This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/PkiZqQ7iJ7Jzg6XzDO2l9MmNMEY.roa File: PkiZqQ7iJ7Jzg6XzDO2l9MmNMEY.roa (raw, json) Hash identifier: hKIxEUdNJLMP6etqmKmdK8jRMbipaG/e6kA0CC/gt/w= Subject key identifier: 3E:48:99:A9:0E:E2:27:B2:73:83:A5:F3:0C:ED:A5:F4:C9:8D:30:46 Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Certificate serial: 019B7BA53F17B8C2E40AD87F98B9615041B8 Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/PkiZqQ7iJ7Jzg6XzDO2l9MmNMEY.roa Signing time: Thu 01 Jan 2026 22:19:45 +0000 ROA not before: Thu 01 Jan 2026 22:19:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61071 IP address blocks: 77.78.25.0/24 maxlen: 24 77.78.39.0/24 maxlen: 24 77.78.40.0/24 maxlen: 24 77.78.41.0/24 maxlen: 24 77.78.50.0/24 maxlen: 24 77.78.52.0/24 maxlen: 24 77.78.53.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:3f:17:b8:c2:e4:0a:d8:7f:98:b9:61:50:41:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Validity Not Before: Jan 1 22:19:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3e4899a90ee227b27383a5f30ceda5f4c98d3046 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:cb:ab:c2:6d:7c:2f:42:10:0b:59:5c:2f:38: aa:2c:07:84:c9:86:35:ca:f9:82:e5:7e:cb:b9:1b: c8:ae:9d:59:5f:95:16:44:0a:91:1b:c1:04:01:d0: ff:f4:c7:27:a2:eb:63:ef:5e:dc:b6:d0:12:d9:97: 3b:e0:fb:53:3f:7b:13:52:fd:dd:4a:18:99:28:74: 41:41:58:08:ae:cf:3f:f4:41:d7:de:40:11:8c:0c: 32:69:b3:5a:ae:4e:f8:09:ac:53:a4:c1:66:ea:53: 38:02:3d:d5:ea:25:5b:34:7a:50:c0:be:f7:73:33: e7:e5:83:af:7f:78:ee:6f:df:c7:e1:ad:5e:fb:ba: d8:54:1f:36:21:fb:05:e9:68:73:ee:a5:82:af:d4: ce:ef:e1:ee:16:6a:c5:d1:76:42:e2:d6:00:cf:c7: 55:c6:ea:f1:df:0d:43:04:76:5c:ad:8b:69:12:70: 49:8e:fb:52:18:da:db:5d:75:b2:80:e2:dd:a8:60: 3b:fb:6b:1d:f0:64:84:f6:df:27:a0:11:f9:07:7b: 60:0a:86:61:c5:be:62:f7:0f:9c:7b:67:1d:03:b9: 42:32:86:5c:72:c4:70:cf:bc:72:62:44:25:c6:5a: 4f:b6:2e:72:e3:d3:27:12:2d:51:6e:7c:9c:a1:cb: 17:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:48:99:A9:0E:E2:27:B2:73:83:A5:F3:0C:ED:A5:F4:C9:8D:30:46 X509v3 Authority Key Identifier: keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/PkiZqQ7iJ7Jzg6XzDO2l9MmNMEY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.78.25.0/24 77.78.39.0-77.78.41.255 77.78.50.0/24 77.78.52.0/23 Signature Algorithm: sha256WithRSAEncryption 4c:d4:39:6c:7a:b4:60:d0:a8:69:1a:e5:fd:63:18:77:95:02: 55:d7:ee:07:da:42:90:ea:00:58:f1:e2:99:c4:a5:e4:a8:79: 07:9f:30:35:7e:7c:19:10:56:62:6a:2c:1d:40:1e:6f:4b:02: 89:1f:23:a6:22:2b:47:4d:45:12:3a:97:08:d2:1b:53:84:13: 40:e2:68:38:6d:47:05:4b:48:37:53:be:de:c9:52:44:18:a3: 01:fc:35:d5:48:90:4b:2b:75:4c:f8:29:0a:7d:a4:77:70:b9: b1:fc:c3:b9:04:8e:5b:c4:60:44:ee:2a:90:98:12:b5:9a:a1: 4e:49:66:f3:da:80:71:6d:67:01:a0:86:80:6b:83:d1:98:6a: fb:e6:29:86:de:a6:6c:a7:e8:6c:ea:db:63:07:fd:f5:84:e6: 90:f1:d7:f6:8f:51:4d:fa:1e:83:ed:f6:8a:20:9e:21:89:0a: 94:2a:6f:88:a9:67:20:7a:11:93:4c:07:6f:07:a9:74:73:e2: 51:bf:50:ea:d2:f2:f3:38:cf:ad:58:83:c2:8b:c1:8b:49:ec: 26:cc:ac:04:19:5d:ca:83:e6:f3:39:50:7d:35:47:ac:65:62: 4c:eb:6c:28:38:35:68:3e:88:b3:e7:13:70:96:a8:19:cd:b9: 48:42:a6:b5 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt7pT8XuMLkCth/mLlhUEG4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4 ZmI0YzQwHhcNMjYwMTAxMjIxOTQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZTQ4OTlhOTBlZTIyN2IyNzM4M2E1ZjMwY2VkYTVmNGM5OGQzMDQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8urwm18L0IQC1lcLziqLAeEyYY1 yvmC5X7LuRvIrp1ZX5UWRAqRG8EEAdD/9Mcnoutj717cttAS2Zc74PtTP3sTUv3d ShiZKHRBQVgIrs8/9EHX3kARjAwyabNark74CaxTpMFm6lM4Aj3V6iVbNHpQwL73 czPn5YOvf3jub9/H4a1e+7rYVB82IfsF6Whz7qWCr9TO7+HuFmrF0XZC4tYAz8dV xurx3w1DBHZcrYtpEnBJjvtSGNrbXXWygOLdqGA7+2sd8GSE9t8noBH5B3tgCoZh xb5i9w+ce2cdA7lCMoZccsRwz7xyYkQlxlpPti5y49MnEi1RbnycocsXGQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFD5ImakO4ieyc4Ol8wztpfTJjTBGMB8GA1UdIwQY MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct ODcyYmEyZDlmNDRjLzEvUGtpWnFRN2lKN0p6ZzZYekRPMmw5TW1OTUVZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQATU4ZMAwD BABNTicDBAFNTigDBABNTjIDBAFNTjQwDQYJKoZIhvcNAQELBQADggEBAEzUOWx6 tGDQqGka5f1jGHeVAlXX7gfaQpDqAFjx4pnEpeSoeQefMDV+fBkQVmJqLB1AHm9L AokfI6YiK0dNRRI6lwjSG1OEE0DiaDhtRwVLSDdTvt7JUkQYowH8NdVIkEsrdUz4 KQp9pHdwubH8w7kEjlvEYETuKpCYErWaoU5JZvPagHFtZwGghoBrg9GYavvmKYbe pmyn6Gzq22MH/fWE5pDx1/aPUU36HoPt9oogniGJCpQqb4ipZyB6EZNMB28HqXRz 4lG/UOrS8vM4z61Yg8KLwYtJ7CbMrAQZXcqD5vM5UH01R6xlYkzrbCg4NWg+iLPn E3CWqBnNuUhCprU= -----END CERTIFICATE-----Generated at Sun Jan 25 13:08:37 2026 by rpki-client