This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/48OS4sWYglwtZBn1YxiPqc26nTU.roa File: 48OS4sWYglwtZBn1YxiPqc26nTU.roa (raw, json) Hash identifier: NBM10gWvuZSa38kRQAx40WjX3amxqFeb96LnMyUj85Q= Subject key identifier: E3:C3:92:E2:C5:98:82:5C:2D:64:19:F5:63:18:8F:A9:CD:BA:9D:35 Certificate issuer: /CN=d99a47cdc89f46342f90b0da3c30d9ec5fd63238 Certificate serial: 019B7EA45F45B3B682918E35C2E5682C1A52 Authority key identifier: D9:9A:47:CD:C8:9F:46:34:2F:90:B0:DA:3C:30:D9:EC:5F:D6:32:38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/48OS4sWYglwtZBn1YxiPqc26nTU.roa Signing time: Fri 02 Jan 2026 12:17:40 +0000 ROA not before: Fri 02 Jan 2026 12:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205005 IP address blocks: 195.32.32.0/21 maxlen: 21 195.32.40.0/21 maxlen: 21 195.32.48.0/21 maxlen: 21 195.32.56.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.mft rsync://rpki.ripe.net/repository/DEFAULT/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 03:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:5f:45:b3:b6:82:91:8e:35:c2:e5:68:2c:1a:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d99a47cdc89f46342f90b0da3c30d9ec5fd63238 Validity Not Before: Jan 2 12:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e3c392e2c598825c2d6419f563188fa9cdba9d35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:82:c2:63:b6:eb:a1:46:76:e3:ff:8c:95:18: e6:70:16:80:ce:e3:0e:75:2a:17:c2:21:43:81:40: fe:0e:58:ba:86:d7:64:79:6c:26:d5:36:45:73:3c: 70:ce:b5:ea:68:84:27:6b:b6:b9:c1:ba:3d:10:35: 75:fe:ed:1f:d3:a2:15:58:f1:92:66:fc:7f:41:5c: 29:af:22:30:b3:1b:d0:cd:55:9e:43:30:cb:58:2c: 00:37:a6:48:55:d4:51:c9:0d:59:72:5a:4f:9a:b3: c3:de:7a:17:97:06:ee:77:fe:d4:f4:5b:9d:72:b7: d1:48:ca:a7:4a:1e:16:38:87:25:89:8d:30:a2:f2: de:e0:00:e2:59:08:13:ec:74:05:f1:36:dc:13:eb: 4a:e7:3a:2b:28:75:47:d1:94:ba:0d:47:c9:5a:ec: cd:6c:7f:76:65:5d:64:a2:30:86:f5:bd:d8:0b:36: 6c:23:1e:9d:e8:27:d7:1c:4f:df:c9:b6:54:15:67: 1a:8b:ed:10:71:d8:7b:ae:5a:15:9f:3b:5d:a7:ef: 41:c3:e6:2d:d9:1b:73:57:64:95:7e:00:71:b9:f9: 18:8b:23:64:8c:1b:f1:f0:10:82:94:39:5b:34:40: 9d:f5:a6:81:d0:74:b9:40:89:4c:a2:c8:07:1b:4a: e9:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:C3:92:E2:C5:98:82:5C:2D:64:19:F5:63:18:8F:A9:CD:BA:9D:35 X509v3 Authority Key Identifier: keyid:D9:9A:47:CD:C8:9F:46:34:2F:90:B0:DA:3C:30:D9:EC:5F:D6:32:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/48OS4sWYglwtZBn1YxiPqc26nTU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d30eef-495e-43bd-919c-a2a0e2db49d0/1/2ZpHzcifRjQvkLDaPDDZ7F_WMjg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.32.32.0/19 