This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/4_VYxnt4iXAg8OJrfJjg9PAotmY.roa File: 4_VYxnt4iXAg8OJrfJjg9PAotmY.roa (raw, json) Hash identifier: Akm/ByEBk49YqUy9ZSZK+QcVI8/pv/K13FfF4hTRGSY= Subject key identifier: E3:F5:58:C6:7B:78:89:70:20:F0:E2:6B:7C:98:E0:F4:F0:28:B6:66 Certificate issuer: /CN=0a4bd1d30f7235cd71739c042310dc26080738f6 Certificate serial: 019B7F821FBBBA7199EB7B29B3AF169CAB84 Authority key identifier: 0A:4B:D1:D3:0F:72:35:CD:71:73:9C:04:23:10:DC:26:08:07:38:F6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkvR0w9yNc1xc5wEIxDcJggHOPY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/4_VYxnt4iXAg8OJrfJjg9PAotmY.roa Signing time: Fri 02 Jan 2026 16:19:52 +0000 ROA not before: Fri 02 Jan 2026 16:19:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51269 IP address blocks: 178.255.96.0/21 maxlen: 24 185.103.140.0/22 maxlen: 24 2a03:b700::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/CkvR0w9yNc1xc5wEIxDcJggHOPY.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/CkvR0w9yNc1xc5wEIxDcJggHOPY.mft rsync://rpki.ripe.net/repository/DEFAULT/CkvR0w9yNc1xc5wEIxDcJggHOPY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:1f:bb:ba:71:99:eb:7b:29:b3:af:16:9c:ab:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a4bd1d30f7235cd71739c042310dc26080738f6 Validity Not Before: Jan 2 16:19:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e3f558c67b78897020f0e26b7c98e0f4f028b666 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:5b:57:2a:b4:75:dd:d8:0e:0f:71:36:74:e2: dd:94:07:23:ab:74:09:a9:b1:df:93:97:f8:fa:b4: 10:fb:74:46:9b:50:d7:76:39:bb:dc:29:94:3a:78: 24:1d:fd:4e:a2:3f:f8:50:05:1b:5d:ca:ea:5a:f9: 9c:b6:00:6e:84:ac:a5:29:9c:1b:df:81:82:3b:10: 3d:44:3a:f9:23:e3:7a:c5:b0:fa:16:db:2a:69:87: 6a:c8:1b:19:62:e2:ea:52:2e:81:d1:9b:87:fd:3b: 87:06:62:5b:18:07:b7:dc:27:71:f9:da:81:03:30: 66:81:51:6a:97:36:f2:27:05:49:3c:aa:8a:4b:7b: 37:ea:ac:56:55:13:84:a3:0d:2c:41:6e:77:98:80: af:2d:27:8b:01:18:b7:6a:a3:eb:da:8a:b8:d4:32: de:c4:7c:e7:fc:34:56:06:e1:d9:08:64:c2:1f:a8: f0:f2:b6:07:45:8b:a9:fa:71:4c:1c:2d:e9:26:5d: b2:be:df:77:42:9e:bc:3d:77:01:d9:7e:44:77:ad: 71:1e:a9:29:f3:3d:4b:5b:e9:61:cb:05:32:e5:7f: 7a:2b:14:7e:51:4a:fd:48:af:18:83:fd:78:72:c6: 38:10:b7:a2:ef:c8:1a:55:aa:0f:b4:ef:bf:11:3f: 86:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:F5:58:C6:7B:78:89:70:20:F0:E2:6B:7C:98:E0:F4:F0:28:B6:66 X509v3 Authority Key Identifier: keyid:0A:4B:D1:D3:0F:72:35:CD:71:73:9C:04:23:10:DC:26:08:07:38:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkvR0w9yNc1xc5wEIxDcJggHOPY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/4_VYxnt4iXAg8OJrfJjg9PAotmY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/CkvR0w9yNc1xc5wEIxDcJggHOPY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 