This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e698c7-0b1f-4106-ba67-6eefe5b335aa/1/r1byiiD8E5kv1tORv9SHaYWDCX8.roa File: r1byiiD8E5kv1tORv9SHaYWDCX8.roa (raw, json) Hash identifier: Y7mEKt3t/ouKCUEMiF9nKEKnQJXCe30KkTBF7TaOr+w= Subject key identifier: AF:56:F2:8A:20:FC:13:99:2F:D6:D3:91:BF:D4:87:69:85:83:09:7F Certificate issuer: /CN=f0d59f121fc7efa0c10b7dd614d95a8756d53606 Certificate serial: 019B7A5B20225682D85D0EB9274E1C046919 Authority key identifier: F0:D5:9F:12:1F:C7:EF:A0:C1:0B:7D:D6:14:D9:5A:87:56:D5:36:06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8NWfEh_H76DBC33WFNlah1bVNgY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e698c7-0b1f-4106-ba67-6eefe5b335aa/1/r1byiiD8E5kv1tORv9SHaYWDCX8.roa Signing time: Thu 01 Jan 2026 16:19:10 +0000 ROA not before: Thu 01 Jan 2026 16:19:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21263 IP address blocks: 5.104.144.0/21 maxlen: 24 45.10.98.0/23 maxlen: 24 2a01:76c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/e698c7-0b1f-4106-ba67-6eefe5b335aa/1/8NWfEh_H76DBC33WFNlah1bVNgY.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/e698c7-0b1f-4106-ba67-6eefe5b335aa/1/8NWfEh_H76DBC33WFNlah1bVNgY.mft rsync://rpki.ripe.net/repository/DEFAULT/8NWfEh_H76DBC33WFNlah1bVNgY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:20:22:56:82:d8:5d:0e:b9:27:4e:1c:04:69:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f0d59f121fc7efa0c10b7dd614d95a8756d53606 Validity Not Before: Jan 1 16:19:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=af56f28a20fc13992fd6d391bfd487698583097f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:0e:47:bf:55:2e:49:72:56:e5:a1:aa:22:a6: 0d:ed:82:61:85:d0:0d:89:40:14:2c:26:ea:48:fd: 54:80:f4:01:9b:fc:e1:59:90:58:74:f9:6d:55:e5: 8d:02:ef:8f:0e:6c:12:9b:78:43:b1:2f:8d:b0:0b: fa:48:ba:b0:f6:01:06:1b:e0:62:f7:83:d4:fc:a1: 89:da:cb:ff:c4:ce:4d:ad:0c:cd:17:91:4d:0f:43: 09:08:8b:39:c9:f6:dd:de:6c:31:21:6c:50:2e:cb: 13:61:bc:85:0b:1d:7f:1f:eb:22:b4:33:fe:aa:c3: 6c:95:81:5c:5b:ba:f0:f4:17:9c:4f:10:a6:9e:eb: 0d:25:7f:6d:11:10:03:dc:8c:ae:85:d8:d9:d5:89: 1f:0b:58:3d:b8:8b:f7:36:e5:80:32:3d:fb:90:03: 42:ef:c3:29:7f:7b:e7:a8:48:64:a3:34:01:bc:9f: ee:b0:51:6a:a0:4e:a0:6e:3b:5f:97:29:f7:46:95: 22:fe:a8:84:e0:7a:72:7d:55:42:22:65:58:c8:af: c8:a2:4f:8c:61:0c:76:9a:32:59:f1:f9:b9:6c:33: 07:39:1e:e8:da:d8:15:d3:db:06:ab:a6:de:0e:1c: 32:79:99:e0:2d:ff:ff:72:2e:67:a7:6e:5b:c1:79: 4d:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:56:F2:8A:20:FC:13:99:2F:D6:D3:91:BF:D4:87:69:85:83:09:7F X509v3 Authority Key Identifier: keyid:F0:D5:9F:12:1F:C7:EF:A0:C1:0B:7D:D6:14:D9:5A:87:56:D5:36:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8NWfEh_H76DBC33WFNlah1bVNgY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e698c7-0b1f-4106-ba67-6eefe5b335aa/1/r1byiiD8E5kv1tORv9SHaYWDCX8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e698c7-0b1f-4106-ba67-6eefe5b335aa/1/8NWfEh_H76DBC33WFNlah1bVNgY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.104.144.0/21 