:37:09:88:59:df:72:80:3d:9f:b5:8a:a9:a0:32: d2:f7:20:3d:45:82:22:c8:ae:47:ae:66:03:88:c8: 63:ff:5d:53:1d:f9:aa:b6:0c:2c:4a:58:6b:d1:51: 0b:70:ac:ec:bf:1a:2b:b4:34:c5:05:96:c4:d6:5e: b8:89:87:cc:21:7c:39:80:ba:07:92:de:67:aa:0c: fd:ac:9a:97:9c:75:a1:82:22:fb:65:9e:7d:ed:68: a6:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:B4:5C:5C:CC:A2:57:19:73:7B:A1:95:BD:65:32:D8:04:90:B4:0E X509v3 Authority Key Identifier: keyid:59:90:C1:55:37:62:AC:9A:F5:7D:F9:B5:8D:9D:C5:0A:F4:09:C5:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WZDBVTdirJr1ffm1jZ3FCvQJxWY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/S7RcXMyiVxlze6GVvWUy2ASQtA4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a8f8e1-dce2-47ef-824e-bef1034edbe5/1/WZDBVTdirJr1ffm1jZ3FCvQJxWY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.29.17.0-193.29.18.255 193.29.24.0/24 Signature Algorithm: sha256WithRSAEncryption 5a:c5:66:78:06:4e:08:af:82:54:be:0d:04:6c:c2:25:a7:55: fe:94:81:b5:12:b8:78:6a:0b:90:84:48:27:81:03:be:0d:6a: 2f:b3:aa:d6:cc:a1:7b:42:ef:5a:2f:7c:54:4d:01:51:6a:98: 5f:6d:e1:07:a7:97:bc:9a:c5:ee:7a:87:c5:f9:f2:4b:fd:30: 62:2c:f8:53:1a:8f:18:15:77:f2:ab:54:07:5f:80:a7:a6:c4: 8b:b6:ca:bd:22:c7:38:ce:2f:fd:4b:6f:d4:eb:66:1c:18:b9: 50:42:3c:b3:00:3d:59:a7:5c:4a:15:f7:34:1a:26:02:14:74: fe:0b:d3:e7:25:ef:fc:92:a7:60:f5:d4:9f:c5:e2:8a:d0:fc: 58:e6:7c:31:94:34:eb:a0:ca:12:2c:1f:fa:12:82:86:94:ea: 01:01:ea:31:b2:60:52:e5:d3:30:8b:fe:c8:f4:89:fc:38:c4: da:0a:b5:d1:86:d8:ee:6b:65:60:7d:c2:d0:0c:33:cc:ad:9c: 3e:f1:51:df:30:38:93:2c:83:d2:08:e1:03:33:28:21:18:0a: 43:6f:a8:9d:67:d0:5d:b9:b9:a0:f2:77:44:ec:e8:53:e0:a7: b5:65:6b:b0:66:5d:23:8a:53:60:ea:f5:17:fb:d8:26:a9:bb: 39:fd:a0:32 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt4o0u/vrsNv5/vwEv3C8abMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU5OTBjMTU1Mzc2MmFjOWFmNTdkZjliNThkOWRjNTBhZjQw OWM1NjYwHhcNMjYwMTAxMDgxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YmI0NWM1Y2NjYTI1NzE5NzM3YmExOTViZDY1MzJkODA0OTBiNDBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtk/BlWs33Z1nq9o+BofeBv6y9B5E eOFe0VaFntwy2rtUxDQMDCbdmduG9CD6r75hg2YLSJoKUbSiQ6dIJOeFPZXT6GFH 6239t3OcK4YR+U3ycRcjDHBwPYbwDn7/UwEXw/mEqQJ9bOkl981Y2iNuRmYptxD1 w6Ud+cb22ZQmbqZ7569BTpx06IUqidkp9nlBugLdBQJY9O7CDcMBNglNnPxaf7+H NwmIWd9ygD2ftYqpoDLS9yA9RYIiyK5HrmYDiMhj/11THfmqtgwsSlhr0VELcKzs vxortDTFBZbE1l64iYfMIXw5gLoHkt5nqgz9rJqXnHWhgiL7ZZ597Wim+wIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFEu0XFzMolcZc3uhlb1lMtgEkLQOMB8GA1UdIwQY MBaAFFmQwVU3Yqya9X35tY2dxQr0CcVmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV1pEQlZUZGlySnIxZmZtMWpaM0ZDdlFKeFdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9hOGY4ZTEtZGNlMi00N2VmLTgyNGUt YmVmMTAzNGVkYmU1LzEvUzdSY1hNeWlWeGx6ZTZHVnZXVXkyQVNRdEE0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS9hOGY4ZTEtZGNlMi00N2VmLTgyNGUtYmVmMTAzNGVkYmU1 LzEvV1pEQlZUZGlySnIxZmZtMWpaM0ZDdlFKeFdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADBHRED BADBHRIDBADBHRgwDQYJKoZIhvcNAQELBQADggEBAFrFZngGTgivglS+DQRswiWn Vf6UgbUSuHhqC5CESCeBA74Nai+zqtbMoXtC71ovfFRNAVFqmF9t4Qenl7yaxe56 h8X58kv9MGIs+FMajxgVd/KrVAdfgKemxIu2yr0ixzjOL/1Lb9TrZhwYuVBCPLMA PVmnXEoV9zQaJgIUdP4L0+cl7/ySp2D11J/F4orQ/FjmfDGUNOugyhIsH/oSgoaU 6gEB6jGyYFLl0zCL/sj0ifw4xNoKtdGG2O5rZWB9wtAMM8ytnD7xUd8wOJMsg9II 4QMzKCEYCkNvqJ1n0F25uaDyd0Ts6FPgp7Vla7BmXSOKU2Dq9Rf72Capuzn9oDI= -----END CERTIFICATE-----Generated at Mon Jan 26 13:10:47 2026 by rpki-client