178.255.96.0/21 185.103.140.0/22 IPv6: 2a03:b700::/29 Signature Algorithm: sha256WithRSAEncryption 77:e5:f1:b3:5f:22:24:fa:79:88:5e:85:77:bd:af:12:22:a5: 30:95:00:28:9c:3f:7e:53:fb:2c:69:52:62:d7:a8:b6:da:35: c7:c7:05:9a:d1:16:e2:3f:f1:d1:70:64:92:a7:e5:70:fc:9b: ff:31:fb:ef:d0:54:43:e7:ac:3f:7d:f1:91:17:46:ae:f4:c4: b2:8f:03:9a:ba:d8:9f:bc:7a:f9:91:7f:3e:6f:65:8b:7b:42: de:09:cf:d0:a1:ce:69:b0:2c:bf:04:0d:d3:e6:d0:61:57:31: c9:53:ab:c5:68:1e:c1:71:0d:8e:71:74:15:e9:47:3f:45:04: b2:b7:11:56:f2:be:d4:1f:14:c4:a3:0a:17:78:a5:cd:e8:fb: 21:38:7b:b8:3b:a3:b1:aa:10:1e:49:7b:46:79:c7:24:ad:14: 1a:3b:b4:39:2f:97:e7:02:5f:9e:d1:f6:38:ec:89:55:33:fb: 45:50:55:c1:44:c8:d3:c8:a8:31:ad:74:bf:c0:bc:86:57:e5: 4d:e0:90:50:3d:19:51:6b:62:71:79:bd:aa:ac:3e:db:c7:a1: e3:da:cc:6d:1f:9b:52:d9:3e:35:e2:88:62:1b:7f:d8:30:34: 6b:cc:c5:85:8b:98:26:85:64:38:b2:03:0e:c5:b1:fd:02:71: 2b:2f:88:c1 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/gh+7unGZ63sps68WnKuEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhNGJkMWQzMGY3MjM1Y2Q3MTczOWMwNDIzMTBkYzI2MDgw NzM4ZjYwHhcNMjYwMTAyMTYxOTUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlM2Y1NThjNjdiNzg4OTcwMjBmMGUyNmI3Yzk4ZTBmNGYwMjhiNjY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ltXKrR13dgOD3E2dOLdlAcjq3QJ qbHfk5f4+rQQ+3RGm1DXdjm73CmUOngkHf1Ooj/4UAUbXcrqWvmctgBuhKylKZwb 34GCOxA9RDr5I+N6xbD6FtsqaYdqyBsZYuLqUi6B0ZuH/TuHBmJbGAe33Cdx+dqB AzBmgVFqlzbyJwVJPKqKS3s36qxWVROEow0sQW53mICvLSeLARi3aqPr2oq41DLe xHzn/DRWBuHZCGTCH6jw8rYHRYup+nFMHC3pJl2yvt93Qp68PXcB2X5Ed61xHqkp 8z1LW+lhywUy5X96KxR+UUr9SK8Yg/14csY4ELei78gaVaoPtO+/ET+GTwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFOP1WMZ7eIlwIPDia3yY4PTwKLZmMB8GA1UdIwQY MBaAFApL0dMPcjXNcXOcBCMQ3CYIBzj2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2t2UjB3OXlOYzF4YzV3RUl4RGNKZ2dIT1BZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi84ZDUwOWYtZmI2NC00MjNkLWIyNjEt Mzg4NDQzZDVmMDBmLzEvNF9WWXhudDRpWEFnOE9KcmZKamc5UEFvdG1ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi84ZDUwOWYtZmI2NC00MjNkLWIyNjEtMzg4NDQzZDVmMDBm LzEvQ2t2UjB3OXlOYzF4YzV3RUl4RGNKZ2dIT1BZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsv9gAwQC uWeMMA0EAgACMAcDBQMqA7cAMA0GCSqGSIb3DQEBCwUAA4IBAQB35fGzXyIk+nmI XoV3va8SIqUwlQAonD9+U/ssaVJi16i22jXHxwWa0RbiP/HRcGSSp+Vw/Jv/Mfvv 0FRD56w/ffGRF0au9MSyjwOautifvHr5kX8+b2WLe0LeCc/Qoc5psCy/BA3T5tBh VzHJU6vFaB7BcQ2OcXQV6Uc/RQSytxFW8r7UHxTEowoXeKXN6PshOHu4O6OxqhAe SXtGecckrRQaO7Q5L5fnAl+e0fY47IlVM/tFUFXBRMjTyKgxrXS/wLyGV+VN4JBQ PRlRa2Jxeb2qrD7bx6Hj2sxtH5tS2T414ohiG3/YMDRrzMWFi5gmhWQ4sgMOxbH9 AnErL4jB -----END CERTIFICATE-----Generated at Sun Jan 25 22:14:55 2026 by rpki-client