This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/crkhxGWkgmwG_-vobiP0N73TayI.roa File: crkhxGWkgmwG_-vobiP0N73TayI.roa (raw, json) Hash identifier: HhQ6usYG3RK7Np90x4q/JofxoV9ftVupdPb8WruxpMw= Subject key identifier: 72:B9:21:C4:65:A4:82:6C:06:FF:EB:E8:6E:23:F4:37:BD:D3:6B:22 Certificate issuer: /CN=ca6441d9d807e0d78ce75213a103400ee14a7cdc Certificate serial: 019B7E39079808794784F737C3C15B401B42 Authority key identifier: CA:64:41:D9:D8:07:E0:D7:8C:E7:52:13:A1:03:40:0E:E1:4A:7C:DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/crkhxGWkgmwG_-vobiP0N73TayI.roa Signing time: Fri 02 Jan 2026 10:20:25 +0000 ROA not before: Fri 02 Jan 2026 10:20:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209249 IP address blocks: 138.226.232.0/24 maxlen: 24 216.163.178.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.mft rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:07:98:08:79:47:84:f7:37:c3:c1:5b:40:1b:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca6441d9d807e0d78ce75213a103400ee14a7cdc Validity Not Before: Jan 2 10:20:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=72b921c465a4826c06ffebe86e23f437bdd36b22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:08:85:b8:e9:c3:95:8a:b3:81:01:9a:79:b2: 1d:6a:46:83:dc:50:6a:e1:dd:c3:b0:56:ab:1b:29: 5a:a1:92:75:ee:20:5d:0c:b9:30:01:5d:56:6a:db: e0:87:05:a5:ee:06:30:08:04:91:40:7d:5e:bb:85: fa:04:2a:73:03:af:fa:a6:c4:0a:3e:2c:3c:85:1a: b9:ec:16:6e:9d:99:e9:01:22:b3:51:5e:97:a9:fc: 98:c9:f5:41:1d:5b:f9:2d:9a:17:20:dc:c4:77:e5: 6b:24:cb:de:75:32:71:66:8f:0b:f8:99:58:e5:cb: 8a:65:98:0a:ed:50:31:91:63:c8:e9:1b:e0:8f:b7: 55:dc:43:3a:c7:a2:d2:cd:33:af:5b:73:20:25:2e: d4:c8:2d:4b:56:c5:fd:2a:4b:4d:9b:92:58:a1:ae: c4:c2:42:1b:4e:06:69:4a:38:2a:31:59:47:aa:e5: 90:44:41:58:67:3b:7b:d4:aa:e0:c4:de:a8:fc:b8: 87:9e:de:7d:d5:6a:43:7d:01:ee:38:83:28:ff:19: 72:a9:39:3d:34:cc:67:67:0c:8e:41:b6:54:40:7d: 08:bb:34:fc:62:e2:64:b9:cb:b2:82:15:a6:f3:1b: 52:03:8c:c9:c1:2e:a6:06:03:f6:d6:c3:ce:23:d8: 80:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:B9:21:C4:65:A4:82:6C:06:FF:EB:E8:6E:23:F4:37:BD:D3:6B:22 X509v3 Authority Key Identifier: keyid:CA:64:41:D9:D8:07:E0:D7:8C:E7:52:13:A1:03:40:0E:E1:4A:7C:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ymRB2dgH4NeM51IToQNADuFKfNw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/crkhxGWkgmwG_-vobiP0N73TayI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/9947b6-34bc-477e-8816-2e28b96498a9/1/ymRB2dgH4NeM51IToQNADuFKfNw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.226.232.0/24 216.163.178.