This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/Rt1klmsuPPhKUUAX1jpG9imFa2c.roa File: Rt1klmsuPPhKUUAX1jpG9imFa2c.roa (raw, json) Hash identifier: sokdc0UCHJ/WMQvZrRXw0OuefJTfuVtBVLK9tFuDXWI= Subject key identifier: 46:DD:64:96:6B:2E:3C:F8:4A:51:40:17:D6:3A:46:F6:29:85:6B:67 Certificate issuer: /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc Certificate serial: 019B79ECD96E5A337307EA6439B74C04A263 Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/Rt1klmsuPPhKUUAX1jpG9imFa2c.roa Signing time: Thu 01 Jan 2026 14:18:43 +0000 ROA not before: Thu 01 Jan 2026 14:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 19324 IP address blocks: 91.197.228.0/22 maxlen: 24 185.181.116.0/22 maxlen: 24 2a0a:cb80::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.mft rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:d9:6e:5a:33:73:07:ea:64:39:b7:4c:04:a2:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc Validity Not Before: Jan 1 14:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=46dd64966b2e3cf84a514017d63a46f629856b67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:09:de:70:b6:83:db:ec:a0:6e:ef:1c:ce:9b: e1:a8:5c:12:31:d5:af:a9:8c:9e:c3:90:0a:ed:e2: f1:9f:1c:b6:83:42:86:28:39:75:a6:f6:1b:25:45: 7b:84:2d:27:1a:0b:01:ab:3d:a5:fe:5e:49:4f:1b: 5a:c1:94:18:60:73:0e:97:4a:c0:ad:c6:a3:70:63: bc:30:18:dc:2c:97:ef:10:af:8f:47:e7:42:f3:a5: e5:a9:4a:06:87:52:0e:c3:8f:ea:3c:3a:86:11:0e: c0:cd:59:8b:85:4d:87:ca:eb:1e:c4:54:51:ef:77: 8e:25:ba:f5:dc:6b:0c:75:1c:1b:76:63:fb:d2:17: 46:d3:1e:47:0b:7e:e1:fa:1f:cd:59:a0:58:4c:c2: d9:2f:39:e6:cf:25:27:50:f7:c3:d8:53:0a:d7:96: e5:ac:8c:85:bc:4f:e6:b3:f6:8b:f1:48:85:0f:42: 4e:74:de:dc:25:15:60:67:95:19:44:61:26:5a:89: 91:73:69:77:55:eb:3d:f4:0e:d9:31:3f:0f:fa:75: 67:1b:8a:e9:d3:f3:a9:7e:03:62:4a:2a:9f:cf:df: 1f:75:34:3d:52:10:c0:43:44:47:94:30:d7:07:9c: 9e:4c:93:fa:51:00:ad:12:40:a3:b4:36:7b:e9:88: cc:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:DD:64:96:6B:2E:3C:F8:4A:51:40:17:D6:3A:46:F6:29:85:6B:67 X509v3 Authority Key Identifier: keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/Rt1klmsuPPhKUUAX1jpG9imFa2c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.197.228.0/22 185.181.116.0/22 IPv6: 2a0a:cb80::/32 Signature Algorithm: sha256WithRSAEncryption 5c:d1:aa:7f:2d:64:ec:c1:5c:01:cd:a4:ff:7d:90:f5:f5:84: 21:d7:90:2e:da:85:0f:3b:d7:6a:9e:1c:37:73:44:ce:70:36: 78:c8:73:a2:37:88:77:c0:94:c3:30:ea:1b:15:65:b7:51:61: 29:d5:db:3a:7e:27:46:5a:c9:22:bd:55:45:ab:bf:80:f9:61: 6b:77:d2:6c:ea:7a:b6:90:b4:f7:94:15:7c:2d:0f:40:9f:dc: 4f:79:50:8f:93:6c:23:3a:34:81:19:59:e2:2e:38:5a:08:4d: a7:e1:62:a8:74:7a:61:03:86:5e:a4:d6:cb:fe:d9:d2:5d:dd: e1:79:e6:b4:80:e1:8b:0f:77:2d:b9:3d:0b:31:b7:fe:47:36: 17:c5:8c:2c:ca:5f:09:0b:46:34:d3:1c:1b:9d:c3:6b:9f:ee: 31:39:dc:60:3f:be:f0:b6:40:97:22:2e:75:6c:da:e4:4c:ff: 5f:39:39:95:73:be:5c:99:c0:3a:98:26:5d:c5:53:3d:26:eb: fc:90:5a:2e:7b:b4:d1:d4:32:73:7a:ad:6d:f6:56:95:c5:61: 1a:ea:cb:68:7e:c9:33:d2:37:90:16:a6:6c:93:e6:a6:5b:84: da:4d:ee:7f:1b:2b:6b:cf:ef:4a:cf:4b:ea:e9:7f:02:7a:c6: 8a:c0:a9:20 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt57NluWjNzB+pkObdMBKJjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm MTFkZmMwHhcNMjYwMTAxMTQxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NmRkNjQ5NjZiMmUzY2Y4NGE1MTQwMTdkNjNhNDZmNjI5ODU2YjY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAnecLaD2+ygbu8czpvhqFwSMdWv qYyew5AK7eLxnxy2g0KGKDl1pvYbJUV7hC0nGgsBqz2l/l5JTxtawZQYYHMOl0rA rcajcGO8MBjcLJfvEK+PR+dC86XlqUoGh1IOw4/qPDqGEQ7AzVmLhU2HyusexFRR 73eOJbr13GsMdRwbdmP70hdG0x5HC37h+h/NWaBYTMLZLznmzyUnUPfD2FMK15bl rIyFvE/ms/aL8UiFD0JOdN7cJRVgZ5UZRGEmWomRc2l3Ves99A7ZMT8P+nVnG4rp 0/OpfgNiSiqfz98fdTQ9UhDAQ0RHlDDXB5yeTJP6UQCtEkCjtDZ76YjMTQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFEbdZJZrLjz4SlFAF9Y6RvYphWtnMB8GA1UdIwQY MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt ZDE2M2I1NDk5ZTY4LzEvUnQxa2xtc3VQUGhLVVVBWDFqcEc5aW1GYTJjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4 LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQBc0ap/LWTswVwB zaT/fZD19YQh15Au2oUPO9dqnhw3c0TOcDZ4yHOiN4h3wJTDMOobFWW3UWEp1ds6 fidGWskivVVFq7+A+WFrd9Js6nq2kLT3lBV8LQ9An9xPeVCPk2wjOjSBGVniLjha CE2n4WKodHphA4ZepNbL/tnSXd3heea0gOGLD3ctuT0LMbf+RzYXxYwsyl8JC0Y0 0xwbncNrn+4xOdxgP77wtkCXIi51bNrkTP9fOTmVc75cmcA6mCZdxVM9Juv8kFou e7TR1DJzeq1t9laVxWEa6stofskz0jeQFqZsk+amW4TaTe5/Gytrz+9Kz0vq6X8C esaKwKkg -----END CERTIFICATE-----Generated at Sun Jan 25 23:31:53 2026 by rpki-client