This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/d8kiYzlEKQLdX-UflZDxlYGnmRo.roa File: d8kiYzlEKQLdX-UflZDxlYGnmRo.roa (raw, json) Hash identifier: pIWLP+nuBmaLwVa5s824iZjtnJtxSoE6FNL2XIkxyMI= Subject key identifier: 77:C9:22:63:39:44:29:02:DD:5F:E5:1F:95:90:F1:95:81:A7:99:1A Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17 Certificate serial: 019B7F839CDAB6B2511C75179384A1D13EF7 Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/d8kiYzlEKQLdX-UflZDxlYGnmRo.roa Signing time: Fri 02 Jan 2026 16:21:30 +0000 ROA not before: Fri 02 Jan 2026 16:21:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44901 IP address blocks: 152.89.28.0/24 maxlen: 24 193.135.174.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.mft rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:9c:da:b6:b2:51:1c:75:17:93:84:a1:d1:3e:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17 Validity Not Before: Jan 2 16:21:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=77c9226339442902dd5fe51f9590f19581a7991a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:03:e3:ff:2e:83:58:bf:d7:c2:85:01:6e:c9: 71:34:f9:76:17:c0:a6:9d:da:d6:02:03:71:9f:4a: 91:a8:c6:d9:20:ab:7a:95:a3:17:ef:5d:33:db:0d: fc:30:6b:96:c6:38:5b:4b:50:bf:ef:51:05:ce:df: 9f:64:ad:7c:97:df:f0:23:c0:b0:91:2e:2d:4c:2c: 2d:dd:28:fc:1f:aa:15:ff:42:77:04:4f:48:e9:89: 70:d2:11:e9:23:66:9b:fe:01:c5:58:81:5f:fd:38: cc:a6:ea:f8:6d:b6:5b:1b:37:0e:bd:13:79:f3:d0: a3:a2:c1:52:92:b7:70:a1:87:3d:f1:de:17:2a:93: be:b1:df:c6:b0:18:08:81:33:98:49:c3:41:0c:0a: 68:53:a0:e6:ca:db:98:28:eb:22:32:d4:3d:0c:b6: 44:58:71:05:85:e2:68:ac:43:83:78:5f:b6:8e:ee: d9:5d:e4:ed:c8:89:00:f1:5f:d8:be:63:fb:a1:0e: 83:49:c4:6d:59:59:09:45:d8:7e:cd:93:46:20:a2: 33:cb:0f:da:4d:b9:42:1e:02:58:76:89:21:3a:e8: 89:9e:b6:86:1f:79:1b:fb:26:1e:63:d2:88:2d:d8: 25:5d:d7:37:8f:a0:da:f0:03:d3:61:69:c6:c1:77: a1:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:C9:22:63:39:44:29:02:DD:5F:E5:1F:95:90:F1:95:81:A7:99:1A X509v3 Authority Key Identifier: keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/d8kiYzlEKQLdX-UflZDxlYGnmRo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.89.28.0/24 193.135.174.0/24 Signature Algorithm: sha256WithRSAEncryption 00:3d:f5:f7:55:0c:1e:a5:71:37:87:0b:bf:db:83:2e:4e:77: cf:93:b6:c9:e5:ae:d0:68:42:cc:fa:f6:b9:b0:b1:29:95:56: c1:e5:52:8d:70:79:32:d4:99:f1:0b:d6:2f:68:37:8c:92:42: cb:99:79:88:09:cf:f1:39:73:b9:ee:51:78:84:4f:52:ed:04: 45:79:01:9f:05:7f:8c:0b:d5:06:13:9d:a4:ac:b2:8d:23:d9: 0d:09:47:01:ce:2a:50:13:4c:e3:55:d9:a4:24:46:3a:17:de: 04:67:52:a2:a9:ec:93:f2:dc:41:ae:fa:b8:7b:b9:16:bd:45: ef:f2:c1:bb:ed:b0:25:3a:86:d3:24:e8:c8:71:60:0d:f7:01: e3:ad:30:03:2a:22:81:fa:93:c1:9b:4a:10:58:6d:cd:d8:28: 17:18:ae:80:9d:21:81:16:0c:8b:79:14:ed:ac:b6:84:26:cf: 34:b6:e7:8f:f9:94:bf:9b:9b:e3:5f:9b:6d:da:29:43:8d:63: 1f:f9:3f:e3:72:60:1c:75:64:af:b7:6c:fa:6f:3a:0a:ae:b0: ae:df:75:a1:56:9c:ad:12:48:f0:d7:cd:2c:60:06:76:ac:72: f3:72:21:69:1a:25:22:67:ca:df:a8:e4:38:2c:15:42:49:f4: a0:0b:6b:7d -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/g5zatrJRHHUXk4Sh0T73MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx ZTZiMTcwHhcNMjYwMTAyMTYyMTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3N2M5MjI2MzM5NDQyOTAyZGQ1ZmU1MWY5NTkwZjE5NTgxYTc5OTFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgPj/y6DWL/XwoUBbslxNPl2F8Cm ndrWAgNxn0qRqMbZIKt6laMX710z2w38MGuWxjhbS1C/71EFzt+fZK18l9/wI8Cw kS4tTCwt3Sj8H6oV/0J3BE9I6Ylw0hHpI2ab/gHFWIFf/TjMpur4bbZbGzcOvRN5 89CjosFSkrdwoYc98d4XKpO+sd/GsBgIgTOYScNBDApoU6DmytuYKOsiMtQ9DLZE WHEFheJorEODeF+2ju7ZXeTtyIkA8V/YvmP7oQ6DScRtWVkJRdh+zZNGIKIzyw/a TblCHgJYdokhOuiJnraGH3kb+yYeY9KILdglXdc3j6Da8APTYWnGwXehJwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHfJImM5RCkC3V/lH5WQ8ZWBp5kaMB8GA1UdIwQY MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt OWU4OTVkMGVmOGQyLzEvZDhraVl6bEVLUUxkWC1VZmxaRHhsWUdubVJvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmFkcAwQA wYeuMA0GCSqGSIb3DQEBCwUAA4IBAQAAPfX3VQwepXE3hwu/24MuTnfPk7bJ5a7Q aELM+va5sLEplVbB5VKNcHky1JnxC9YvaDeMkkLLmXmICc/xOXO57lF4hE9S7QRF eQGfBX+MC9UGE52krLKNI9kNCUcBzipQE0zjVdmkJEY6F94EZ1KiqeyT8txBrvq4 e7kWvUXv8sG77bAlOobTJOjIcWAN9wHjrTADKiKB+pPBm0oQWG3N2CgXGK6AnSGB FgyLeRTtrLaEJs80tueP+ZS/m5vjX5tt2ilDjWMf+T/jcmAcdWSvt2z6bzoKrrCu 33WhVpytEkjw180sYAZ2rHLzciFpGiUiZ8rfqOQ4LBVCSfSgC2t9 -----END CERTIFICATE-----Generated at Sun Jan 25 22:30:08 2026 by rpki-client