This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/4GRqDQUSb-zxr8Uio1ztz9ttwpQ.roa File: 4GRqDQUSb-zxr8Uio1ztz9ttwpQ.roa (raw, json) Hash identifier: ATHhAZBwTjYGOPvU16akA/fsoKv3w9kmqPeuvaUthH0= Subject key identifier: E0:64:6A:0D:05:12:6F:EC:F1:AF:C5:22:A3:5C:ED:CF:DB:6D:C2:94 Certificate issuer: /CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a Certificate serial: 019B78A2BB5027B007E3977D1B852CD83B39 Authority key identifier: 8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/4GRqDQUSb-zxr8Uio1ztz9ttwpQ.roa Signing time: Thu 01 Jan 2026 08:18:09 +0000 ROA not before: Thu 01 Jan 2026 08:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35793 IP address blocks: 45.11.129.0/24 maxlen: 24 45.11.130.0/24 maxlen: 24 45.11.131.0/24 maxlen: 24 45.95.100.0/24 maxlen: 24 45.95.101.0/24 maxlen: 24 45.95.102.0/24 maxlen: 24 45.95.103.0/24 maxlen: 24 91.221.209.0/24 maxlen: 24 185.151.160.0/24 maxlen: 24 185.151.161.0/24 maxlen: 24 185.151.162.0/24 maxlen: 24 185.151.163.0/24 maxlen: 24 185.174.140.0/24 maxlen: 24 185.174.141.0/24 maxlen: 24 185.174.142.0/24 maxlen: 24 185.174.143.0/24 maxlen: 24 2a07:7940:12::/48 maxlen: 48 2a07:7940:14::/48 maxlen: 48 2a07:7940:16::/48 maxlen: 48 2a07:7940:18::/48 maxlen: 48 2a07:7940:41::/48 maxlen: 48 2a07:7940:45::/48 maxlen: 48 2a07:7940:46::/48 maxlen: 48 2a07:7940:47::/48 maxlen: 48 2a07:7940:48::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.mft rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:bb:50:27:b0:07:e3:97:7d:1b:85:2c:d8:3b:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a Validity Not Before: Jan 1 08:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e0646a0d05126fecf1afc522a35cedcfdb6dc294 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:1f:2f:29:be:fc:c3:9a:ae:20:14:3e:95:02: 75:8a:01:b5:2f:f8:ad:3d:6f:2c:e3:6c:86:e4:93: b4:38:92:ff:ad:ef:1e:b7:98:a4:e6:a0:32:07:1e: 4f:e8:73:64:96:b5:28:08:3b:67:e1:dd:37:24:f7: e4:3a:87:35:8c:fc:79:38:76:d7:bc:65:c0:e9:61: e5:a1:50:34:6c:19:a9:e2:d2:c6:81:5b:40:bc:0e: 80:a4:1e:44:f3:a0:ef:70:39:ce:2e:98:c9:6f:e4: 59:1f:22:47:95:d3:6e:ec:c7:ae:6e:19:54:5c:91: 59:b0:8e:e9:e3:a0:df:a8:e1:5f:27:20:0e:79:bc: 6a:aa:88:e1:71:e1:e1:86:35:cc:bb:e5:b9:71:3c: 12:85:2c:66:a5:48:cb:5e:76:eb:40:dc:02:74:93: df:76:59:f2:3f:be:b6:22:40:e1:fe:72:13:2b:9f: 05:99:c2:d8:19:c0:2f:ca:ac:29:39:38:b4:32:d0: da:c4:79:9a:a9:7a:5d:d7:06:a0:fd:d5:08:2b:a4: 8e:d0:82:4a:7c:4d:42:d6:f3:9c:f8:bd:43:60:23: 8c:7c:79:d6:f2:ea:7c:f6:1d:5d:22:24:bb:e5:34: 2b:cd:99:f4:70:40:9b:a6:51:a5:08:9e:af:e4:e9: 16:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:64:6A:0D:05:12:6F:EC:F1:AF:C5:22:A3:5C:ED:CF:DB:6D:C2:94 X509v3 Authority Key Identifier: keyid:8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/4GRqDQUSb-zxr8Uio1ztz9ttwpQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.11.129.0-45.11.131.255 