This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/22YYHd1x3nivkW5Zbs9zhqY28Wo.roa File: 22YYHd1x3nivkW5Zbs9zhqY28Wo.roa (raw, json) Hash identifier: tYKcXnWvTf9KWdm7yF+anejo/i/mRiPg5XHu87OXjqQ= Subject key identifier: DB:66:18:1D:DD:71:DE:78:AF:91:6E:59:6E:CF:73:86:A6:36:F1:6A Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc Certificate serial: 019B7B360C04E869EF67B6F5E4C7BD55EC52 Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/22YYHd1x3nivkW5Zbs9zhqY28Wo.roa Signing time: Thu 01 Jan 2026 20:18:18 +0000 ROA not before: Thu 01 Jan 2026 20:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 153656 IP address blocks: 45.135.237.0/24 maxlen: 24 103.100.170.0/24 maxlen: 24 185.235.167.0/24 maxlen: 24 202.71.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:0c:04:e8:69:ef:67:b6:f5:e4:c7:bd:55:ec:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc Validity Not Before: Jan 1 20:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=db66181ddd71de78af916e596ecf7386a636f16a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:0d:2e:26:16:59:77:81:d9:e8:39:21:7b:1c: 6b:e8:0d:3e:28:d7:44:9a:c6:a9:0d:7d:12:d2:d8: 74:77:08:b8:00:df:5f:fe:a6:ff:ca:6f:aa:fe:ae: 2c:ef:e5:64:da:f4:78:57:cd:04:6c:69:c6:61:a2: 71:97:9f:3b:40:61:39:f4:ce:3f:19:00:4f:01:f7: e9:cc:aa:00:5c:80:a4:f0:9f:84:ed:c8:e5:00:ff: e0:33:08:3d:62:b5:c9:c5:0a:e6:fd:f1:4e:22:a2: 81:98:ed:71:f7:ea:51:15:44:74:dd:65:f6:d6:87: 0b:63:be:e8:d6:e2:0e:28:a9:c9:30:f5:00:d9:f3: 44:71:d6:4d:61:47:63:94:eb:d0:63:4e:8f:cd:6b: 63:cd:62:09:d1:d8:5b:7b:a7:68:c9:f4:26:e9:58: 39:f3:1a:aa:6d:0b:86:f9:d1:4a:f8:1d:42:69:7a: 6c:ab:5b:d3:46:ee:bd:11:9a:4e:82:82:50:6c:33: 11:f8:10:ae:dd:89:e0:96:2c:97:5e:8d:92:8e:e2: cd:6b:2b:76:87:9b:83:8e:00:ca:2e:59:44:a9:fb: 24:d6:89:9a:b1:4f:84:0d:60:57:a5:d5:49:84:68: 79:09:4c:4d:1a:71:e1:41:64:ec:4e:8a:16:6a:38: 0c:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:66:18:1D:DD:71:DE:78:AF:91:6E:59:6E:CF:73:86:A6:36:F1:6A X509v3 Authority Key Identifier: keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/22YYHd1x3nivkW5Zbs9zhqY28Wo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.135.237.0/24 103.100.170.0/24 185.235.167.0/24 202.71.4.0/24 Signature Algorithm: sha256WithRSAEncryption b6:22:b0:4d:64:83:59:78:53:8d:ae:7f:eb:d6:20:e5:73:52: 4f:32:2f:44:bd:11:e7:9f:12:56:7f:c7:6f:03:0c:69:5b:4e: 1c:5f:d1:97:fe:89:c1:44:a2:99:9c:be:a0:2b:5b:ef:93:75: c0:dc:19:ae:81:cc:df:06:a4:0d:18:51:7b:22:72:6b:28:c1: a3:2f:0c:30:ce:44:81:38:e0:76:ee:05:22:7b:6a:1a:d9:97: 40:f7:17:03:bb:cd:bc:51:26:24:ae:6e:04:b4:e8:40:0d:6d: d9:f6:97:3a:c4:44:5e:a9:a2:e3:cb:9f:f8:dc:24:9f:18:93: 78:67:92:87:9e:7e:c8:31:d9:83:6b:1a:68:cb:f3:0a:90:be: b3:6d:20:4c:0c:d2:47:16:22:72:3b:c6:08:d0:6a:8c:f4:39: e7:50:b1:4e:3e:5e:9e:a8:55:ba:87:34:47:5e:d0:0d:93:17: 5c:b2:dd:d4:94:83:f7:d0:1a:74:c5:0e:fa:a3:81:95:80:79: 68:1e:5a:01:5f:8f:d3:e1:4f:49:36:03:69:30:ed:34:6a:20: dc:ca:97:d0:5a:6f:80:bb:49:f5:7b:1d:ee:2f:45:31:c6:91: eb:4a:d8:c4:2c:6c:ff:0c:54:a6:10:75:f4:5b:e4:cb:e2:af: b6:97:ef:68 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt7NgwE6GnvZ7b15Me9VexSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2 YzhkY2MwHhcNMjYwMTAxMjAxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYjY2MTgxZGRkNzFkZTc4YWY5MTZlNTk2ZWNmNzM4NmE2MzZmMTZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtg0uJhZZd4HZ6Dkhexxr6A0+KNdE msapDX0S0th0dwi4AN9f/qb/ym+q/q4s7+Vk2vR4V80EbGnGYaJxl587QGE59M4/ GQBPAffpzKoAXICk8J+E7cjlAP/gMwg9YrXJxQrm/fFOIqKBmO1x9+pRFUR03WX2 1ocLY77o1uIOKKnJMPUA2fNEcdZNYUdjlOvQY06PzWtjzWIJ0dhbe6doyfQm6Vg5 8xqqbQuG+dFK+B1CaXpsq1vTRu69EZpOgoJQbDMR+BCu3YngliyXXo2SjuLNayt2 h5uDjgDKLllEqfsk1omasU+EDWBXpdVJhGh5CUxNGnHhQWTsTooWajgMiQIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFNtmGB3dcd54r5FuWW7Pc4amNvFqMB8GA1UdIwQY MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt OTE4YWM2NDYyNjc5LzEvMjJZWUhkMXgzbml2a1c1WmJzOXpocVkyOFdvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5 LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYftAwQA Z2SqAwQAueunAwQAykcEMA0GCSqGSIb3DQEBCwUAA4IBAQC2IrBNZINZeFONrn/r 1iDlc1JPMi9EvRHnnxJWf8dvAwxpW04cX9GX/onBRKKZnL6gK1vvk3XA3Bmugczf BqQNGFF7InJrKMGjLwwwzkSBOOB27gUie2oa2ZdA9xcDu828USYkrm4EtOhADW3Z 9pc6xEReqaLjy5/43CSfGJN4Z5KHnn7IMdmDaxpoy/MKkL6zbSBMDNJHFiJyO8YI 0GqM9DnnULFOPl6eqFW6hzRHXtANkxdcst3UlIP30Bp0xQ76o4GVgHloHloBX4/T 4U9JNgNpMO00aiDcypfQWm+Au0n1ex3uL0UxxpHrStjELGz/DFSmEHX0W+TL4q+2 l+9o -----END CERTIFICATE-----Generated at Wed Jan 21 09:24:14 2026 by rpki-client