This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/Aht0dpZHvLlZm49PYsO1wdj9-Nk.roa File: Aht0dpZHvLlZm49PYsO1wdj9-Nk.roa (raw, json) Hash identifier: f/A04MrT12ymQ0ZVfN8ubwpm0ar44+1vbL53AKqACcw= Subject key identifier: 02:1B:74:76:96:47:BC:B9:59:9B:8F:4F:62:C3:B5:C1:D8:FD:F8:D9 Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3 Certificate serial: 019B7BA51FD55B526CA39A75BFCF7E9CC456 Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/Aht0dpZHvLlZm49PYsO1wdj9-Nk.roa Signing time: Thu 01 Jan 2026 22:19:37 +0000 ROA not before: Thu 01 Jan 2026 22:19:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199330 IP address blocks: 194.169.218.0/24 maxlen: 24 2001:67c:13cc::/48 maxlen: 48 2a04:2b00:a005::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.mft rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:1f:d5:5b:52:6c:a3:9a:75:bf:cf:7e:9c:c4:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3 Validity Not Before: Jan 1 22:19:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=021b74769647bcb9599b8f4f62c3b5c1d8fdf8d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:84:dc:46:8c:61:c9:08:c9:b2:44:75:cd:ad: 64:66:2a:7d:10:e6:8f:e0:6c:78:cc:ef:54:dc:a0: 77:60:68:3b:2b:a4:7b:93:07:65:15:0c:5a:6c:65: d1:d2:33:65:c0:4c:bf:13:5c:8d:43:28:1f:3d:d2: b3:2d:31:6e:2d:5d:29:c8:8e:2d:e7:73:0f:2c:19: 18:58:2c:27:e9:f7:5e:67:55:34:1b:91:1d:1c:61: b8:48:8c:58:a7:31:41:a1:c9:d0:da:f3:ab:67:31: 7d:8c:e4:4f:a3:af:85:75:db:d2:62:3b:ae:2c:90: f5:ae:a8:76:e9:8a:9f:c1:b6:17:03:59:91:33:09: 96:81:dd:f2:07:04:ec:4d:ad:92:b3:78:a2:31:11: 94:14:7c:d1:5f:ac:37:d2:61:c6:71:51:a5:c6:c5: 8a:fc:38:4e:76:e1:6e:2c:8b:fb:b3:b4:6c:51:54: 5f:53:8d:0d:be:42:fe:96:43:d3:4b:c4:88:9a:9d: bb:4c:37:1b:01:62:0b:3e:5c:dc:02:a8:89:5a:7d: b1:68:99:9c:1b:95:1b:73:52:ae:c8:26:40:52:3d: c3:19:c4:ca:d6:70:93:2c:3e:09:5b:80:b3:1d:ee: 16:5f:6a:e0:be:ea:7a:79:94:b8:4e:e2:f0:f4:1c: fe:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:1B:74:76:96:47:BC:B9:59:9B:8F:4F:62:C3:B5:C1:D8:FD:F8:D9 X509v3 Authority Key Identifier: keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/Aht0dpZHvLlZm49PYsO1wdj9-Nk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.169.218.0/24 IPv6: 2001:67c:13cc::/48 2a04:2b00:a005::/48 Signature Algorithm: sha256WithRSAEncryption 5f:50:de:5b:f5:f1:5a:77:b9:8c:65:2d:6a:0d:92:b1:37:5e: 3a:50:3b:20:27:03:9f:43:9e:bc:49:39:3f:e8:a5:9a:98:ad: 59:7f:62:d3:5e:22:ff:0b:00:3d:ac:fa:65:04:be:e8:69:2d: 37:51:1a:86:50:0b:f6:2b:24:ad:59:db:56:91:41:f7:c2:f9: d6:68:b4:05:32:91:c5:a2:c1:da:b5:41:d0:32:47:90:bc:15: a5:9b:21:6e:28:e5:d8:40:c0:af:47:b6:0b:4c:93:7a:e6:cc: e8:94:07:51:b9:53:1d:42:d5:14:6a:b9:b0:ba:e4:09:b1:78: d7:35:9e:fe:53:d7:8e:3e:9b:d9:32:45:46:36:ff:ea:c1:13: f0:16:d8:1f:b9:44:c1:59:d1:47:38:ab:02:0e:18:f0:08:ad: 28:cc:87:9b:fa:96:e1:40:f0:5f:47:17:52:74:65:ee:9a:b7: 7b:40:6a:b4:dd:ed:08:a3:a8:2b:74:05:87:35:0f:7a:d2:23: 74:86:60:ba:e6:b5:82:11:6c:7c:03:01:19:8a:07:06:3b:55: 01:32:8f:52:0e:f5:f9:58:0e:9f:68:08:f2:19:a6:05:d8:7a: 64:13:90:3d:3f:82:d2:b9:07:b9:5f:16:14:5d:62:65:67:99: ff:a6:c2:ac -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt7pR/VW1Jso5p1v89+nMRWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ3NzZhZmI3NGZhZDViYWYwYTYxODBiNDk1MTBkOGI4NDk3 ZGY4ZDMwHhcNMjYwMTAxMjIxOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMjFiNzQ3Njk2NDdiY2I5NTk5YjhmNGY2MmMzYjVjMWQ4ZmRmOGQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxITcRoxhyQjJskR1za1kZip9EOaP 4Gx4zO9U3KB3YGg7K6R7kwdlFQxabGXR0jNlwEy/E1yNQygfPdKzLTFuLV0pyI4t 53MPLBkYWCwn6fdeZ1U0G5EdHGG4SIxYpzFBocnQ2vOrZzF9jORPo6+FddvSYjuu LJD1rqh26YqfwbYXA1mRMwmWgd3yBwTsTa2Ss3iiMRGUFHzRX6w30mHGcVGlxsWK /DhOduFuLIv7s7RsUVRfU40NvkL+lkPTS8SImp27TDcbAWILPlzcAqiJWn2xaJmc G5Ubc1KuyCZAUj3DGcTK1nCTLD4JW4CzHe4WX2rgvup6eZS4TuLw9Bz+WQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFAIbdHaWR7y5WZuPT2LDtcHY/fjZMB8GA1UdIwQY MBaAFEd2r7dPrVuvCmGAtJUQ2LhJffjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEt MDUzOGU5NWYzZjEyLzEvQWh0MGRwWkh2TGxabTQ5UFlzTzF3ZGo5LU5rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEtMDUzOGU5NWYzZjEy LzEvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwqnaMBgE AgACMBIDBwAgAQZ8E8wDBwAqBCsAoAUwDQYJKoZIhvcNAQELBQADggEBAF9Q3lv1 8Vp3uYxlLWoNkrE3XjpQOyAnA59DnrxJOT/opZqYrVl/YtNeIv8LAD2s+mUEvuhp LTdRGoZQC/YrJK1Z21aRQffC+dZotAUykcWiwdq1QdAyR5C8FaWbIW4o5dhAwK9H tgtMk3rmzOiUB1G5Ux1C1RRqubC65AmxeNc1nv5T144+m9kyRUY2/+rBE/AW2B+5 RMFZ0Uc4qwIOGPAIrSjMh5v6luFA8F9HF1J0Ze6at3tAarTd7QijqCt0BYc1D3rS I3SGYLrmtYIRbHwDARmKBwY7VQEyj1IO9flYDp9oCPIZpgXYemQTkD0/gtK5B7lf FhRdYmVnmf+mwqw= -----END CERTIFICATE-----Generated at Mon Jan 26 21:18:50 2026 by rpki-client