This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/phk0DUtP9juLO6Rie2WITcEati8.roa File: phk0DUtP9juLO6Rie2WITcEati8.roa (raw, json) Hash identifier: e91L1Q+nTnPD/oJ6jV8Vk2fQsj6tkZNRhSrVTsD9WQs= Subject key identifier: A6:19:34:0D:4B:4F:F6:3B:8B:3B:A4:62:7B:65:88:4D:C1:1A:B6:2F Certificate issuer: /CN=918ef823bb041ea3ac7c8936c750b6018137e2cd Certificate serial: 019B7AC86AA70EA4647DF26E0572A41778DE Authority key identifier: 91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/phk0DUtP9juLO6Rie2WITcEati8.roa Signing time: Thu 01 Jan 2026 18:18:33 +0000 ROA not before: Thu 01 Jan 2026 18:18:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47264 IP address blocks: 185.4.116.0/22 maxlen: 22 185.4.116.0/24 maxlen: 24 185.4.117.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.crl rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.mft rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:6a:a7:0e:a4:64:7d:f2:6e:05:72:a4:17:78:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=918ef823bb041ea3ac7c8936c750b6018137e2cd Validity Not Before: Jan 1 18:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a619340d4b4ff63b8b3ba4627b65884dc11ab62f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:d8:d3:0e:41:84:b9:b1:61:5e:ce:6c:1e:90: c7:3d:d7:14:7d:4b:92:cb:06:4c:ef:e6:0a:8c:f0: eb:fd:7a:dc:1d:08:71:4b:b3:a8:bd:f8:50:ac:d5: d4:ca:5a:ba:5a:8a:2f:f9:58:4b:dc:e6:78:93:ba: ea:0b:02:35:fa:59:4b:d2:79:cd:83:e5:78:96:8e: dc:88:f3:61:7a:da:32:ac:12:8f:df:a7:ea:73:04: 06:7d:2f:8e:e8:a7:15:89:60:08:cd:f8:95:d4:48: bd:83:84:9b:43:10:6c:62:40:e5:98:37:54:fe:15: 9c:f3:33:0a:c4:55:ca:d8:94:07:dd:d0:c6:be:48: fe:13:d1:bf:88:e3:bd:65:2f:25:1d:7a:95:a6:10: af:04:a9:7f:fe:a3:8a:97:78:cd:8b:2c:0b:22:8f: d3:25:bb:3b:d7:1d:db:57:a6:db:3e:d6:8c:dc:46: c1:d7:32:d1:bf:ca:1b:dd:9b:66:d5:97:d6:ca:9a: 3e:27:4c:1d:0d:77:1a:ec:ed:fd:90:ec:55:df:1c: 28:ee:dd:01:9d:b2:29:20:91:b7:27:b1:dd:36:90: 05:44:db:d4:40:13:b9:7a:dd:e7:95:66:87:ba:20: a6:ad:61:2e:35:f8:fd:c0:9c:ea:be:6f:04:8c:09: e1:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:19:34:0D:4B:4F:F6:3B:8B:3B:A4:62:7B:65:88:4D:C1:1A:B6:2F X509v3 Authority Key Identifier: keyid:91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/phk0DUtP9juLO6Rie2WITcEati8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.4.116.0/22 Signature Algorithm: sha256WithRSAEncryption 5f:c5:eb:8a:4c:a0:d5:b8:65:eb:82:1c:e9:88:66:1e:08:86: 1a:b7:87:51:98:00:5e:77:d2:41:ba:39:89:25:bd:ec:ab:f8: d5:b3:e4:15:75:a4:7d:b1:2f:8c:ee:34:3a:9f:94:d5:71:f9: 9e:83:38:60:34:d2:fe:66:97:79:5c:d0:ec:2a:97:ac:23:1e: 37:d7:51:75:ba:76:65:35:6d:65:bf:78:83:42:24:7e:9a:fa: 4c:e2:e7:3a:b8:f1:48:1a:1d:82:f9:d3:bc:d6:f6:d9:8b:fe: 1c:70:e1:14:77:db:0f:b6:b5:c7:90:16:a8:8a:dc:5b:1b:80: 62:a6:99:25:98:45:5e:c4:df:66:20:94:19:78:11:53:88:ca: 10:72:3b:0c:16:3a:4b:9e:ca:77:ad:a6:cc:54:f1:6f:16:73: 32:83:99:cb:1a:42:d2:70:75:1f:d0:13:9c:7c:f7:52:2e:45: 0a:d8:67:38:2f:86:ce:2d:41:fb:24:d1:25:e4:08:c6:c7:42: 4b:f2:89:a8:33:1e:89:c0:f8:90:8e:e8:f9:04:90:be:f4:32: dd:a6:f3:7b:90:5e:b2:b2:d0:6c:79:6b:39:29:c0:cc:f7:85: f3:98:36:bc:5a:77:fd:0b:18:4b:16:e7:2b:5f:f2:ea:f2:1b: dc:6e:b4:c5 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6yGqnDqRkffJuBXKkF3jeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxOGVmODIzYmIwNDFlYTNhYzdjODkzNmM3NTBiNjAxODEz N2UyY2QwHhcNMjYwMTAxMTgxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNjE5MzQwZDRiNGZmNjNiOGIzYmE0NjI3YjY1ODg0ZGMxMWFiNjJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtjTDkGEubFhXs5sHpDHPdcUfUuS ywZM7+YKjPDr/XrcHQhxS7OovfhQrNXUylq6Woov+VhL3OZ4k7rqCwI1+llL0nnN g+V4lo7ciPNhetoyrBKP36fqcwQGfS+O6KcViWAIzfiV1Ei9g4SbQxBsYkDlmDdU /hWc8zMKxFXK2JQH3dDGvkj+E9G/iOO9ZS8lHXqVphCvBKl//qOKl3jNiywLIo/T Jbs71x3bV6bbPtaM3EbB1zLRv8ob3Ztm1ZfWypo+J0wdDXca7O39kOxV3xwo7t0B nbIpIJG3J7HdNpAFRNvUQBO5et3nlWaHuiCmrWEuNfj9wJzqvm8EjAnh8QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKYZNA1LT/Y7izukYntliE3BGrYvMB8GA1UdIwQY MBaAFJGO+CO7BB6jrHyJNsdQtgGBN+LNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMt NjUyOTc1MWIyYjAxLzEvcGhrMERVdFA5anVMTzZSaWUyV0lUY0VhdGk4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMtNjUyOTc1MWIyYjAx LzEva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQR0MA0G CSqGSIb3DQEBCwUAA4IBAQBfxeuKTKDVuGXrghzpiGYeCIYat4dRmABed9JBujmJ Jb3sq/jVs+QVdaR9sS+M7jQ6n5TVcfmegzhgNNL+Zpd5XNDsKpesIx4311F1unZl NW1lv3iDQiR+mvpM4uc6uPFIGh2C+dO81vbZi/4ccOEUd9sPtrXHkBaoitxbG4Bi ppklmEVexN9mIJQZeBFTiMoQcjsMFjpLnsp3rabMVPFvFnMyg5nLGkLScHUf0BOc fPdSLkUK2Gc4L4bOLUH7JNEl5AjGx0JL8omoMx6JwPiQjuj5BJC+9DLdpvN7kF6y stBseWs5KcDM94XzmDa8Wnf9CxhLFucrX/Lq8hvcbrTF -----END CERTIFICATE-----Generated at Mon Jan 26 09:23:52 2026 by rpki-client