This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/Ae4-OOb-2nImKqdi1MxBgmBoWVs.roa File: Ae4-OOb-2nImKqdi1MxBgmBoWVs.roa (raw, json) Hash identifier: KwsDySAe+eP5dCXWhiEtsf9rm3LNfZPilz1MOuwv4sU= Subject key identifier: 01:EE:3E:38:E6:FE:DA:72:26:2A:A7:62:D4:CC:41:82:60:68:59:5B Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318 Certificate serial: 019B7C135B7D99B68413D762D0B667569BB5 Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/Ae4-OOb-2nImKqdi1MxBgmBoWVs.roa Signing time: Fri 02 Jan 2026 00:20:01 +0000 ROA not before: Fri 02 Jan 2026 00:20:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 45929 IP address blocks: 45.82.4.0/22 maxlen: 22 45.88.84.0/22 maxlen: 22 45.132.120.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.mft rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:5b:7d:99:b6:84:13:d7:62:d0:b6:67:56:9b:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318 Validity Not Before: Jan 2 00:20:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=01ee3e38e6feda72262aa762d4cc41826068595b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:9f:dc:76:f8:2f:bb:59:d1:4c:03:39:36:d7: 81:62:b5:ea:35:1b:55:50:17:14:d9:34:6c:71:9a: d1:df:b2:4c:42:76:e4:44:5e:3c:2c:09:52:bf:02: b6:e0:86:35:8b:04:48:ec:06:48:2b:8c:93:b8:e9: 81:d7:0f:db:c2:47:0c:52:94:0e:b9:ee:ce:ab:83: 44:cb:2d:12:80:60:6d:7e:dd:21:b9:81:b0:29:44: ec:08:88:6d:24:1d:f3:2a:35:82:cc:86:91:ff:7e: a9:24:1d:44:9d:c5:19:71:bb:24:da:72:7b:45:de: 2c:f9:7d:41:1b:c1:37:3e:b9:e6:e0:73:00:30:d4: b1:39:87:22:89:65:b1:d1:bb:ec:bb:6c:3d:80:70: d0:7f:f4:16:8f:45:68:67:ed:65:44:73:66:0f:d1: 35:9c:39:eb:42:ac:78:78:88:13:0f:4f:3c:75:5b: ef:e8:b4:68:90:e3:47:92:ee:d5:c6:d1:2a:90:91: a9:66:b9:3c:ef:a3:e4:8c:a2:b6:24:1d:36:01:34: a8:6d:7a:41:43:a9:13:3c:f6:3a:83:d1:a3:7b:d9: 32:19:69:5a:f1:d6:25:f7:4b:79:52:ef:64:0c:50: 46:c8:e6:d7:33:5a:6e:08:60:1b:2e:27:44:5f:22: 25:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:EE:3E:38:E6:FE:DA:72:26:2A:A7:62:D4:CC:41:82:60:68:59:5B X509v3 Authority Key Identifier: keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/Ae4-OOb-2nImKqdi1MxBgmBoWVs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.82.4.0/22 45.88.84.0/22 45.132.120.0/22 Signature Algorithm: sha256WithRSAEncryption 32:2b:77:5d:7e:45:ad:91:06:ab:58:63:93:06:43:ff:0d:6e: d3:14:3e:b5:20:3d:26:f6:88:18:40:7e:a6:2e:fb:53:61:5c: c7:62:07:ea:f4:31:87:ce:08:3b:1a:0d:e2:80:66:67:79:db: 39:2c:16:22:44:1f:6d:54:6c:72:2e:19:5c:39:e5:61:6d:40: 4a:78:80:ab:6f:8b:4d:ee:cc:cb:08:eb:a3:28:8a:ed:4f:a5: 55:62:18:40:86:0f:2c:bc:53:c9:69:55:81:37:34:44:52:24: 74:76:d1:6d:42:c1:ef:43:db:3d:b9:a4:88:20:de:3c:88:5b: b5:1e:68:64:e8:ef:0a:87:2b:c1:8e:31:14:c3:84:e6:6d:d4: a4:c9:b5:9c:48:c5:d2:c6:c1:0b:08:c6:67:9a:91:de:c2:c1: 39:d7:f4:23:b6:58:a6:1a:16:02:44:7f:f5:f4:5a:13:e2:d1: 9f:32:28:bd:9c:74:f2:7f:35:08:d9:2e:23:f4:20:12:9d:d4: fa:d0:4a:71:53:c7:71:50:c8:1a:43:70:2a:4f:fe:47:8e:58: 1d:79:b6:13:88:bc:8e:54:37:53:74:0e:d4:5a:3f:9a:4b:e6: 73:73:ed:23:14:c1:cb:d0:58:d9:cb:c7:31:2c:a9:6e:85:fe: 8b:8f:64:39 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt8E1t9mbaEE9di0LZnVpu1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk NGYzMTgwHhcNMjYwMTAyMDAyMDAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMWVlM2UzOGU2ZmVkYTcyMjYyYWE3NjJkNGNjNDE4MjYwNjg1OTViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5/cdvgvu1nRTAM5NteBYrXqNRtV UBcU2TRscZrR37JMQnbkRF48LAlSvwK24IY1iwRI7AZIK4yTuOmB1w/bwkcMUpQO ue7Oq4NEyy0SgGBtft0huYGwKUTsCIhtJB3zKjWCzIaR/36pJB1EncUZcbsk2nJ7 Rd4s+X1BG8E3Prnm4HMAMNSxOYciiWWx0bvsu2w9gHDQf/QWj0VoZ+1lRHNmD9E1 nDnrQqx4eIgTD088dVvv6LRokONHku7VxtEqkJGpZrk876PkjKK2JB02ATSobXpB Q6kTPPY6g9Gje9kyGWla8dYl90t5Uu9kDFBGyObXM1puCGAbLidEXyIlqwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFAHuPjjm/tpyJiqnYtTMQYJgaFlbMB8GA1UdIwQY MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt NjMzNDhjZGJmMDI0LzEvQWU0LU9PYi0ybkltS3FkaTFNeEJnbUJvV1ZzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0 LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVIEAwQC LVhUAwQCLYR4MA0GCSqGSIb3DQEBCwUAA4IBAQAyK3ddfkWtkQarWGOTBkP/DW7T FD61ID0m9ogYQH6mLvtTYVzHYgfq9DGHzgg7Gg3igGZneds5LBYiRB9tVGxyLhlc OeVhbUBKeICrb4tN7szLCOujKIrtT6VVYhhAhg8svFPJaVWBNzREUiR0dtFtQsHv Q9s9uaSIIN48iFu1Hmhk6O8KhyvBjjEUw4TmbdSkybWcSMXSxsELCMZnmpHewsE5 1/QjtlimGhYCRH/19FoT4tGfMii9nHTyfzUI2S4j9CASndT60EpxU8dxUMgaQ3Aq T/5HjlgdebYTiLyOVDdTdA7UWj+aS+Zzc+0jFMHL0FjZy8cxLKluhf6Lj2Q5 -----END CERTIFICATE-----Generated at Sun Jan 25 21:05:02 2026 by rpki-client