This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/4NONcDvqiCRqgZcQTfcqHeSzpuE.roa File: 4NONcDvqiCRqgZcQTfcqHeSzpuE.roa (raw, json) Hash identifier: R27IngHDs3jcZqqkBeixBQgUg7p/CUgoVimY+Zoh0rs= Subject key identifier: E0:D3:8D:70:3B:EA:88:24:6A:81:97:10:4D:F7:2A:1D:E4:B3:A6:E1 Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3 Certificate serial: 019B7B36A100BF09FA8A26118806A33CF1DC Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/4NONcDvqiCRqgZcQTfcqHeSzpuE.roa Signing time: Thu 01 Jan 2026 20:18:56 +0000 ROA not before: Thu 01 Jan 2026 20:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 4004 IP address blocks: 57.66.0.0/15 maxlen: 32 57.66.0.0/17 maxlen: 24 57.78.0.0/16 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.mft rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:a1:00:bf:09:fa:8a:26:11:88:06:a3:3c:f1:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3 Validity Not Before: Jan 1 20:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e0d38d703bea88246a8197104df72a1de4b3a6e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:95:1f:05:aa:4d:29:69:5f:b6:81:5b:c3:ad: 21:a0:43:db:24:50:ea:4f:6e:27:90:fd:71:9a:6c: 56:a7:d7:c7:ca:f3:4b:91:77:1a:da:17:b2:76:a7: 2d:9f:6e:34:b8:e8:87:47:d0:78:08:0b:6e:38:70: ce:b7:0e:41:0b:8c:96:ea:5d:89:34:d8:50:10:b3: dc:a7:b7:1b:88:f1:66:2b:ad:26:64:e5:ed:50:89: c2:ff:a3:dc:ad:8b:95:7f:b8:72:03:07:71:9c:20: 55:08:eb:80:9e:e6:7d:fe:ec:48:34:6e:d5:98:23: e7:a1:08:af:cb:9b:5c:19:d5:87:da:32:90:c1:7b: ee:50:bb:8c:60:ae:56:97:46:10:fb:55:83:b1:35: 12:25:1f:40:f2:07:3f:0a:1f:dd:5f:7d:5f:e4:8a: 56:00:e0:84:b5:3c:01:a8:9d:7b:48:76:dd:95:6f: 05:1e:09:5d:fb:4a:09:f0:50:41:45:c4:41:ed:86: a1:16:4f:f5:a4:4f:06:a9:63:0f:60:48:ac:85:7a: 8a:42:ce:95:aa:75:9c:4e:73:7e:a9:e9:ed:39:b7: c8:c5:1f:06:4f:21:d5:4a:ef:31:76:fc:80:29:38: c7:76:d3:88:e7:6f:ea:e1:5a:89:c7:b1:b5:8f:ea: b9:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:D3:8D:70:3B:EA:88:24:6A:81:97:10:4D:F7:2A:1D:E4:B3:A6:E1 X509v3 Authority Key Identifier: keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/4NONcDvqiCRqgZcQTfcqHeSzpuE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 57.66.0.0/15 57.78.0.0/16 Signature Algorithm: sha256WithRSAEncryption 08:b6:95:86:eb:69:9a:d2:7c:ac:62:e5:e1:74:79:af:09:06: 71:37:5d:53:eb:68:46:d0:43:48:db:af:4b:01:35:82:3f:11: 75:73:ad:29:1f:67:3d:6b:fa:0c:68:76:01:d0:9d:1a:41:23: 8c:03:f3:57:9e:fd:a6:79:93:ef:e4:ff:f3:27:17:5f:b6:ed: 7f:0c:dd:0f:a7:34:58:70:38:d1:01:0a:85:7d:2d:d9:00:78: 64:90:af:db:51:58:ac:00:bf:c1:36:0e:39:f8:a7:19:03:87: 53:df:3b:93:db:40:18:a5:33:92:b7:ac:26:57:53:bd:e2:d1: 56:38:0f:5a:2f:3a:43:e5:e5:a4:6b:11:3b:ee:3e:13:bd:2c: ea:d6:91:8f:6e:fe:a7:a5:da:bc:d0:0b:65:1d:41:fb:ce:ac: 31:fd:e9:b2:2f:4a:9a:ab:9d:43:bb:61:3e:ce:79:3b:52:f5: 22:39:4b:6a:60:7f:70:a3:3e:fb:3e:0a:ec:f3:9b:23:5d:0c: 68:30:f4:b0:0a:d4:9e:8a:57:52:7b:9b:cc:b5:7f:f0:6c:98: 2b:93:43:cd:8f:3b:a6:28:9b:43:11:a5:03:41:17:64:ab:a9: 74:68:a9:dc:50:2f:8f:51:47:02:d4:46:29:00:53:01:c2:ec: 9d:24:24:22 -----BEGIN CERTIFICATE----- MIIFATCCA+mgAwIBAgISAZt7NqEAvwn6iiYRiAajPPHcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy NWYxZjMwHhcNMjYwMTAxMjAxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMGQzOGQ3MDNiZWE4ODI0NmE4MTk3MTA0ZGY3MmExZGU0YjNhNmUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJUfBapNKWlftoFbw60hoEPbJFDq T24nkP1xmmxWp9fHyvNLkXca2heydqctn240uOiHR9B4CAtuOHDOtw5BC4yW6l2J NNhQELPcp7cbiPFmK60mZOXtUInC/6PcrYuVf7hyAwdxnCBVCOuAnuZ9/uxING7V mCPnoQivy5tcGdWH2jKQwXvuULuMYK5Wl0YQ+1WDsTUSJR9A8gc/Ch/dX31f5IpW AOCEtTwBqJ17SHbdlW8FHgld+0oJ8FBBRcRB7YahFk/1pE8GqWMPYEishXqKQs6V qnWcTnN+qentObfIxR8GTyHVSu8xdvyAKTjHdtOI52/q4VqJx7G1j+q5NQIDAQAB o4ICDTCCAgkwHQYDVR0OBBYEFODTjXA76ogkaoGXEE33Kh3ks6bhMB8GA1UdIwQY MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt YTNiNzRmOTY0MWFjLzEvNE5PTmNEdnFpQ1JxZ1pjUVRmY3FIZVN6cHVFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMBOUIDAwA5 TjANBgkqhkiG9w0BAQsFAAOCAQEACLaVhutpmtJ8rGLl4XR5rwkGcTddU+toRtBD SNuvSwE1gj8RdXOtKR9nPWv6DGh2AdCdGkEjjAPzV579pnmT7+T/8ycXX7btfwzd D6c0WHA40QEKhX0t2QB4ZJCv21FYrAC/wTYOOfinGQOHU987k9tAGKUzkresJldT veLRVjgPWi86Q+XlpGsRO+4+E70s6taRj27+p6XavNALZR1B+86sMf3psi9Kmqud Q7thPs55O1L1IjlLamB/cKM++z4K7PObI10MaDD0sArUnopXUnubzLV/8GyYK5ND zY87piibQxGlA0EXZKupdGip3FAvj1FHAtRGKQBTAcLsnSQkIg== -----END CERTIFICATE-----Generated at Sun Jan 25 17:19:10 2026 by rpki-client