This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/7d00e0-cf41-4142-99d2-494713a9963a/1/Yf20QMXkj8GFJGSLeIPw0rNOpPU.roa File: Yf20QMXkj8GFJGSLeIPw0rNOpPU.roa (raw, json) Hash identifier: aWACKntsxHH3Va6cTR9cG1/KJpBjS153dDHspJ2qJ94= Subject key identifier: 61:FD:B4:40:C5:E4:8F:C1:85:24:64:8B:78:83:F0:D2:B3:4E:A4:F5 Certificate issuer: /CN=8d298d63970ab03cdfbf514fa0e8ed21310985f1 Certificate serial: 019B7EA6704947149F2ED346EFB857E9F030 Authority key identifier: 8D:29:8D:63:97:0A:B0:3C:DF:BF:51:4F:A0:E8:ED:21:31:09:85:F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jSmNY5cKsDzfv1FPoOjtITEJhfE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/7d00e0-cf41-4142-99d2-494713a9963a/1/Yf20QMXkj8GFJGSLeIPw0rNOpPU.roa Signing time: Fri 02 Jan 2026 12:19:55 +0000 ROA not before: Fri 02 Jan 2026 12:19:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5056 IP address blocks: 46.16.163.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/7d00e0-cf41-4142-99d2-494713a9963a/1/jSmNY5cKsDzfv1FPoOjtITEJhfE.crl rsync://rpki.ripe.net/repository/DEFAULT/f6/7d00e0-cf41-4142-99d2-494713a9963a/1/jSmNY5cKsDzfv1FPoOjtITEJhfE.mft rsync://rpki.ripe.net/repository/DEFAULT/jSmNY5cKsDzfv1FPoOjtITEJhfE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:70:49:47:14:9f:2e:d3:46:ef:b8:57:e9:f0:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8d298d63970ab03cdfbf514fa0e8ed21310985f1 Validity Not Before: Jan 2 12:19:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=61fdb440c5e48fc18524648b7883f0d2b34ea4f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:1f:a8:89:b6:5c:01:34:a2:99:7c:e4:f3:e4: f0:ce:51:19:f2:b5:0c:56:c6:5b:ef:ac:aa:1d:03: c2:bb:8f:89:6e:33:c1:c8:e0:a5:a9:18:44:a2:0d: 7b:56:9a:b4:c6:27:d3:c1:a9:45:87:4d:d7:e0:09: 74:3f:a7:a6:63:83:96:1b:7a:ee:5b:33:17:67:7b: 73:5b:cf:91:d9:b6:8a:5a:bc:e1:36:30:e9:9c:58: b6:f4:e0:c9:2d:83:98:25:35:97:99:63:73:58:0b: 80:61:27:1e:1e:bc:6f:13:61:0e:a8:b9:92:b6:76: 2e:d1:39:0d:bf:8c:79:8f:6d:b3:40:1b:e6:b4:05: 9d:6b:ae:de:0e:9c:55:94:11:9b:c2:fe:00:80:7e: 80:53:d8:76:eb:84:83:49:e0:ec:34:5c:cb:6a:b6: dd:c7:54:25:6a:5d:4b:2c:e3:03:6d:4f:36:93:2f: 20:2c:25:ac:c1:74:c1:68:31:4d:2a:ce:25:da:75: a9:80:b8:59:d4:63:a2:b2:d5:e7:1f:26:11:d4:96: 8d:38:96:9e:fb:32:f3:3a:e1:bd:2a:12:c5:fd:26: c2:1c:50:67:9d:e3:41:3a:2e:8a:fe:dc:18:c2:fe: fd:0a:95:45:d4:e8:67:a6:d0:f1:48:fa:1a:73:bc: 76:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:FD:B4:40:C5:E4:8F:C1:85:24:64:8B:78:83:F0:D2:B3:4E:A4:F5 X509v3 Authority Key Identifier: keyid:8D:29:8D:63:97:0A:B0:3C:DF:BF:51:4F:A0:E8:ED:21:31:09:85:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jSmNY5cKsDzfv1FPoOjtITEJhfE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/7d00e0-cf41-4142-99d2-494713a9963a/1/Yf20QMXkj8GFJGSLeIPw0rNOpPU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/7d00e0-cf41-4142-99d2-494713a9963a/1/jSmNY5cKsDzfv1FPoOjtITEJhfE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.16.163.0/24 