This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/8Tyh5ruhIODg2RR4YRbwOH8XkME.roa File: 8Tyh5ruhIODg2RR4YRbwOH8XkME.roa (raw, json) Hash identifier: VBVgrtmipcOaFwOKV8gkhl228HGa/1vfo6eAsTB8ty4= Subject key identifier: F1:3C:A1:E6:BB:A1:20:E0:E0:D9:14:78:61:16:F0:38:7F:17:90:C1 Certificate issuer: /CN=d4f92129df7aaa7157e15973c24753e118c9057d Certificate serial: 019B7910315DAF5BB9F05F703389AE286AC0 Authority key identifier: D4:F9:21:29:DF:7A:AA:71:57:E1:59:73:C2:47:53:E1:18:C9:05:7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1PkhKd96qnFX4VlzwkdT4RjJBX0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/8Tyh5ruhIODg2RR4YRbwOH8XkME.roa Signing time: Thu 01 Jan 2026 10:17:42 +0000 ROA not before: Thu 01 Jan 2026 10:17:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204631 IP address blocks: 185.136.120.0/22 maxlen: 22 193.27.218.0/23 maxlen: 23 2001:67c:2c08::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/1PkhKd96qnFX4VlzwkdT4RjJBX0.crl rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/1PkhKd96qnFX4VlzwkdT4RjJBX0.mft rsync://rpki.ripe.net/repository/DEFAULT/1PkhKd96qnFX4VlzwkdT4RjJBX0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 10:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:31:5d:af:5b:b9:f0:5f:70:33:89:ae:28:6a:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d4f92129df7aaa7157e15973c24753e118c9057d Validity Not Before: Jan 1 10:17:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f13ca1e6bba120e0e0d914786116f0387f1790c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:e8:87:0b:d7:37:02:2e:49:3a:c4:f1:0d:cf: ae:d6:3d:77:0a:54:c7:a2:05:67:ef:94:65:dd:cf: 48:81:cd:81:f6:01:e2:5d:32:e1:5a:4f:93:76:e8: 38:a8:46:26:62:28:e0:f8:61:7c:eb:39:9a:e2:1d: 7e:c8:77:a6:66:76:66:89:66:89:86:ca:dc:4c:3f: 92:1e:2a:fb:e9:d6:38:d4:1f:db:42:17:ee:dd:75: 73:2e:ac:ef:40:ad:9a:e9:21:34:6f:a0:7a:a8:b4: a2:d2:5c:10:dd:82:e6:3a:81:cb:e6:9f:75:be:38: e6:5b:14:8a:f7:43:63:be:8c:57:33:14:aa:e1:06: 79:30:25:ab:fb:48:89:9e:29:8e:5a:fe:24:b9:15: c2:1b:d9:b9:b7:c3:e4:76:58:c4:b7:49:71:6f:c7: 90:2b:6e:ea:f5:4f:ac:cf:e3:75:89:77:51:fd:90: e7:f7:3e:71:de:62:21:4e:ff:e3:1c:46:80:0c:4e: 87:e1:c6:45:e2:8c:53:92:d8:b9:86:5d:bc:b4:88: 6e:35:fd:e6:0f:82:3d:6f:b3:37:25:2a:57:78:e0: b9:bd:a8:08:7b:23:33:16:d6:fa:3c:b0:ee:36:cc: 23:8b:39:e8:4b:a7:c0:90:c6:55:89:b8:f3:eb:68: 88:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:3C:A1:E6:BB:A1:20:E0:E0:D9:14:78:61:16:F0:38:7F:17:90:C1 X509v3 Authority Key Identifier: keyid:D4:F9:21:29:DF:7A:AA:71:57:E1:59:73:C2:47:53:E1:18:C9:05:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1PkhKd96qnFX4VlzwkdT4RjJBX0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/8Tyh5ruhIODg2RR4YRbwOH8XkME.