This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aY4KLaLaYy4LO7lAMg_bng86_xM.roa File: aY4KLaLaYy4LO7lAMg_bng86_xM.roa (raw, json) Hash identifier: GNnfgwbCkIVKWlMQlTTyaZp+GJ2aBqAVKsAUbP8pe5M= Subject key identifier: 69:8E:0A:2D:A2:DA:63:2E:0B:3B:B9:40:32:0F:DB:9E:0F:3A:FF:13 Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Certificate serial: 019B7B361AE3EF2361F6844F36393A7C96DD Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aY4KLaLaYy4LO7lAMg_bng86_xM.roa Signing time: Thu 01 Jan 2026 20:18:21 +0000 ROA not before: Thu 01 Jan 2026 20:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213954 IP address blocks: 157.22.16.0/24 maxlen: 24 157.22.17.0/24 maxlen: 24 157.22.18.0/24 maxlen: 24 157.22.19.0/24 maxlen: 24 157.22.44.0/24 maxlen: 24 157.22.45.0/24 maxlen: 24 157.22.46.0/24 maxlen: 24 157.22.47.0/24 maxlen: 24 157.22.72.0/24 maxlen: 24 157.22.73.0/24 maxlen: 24 157.22.74.0/24 maxlen: 24 157.22.75.0/24 maxlen: 24 157.22.100.0/24 maxlen: 24 157.22.101.0/24 maxlen: 24 157.22.102.0/24 maxlen: 24 157.22.103.0/24 maxlen: 24 157.22.124.0/24 maxlen: 24 157.22.125.0/24 maxlen: 24 157.22.126.0/24 maxlen: 24 157.22.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 16 Jan 2026 04:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:1a:e3:ef:23:61:f6:84:4f:36:39:3a:7c:96:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56 Validity Not Before: Jan 1 20:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=698e0a2da2da632e0b3bb940320fdb9e0f3aff13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:1f:39:a8:a3:f1:43:52:94:ab:50:13:7c:e0: f2:84:8a:6c:22:e9:e2:2f:13:18:50:ae:44:d5:56: 95:71:aa:2a:02:26:a8:ed:a1:3f:f3:4c:ed:00:4d: 19:4c:e1:ff:d3:e3:69:e8:48:57:9a:e2:6d:83:3c: ca:55:50:26:e5:bf:60:c1:ba:dd:61:4d:24:e4:8e: 5a:af:f5:58:a5:25:3e:34:ee:5d:c4:83:0f:b0:0f: 07:3f:78:2a:95:ec:18:b5:4d:8e:3a:4f:b3:00:1c: ef:39:d8:44:65:e4:eb:bd:5f:4f:9a:81:a8:f9:2a: 46:1a:67:59:f8:dc:5f:99:e7:b3:ab:af:4d:9a:82: 3e:27:e2:ea:72:fc:b8:d8:99:69:0c:42:1b:97:67: 4c:9e:17:dd:7c:24:39:ab:8b:d0:40:06:a2:a1:e9: 2f:dd:4c:00:12:f4:76:88:c9:87:d8:28:b9:61:33: 1e:57:ba:8a:f2:17:cd:f8:9f:47:99:17:fa:fb:1a: 28:bf:4e:69:37:50:4b:90:4d:d9:89:6f:73:a2:46: e5:2b:78:e9:f5:ee:22:2c:b0:58:dd:2a:32:73:b6: 96:ce:84:03:ad:12:79:03:4d:1e:18:7d:06:bb:f0: 5f:4e:9a:e2:b0:31:27:15:0e:96:cb:c4:82:f6:1f: 43:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:8E:0A:2D:A2:DA:63:2E:0B:3B:B9:40:32:0F:DB:9E:0F:3A:FF:13 X509v3 Authority Key