This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/8YQYzkkWSUbJ3UPPymYSW914MMg.roa File: 8YQYzkkWSUbJ3UPPymYSW914MMg.roa (raw, json) Hash identifier: 9lvLYcAIuT8e6AK3a0cVw0sCFSHzJhGpdm+DyXOpWt0= Subject key identifier: F1:84:18:CE:49:16:49:46:C9:DD:43:CF:CA:66:12:5B:DD:78:30:C8 Certificate issuer: /CN=d22f3bd0bae603ab790602a96bbbc42b5322e88f Certificate serial: 019B7A5B92630B8D8AB5F457780F54765113 Authority key identifier: D2:2F:3B:D0:BA:E6:03:AB:79:06:02:A9:6B:BB:C4:2B:53:22:E8:8F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0i870LrmA6t5BgKpa7vEK1Mi6I8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/8YQYzkkWSUbJ3UPPymYSW914MMg.roa Signing time: Thu 01 Jan 2026 16:19:40 +0000 ROA not before: Thu 01 Jan 2026 16:19:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12125 IP address blocks: 194.38.4.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/0i870LrmA6t5BgKpa7vEK1Mi6I8.crl rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/0i870LrmA6t5BgKpa7vEK1Mi6I8.mft rsync://rpki.ripe.net/repository/DEFAULT/0i870LrmA6t5BgKpa7vEK1Mi6I8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:92:63:0b:8d:8a:b5:f4:57:78:0f:54:76:51:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d22f3bd0bae603ab790602a96bbbc42b5322e88f Validity Not Before: Jan 1 16:19:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f18418ce49164946c9dd43cfca66125bdd7830c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:56:a5:2c:e0:2e:39:23:23:dc:ea:ea:42:95: 4e:3a:37:50:62:bf:b3:1c:dd:01:43:e0:7c:1b:af: 51:90:7e:de:55:fd:b4:74:11:3e:cf:ed:83:55:69: 90:b1:54:27:ff:f3:e2:af:12:40:b7:d4:90:bf:41: ab:a0:7b:61:49:83:8d:6e:bd:82:06:56:2e:bf:77: d3:1b:b0:8b:50:2b:a7:f6:65:29:53:45:cf:5d:d7: 48:47:3d:48:11:b4:12:32:98:c6:1a:5e:64:12:8b: b7:54:c1:f0:5a:22:f7:c1:30:56:ce:d9:f5:46:1c: 2f:23:5e:be:0a:fb:a4:ff:5d:28:42:b6:e3:cf:80: 06:d9:16:cd:cc:7a:f8:83:c7:48:c1:9d:de:30:2c: 8e:af:cd:1f:ff:7d:0f:d8:35:e8:aa:56:58:3b:98: 10:6b:5a:96:b6:3b:d8:58:73:a8:ad:79:93:d0:da: bd:c0:27:4e:13:d5:63:2a:bf:55:ff:45:df:41:01: 29:16:87:c3:83:ae:ac:88:e2:f7:84:88:b0:8e:09: 10:69:22:ff:04:c4:cf:e2:1b:c5:7a:86:b6:24:e6: 5e:e3:58:aa:8e:66:64:68:1b:0b:c9:6e:bd:7f:97: 18:19:c1:41:26:94:f5:cb:d5:b5:ea:cf:b5:7e:f0: 59:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:84:18:CE:49:16:49:46:C9:DD:43:CF:CA:66:12:5B:DD:78:30:C8 X509v3 Authority Key Identifier: keyid:D2:2F:3B:D0:BA:E6:03:AB:79:06:02:A9:6B:BB:C4:2B:53:22:E8:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0i870LrmA6t5BgKpa7vEK1Mi6I8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/8YQYzkkWSUbJ3UPPymYSW914MMg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6e51cb-517f-4cb1-a3a0-d721bd2e9d53/1/0i870LrmA6t5BgKpa7vEK1Mi6I8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.38.4.0/22 