This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/k9aptvqWA05x4uvgA-vKuzilVzU.roa File: k9aptvqWA05x4uvgA-vKuzilVzU.roa (raw, json) Hash identifier: BJ061QuQOWlxavQBE+4vNFSfiTJRQL5oGm4+Ibheqps= Subject key identifier: 93:D6:A9:B6:FA:96:03:4E:71:E2:EB:E0:03:EB:CA:BB:38:A5:57:35 Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee Certificate serial: 019B79ECB31B287588D137DC19711D3513A2 Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/k9aptvqWA05x4uvgA-vKuzilVzU.roa Signing time: Thu 01 Jan 2026 14:18:33 +0000 ROA not before: Thu 01 Jan 2026 14:18:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43967 IP address blocks: 45.159.100.0/22 maxlen: 24 195.158.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.mft rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 08:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:b3:1b:28:75:88:d1:37:dc:19:71:1d:35:13:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee Validity Not Before: Jan 1 14:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=93d6a9b6fa96034e71e2ebe003ebcabb38a55735 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:3e:78:a1:20:d1:f8:ca:7f:d2:df:d0:8d:eb: 26:e6:78:2f:6d:57:b6:f0:89:3c:f3:ce:30:db:ff: a0:81:b0:ea:c4:94:7a:0c:67:37:02:0f:9c:b4:a0: e5:a0:ee:76:38:d3:d0:aa:32:da:21:32:af:14:a4: 2e:ab:24:07:80:7a:d4:5d:be:4f:13:2a:4a:94:ad: c4:a3:d5:58:61:6a:13:5d:cd:3d:9c:9b:bd:e0:55: 4c:97:5e:af:b2:3b:c2:fa:cb:b4:d0:1a:9e:1f:d8: 57:9c:8b:41:7f:d7:3e:6e:f8:ae:a5:6b:6c:c1:e3: ae:e6:16:c3:5e:af:b3:5f:0a:1e:2f:55:09:8e:11: a0:ec:0c:ee:5c:70:42:20:27:6a:f0:0e:da:72:6c: fc:7b:8a:8c:63:17:d2:1c:42:c2:e1:42:21:dc:42: 15:30:66:1b:23:fc:a3:86:09:e6:f5:06:bf:06:d2: f7:c8:8a:8d:03:0b:e2:a0:63:ed:4b:f2:fd:fc:e3: 1c:09:83:6d:5b:e6:72:92:44:9c:15:eb:cf:64:4f: bf:8e:1e:7d:8d:77:05:05:74:92:57:f9:a3:fd:a3: 7c:f2:19:11:a9:25:97:4f:f2:24:b2:ab:f1:c2:1a: 50:d9:13:c4:a8:b1:3e:87:9f:84:05:0e:ec:6f:9e: 14:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:D6:A9:B6:FA:96:03:4E:71:E2:EB:E0:03:EB:CA:BB:38:A5:57:35 X509v3 Authority Key Identifier: keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/k9aptvqWA05x4uvgA-vKuzilVzU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.159.100.0/22 195.158.196.0/22 Signature Algorithm: sha256WithRSAEncryption 3a:db:45:a1:4b:c1:8e:96:c3:b3:63:c9:19:8a:f3:c7:fa:a3: 40:61:2d:cc:49:ef:9e:36:90:be:89:51:6b:8d:e1:4b:62:9d: 5d:26:53:2a:53:d4:36:3d:44:65:bb:83:4f:85:a6:d8:8e:fb: c3:f8:94:9f:2c:36:ff:98:12:1d:79:c1:7e:c8:ce:0d:ec:97: 8e:b5:e3:db:ea:53:58:70:18:75:2f:fe:5d:af:93:a1:9d:2b: 56:fd:f6:3b:3a:ae:a0:db:ef:b1:26:7e:27:58:28:08:13:a1: 4e:bd:09:ff:f5:95:9e:e3:66:fc:15:b1:e1:c6:76:e2:11:5e: 55:6b:bf:3c:a7:5c:dd:1d:be:fe:56:49:2a:f4:c5:cb:69:6e: 46:b2:1d:bf:75:1d:4a:dd:34:50:fc:0d:81:d4:59:6b:ce:d8: 59:c4:69:9c:f1:6c:93:67:b9:a7:08:e1:1c:03:14:00:e5:1c: 52:88:ba:8e:96:5d:16:c1:aa:56:cb:d0:75:85:60:cf:fb:6b: a5:ff:f6:9b:1c:6b:76:c2:90:17:48:cc:0c:79:12:6d:f8:bf: 95:aa:31:3e:65:a2:bf:56:d3:e6:57:2b:e8:f9:f2:5a:03:bb: 2f:da:ac:ee:2f:1a:a7:b3:a5:7f:ec:59:95:09:11:3e:78:60: 86:63:88:17 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt57LMbKHWI0TfcGXEdNROiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5 MDZjZWUwHhcNMjYwMTAxMTQxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5M2Q2YTliNmZhOTYwMzRlNzFlMmViZTAwM2ViY2FiYjM4YTU1NzM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj54oSDR+Mp/0t/Qjesm5ngvbVe2 8Ik8884w2/+ggbDqxJR6DGc3Ag+ctKDloO52ONPQqjLaITKvFKQuqyQHgHrUXb5P EypKlK3Eo9VYYWoTXc09nJu94FVMl16vsjvC+su00BqeH9hXnItBf9c+bviupWts weOu5hbDXq+zXwoeL1UJjhGg7AzuXHBCICdq8A7acmz8e4qMYxfSHELC4UIh3EIV MGYbI/yjhgnm9Qa/BtL3yIqNAwvioGPtS/L9/OMcCYNtW+ZykkScFevPZE+/jh59 jXcFBXSSV/mj/aN88hkRqSWXT/IksqvxwhpQ2RPEqLE+h5+EBQ7sb54U/wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFJPWqbb6lgNOceLr4APryrs4pVc1MB8GA1UdIwQY MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt MDkwYzQ2ZTlmMmVkLzEvazlhcHR2cVdBMDV4NHV2Z0Etdkt1emlsVnpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZ9kAwQC w57EMA0GCSqGSIb3DQEBCwUAA4IBAQA620WhS8GOlsOzY8kZivPH+qNAYS3MSe+e NpC+iVFrjeFLYp1dJlMqU9Q2PURlu4NPhabYjvvD+JSfLDb/mBIdecF+yM4N7JeO tePb6lNYcBh1L/5dr5OhnStW/fY7Oq6g2++xJn4nWCgIE6FOvQn/9ZWe42b8FbHh xnbiEV5Va788p1zdHb7+Vkkq9MXLaW5Gsh2/dR1K3TRQ/A2B1FlrzthZxGmc8WyT Z7mnCOEcAxQA5RxSiLqOll0WwapWy9B1hWDP+2ul//abHGt2wpAXSMwMeRJt+L+V qjE+ZaK/VtPmVyvo+fJaA7sv2qzuLxqns6V/7FmVCRE+eGCGY4gX -----END CERTIFICATE-----Generated at Mon Jan 26 13:44:39 2026 by rpki-client