This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/WHqH2EhDK6xxFIiXyNlsjw-yMMg.roa File: WHqH2EhDK6xxFIiXyNlsjw-yMMg.roa (raw, json) Hash identifier: boc+B5V0r/3xbux19AoHg18zg6QdefO3+vjSL8b5Cv8= Subject key identifier: 58:7A:87:D8:48:43:2B:AC:71:14:88:97:C8:D9:6C:8F:0F:B2:30:C8 Certificate issuer: /CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81 Certificate serial: 019B7CED767820AA8720E8530BBFF76E3B85 Authority key identifier: 8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/WHqH2EhDK6xxFIiXyNlsjw-yMMg.roa Signing time: Fri 02 Jan 2026 04:18:15 +0000 ROA not before: Fri 02 Jan 2026 04:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8468 IP address blocks: 46.254.0.0/21 maxlen: 24 62.249.192.0/18 maxlen: 24 78.32.0.0/15 maxlen: 24 79.143.144.0/20 maxlen: 24 81.31.96.0/19 maxlen: 24 84.45.128.0/17 maxlen: 24 87.127.0.0/16 maxlen: 24 109.224.160.0/19 maxlen: 24 156.67.240.0/20 maxlen: 24 185.81.192.0/22 maxlen: 24 185.101.148.0/22 maxlen: 24 185.129.72.0/22 maxlen: 24 185.220.12.0/22 maxlen: 24 188.39.0.0/16 maxlen: 24 195.74.96.0/19 maxlen: 24 2001:4d48::/29 maxlen: 48 2a05:8940::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.mft rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:76:78:20:aa:87:20:e8:53:0b:bf:f7:6e:3b:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8f78963b3c4f2dd187c20437df1d7d9c168cab81 Validity Not Before: Jan 2 04:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=587a87d848432bac71148897c8d96c8f0fb230c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:2e:b0:76:3b:19:c8:15:66:42:bc:fc:8a:a0: 50:a1:f1:c4:cf:7b:48:09:12:d8:f7:c5:1b:45:47: 45:e4:cc:7c:c8:cd:ac:6e:a6:b8:e8:21:90:29:74: 30:97:1e:d0:21:98:27:b0:35:71:4b:56:ec:c3:6d: fe:7b:93:f8:f7:87:3f:a3:75:4c:04:40:c1:e6:e5: 56:d0:46:77:a9:31:8f:99:91:0d:3a:11:26:fc:d5: fc:03:f7:5e:34:cd:a9:24:05:f7:c9:bf:84:9b:13: 6b:07:f3:f7:37:50:89:9c:c9:5f:b2:cb:91:4e:2e: a1:4b:74:3b:1f:f8:77:05:b4:0e:03:26:36:74:4f: b9:26:01:9f:d0:66:70:5d:fd:91:da:a5:22:93:42: 2a:81:44:82:0e:75:de:b8:73:9d:8e:63:09:9a:69: 10:60:9c:6d:54:de:1f:5c:8e:1b:51:f3:9d:c9:bb: c6:97:65:50:97:80:df:41:c3:a4:c7:b8:95:99:65: bb:d0:bc:f6:84:e9:a5:bc:a6:db:5a:7e:62:a3:dc: 46:bd:00:6e:3e:e9:cc:45:1a:1f:44:da:41:a4:55: 6a:90:36:35:4e:fc:44:1c:b7:94:52:43:88:a0:0e: e9:fb:fd:26:32:da:42:69:23:36:ec:41:a8:15:9b: 14:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:7A:87:D8:48:43:2B:AC:71:14:88:97:C8:D9:6C:8F:0F:B2:30:C8 X509v3 Authority Key Identifier: keyid:8F:78:96:3B:3C:4F:2D:D1:87:C2:04:37:DF:1D:7D:9C:16:8C:AB:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j3iWOzxPLdGHwgQ33x19nBaMq4E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/WHqH2EhDK6xxFIiXyNlsjw-yMMg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/dbfca1-2b94-4d0b-9dd8-1ef9f2319522/1/j3iWOzxPLdGHwgQ33x19nBaMq4E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.254.0.0/21 