This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/YfhOPAWRkHzsFNKQodjoA2IhLKM.roa File: YfhOPAWRkHzsFNKQodjoA2IhLKM.roa (raw, json) Hash identifier: 9/L6hUhQcrkiGTuXjLMFbE6LlWLBn2NBCH2Dr2RZSJA= Subject key identifier: 61:F8:4E:3C:05:91:90:7C:EC:14:D2:90:A1:D8:E8:03:62:21:2C:A3 Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2 Certificate serial: 019B78349D2626ED4DDBD70438AD7057911C Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/YfhOPAWRkHzsFNKQodjoA2IhLKM.roa Signing time: Thu 01 Jan 2026 06:17:52 +0000 ROA not before: Thu 01 Jan 2026 06:17:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49515 IP address blocks: 5.157.30.0/24 maxlen: 24 5.157.31.0/24 maxlen: 24 104.160.12.0/24 maxlen: 24 104.160.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 10:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:9d:26:26:ed:4d:db:d7:04:38:ad:70:57:91:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2 Validity Not Before: Jan 1 06:17:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=61f84e3c0591907cec14d290a1d8e80362212ca3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:ca:6e:08:6f:f3:f6:cd:fe:55:16:09:3b:8e: 04:10:22:d6:49:02:5b:7e:cb:8c:da:24:1d:d5:d7: 8f:58:11:44:2e:c6:08:82:b9:1c:47:54:36:16:0e: dc:17:97:af:e4:ac:53:7b:03:86:23:e1:ce:72:b8: f9:19:f4:e7:21:bd:81:9f:55:aa:6e:de:8e:5e:6c: d2:de:72:1b:b4:80:69:22:fa:be:f0:42:36:db:ff: 31:7d:2e:9d:00:7a:f3:15:fa:7e:37:82:4a:35:31: f7:41:58:ef:a7:d9:ac:c9:ef:99:9b:ad:41:45:b6: 41:d5:5d:93:94:2c:d2:c8:92:1c:eb:3f:1a:79:8d: 4c:8b:95:a1:70:78:09:77:75:54:f8:18:df:27:72: 48:c8:6a:d4:08:12:d1:8d:a5:97:4a:21:ee:97:ff: 76:20:c9:5d:38:92:66:e2:63:81:b1:25:1c:8a:b5: 50:ad:c6:12:4f:3d:70:17:db:cc:c5:2b:4e:47:0c: 28:59:39:f6:29:15:0b:cf:eb:20:58:d8:14:13:75: 2a:70:e8:19:a2:f9:9d:f0:07:0f:ab:ce:3a:67:bd: 38:73:1f:8c:be:1f:f0:53:ff:f0:77:8b:1c:ba:45: c1:8d:a8:4a:cb:bc:83:6f:50:d5:33:83:bb:c3:51: 4f:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:F8:4E:3C:05:91:90:7C:EC:14:D2:90:A1:D8:E8:03:62:21:2C:A3 X509v3 Authority Key Identifier: keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/YfhOPAWRkHzsFNKQodjoA2IhLKM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.157.30.0/23 104.160.12.0/23 Signature Algorithm: sha256WithRSAEncryption 02:0c:dd:f5:1e:dc:55:00:87:b1:e0:3f:08:52:71:04:bd:56: 4f:ad:ef:c5:5b:cd:c3:61:9e:fa:92:53:bd:1a:cc:98:b6:16: 6c:4a:1f:39:1f:cb:79:88:71:e0:b1:c2:81:e6:1b:78:ee:5b: 1b:af:60:8e:31:47:75:c6:55:86:ce:2a:2b:23:d1:a7:59:2b: df:de:78:35:ae:9e:42:a5:c0:8f:04:0a:62:d7:e8:d9:84:1a: 22:fc:29:b8:7b:5d:ad:8b:e5:8c:96:3b:78:1f:df:88:eb:52: 6c:71:27:cd:db:33:6c:c2:e4:69:44:04:b7:17:7a:ca:a9:01: e9:f0:4d:68:c1:2f:a9:7a:cf:a0:8f:c2:84:46:e9:39:2e:00: 44:f7:9f:99:10:3d:a0:ea:ed:51:fb:dc:03:05:45:d7:72:bb: 99:f7:80:c8:68:cb:a8:74:8e:79:46:29:7e:9a:3a:72:78:9f: e5:85:64:52:12:a8:a7:4a:08:96:8b:7d:1e:a0:cb:76:56:d8: 65:45:b9:28:ef:cb:56:b1:1b:32:5c:53:34:1a:e9:e8:a8:3c: 03:d2:f2:04:87:18:3c:c4:53:2f:59:c8:aa:66:5c:a7:4b:90: 30:47:a2:43:db:68:c3:39:3c:dc:29:b7:89:b1:ed:c7:06:d0: 2f:43:5d:4f -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4NJ0mJu1N29cEOK1wV5EcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy MDdmZDIwHhcNMjYwMTAxMDYxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MWY4NGUzYzA1OTE5MDdjZWMxNGQyOTBhMWQ4ZTgwMzYyMjEyY2EzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8puCG/z9s3+VRYJO44EECLWSQJb fsuM2iQd1dePWBFELsYIgrkcR1Q2Fg7cF5ev5KxTewOGI+HOcrj5GfTnIb2Bn1Wq bt6OXmzS3nIbtIBpIvq+8EI22/8xfS6dAHrzFfp+N4JKNTH3QVjvp9msye+Zm61B RbZB1V2TlCzSyJIc6z8aeY1Mi5WhcHgJd3VU+BjfJ3JIyGrUCBLRjaWXSiHul/92 IMldOJJm4mOBsSUcirVQrcYSTz1wF9vMxStORwwoWTn2KRULz+sgWNgUE3UqcOgZ ovmd8AcPq846Z704cx+Mvh/wU//wd4scukXBjahKy7yDb1DVM4O7w1FPgQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGH4TjwFkZB87BTSkKHY6ANiISyjMB8GA1UdIwQY MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt MTVmMTNlM2Y3ZDg1LzEvWWZoT1BBV1JrSHpzRk5LUW9kam9BMkloTEtNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1 LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBZ0eAwQB aKAMMA0GCSqGSIb3DQEBCwUAA4IBAQACDN31HtxVAIex4D8IUnEEvVZPre/FW83D YZ76klO9GsyYthZsSh85H8t5iHHgscKB5ht47lsbr2COMUd1xlWGziorI9GnWSvf 3ng1rp5CpcCPBApi1+jZhBoi/Cm4e12ti+WMljt4H9+I61JscSfN2zNswuRpRAS3 F3rKqQHp8E1owS+pes+gj8KERuk5LgBE95+ZED2g6u1R+9wDBUXXcruZ94DIaMuo dI55Ril+mjpyeJ/lhWRSEqinSgiWi30eoMt2VthlRbko78tWsRsyXFM0GunoqDwD 0vIEhxg8xFMvWciqZlynS5AwR6JD22jDOTzcKbeJse3HBtAvQ11P -----END CERTIFICATE-----Generated at Sun Jan 25 18:06:03 2026 by rpki-client