45.10.98.0/23 IPv6: 2a01:76c0::/29 Signature Algorithm: sha256WithRSAEncryption 83:c7:af:25:ae:93:7c:03:08:2a:01:06:b8:0e:e3:e1:62:7f: 92:23:09:c9:cf:53:68:91:fe:ef:ba:88:70:83:65:de:25:ec: b8:fd:b5:c6:d5:97:4f:8f:26:d3:49:3f:0a:09:92:25:94:d7: 1d:e7:70:7a:19:25:79:ff:85:75:2d:ac:8f:e8:fe:26:d8:1a: dc:81:1b:b8:1b:ba:39:f6:85:49:83:9e:40:99:c8:58:6f:7b: be:a1:c6:cd:8a:4d:cf:c4:77:76:5e:b2:41:6b:a9:0f:df:cf: bf:7f:47:6f:38:1f:b1:9b:29:12:ae:91:a7:e2:d0:03:00:65: 9c:06:54:ff:f2:ea:46:2e:68:4f:36:67:e1:3f:b7:65:78:a9: 2a:68:27:e5:01:0f:7c:5e:5c:43:1a:d8:ef:28:d6:07:cd:65: 4d:b8:a0:69:81:11:f4:55:73:bd:2f:e8:7c:cc:00:e9:36:4f: 38:27:44:8a:36:29:de:bf:9d:79:fe:e7:e5:50:84:7a:af:12: bf:72:95:7d:69:6d:fa:2d:13:9d:25:69:c7:55:85:3c:e7:4e: a6:f8:61:ac:ec:ae:f2:0a:88:10:8e:0a:d6:c6:d1:58:11:52: b7:bc:e7:10:72:67:a0:88:8e:5d:93:5b:ac:ed:47:61:0d:6f: db:3a:1f:0a -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6WyAiVoLYXQ65J04cBGkZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwZDU5ZjEyMWZjN2VmYTBjMTBiN2RkNjE0ZDk1YTg3NTZk NTM2MDYwHhcNMjYwMTAxMTYxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjU2ZjI4YTIwZmMxMzk5MmZkNmQzOTFiZmQ0ODc2OTg1ODMwOTdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw5Hv1UuSXJW5aGqIqYN7YJhhdAN iUAULCbqSP1UgPQBm/zhWZBYdPltVeWNAu+PDmwSm3hDsS+NsAv6SLqw9gEGG+Bi 94PU/KGJ2sv/xM5NrQzNF5FND0MJCIs5yfbd3mwxIWxQLssTYbyFCx1/H+sitDP+ qsNslYFcW7rw9BecTxCmnusNJX9tERAD3IyuhdjZ1YkfC1g9uIv3NuWAMj37kANC 78Mpf3vnqEhkozQBvJ/usFFqoE6gbjtflyn3RpUi/qiE4HpyfVVCImVYyK/Iok+M YQx2mjJZ8fm5bDMHOR7o2tgV09sGq6beDhwyeZngLf//ci5np25bwXlN7QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFK9W8oog/BOZL9bTkb/Uh2mFgwl/MB8GA1UdIwQY MBaAFPDVnxIfx++gwQt91hTZWodW1TYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOE5XZkVoX0g3NkRCQzMzV0ZObGFoMWJWTmdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lNjk4YzctMGIxZi00MTA2LWJhNjct NmVlZmU1YjMzNWFhLzEvcjFieWlpRDhFNWt2MXRPUnY5U0hhWVdEQ1g4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi9lNjk4YzctMGIxZi00MTA2LWJhNjctNmVlZmU1YjMzNWFh LzEvOE5XZkVoX0g3NkRCQzMzV0ZObGFoMWJWTmdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBWiQAwQB LQpiMA0EAgACMAcDBQMqAXbAMA0GCSqGSIb3DQEBCwUAA4IBAQCDx68lrpN8Awgq AQa4DuPhYn+SIwnJz1Nokf7vuohwg2XeJey4/bXG1ZdPjybTST8KCZIllNcd53B6 GSV5/4V1LayP6P4m2BrcgRu4G7o59oVJg55AmchYb3u+ocbNik3PxHd2XrJBa6kP 38+/f0dvOB+xmykSrpGn4tADAGWcBlT/8upGLmhPNmfhP7dleKkqaCflAQ98XlxD GtjvKNYHzWVNuKBpgRH0VXO9L+h8zADpNk84J0SKNinev515/uflUIR6rxK/cpV9 aW36LROdJWnHVYU8506m+GGs7K7yCogQjgrWxtFYEVK3vOcQcmegiI5dk1us7Udh DW/bOh8K -----END CERTIFICATE-----Generated at Sun Jan 25 22:28:54 2026 by rpki-client