This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/RYkh1-4FfmbyxpsCd5B4FVTr7i8.roa File: RYkh1-4FfmbyxpsCd5B4FVTr7i8.roa (raw, json) Hash identifier: +Qcria4LzGLak3PelUYop+fULlne8ayCmIt2v/td8/Q= Subject key identifier: 45:89:21:D7:EE:05:7E:66:F2:C6:9B:02:77:90:78:15:54:EB:EE:2F Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4 Certificate serial: 019BD1E6324346154BF054596F8F6F917058 Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/RYkh1-4FfmbyxpsCd5B4FVTr7i8.roa Signing time: Sun 18 Jan 2026 16:18:02 +0000 ROA not before: Sun 18 Jan 2026 16:18:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 52000 IP address blocks: 46.8.112.0/24 maxlen: 24 109.248.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:d1:e6:32:43:46:15:4b:f0:54:59:6f:8f:6f:91:70:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4 Validity Not Before: Jan 18 16:18:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=458921d7ee057e66f2c69b027790781554ebee2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:76:15:18:1a:dc:75:31:57:a4:ba:c3:96:66: 86:af:2f:aa:a5:89:a8:12:05:62:13:09:74:86:4e: 8b:b7:ea:d8:3e:e4:50:34:55:7f:bb:8f:24:ce:ab: 76:33:0a:95:b7:69:f4:2d:05:c7:d7:10:59:6e:50: 6b:89:a9:f6:3b:1b:2d:6e:39:35:40:23:df:98:20: 83:5c:5c:5f:d6:bb:d3:67:fa:fe:ca:91:f1:14:48: 38:37:0d:ab:27:23:53:40:dc:92:ee:8d:91:f3:44: 8b:ea:51:07:d3:e1:aa:32:8d:17:4b:47:4a:2e:a3: ba:5a:5f:34:2e:86:1d:83:d3:6b:91:c0:94:ec:26: d5:f6:2e:55:1e:0c:34:f0:f8:6a:7e:84:bd:d4:d4: a2:db:52:34:80:d9:a2:a1:34:1b:bf:74:b2:b9:b9: bc:af:a4:5b:6c:0b:ec:8a:c3:8c:a8:b2:bf:30:9f: 0c:3c:22:29:33:91:5c:55:48:fc:cc:9e:11:71:14: c5:f4:2d:e4:91:7e:23:65:b3:c8:b1:75:de:81:6e: 34:1a:77:cf:b0:b4:6c:51:8d:97:06:36:50:fb:4a: 14:1c:77:04:9a:f7:6c:43:35:fa:a0:1c:d8:fe:94: 08:ee:d0:7e:e1:c8:e8:d5:22:d8:0f:95:5d:92:6e: 62:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:89:21:D7:EE:05:7E:66:F2:C6:9B:02:77:90:78:15:54:EB:EE:2F X509v3 Authority Key Identifier: keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/RYkh1-4FfmbyxpsCd5B4FVTr7i8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.8.112.0/24 109.248.42.0/24 Signature Algorithm: sha256WithRSAEncryption b4:45:3b:2d:30:d3:2d:b3:9a:f1:b6:bd:dc:b8:df:60:c1:bd: 40:23:df:29:5d:3b:66:ec:46:0d:8c:c2:5e:10:ff:e6:28:c2: eb:7d:20:7f:f1:75:a7:a7:1e:0e:62:75:aa:d4:c7:ae:94:34: 51:51:f8:5e:67:3e:5e:b9:3c:10:c6:da:17:7a:46:85:00:72: a8:18:c5:f2:af:b2:7b:a6:ed:c3:85:0b:5f:4b:2a:6a:11:59: bf:05:ae:08:1d:4e:90:e6:e4:fb:28:25:36:74:19:74:4e:81: 7b:46:ca:ca:6c:cc:ae:42:e4:64:10:75:ed:59:3f:99:6d:93: b8:ce:2a:e8:63:a5:19:24:b1:dd:7b:40:9e:90:f3:8e:5a:b4: e6:d5:e8:c0:1d:11:9b:e9:d9:12:9b:65:f5:60:97:91:cc:ac: 6d:3c:07:83:3d:a0:9a:e0:2d:3d:02:d5:77:17:75:42:15:8a: d3:1b:f1:84:2a:bb:de:d8:b0:2e:d1:fb:6e:55:0b:8f:d8:38: 13:88:54:e7:db:6a:3d:9f:0a:fd:92:60:28:ad:6f:de:4f:12: 81:54:57:ea:81:e8:72:a3:61:d1:7e:78:d7:01:70:b2:11:6f: 3e:45:e2:1b:02:51:b4:31:98:20:a5:61:f9:91:61:b8:25:14: 75:eb:be:c1 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZvR5jJDRhVL8FRZb49vkXBYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0 MjAzYjQwHhcNMjYwMTE4MTYxODAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NTg5MjFkN2VlMDU3ZTY2ZjJjNjliMDI3NzkwNzgxNTU0ZWJlZTJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3YVGBrcdTFXpLrDlmaGry+qpYmo EgViEwl0hk6Lt+rYPuRQNFV/u48kzqt2MwqVt2n0LQXH1xBZblBrian2Oxstbjk1 QCPfmCCDXFxf1rvTZ/r+ypHxFEg4Nw2rJyNTQNyS7o2R80SL6lEH0+GqMo0XS0dK LqO6Wl80LoYdg9NrkcCU7CbV9i5VHgw08PhqfoS91NSi21I0gNmioTQbv3Syubm8 r6RbbAvsisOMqLK/MJ8MPCIpM5FcVUj8zJ4RcRTF9C3kkX4jZbPIsXXegW40GnfP sLRsUY2XBjZQ+0oUHHcEmvdsQzX6oBzY/pQI7tB+4cjo1SLYD5Vdkm5iHQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFEWJIdfuBX5m8sabAneQeBVU6+4vMB8GA1UdIwQY MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt MTY2OTljOTZkZDVlLzEvUllraDEtNEZmbWJ5eHBzQ2Q1QjRGVlRyN2k4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALghwAwQA bfgqMA0GCSqGSIb3DQEBCwUAA4IBAQC0RTstMNMts5rxtr3cuN9gwb1AI98pXTtm 7EYNjMJeEP/mKMLrfSB/8XWnpx4OYnWq1MeulDRRUfheZz5euTwQxtoXekaFAHKo GMXyr7J7pu3DhQtfSypqEVm/Ba4IHU6Q5uT7KCU2dBl0ToF7RsrKbMyuQuRkEHXt WT+ZbZO4ziroY6UZJLHde0CekPOOWrTm1ejAHRGb6dkSm2X1YJeRzKxtPAeDPaCa 4C09AtV3F3VCFYrTG/GEKrve2LAu0ftuVQuP2DgTiFTn22o9nwr9kmAorW/eTxKB VFfqgehyo2HRfnjXAXCyEW8+ReIbAlG0MZggpWH5kWG4JRR1677B -----END CERTIFICATE-----Generated at Sun Jan 25 16:11:26 2026 by rpki-client