45.95.100.0/22 91.221.209.0/24 185.151.160.0/22 185.174.140.0/22 IPv6: 2a07:7940:12::/48 2a07:7940:14::/48 2a07:7940:16::/48 2a07:7940:18::/48 2a07:7940:41::/48 2a07:7940:45::-2a07:7940:48:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 83:6f:9f:44:e6:d4:2c:8b:c1:14:37:44:b4:05:1f:cc:ae:7e: 93:5f:67:c7:6f:bc:db:17:21:bd:87:3a:de:ff:40:13:2d:cf: 78:0d:3e:c7:5b:3c:5c:f2:b3:ea:3b:56:18:73:cf:25:c7:b6: ba:89:bc:07:81:b5:c5:fc:c6:4b:c8:e2:d7:ef:06:69:4c:76: 11:27:18:49:55:3d:26:79:7e:3f:c7:4e:4b:b9:f1:e9:b1:9f: 8e:70:aa:32:07:99:21:27:a6:89:98:5d:1a:3f:52:b4:8c:61: 41:d0:0a:47:03:0b:db:a7:19:0a:30:48:f6:0e:79:e1:1e:d9: b8:e6:4a:53:97:14:9f:ff:3a:f7:c3:e0:f1:a1:6e:23:56:53: 39:7f:84:c6:2e:fc:db:cd:99:38:18:42:db:c6:87:28:d6:51: 55:66:1f:9f:b5:7f:d7:d3:de:31:98:b9:c1:19:42:69:a7:c3: e2:41:3f:29:4a:b0:aa:77:21:69:cc:b8:d2:cf:c2:bf:91:06: 87:47:b9:6d:74:50:ce:b8:8a:46:d1:22:80:6d:f9:de:cd:54: 3a:f8:f5:17:27:5a:4d:9b:fb:92:e4:bf:dd:53:8c:a5:d4:f9: 73:6b:b8:c9:9b:8e:b4:80:bf:18:d1:86:f2:cd:af:7a:5f:fc: 5f:f1:8a:df -----BEGIN CERTIFICATE----- MIIFZzCCBE+gAwIBAgISAZt4ortQJ7AH45d9G4Us2Ds5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhYWI0YzBjZjIxYzFhM2Q2ZWE0MTA2OGNiZTkwOGJlMzg4 ZTQ1MGEwHhcNMjYwMTAxMDgxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMDY0NmEwZDA1MTI2ZmVjZjFhZmM1MjJhMzVjZWRjZmRiNmRjMjk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1R8vKb78w5quIBQ+lQJ1igG1L/it PW8s42yG5JO0OJL/re8et5ik5qAyBx5P6HNklrUoCDtn4d03JPfkOoc1jPx5OHbX vGXA6WHloVA0bBmp4tLGgVtAvA6ApB5E86DvcDnOLpjJb+RZHyJHldNu7MeubhlU XJFZsI7p46DfqOFfJyAOebxqqojhceHhhjXMu+W5cTwShSxmpUjLXnbrQNwCdJPf dlnyP762IkDh/nITK58FmcLYGcAvyqwpOTi0MtDaxHmaqXpd1wag/dUIK6SO0IJK fE1C1vOc+L1DYCOMfHnW8up89h1dIiS75TQrzZn0cECbplGlCJ6v5OkWzwIDAQAB o4ICczCCAm8wHQYDVR0OBBYEFOBkag0FEm/s8a/FIqNc7c/bbcKUMB8GA1UdIwQY MBaAFIqrTAzyHBo9bqQQaMvpCL44jkUKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMt NTM3YjFiNDlkZmU3LzEvNEdScURRVVNiLXp4cjhVaW8xenR6OXR0d3BRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMtNTM3YjFiNDlkZmU3 LzEvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwLAQCAAEwJjAMAwQALQuB AwQCLQuAAwQCLV9kAwQAW93RAwQCuZegAwQCua6MMEcEAgACMEEDBwAqB3lAABID BwAqB3lAABQDBwAqB3lAABYDBwAqB3lAABgDBwAqB3lAAEEwEgMHACoHeUAARQMH ACoHeUAASDANBgkqhkiG9w0BAQsFAAOCAQEAg2+fRObULIvBFDdEtAUfzK5+k19n x2+82xchvYc63v9AEy3PeA0+x1s8XPKz6jtWGHPPJce2uom8B4G1xfzGS8ji1+8G aUx2EScYSVU9Jnl+P8dOS7nx6bGfjnCqMgeZISemiZhdGj9StIxhQdAKRwML26cZ CjBI9g554R7ZuOZKU5cUn/8698Pg8aFuI1ZTOX+Exi78282ZOBhC28aHKNZRVWYf n7V/19PeMZi5wRlCaafD4kE/KUqwqnchacy40s/Cv5EGh0e5bXRQzriKRtEigG35 3s1UOvj1FydaTZv7kuS/3VOMpdT5c2u4yZuOtIC/GNGG8s2vel/8X/GK3w== -----END CERTIFICATE-----Generated at Mon Jan 26 07:42:35 2026 by rpki-client