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:59:7f:c9:6a:20:d0:be:00:c1:49:54:02:e0:2f:73:48:8e: bf:c3:bc:89:f9:49:55:a0:32:8b:c7:fa:58:f8:27:72:c4:2f: a5:13:ff:9e:5c:8b:f6:1e:18:34:43:56:ef:d7:5d:ab:82:47: f7:82:8a:31:1f:01:a9:6f:d8:f9:7d:f7:f6:07:09:5a:fc:ed: 38:69:8c:4e:e4:78:65:68:0a:7f:65:24:a7:92:23:fa:b2:6f: 45:0c:29:d9:79:f7:3a:b4:9e:c5:dd:d2:ec:97:83:ea:c3:70: 45:18:be:f0:6a:a2:85:29:ad:9e:72:76:1d:58:fd:1f:85:48: 91:00:d1:d0:8d:6d:12:0e:0c:8f:59:13:b5:a1:82:c0:74:fe: 7c:27:e2:f7:b7:79:21:ad:ae:1d:0a:5a:73:7a:f2:9a:0d:36: ed:ae:93:8b:b2:9a:89:68:f3:10:75:f2:f5:46:96:70:ca:22: 91:0a:a7:e9:9b:ce:2e:1d:58:92:8a:29:e5:83:16:5d:13:3b: d6:0c:d0:93:f5:a4:d5:93:bf:d7:63:00:7d:08:79:64:7a:de: 1e:2c:03:52:ae:6f:c1:6f:b2:8d:55:39:27:29:8c:1e:b8:5d: 89:be:78:cc:ce:7e:b8:5e:8d:4c:e6:ef:d7:28:f1:56:c7:9a: 75:fc:fd:13 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+OQeYCHlHhPc3w8FbQBtCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhNjQ0MWQ5ZDgwN2UwZDc4Y2U3NTIxM2ExMDM0MDBlZTE0 YTdjZGMwHhcNMjYwMTAyMTAyMDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MmI5MjFjNDY1YTQ4MjZjMDZmZmViZTg2ZTIzZjQzN2JkZDM2YjIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygiFuOnDlYqzgQGaebIdakaD3FBq 4d3DsFarGylaoZJ17iBdDLkwAV1WatvghwWl7gYwCASRQH1eu4X6BCpzA6/6psQK Piw8hRq57BZunZnpASKzUV6XqfyYyfVBHVv5LZoXINzEd+VrJMvedTJxZo8L+JlY 5cuKZZgK7VAxkWPI6Rvgj7dV3EM6x6LSzTOvW3MgJS7UyC1LVsX9KktNm5JYoa7E wkIbTgZpSjgqMVlHquWQREFYZzt71KrgxN6o/LiHnt591WpDfQHuOIMo/xlyqTk9 NMxnZwyOQbZUQH0IuzT8YuJkucuyghWm8xtSA4zJwS6mBgP21sPOI9iA9QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHK5IcRlpIJsBv/r6G4j9De902siMB8GA1UdIwQY MBaAFMpkQdnYB+DXjOdSE6EDQA7hSnzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveW1SQjJkZ0g0TmVNNTFJVG9RTkFEdUZLZk53LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC85OTQ3YjYtMzRiYy00NzdlLTg4MTYt MmUyOGI5NjQ5OGE5LzEvY3JraHhHV2tnbXdHXy12b2JpUDBONzNUYXlJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC85OTQ3YjYtMzRiYy00NzdlLTg4MTYtMmUyOGI5NjQ5OGE5 LzEveW1SQjJkZ0g0TmVNNTFJVG9RTkFEdUZLZk53LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAiuLoAwQA 2KOyMA0GCSqGSIb3DQEBCwUAA4IBAQAsWX/JaiDQvgDBSVQC4C9zSI6/w7yJ+UlV oDKLx/pY+CdyxC+lE/+eXIv2Hhg0Q1bv112rgkf3gooxHwGpb9j5fff2Bwla/O04 aYxO5HhlaAp/ZSSnkiP6sm9FDCnZefc6tJ7F3dLsl4Pqw3BFGL7waqKFKa2ecnYd WP0fhUiRANHQjW0SDgyPWRO1oYLAdP58J+L3t3khra4dClpzevKaDTbtrpOLspqJ aPMQdfL1RpZwyiKRCqfpm84uHViSiinlgxZdEzvWDNCT9aTVk7/XYwB9CHlket4e LANSrm/Bb7KNVTknKYweuF2JvnjMzn64Xo1M5u/XKPFWx5p1/P0T -----END CERTIFICATE-----Generated at Sun Jan 25 18:50:14 2026 by rpki-client