This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/CtYRLa1SzhTrebYW9qDqqVUEVGs.roa File: CtYRLa1SzhTrebYW9qDqqVUEVGs.roa (raw, json) Hash identifier: uy8x9aMpXaw2HI5t7pIjUDSds3vX6GekngL0wl26rzw= Subject key identifier: 0A:D6:11:2D:AD:52:CE:14:EB:79:B6:16:F6:A0:EA:A9:55:04:54:6B Certificate issuer: /CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823 Certificate serial: 019B0CD90C6AFE84A318E7EBC01AF0226DED Authority key identifier: 62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/CtYRLa1SzhTrebYW9qDqqVUEVGs.roa Signing time: Thu 11 Dec 2025 09:58:29 +0000 ROA not before: Thu 11 Dec 2025 09:58:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 400696 IP address blocks: 158.173.35.0/24 maxlen: 24 158.173.38.0/24 maxlen: 24 158.173.39.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.mft rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 17:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0c:d9:0c:6a:fe:84:a3:18:e7:eb:c0:1a:f0:22:6d:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823 Validity Not Before: Dec 11 09:58:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=0ad6112dad52ce14eb79b616f6a0eaa95504546b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:f2:40:32:57:36:c1:ee:35:84:d0:60:cc:af: 95:54:c8:84:82:1c:34:d5:0f:5f:27:80:e6:ff:2f: 4b:6d:4c:79:eb:18:4a:ce:47:f9:51:44:7d:5c:b7: fa:aa:14:1b:6c:04:c3:96:9f:00:70:30:11:d0:fc: 08:e6:d7:35:55:10:80:0f:84:12:b3:3c:36:57:0c: 56:9d:ff:73:c6:47:c7:c0:d0:6d:88:2d:44:1a:f3: 2a:6f:d3:74:c8:36:18:d5:fa:74:29:78:07:bf:35: 68:66:60:3c:1d:bf:92:37:3f:a9:db:b6:08:b9:25: 5b:37:1a:6f:ca:68:f9:6d:d3:7e:28:05:c3:f0:2d: 7d:f8:bb:ef:43:bc:00:3f:13:83:4a:df:58:56:22: f6:eb:c7:f6:6b:e7:d9:ba:31:da:db:ee:24:d2:28: 22:e6:4e:74:a0:15:a6:c3:0e:bb:b9:e6:45:79:47: 93:91:20:e0:db:24:92:72:7b:d5:b6:4a:64:c0:2d: 8c:b2:4b:18:ec:5f:3e:6f:21:55:d1:52:a1:37:2a: ea:30:29:2a:ea:4b:be:4a:6f:e1:8a:80:ec:a4:7a: 09:07:18:c4:98:28:e9:98:e7:c5:ca:32:d6:25:fa: 11:8a:a3:bd:91:d2:59:4c:61:4a:cc:8a:67:b6:16: 55:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:D6:11:2D:AD:52:CE:14:EB:79:B6:16:F6:A0:EA:A9:55:04:54:6B X509v3 Authority Key Identifier: keyid:62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/CtYRLa1SzhTrebYW9qDqqVUEVGs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.173.35.0/24 158.173.38.0/23 Signature Algorithm: sha256WithRSAEncryption 81:22:c0:7c:6a:11:d8:fd:ac:24:3c:b5:22:f7:a2:35:45:20: b5:38:52:90:59:52:82:89:18:fe:1f:a7:52:48:b2:ac:84:05: 0b:d2:07:8b:0b:27:22:f0:27:78:bd:06:71:49:58:76:c9:c7: 3d:3a:bf:96:d1:bb:c7:9f:11:00:91:cf:c2:66:c3:5a:70:c6: 7f:1a:93:17:72:4b:e0:df:8b:1d:cd:fd:7e:66:4f:87:45:94: 7a:6b:91:78:f5:ee:4b:b5:ba:d8:b2:80:8d:ec:31:ce:fd:ba: 84:0c:3d:6e:f4:f7:79:b8:07:d7:8e:48:28:a3:d1:22:9e:00: 2d:99:5b:b3:f4:56:e6:f4:64:d4:0b:2a:ad:65:c7:20:85:75: 00:bc:54:78:1d:cd:9d:62:af:43:8a:60:f6:06:bf:f5:0d:66: e5:92:21:9b:27:7e:89:16:b5:ce:bc:ae:55:26:fb:7a:cb:20: 68:74:e4:25:7a:c7:e9:55:a9:ca:d0:10:d4:f1:ff:af:7d:63: a0:e5:e6:2e:50:21:53:e8:df:95:f0:0e:52:06:8b:5d:a9:f7: 1e:0e:ae:9d:a2:78:77:b2:65:89:66:5a:85:58:a8:41:c6:29: 99:ce:b6:51:ba:54:b6:fe:90:a2:e7:3f:1f:ab:ce:e9:cf:d5: 96:55:f8:87 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZsM2Qxq/oSjGOfrwBrwIm3tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyNmEyOGI3YzYzZWY2YWIyMTRhNTJjZmE3YzNlNzhkYjlh NDA4MjMwHhcNMjUxMjExMDk1ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYWQ2MTEyZGFkNTJjZTE0ZWI3OWI2MTZmNmEwZWFhOTU1MDQ1NDZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/JAMlc2we41hNBgzK+VVMiEghw0 1Q9fJ4Dm/y9LbUx56xhKzkf5UUR9XLf6qhQbbATDlp8AcDAR0PwI5tc1VRCAD4QS szw2VwxWnf9zxkfHwNBtiC1EGvMqb9N0yDYY1fp0KXgHvzVoZmA8Hb+SNz+p27YI uSVbNxpvymj5bdN+KAXD8C19+LvvQ7wAPxODSt9YViL268f2a+fZujHa2+4k0igi 5k50oBWmww67ueZFeUeTkSDg2ySScnvVtkpkwC2MsksY7F8+byFV0VKhNyrqMCkq 6ku+Sm/hioDspHoJBxjEmCjpmOfFyjLWJfoRiqO9kdJZTGFKzIpnthZVvwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFArWES2tUs4U63m2Fvag6qlVBFRrMB8GA1UdIwQY MBaAFGJqKLfGPvarIUpSz6fD5425pAgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUt ZDJjZDI2YjY5ZGYxLzEvQ3RZUkxhMVN6aFRyZWJZVzlxRHFxVlVFVkdzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUtZDJjZDI2YjY5ZGYx LzEvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnq0jAwQB nq0mMA0GCSqGSIb3DQEBCwUAA4IBAQCBIsB8ahHY/awkPLUi96I1RSC1OFKQWVKC iRj+H6dSSLKshAUL0geLCyci8Cd4vQZxSVh2ycc9Or+W0bvHnxEAkc/CZsNacMZ/ GpMXckvg34sdzf1+Zk+HRZR6a5F49e5LtbrYsoCN7DHO/bqEDD1u9Pd5uAfXjkgo o9EingAtmVuz9Fbm9GTUCyqtZccghXUAvFR4Hc2dYq9DimD2Br/1DWblkiGbJ36J FrXOvK5VJvt6yyBodOQlesfpVanK0BDU8f+vfWOg5eYuUCFT6N+V8A5SBotdqfce Dq6donh3smWJZlqFWKhBximZzrZRulS2/pCi5z8fq87pz9WWVfiH -----END CERTIFICATE-----Generated at Thu Dec 18 23:14:09 2025 by rpki-client