Signature Algorithm: sha256WithRSAEncryption 38:5b:0f:f4:70:c5:a9:c2:84:fa:41:4a:3d:6e:d8:61:0c:66: 2c:9b:a6:3b:4b:b0:48:c6:fa:2b:f8:0b:9e:d0:f8:7a:37:0f: 3b:e2:11:8d:2b:d5:45:1c:9f:3a:92:d4:01:f1:a3:44:89:9a: 79:0c:0f:0c:48:ce:34:23:2f:ab:88:e0:ae:4a:5e:5c:4c:31: f1:21:14:66:cc:d4:96:05:d5:99:d3:32:94:07:52:da:61:02: 0e:8e:18:8d:0e:24:b0:9e:85:23:4e:29:e5:3b:6c:cf:7d:da: 57:9d:d8:8a:c3:12:6f:48:90:4f:d3:ca:bf:f7:78:d7:e7:06: 63:f8:1a:1e:65:90:1c:08:33:ee:c3:f6:7e:2d:58:6d:55:f5: d4:21:8d:a3:2e:17:f8:75:3c:53:e8:a2:60:1c:b7:ff:c4:7b: 75:48:45:28:f1:02:c2:22:94:00:5c:cb:8a:ca:7a:33:8a:87: 6c:d2:25:7d:e8:8a:91:72:aa:18:65:77:af:57:3f:7c:4f:74: 24:72:90:4e:66:4b:db:8a:3d:0e:9f:5c:f9:d4:35:ad:90:d2: 6f:d4:dc:3a:a6:8d:27:30:b9:83:92:df:6a:cc:ad:b2:8a:42: 94:88:56:8b:09:a1:9a:5f:33:dd:a8:87:7d:23:6c:0d:67:96: 9a:43:76:5e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pF9Fs7aCkY41wuVoLBpSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5OWE0N2NkYzg5ZjQ2MzQyZjkwYjBkYTNjMzBkOWVjNWZk NjMyMzgwHhcNMjYwMTAyMTIxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlM2MzOTJlMmM1OTg4MjVjMmQ2NDE5ZjU2MzE4OGZhOWNkYmE5ZDM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4LCY7broUZ24/+MlRjmcBaAzuMO dSoXwiFDgUD+Dli6htdkeWwm1TZFczxwzrXqaIQna7a5wbo9EDV1/u0f06IVWPGS Zvx/QVwpryIwsxvQzVWeQzDLWCwAN6ZIVdRRyQ1ZclpPmrPD3noXlwbud/7U9Fud crfRSMqnSh4WOIcliY0wovLe4ADiWQgT7HQF8TbcE+tK5zorKHVH0ZS6DUfJWuzN bH92ZV1kojCG9b3YCzZsIx6d6CfXHE/fybZUFWcai+0Qcdh7rloVnztdp+9Bw+Yt 2RtzV2SVfgBxufkYiyNkjBvx8BCClDlbNECd9aaB0HS5QIlMosgHG0rpsQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOPDkuLFmIJcLWQZ9WMYj6nNup01MB8GA1UdIwQY MBaAFNmaR83In0Y0L5Cw2jww2exf1jI4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlpwSHpjaWZSalF2a0xEYVBERFo3Rl9XTWpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kMzBlZWYtNDk1ZS00M2JkLTkxOWMt YTJhMGUyZGI0OWQwLzEvNDhPUzRzV1lnbHd0WkJuMVl4aVBxYzI2blRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC9kMzBlZWYtNDk1ZS00M2JkLTkxOWMtYTJhMGUyZGI0OWQw LzEvMlpwSHpjaWZSalF2a0xEYVBERFo3Rl9XTWpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFwyAgMA0G CSqGSIb3DQEBCwUAA4IBAQA4Ww/0cMWpwoT6QUo9bthhDGYsm6Y7S7BIxvor+Aue 0Ph6Nw874hGNK9VFHJ86ktQB8aNEiZp5DA8MSM40Iy+riOCuSl5cTDHxIRRmzNSW BdWZ0zKUB1LaYQIOjhiNDiSwnoUjTinlO2zPfdpXndiKwxJvSJBP08q/93jX5wZj +BoeZZAcCDPuw/Z+LVhtVfXUIY2jLhf4dTxT6KJgHLf/xHt1SEUo8QLCIpQAXMuK ynoziods0iV96IqRcqoYZXevVz98T3QkcpBOZkvbij0On1z51DWtkNJv1Nw6po0n MLmDkt9qzK2yikKUiFaLCaGaXzPdqId9I2wNZ5aaQ3Ze -----END CERTIFICATE-----Generated at Mon Jan 26 12:55:18 2026 by rpki-client