This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/WkDZDOXBWr9x5TExAfjLxWKxbkU.roa File: WkDZDOXBWr9x5TExAfjLxWKxbkU.roa (raw, json) Hash identifier: YkRBfAeJDTqNqtEqsLxdtIzJ8woFGgTRSv1hmR+uNQ4= Subject key identifier: 5A:40:D9:0C:E5:C1:5A:BF:71:E5:31:31:01:F8:CB:C5:62:B1:6E:45 Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672 Certificate serial: 019B797EA3F8914E21D668B0B42B7319F3EE Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/WkDZDOXBWr9x5TExAfjLxWKxbkU.roa Signing time: Thu 01 Jan 2026 12:18:21 +0000 ROA not before: Thu 01 Jan 2026 12:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29470 IP address blocks: 139.45.220.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.mft rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:a3:f8:91:4e:21:d6:68:b0:b4:2b:73:19:f3:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672 Validity Not Before: Jan 1 12:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5a40d90ce5c15abf71e5313101f8cbc562b16e45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:00:ad:2c:c2:2f:49:d0:15:84:d3:8a:80:0b: dd:4d:5a:1d:44:04:8a:46:62:cf:98:a8:df:88:d8: 85:c1:2f:30:c8:b3:3d:3a:e8:99:5d:d4:63:fc:62: 5e:39:9c:b8:2f:ef:0a:1d:b9:87:37:8b:db:71:69: 5f:8e:93:1a:74:0c:87:a9:c3:0b:71:05:8c:a1:0f: 6e:08:e8:99:ae:3c:f6:ee:f3:da:52:ef:99:0a:91: 62:6b:d4:64:37:25:92:b9:85:27:e9:e9:8e:3a:36: 27:41:85:63:6d:4c:10:35:8d:ba:15:0b:e4:8f:8d: c6:ed:1c:58:0e:cf:e6:07:83:23:22:fa:8c:8c:ae: 39:dc:7d:ce:31:97:f6:e6:44:9b:fa:d1:cc:05:ca: 57:55:36:79:46:74:f5:e5:7f:c7:a6:ff:c7:c1:a8: fa:50:9e:21:e6:95:1d:b2:7f:6d:1a:01:85:3f:d2: 21:d0:d7:8f:e1:6b:36:86:df:5f:0d:52:5a:1c:6e: 96:6a:17:64:a5:a0:4f:66:63:4c:36:87:95:7d:da: e7:bb:a1:0c:0e:e4:32:c6:b0:48:d8:c8:da:94:f6: ed:69:14:87:41:46:e8:17:aa:0a:48:c9:1d:de:a0: 38:bc:46:d2:f7:13:28:ec:13:ad:3b:cf:9c:d9:50: 7a:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:40:D9:0C:E5:C1:5A:BF:71:E5:31:31:01:F8:CB:C5:62:B1:6E:45 X509v3 Authority Key Identifier: keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/WkDZDOXBWr9x5TExAfjLxWKxbkU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 139.45.220.0/22 Signature Algorithm: sha256WithRSAEncryption 4a:76:a3:b3:da:f0:aa:01:50:64:a7:23:a8:fa:f3:c8:17:19: 3e:36:17:e7:6d:a5:7f:e0:a8:91:b4:8a:5c:5f:d0:82:79:30: 65:44:bd:f2:6e:f1:20:25:61:c3:0b:28:6f:a6:4e:aa:b0:0c: ae:ff:68:74:42:32:7c:bd:c9:43:81:0a:94:8d:9e:df:1f:ac: 19:a3:ea:2f:08:2e:46:80:a0:ea:df:d6:78:d4:c2:e7:43:79: 48:48:5e:f3:99:34:76:f3:65:2b:45:cb:6e:e3:a2:9e:2e:7d: 50:21:a1:a5:9f:52:b4:41:15:37:77:11:f6:ea:43:2c:67:ee: df:84:23:cb:0e:0c:8b:0a:03:75:29:d2:27:ed:30:53:b8:0b: 25:86:c1:b3:6c:55:11:8e:b4:0e:5f:d0:f4:a5:ca:16:0d:5c: b6:ec:3b:27:2b:0f:c9:2d:05:b8:16:13:ec:4e:12:77:1f:c9: 89:42:f2:41:71:e5:c9:0a:9e:80:e1:69:80:c1:0c:da:f8:d3: bf:5a:67:95:a4:d7:56:a8:d6:59:20:ca:e3:1b:3d:e1:93:fe: 18:6a:fb:23:26:17:bf:3c:ed:05:a1:2e:af:22:b7:ca:36:b3: 21:15:73:45:18:9c:1b:aa:95:ca:e7:66:42:16:30:04:da:a7: ba:bf:9e:6c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5fqP4kU4h1miwtCtzGfPuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3 Y2M2NzIwHhcNMjYwMTAxMTIxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YTQwZDkwY2U1YzE1YWJmNzFlNTMxMzEwMWY4Y2JjNTYyYjE2ZTQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyACtLMIvSdAVhNOKgAvdTVodRASK RmLPmKjfiNiFwS8wyLM9OuiZXdRj/GJeOZy4L+8KHbmHN4vbcWlfjpMadAyHqcML cQWMoQ9uCOiZrjz27vPaUu+ZCpFia9RkNyWSuYUn6emOOjYnQYVjbUwQNY26FQvk j43G7RxYDs/mB4MjIvqMjK453H3OMZf25kSb+tHMBcpXVTZ5RnT15X/Hpv/Hwaj6 UJ4h5pUdsn9tGgGFP9Ih0NeP4Ws2ht9fDVJaHG6WahdkpaBPZmNMNoeVfdrnu6EM DuQyxrBI2MjalPbtaRSHQUboF6oKSMkd3qA4vEbS9xMo7BOtO8+c2VB6zQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFFpA2QzlwVq/ceUxMQH4y8VisW5FMB8GA1UdIwQY MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt MDAzYTE1NjhiZjNmLzEvV2tEWkRPWEJXcjl4NVRFeEFmakx4V0t4YmtVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCiy3cMA0G CSqGSIb3DQEBCwUAA4IBAQBKdqOz2vCqAVBkpyOo+vPIFxk+NhfnbaV/4KiRtIpc X9CCeTBlRL3ybvEgJWHDCyhvpk6qsAyu/2h0QjJ8vclDgQqUjZ7fH6wZo+ovCC5G gKDq39Z41MLnQ3lISF7zmTR282UrRctu46KeLn1QIaGln1K0QRU3dxH26kMsZ+7f hCPLDgyLCgN1KdIn7TBTuAslhsGzbFURjrQOX9D0pcoWDVy27DsnKw/JLQW4FhPs ThJ3H8mJQvJBceXJCp6A4WmAwQza+NO/WmeVpNdWqNZZIMrjGz3hk/4YavsjJhe/ PO0FoS6vIrfKNrMhFXNFGJwbqpXK52ZCFjAE2qe6v55s -----END CERTIFICATE-----Generated at Sun Jan 25 20:30:11 2026 by rpki-client