62.249.192.0/18 78.32.0.0/15 79.143.144.0/20 81.31.96.0/19 84.45.128.0/17 87.127.0.0/16 109.224.160.0/19 156.67.240.0/20 185.81.192.0/22 185.101.148.0/22 185.129.72.0/22 185.220.12.0/22 188.39.0.0/16 195.74.96.0/19 IPv6: 2001:4d48::/29 2a05:8940::/29 Signature Algorithm: sha256WithRSAEncryption 7d:c5:48:db:35:c6:d8:38:3c:55:c0:7c:8c:6e:48:d4:c4:b3: 5b:88:df:bd:a7:f9:23:f1:90:d9:7f:33:ad:0f:1a:9f:e0:a3: 49:df:86:5e:4d:f8:3c:61:b2:88:f5:1d:41:c6:80:94:7b:61: cf:a1:6e:d7:4b:38:95:72:44:c4:df:cf:f9:8e:ab:9f:a4:3b: 7a:91:5a:cb:52:ab:47:7e:a7:55:bd:2e:86:49:e5:9d:7f:ee: dd:a0:39:ee:04:e4:7b:84:d3:21:cb:bb:19:1d:fc:9b:0b:fd: be:a5:b4:a9:eb:cb:6f:b7:82:c9:9b:c2:ad:db:72:19:d3:d4: 5e:18:00:e7:53:11:80:a6:95:bf:2c:f5:cf:d0:0b:35:83:bc: 18:14:00:e1:76:58:21:ba:f5:27:1c:47:ef:2a:8b:82:32:cf: 06:b3:9a:5c:84:d6:6e:43:15:5c:b2:ff:06:af:91:b5:91:e1: b1:e4:2b:dc:32:6f:36:16:1b:94:b6:55:5f:96:1b:b8:ca:10: cb:9c:58:32:3d:3a:27:8b:0c:52:c0:1f:a7:54:72:eb:a7:67: 0c:f8:53:4e:7a:b9:a8:d4:21:dd:51:6a:b5:6a:9f:1f:2c:d4: 52:c0:73:e9:71:b4:0f:68:fa:60:bd:3d:0c:d8:89:98:09:b5: a1:a8:a9:17 -----BEGIN CERTIFICATE----- MIIFZTCCBE2gAwIBAgISAZt87XZ4IKqHIOhTC7/3bjuFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhmNzg5NjNiM2M0ZjJkZDE4N2MyMDQzN2RmMWQ3ZDljMTY4 Y2FiODEwHhcNMjYwMTAyMDQxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1ODdhODdkODQ4NDMyYmFjNzExNDg4OTdjOGQ5NmM4ZjBmYjIzMGM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4i6wdjsZyBVmQrz8iqBQofHEz3tI CRLY98UbRUdF5Mx8yM2sbqa46CGQKXQwlx7QIZgnsDVxS1bsw23+e5P494c/o3VM BEDB5uVW0EZ3qTGPmZENOhEm/NX8A/deNM2pJAX3yb+EmxNrB/P3N1CJnMlfssuR Ti6hS3Q7H/h3BbQOAyY2dE+5JgGf0GZwXf2R2qUik0IqgUSCDnXeuHOdjmMJmmkQ YJxtVN4fXI4bUfOdybvGl2VQl4DfQcOkx7iVmWW70Lz2hOmlvKbbWn5io9xGvQBu PunMRRofRNpBpFVqkDY1TvxEHLeUUkOIoA7p+/0mMtpCaSM27EGoFZsUeQIDAQAB o4ICcTCCAm0wHQYDVR0OBBYEFFh6h9hIQyuscRSIl8jZbI8PsjDIMB8GA1UdIwQY MBaAFI94ljs8Ty3Rh8IEN98dfZwWjKuBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgt MWVmOWYyMzE5NTIyLzEvV0hxSDJFaERLNnh4RklpWHlObHNqdy15TU1nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9kYmZjYTEtMmI5NC00ZDBiLTlkZDgtMWVmOWYyMzE5NTIy LzEvajNpV096eFBMZEdId2dRMzN4MTluQmFNcTRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwXQQCAAEwVwMEAy7+AAME Bj75wAMDAU4gAwQET4+QAwQFUR9gAwQHVC2AAwMAV38DBAVt4KADBAScQ/ADBAK5 UcADBAK5ZZQDBAK5gUgDBAK53AwDAwC8JwMEBcNKYDAUBAIAAjAOAwUDIAFNSAMF AyoFiUAwDQYJKoZIhvcNAQELBQADggEBAH3FSNs1xtg4PFXAfIxuSNTEs1uI372n +SPxkNl/M60PGp/go0nfhl5N+Dxhsoj1HUHGgJR7Yc+hbtdLOJVyRMTfz/mOq5+k O3qRWstSq0d+p1W9LoZJ5Z1/7t2gOe4E5HuE0yHLuxkd/JsL/b6ltKnry2+3gsmb wq3bchnT1F4YAOdTEYCmlb8s9c/QCzWDvBgUAOF2WCG69SccR+8qi4IyzwazmlyE 1m5DFVyy/wavkbWR4bHkK9wybzYWG5S2VV+WG7jKEMucWDI9OieLDFLAH6dUcuun Zwz4U056uajUId1RarVqnx8s1FLAc+lxtA9o+mC9PQzYiZgJtaGoqRc= -----END CERTIFICATE-----Generated at Sun Jan 25 10:32:55 2026 by rpki-client