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/9cfe5d-5770-4b5d-8935-9f38c8b8a928/1/1PkhKd96qnFX4VlzwkdT4RjJBX0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.136.120.0/22 193.27.218.0/23 IPv6: 2001:67c:2c08::/48 Signature Algorithm: sha256WithRSAEncryption 5c:9d:00:df:fc:ad:6b:1c:8b:98:94:57:fb:8b:eb:c4:79:2a: f2:b6:85:5d:0a:20:fd:eb:68:c3:7e:29:25:d5:89:41:b5:e0: 38:ad:7e:c1:47:96:30:44:e7:00:7c:8e:f4:d9:9c:1b:a2:ef: e7:c5:54:a1:7e:99:d0:27:c4:5d:04:c8:b3:10:c2:59:d0:9f: 0b:76:51:4c:d7:e8:23:a6:f4:d7:bd:fa:39:ea:1c:73:46:af: b5:96:89:97:6a:f9:e2:dc:c8:10:0e:17:65:4b:ca:b4:44:78: 78:86:0f:91:9d:a4:cd:e5:a4:2c:2d:61:05:4f:e6:0d:71:2d: 22:ff:56:d6:08:60:ff:63:37:70:e2:3e:3a:52:71:e9:35:45: 14:52:39:f0:3e:99:75:c2:6b:22:11:a8:dc:2c:5f:3b:92:32: 15:12:5a:05:c0:3e:3c:84:af:3f:47:3d:d2:14:bb:93:7f:33: 54:e2:ef:60:2e:ea:da:36:cf:db:a2:39:80:0c:59:94:c7:31: 60:f0:96:1d:a1:cf:09:1b:0f:65:79:df:27:4b:86:1a:56:10: c0:58:b6:0b:65:9a:9e:13:17:a6:54:d7:65:40:a7:03:3d:3c: b5:1c:d9:fb:61:3d:0c:83:76:be:6e:35:10:73:8d:27:49:b9: d4:16:4a:19 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt5EDFdr1u58F9wM4muKGrAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0ZjkyMTI5ZGY3YWFhNzE1N2UxNTk3M2MyNDc1M2UxMThj OTA1N2QwHhcNMjYwMTAxMTAxNzQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMTNjYTFlNmJiYTEyMGUwZTBkOTE0Nzg2MTE2ZjAzODdmMTc5MGMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0uiHC9c3Ai5JOsTxDc+u1j13ClTH ogVn75Rl3c9Igc2B9gHiXTLhWk+Tdug4qEYmYijg+GF86zma4h1+yHemZnZmiWaJ hsrcTD+SHir76dY41B/bQhfu3XVzLqzvQK2a6SE0b6B6qLSi0lwQ3YLmOoHL5p91 vjjmWxSK90NjvoxXMxSq4QZ5MCWr+0iJnimOWv4kuRXCG9m5t8PkdljEt0lxb8eQ K27q9U+sz+N1iXdR/ZDn9z5x3mIhTv/jHEaADE6H4cZF4oxTkti5hl28tIhuNf3m D4I9b7M3JSpXeOC5vagIeyMzFtb6PLDuNswjiznoS6fAkMZVibjz62iIFwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFPE8oea7oSDg4NkUeGEW8Dh/F5DBMB8GA1UdIwQY MBaAFNT5ISnfeqpxV+FZc8JHU+EYyQV9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVBraEtkOTZxbkZYNFZsendrZFQ0UmpKQlgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC85Y2ZlNWQtNTc3MC00YjVkLTg5MzUt OWYzOGM4YjhhOTI4LzEvOFR5aDVydWhJT0RnMlJSNFlSYndPSDhYa01FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC85Y2ZlNWQtNTc3MC00YjVkLTg5MzUtOWYzOGM4YjhhOTI4 LzEvMVBraEtkOTZxbkZYNFZsendrZFQ0UmpKQlgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuYh4AwQB wRvaMA8EAgACMAkDBwAgAQZ8LAgwDQYJKoZIhvcNAQELBQADggEBAFydAN/8rWsc i5iUV/uL68R5KvK2hV0KIP3raMN+KSXViUG14DitfsFHljBE5wB8jvTZnBui7+fF VKF+mdAnxF0EyLMQwlnQnwt2UUzX6COm9Ne9+jnqHHNGr7WWiZdq+eLcyBAOF2VL yrREeHiGD5GdpM3lpCwtYQVP5g1xLSL/VtYIYP9jN3DiPjpScek1RRRSOfA+mXXC ayIRqNwsXzuSMhUSWgXAPjyErz9HPdIUu5N/M1Ti72Au6to2z9uiOYAMWZTHMWDw lh2hzwkbD2V53ydLhhpWEMBYtgtlmp4TF6ZU12VApwM9PLUc2fthPQyDdr5uNRBz jSdJudQWShk= -----END CERTIFICATE-----Generated at Sun Jan 25 20:30:11 2026 by rpki-client