This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/4dT-r-tnX4cWtkeW9vmBFCuOXSM.roa File: 4dT-r-tnX4cWtkeW9vmBFCuOXSM.roa (raw, json) Hash identifier: yBvCo3vq6RTcJ2XwlICSZZXq6k/srzkuuEXAf6/6I+0= Subject key identifier: E1:D4:FE:AF:EB:67:5F:87:16:B6:47:96:F6:F9:81:14:2B:8E:5D:23 Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42 Certificate serial: 019B7F84BEBDE0A35DDA3640E9A50C7AA7F3 Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/4dT-r-tnX4cWtkeW9vmBFCuOXSM.roa Signing time: Fri 02 Jan 2026 16:22:44 +0000 ROA not before: Fri 02 Jan 2026 16:22:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50765 IP address blocks: 95.47.62.0/24 maxlen: 24 2a02:128:6::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:be:bd:e0:a3:5d:da:36:40:e9:a5:0c:7a:a7:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42 Validity Not Before: Jan 2 16:22:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e1d4feafeb675f8716b64796f6f981142b8e5d23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:a7:20:07:58:c3:66:84:71:ce:4c:da:87:7e: 3f:1d:52:bf:a2:e0:00:64:ff:2b:88:c6:22:cd:a6: 61:5d:50:6e:b2:25:6f:71:f6:a4:b2:0e:6c:d7:65: 72:11:7f:17:f4:5d:68:49:87:89:04:8f:d7:95:80: aa:17:cf:b4:b7:4c:f3:e0:31:f7:22:f3:8b:f0:7f: 48:2b:2e:9f:14:2f:13:f2:3d:e4:7a:bd:ed:7f:06: d8:fa:29:b3:c9:68:c8:b7:b7:1c:8a:7f:61:09:50: a4:d7:0c:de:c2:4e:74:76:6a:92:ce:ea:40:49:85: b6:16:3c:96:e1:67:a7:79:67:dd:dd:79:77:c9:a0: 85:82:de:03:59:ad:1a:43:2c:70:fb:fa:54:aa:73: 8f:1d:56:ee:a9:78:dd:16:e5:c5:5d:3d:9c:00:65: 41:6e:05:51:8c:da:a1:26:7b:a9:66:37:b6:46:c8: 96:db:17:34:97:08:73:01:b9:8c:06:c9:9d:67:0a: ec:61:7c:8d:c8:81:3d:7a:39:69:28:c1:89:7d:04: 81:ef:0a:ae:7b:cf:c1:4b:11:ae:c2:23:49:a7:b5: ad:c6:1b:87:01:71:7e:52:7d:96:49:af:e1:a4:dc: 41:09:59:c5:50:db:3e:71:a4:b5:da:15:65:89:4a: a8:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:D4:FE:AF:EB:67:5F:87:16:B6:47:96:F6:F9:81:14:2B:8E:5D:23 X509v3 Authority Key Identifier: keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/4dT-r-tnX4cWtkeW9vmBFCuOXSM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.47.62.0/24 IPv6: 2a02:128:6::/48 Signature Algorithm: sha256WithRSAEncryption 76:1b:b2:9a:80:e9:d1:f5:ea:dd:bf:95:a0:c6:90:9e:91:74: 80:e7:5b:5b:02:90:23:83:ec:29:29:27:9a:e1:14:59:f7:ec: e0:99:cc:43:da:e8:52:5a:ef:fb:1c:45:f2:db:bf:c6:dc:03: 8d:1d:15:30:ad:b9:9d:92:79:1d:a6:14:12:92:18:ef:06:56: 78:39:f3:c5:67:3b:4e:87:a0:32:f0:67:32:a7:23:a4:b9:e2: f9:4c:e6:8e:c6:52:0c:32:1d:53:92:3c:25:40:5d:72:f8:23: 20:01:a3:59:60:ac:f2:a3:54:b3:b8:36:0c:3e:1f:af:7b:dc: 6a:06:a9:ea:96:00:46:a9:14:c8:cb:ca:ea:07:92:db:a9:32: 36:60:36:54:55:fc:f1:66:e9:34:a4:f4:69:c1:00:bd:12:83: 4d:a5:e0:19:d8:72:65:00:4d:b0:3f:3e:95:aa:85:83:15:b7: f8:6f:23:33:e2:96:f7:22:4f:ab:cb:07:c3:ac:47:7f:a5:99: d7:dd:e0:ab:33:69:ae:7f:12:ac:4b:90:8f:28:98:fe:af:65: cd:32:e4:9c:eb:20:50:27:84:11:2a:88:7a:c4:ec:51:2d:2d: ea:75:4a:ee:fd:a8:eb:63:af:b3:9f:aa:e3:34:f7:11:4b:cb: 30:bf:b0:3f -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/hL694KNd2jZA6aUMeqfzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh YWVmNDIwHhcNMjYwMTAyMTYyMjQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMWQ0ZmVhZmViNjc1Zjg3MTZiNjQ3OTZmNmY5ODExNDJiOGU1ZDIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqcgB1jDZoRxzkzah34/HVK/ouAA ZP8riMYizaZhXVBusiVvcfaksg5s12VyEX8X9F1oSYeJBI/XlYCqF8+0t0zz4DH3 IvOL8H9IKy6fFC8T8j3ker3tfwbY+imzyWjIt7ccin9hCVCk1wzewk50dmqSzupA SYW2FjyW4WeneWfd3Xl3yaCFgt4DWa0aQyxw+/pUqnOPHVbuqXjdFuXFXT2cAGVB bgVRjNqhJnupZje2RsiW2xc0lwhzAbmMBsmdZwrsYXyNyIE9ejlpKMGJfQSB7wqu e8/BSxGuwiNJp7WtxhuHAXF+Un2WSa/hpNxBCVnFUNs+caS12hVliUqoTwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFOHU/q/rZ1+HFrZHlvb5gRQrjl0jMB8GA1UdIwQY MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt MDYyYzY5MzNhYmVkLzEvNGRULXItdG5YNGNXdGtlVzl2bUJGQ3VPWFNNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXy8+MA8E AgACMAkDBwAqAgEoAAYwDQYJKoZIhvcNAQELBQADggEBAHYbspqA6dH16t2/laDG kJ6RdIDnW1sCkCOD7CkpJ5rhFFn37OCZzEPa6FJa7/scRfLbv8bcA40dFTCtuZ2S eR2mFBKSGO8GVng588VnO06HoDLwZzKnI6S54vlM5o7GUgwyHVOSPCVAXXL4IyAB o1lgrPKjVLO4Ngw+H6973GoGqeqWAEapFMjLyuoHktupMjZgNlRV/PFm6TSk9GnB AL0Sg02l4BnYcmUATbA/PpWqhYMVt/hvIzPilvciT6vLB8OsR3+lmdfd4Kszaa5/ EqxLkI8omP6vZc0y5JzrIFAnhBEqiHrE7FEtLep1Su79qOtjr7OfquM09xFLyzC/ sD8= -----END CERTIFICATE-----Generated at Sun Jan 25 20:47:00 2026 by rpki-client