Identifier: keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/aY4KLaLaYy4LO7lAMg_bng86_xM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 157.22.16.0/22 157.22.44.0/22 157.22.72.0/22 157.22.100.0/22 157.22.124.0/22 Signature Algorithm: sha256WithRSAEncryption 2f:b8:d5:86:91:2a:82:25:a1:a0:22:19:78:5f:d4:90:df:5f: 92:b0:6e:bf:52:56:47:6b:48:d4:c6:64:f2:57:78:b6:59:de: e9:eb:12:04:36:ac:08:f0:32:34:bb:36:bc:16:5c:5c:47:0e: 3f:6f:fd:57:b1:bf:e1:e6:6d:13:aa:1d:b8:fc:f5:79:4d:44: 3e:65:32:2a:f0:a4:58:bc:ab:25:c1:a1:03:03:d2:39:b2:45: 1d:02:49:88:c9:4f:65:c4:55:3e:ee:26:4d:43:74:2f:fe:b4: 8e:a6:65:06:1e:82:02:a2:ed:d7:74:9d:1d:ec:9e:39:d2:9e: 17:4c:5b:28:94:bb:29:82:9a:c5:7d:6c:41:87:c5:b5:12:3e: 18:07:66:95:f4:f4:71:b3:f9:c8:e5:ae:eb:65:20:ba:82:62: dc:7a:06:3d:07:1d:ec:2a:94:49:c2:0a:e6:3d:2f:83:b0:59: 6c:89:4b:5d:a4:65:eb:33:fb:8a:87:1b:95:fb:1c:1f:dc:31: b4:34:34:d8:ff:47:58:45:68:11:4e:e6:e2:36:9d:3e:27:e2: 39:29:1e:5f:a7:6c:e9:61:e5:c0:b8:a3:cf:07:95:7b:14:13: 97:68:25:ff:1c:3e:a5:60:17:9c:0b:82:90:1d:33:a7:1a:7b: d4:40:5f:81 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt7Nhrj7yNh9oRPNjk6fJbdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw N2VlNTYwHhcNMjYwMTAxMjAxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OThlMGEyZGEyZGE2MzJlMGIzYmI5NDAzMjBmZGI5ZTBmM2FmZjEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3R85qKPxQ1KUq1ATfODyhIpsIuni LxMYUK5E1VaVcaoqAiao7aE/80ztAE0ZTOH/0+Np6EhXmuJtgzzKVVAm5b9gwbrd YU0k5I5ar/VYpSU+NO5dxIMPsA8HP3gqlewYtU2OOk+zABzvOdhEZeTrvV9PmoGo +SpGGmdZ+Nxfmeezq69NmoI+J+Lqcvy42JlpDEIbl2dMnhfdfCQ5q4vQQAaioekv 3UwAEvR2iMmH2Ci5YTMeV7qK8hfN+J9HmRf6+xoov05pN1BLkE3ZiW9zokblK3jp 9e4iLLBY3Soyc7aWzoQDrRJ5A00eGH0Gu/BfTprisDEnFQ6Wy8SC9h9DOQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFGmOCi2i2mMuCzu5QDIP254POv8TMB8GA1UdIwQY MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt OGJmYmRkNDVjYjYyLzEvYVk0S0xhTGFZeTRMTzdsQU1nX2JuZzg2X3hNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCnRYQAwQC nRYsAwQCnRZIAwQCnRZkAwQCnRZ8MA0GCSqGSIb3DQEBCwUAA4IBAQAvuNWGkSqC JaGgIhl4X9SQ31+SsG6/UlZHa0jUxmTyV3i2Wd7p6xIENqwI8DI0uza8FlxcRw4/ b/1Xsb/h5m0Tqh24/PV5TUQ+ZTIq8KRYvKslwaEDA9I5skUdAkmIyU9lxFU+7iZN Q3Qv/rSOpmUGHoICou3XdJ0d7J450p4XTFsolLspgprFfWxBh8W1Ej4YB2aV9PRx s/nI5a7rZSC6gmLcegY9Bx3sKpRJwgrmPS+DsFlsiUtdpGXrM/uKhxuV+xwf3DG0 NDTY/0dYRWgRTubiNp0+J+I5KR5fp2zpYeXAuKPPB5V7FBOXaCX/HD6lYBecC4KQ HTOnGnvUQF+B -----END CERTIFICATE-----Generated at Thu Jan 15 13:18:31 2026 by rpki-client