Signature Algorithm: sha256WithRSAEncryption 1d:62:92:c5:6c:92:51:37:48:eb:6b:a8:c2:da:d8:15:ee:aa: fb:6b:a9:b1:b9:89:bb:69:59:71:a2:57:b6:ff:0c:69:df:ed: 77:2f:26:55:3c:60:8b:e4:cc:f9:61:13:16:53:f0:2e:78:26: ab:f5:07:fe:cf:a9:d5:ae:83:2a:6a:aa:c8:b0:a9:83:ce:96: 6c:73:46:56:3a:51:ca:ae:a3:3b:57:f7:5f:fb:62:ba:52:c1: 82:3f:d8:e4:0e:67:f0:c7:d7:43:ff:13:35:b9:10:dc:e8:03: 96:5d:d7:98:ae:3f:d9:2c:fc:ad:04:a4:e5:1f:5d:22:da:46: 7b:86:b6:2d:9e:49:f4:c9:f4:d7:9b:42:04:7d:ce:70:d1:05: d8:8e:b5:96:8f:d2:03:27:92:92:de:d8:c4:8c:5e:2d:eb:cb: ae:8a:2b:79:9b:60:0c:95:c5:7c:75:17:3b:c0:66:d1:db:72: ce:7e:8e:05:a9:95:14:11:4f:d3:41:9e:f2:40:4e:03:e5:77: 57:04:17:22:84:8a:f8:e8:37:29:6c:3c:3c:54:cb:d4:39:ff: 6d:f8:68:cb:b8:b1:9c:33:59:18:7e:16:d4:e4:33:fb:91:61: c1:c9:2f:c3:cb:fa:af:02:12:0e:a5:2d:84:a1:a1:51:3a:a0: dc:91:43:d1 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6W5JjC42KtfRXeA9UdlETMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyMmYzYmQwYmFlNjAzYWI3OTA2MDJhOTZiYmJjNDJiNTMy MmU4OGYwHhcNMjYwMTAxMTYxOTQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMTg0MThjZTQ5MTY0OTQ2YzlkZDQzY2ZjYTY2MTI1YmRkNzgzMGM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvValLOAuOSMj3OrqQpVOOjdQYr+z HN0BQ+B8G69RkH7eVf20dBE+z+2DVWmQsVQn//PirxJAt9SQv0GroHthSYONbr2C BlYuv3fTG7CLUCun9mUpU0XPXddIRz1IEbQSMpjGGl5kEou3VMHwWiL3wTBWztn1 RhwvI16+Cvuk/10oQrbjz4AG2RbNzHr4g8dIwZ3eMCyOr80f/30P2DXoqlZYO5gQ a1qWtjvYWHOorXmT0Nq9wCdOE9VjKr9V/0XfQQEpFofDg66siOL3hIiwjgkQaSL/ BMTP4hvFeoa2JOZe41iqjmZkaBsLyW69f5cYGcFBJpT1y9W16s+1fvBZMwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFPGEGM5JFklGyd1Dz8pmElvdeDDIMB8GA1UdIwQY MBaAFNIvO9C65gOreQYCqWu7xCtTIuiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGk4NzBMcm1BNnQ1QmdLcGE3dkVLMU1pNkk4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82ZTUxY2ItNTE3Zi00Y2IxLWEzYTAt ZDcyMWJkMmU5ZDUzLzEvOFlRWXpra1dTVWJKM1VQUHltWVNXOTE0TU1nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNS82ZTUxY2ItNTE3Zi00Y2IxLWEzYTAtZDcyMWJkMmU5ZDUz LzEvMGk4NzBMcm1BNnQ1QmdLcGE3dkVLMU1pNkk4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwiYEMA0G CSqGSIb3DQEBCwUAA4IBAQAdYpLFbJJRN0jra6jC2tgV7qr7a6mxuYm7aVlxole2 /wxp3+13LyZVPGCL5Mz5YRMWU/AueCar9Qf+z6nVroMqaqrIsKmDzpZsc0ZWOlHK rqM7V/df+2K6UsGCP9jkDmfwx9dD/xM1uRDc6AOWXdeYrj/ZLPytBKTlH10i2kZ7 hrYtnkn0yfTXm0IEfc5w0QXYjrWWj9IDJ5KS3tjEjF4t68uuiit5m2AMlcV8dRc7 wGbR23LOfo4FqZUUEU/TQZ7yQE4D5XdXBBcihIr46DcpbDw8VMvUOf9t+GjLuLGc M1kYfhbU5DP7kWHByS/Dy/qvAhIOpS2EoaFROqDckUPR -----END CERTIFICATE-----Generated at Sun Jan 25 22:50:09 2026 by rpki-client