Signature Algorithm: sha256WithRSAEncryption 83:bc:fd:c0:3d:45:0a:41:c0:73:c9:e7:51:90:bf:9e:e2:e2: 9f:75:a8:7a:55:1e:c1:7b:98:f0:47:70:e0:b1:aa:3b:0f:d9: f3:bf:af:90:f5:16:df:c6:02:06:4f:6a:99:4b:6e:24:eb:05: ee:02:9f:8e:97:63:94:1b:dd:24:ae:ae:af:9d:a3:d8:f4:a0: e0:aa:11:61:fb:76:10:98:e8:8c:e4:42:98:23:ae:c9:f5:0e: 7b:b6:89:0c:78:68:5d:8a:6e:95:a1:74:67:76:5c:f8:66:f9: 09:f8:92:6a:13:89:56:45:13:d3:83:27:b4:60:6d:26:a5:50: 05:35:e6:70:12:40:75:ab:25:9a:9c:b0:24:e9:ec:ad:9f:6a: d8:9e:a4:4a:96:4a:42:1a:d4:02:f8:6f:cd:49:48:18:34:a6: d1:3c:fe:80:a3:ad:39:ee:bd:65:66:fa:f6:a1:59:91:49:91: 5e:80:01:42:8c:fa:9b:52:ba:61:81:b4:5b:b0:16:fd:8e:e0: 3f:4e:55:b1:14:c0:f3:df:85:b0:4b:35:8e:5c:7f:51:e6:f7: 38:8b:0a:aa:79:22:c0:3a:a9:18:cb:e8:9f:d5:44:94:5a:03: 65:a5:58:11:00:86:ee:6f:93:83:29:cd:f4:fd:c5:99:f3:4d: f4:77:0c:c2 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pnBJRxSfLtNG77hX6fAwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkMjk4ZDYzOTcwYWIwM2NkZmJmNTE0ZmEwZThlZDIxMzEw OTg1ZjEwHhcNMjYwMTAyMTIxOTU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MWZkYjQ0MGM1ZTQ4ZmMxODUyNDY0OGI3ODgzZjBkMmIzNGVhNGY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2B+oibZcATSimXzk8+TwzlEZ8rUM VsZb76yqHQPCu4+JbjPByOClqRhEog17Vpq0xifTwalFh03X4Al0P6emY4OWG3ru WzMXZ3tzW8+R2baKWrzhNjDpnFi29ODJLYOYJTWXmWNzWAuAYSceHrxvE2EOqLmS tnYu0TkNv4x5j22zQBvmtAWda67eDpxVlBGbwv4AgH6AU9h264SDSeDsNFzLarbd x1Qlal1LLOMDbU82ky8gLCWswXTBaDFNKs4l2nWpgLhZ1GOistXnHyYR1JaNOJae +zLzOuG9KhLF/SbCHFBnneNBOi6K/twYwv79CpVF1OhnptDxSPoac7x2jwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGH9tEDF5I/BhSRki3iD8NKzTqT1MB8GA1UdIwQY MBaAFI0pjWOXCrA8379RT6Do7SExCYXxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvalNtTlk1Y0tzRHpmdjFGUG9PanRJVEVKaGZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi83ZDAwZTAtY2Y0MS00MTQyLTk5ZDIt NDk0NzEzYTk5NjNhLzEvWWYyMFFNWGtqOEdGSkdTTGVJUHcwck5PcFBVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNi83ZDAwZTAtY2Y0MS00MTQyLTk5ZDItNDk0NzEzYTk5NjNh LzEvalNtTlk1Y0tzRHpmdjFGUG9PanRJVEVKaGZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALhCjMA0G CSqGSIb3DQEBCwUAA4IBAQCDvP3APUUKQcBzyedRkL+e4uKfdah6VR7Be5jwR3Dg sao7D9nzv6+Q9RbfxgIGT2qZS24k6wXuAp+Ol2OUG90krq6vnaPY9KDgqhFh+3YQ mOiM5EKYI67J9Q57tokMeGhdim6VoXRndlz4ZvkJ+JJqE4lWRRPTgye0YG0mpVAF NeZwEkB1qyWanLAk6eytn2rYnqRKlkpCGtQC+G/NSUgYNKbRPP6Ao6057r1lZvr2 oVmRSZFegAFCjPqbUrphgbRbsBb9juA/TlWxFMDz34WwSzWOXH9R5vc4iwqqeSLA OqkYy+if1USUWgNlpVgRAIbub5ODKc30/cWZ8030dwzC -----END CERTIFICATE-----Generated at Mon Jan 26 01:41:12 2026 by rpki-client