This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/cpTfXtYH4v1rSjqKtu9ZqpUx3xM.roa File: cpTfXtYH4v1rSjqKtu9ZqpUx3xM.roa (raw, json) Hash identifier: ovwDXS3yKtACozUh0/9y9dib/PgNmZTku682Xe84kxM= Subject key identifier: 72:94:DF:5E:D6:07:E2:FD:6B:4A:3A:8A:B6:EF:59:AA:95:31:DF:13 Certificate issuer: /CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9 Certificate serial: 019B7910C6AD3BFDFBEBB7FC849DCC8F4AA2 Authority key identifier: CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/cpTfXtYH4v1rSjqKtu9ZqpUx3xM.roa Signing time: Thu 01 Jan 2026 10:18:21 +0000 ROA not before: Thu 01 Jan 2026 10:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60442 IP address blocks: 46.28.233.0/24 maxlen: 24 2a02:ed40:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.crl rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.mft rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:c6:ad:3b:fd:fb:eb:b7:fc:84:9d:cc:8f:4a:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9 Validity Not Before: Jan 1 10:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7294df5ed607e2fd6b4a3a8ab6ef59aa9531df13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:95:89:23:df:1d:5f:79:89:c2:22:f0:80:ca: 5d:ca:91:8f:12:7b:1c:50:4a:5a:8f:27:0c:05:49: a2:3d:02:fd:d7:10:d7:a3:44:f5:bf:c8:ca:f7:1e: ce:2c:c8:ff:76:53:ad:69:c2:ad:43:6d:34:4d:f3: 9a:05:fc:03:1b:08:5a:93:19:7b:38:4a:c0:6e:42: f9:4f:a8:77:6b:14:c7:59:06:bc:99:fb:3c:bf:d5: 32:dc:99:b5:9e:e7:7d:c0:66:b0:18:8d:db:b0:9a: 47:e6:82:20:b1:55:b9:bb:c1:9c:0d:81:99:6c:74: 35:d6:8a:bf:e6:22:7a:85:0d:19:44:8b:12:2c:c7: 13:aa:d4:cc:a9:46:90:8b:7b:20:bd:a9:4f:be:3a: c1:fb:23:b4:cc:77:6d:16:9e:ca:22:54:11:c0:1a: a4:26:14:ce:4b:c1:d0:0e:ff:5b:89:0b:96:1f:b6: 05:ca:6d:25:4f:53:d8:86:c4:c9:3c:64:c5:4c:00: 69:c1:c3:4e:85:4b:cd:ff:5e:19:db:f5:af:58:a7: 82:07:5f:2c:5d:12:fe:87:41:2f:b6:7b:3d:bc:90: 82:d7:2f:2a:f7:43:d7:b5:27:69:da:c1:8d:f2:8a: 5e:8f:9d:13:cc:6a:89:39:35:b5:a6:6f:0b:65:40: 1d:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:94:DF:5E:D6:07:E2:FD:6B:4A:3A:8A:B6:EF:59:AA:95:31:DF:13 X509v3 Authority Key Identifier: keyid:CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/cpTfXtYH4v1rSjqKtu9ZqpUx3xM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.28.233.0/24 IPv6: 2a02:ed40:1::/48 Signature Algorithm: sha256WithRSAEncryption 13:54:b9:2c:77:4d:d0:70:4d:45:05:5c:85:10:b8:40:a3:e0: d4:43:c8:d4:34:ee:77:9e:d4:6c:d9:35:6e:9f:be:f3:68:8c: 12:27:25:81:c8:e1:3b:10:49:1b:44:d9:48:bb:b0:26:8c:1a: fc:83:70:c1:69:30:a1:5a:ba:05:e5:09:f5:40:ce:6d:eb:82: b7:19:4e:df:ed:38:00:51:72:a9:69:49:98:79:72:b6:24:23: 4f:15:95:0b:64:f9:e2:16:e4:80:5e:9c:d5:ce:57:66:0d:4f: 97:9a:7e:cc:0b:c7:31:b7:32:1f:38:91:08:17:2b:1e:ee:2c: 7c:67:02:2d:70:8f:d9:2f:39:b6:e0:ea:73:e0:af:09:19:ab: 4d:cd:32:d5:d6:6a:56:64:87:d8:c6:00:51:0e:47:29:7f:63: 26:a1:6e:b0:a4:43:67:b6:f2:6a:26:a8:2a:84:24:0d:97:3c: 5c:24:db:15:1a:32:37:2c:3d:9c:c6:c0:8d:0c:ee:55:92:58: c2:3d:d3:c8:cc:65:e4:13:fc:75:70:ec:5a:81:d6:39:ad:22: e2:36:9b:e0:e7:f4:48:6d:33:d7:7d:9f:46:0f:a9:18:60:98: e5:2f:52:9c:0e:5c:43:e9:6a:ac:9e:a4:d1:85:cf:bd:f4:34: 2f:81:11:2d -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt5EMatO/3767f8hJ3Mj0qiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhM2I4NmU2NTQ3MGY5OTRkZmE2ZDZmZWU4ZTI2NGRiNjJl MjRhZjkwHhcNMjYwMTAxMTAxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3Mjk0ZGY1ZWQ2MDdlMmZkNmI0YTNhOGFiNmVmNTlhYTk1MzFkZjEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZWJI98dX3mJwiLwgMpdypGPEnsc UEpajycMBUmiPQL91xDXo0T1v8jK9x7OLMj/dlOtacKtQ200TfOaBfwDGwhakxl7 OErAbkL5T6h3axTHWQa8mfs8v9Uy3Jm1nud9wGawGI3bsJpH5oIgsVW5u8GcDYGZ bHQ11oq/5iJ6hQ0ZRIsSLMcTqtTMqUaQi3sgvalPvjrB+yO0zHdtFp7KIlQRwBqk JhTOS8HQDv9biQuWH7YFym0lT1PYhsTJPGTFTABpwcNOhUvN/14Z2/WvWKeCB18s XRL+h0Evtns9vJCC1y8q90PXtSdp2sGN8opej50TzGqJOTW1pm8LZUAdVwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFHKU317WB+L9a0o6irbvWaqVMd8TMB8GA1UdIwQY MBaAFMo7huZUcPmU36bW/ujiZNti4kr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgt OTUzMWQyNGUwNjEwLzEvY3BUZlh0WUg0djFyU2pxS3R1OVpxcFV4M3hNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgtOTUzMWQyNGUwNjEw LzEveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALhzpMA8E AgACMAkDBwAqAu1AAAEwDQYJKoZIhvcNAQELBQADggEBABNUuSx3TdBwTUUFXIUQ uECj4NRDyNQ07nee1GzZNW6fvvNojBInJYHI4TsQSRtE2Ui7sCaMGvyDcMFpMKFa ugXlCfVAzm3rgrcZTt/tOABRcqlpSZh5crYkI08VlQtk+eIW5IBenNXOV2YNT5ea fswLxzG3Mh84kQgXKx7uLHxnAi1wj9kvObbg6nPgrwkZq03NMtXWalZkh9jGAFEO Ryl/YyahbrCkQ2e28momqCqEJA2XPFwk2xUaMjcsPZzGwI0M7lWSWMI908jMZeQT /HVw7FqB1jmtIuI2m+Dn9EhtM9d9n0YPqRhgmOUvUpwOXEPpaqyepNGFz730NC+B ES0= -----END CERTIFICATE-----Generated at Mon Jan 26 05:39:24 2026 by rpki-client