This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/8Cyiu9TGgmUOUznTzwuimvpBz-0.roa File: 8Cyiu9TGgmUOUznTzwuimvpBz-0.roa (raw, json) Hash identifier: fxDhOvakeaBpONzylzbpa6MC2T2cHPWJh3ryLVED65Q= Subject key identifier: F0:2C:A2:BB:D4:C6:82:65:0E:53:39:D3:CF:0B:A2:9A:FA:41:CF:ED Certificate issuer: /CN=05a41ebe1272a21cae0ea1b35dc083fad68a5d7d Certificate serial: 019BC1B7ADE32261090004528E5775745462 Authority key identifier: 05:A4:1E:BE:12:72:A2:1C:AE:0E:A1:B3:5D:C0:83:FA:D6:8A:5D:7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/8Cyiu9TGgmUOUznTzwuimvpBz-0.roa Signing time: Thu 15 Jan 2026 12:53:18 +0000 ROA not before: Thu 15 Jan 2026 12:53:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59622 IP address blocks: 151.252.32.0/21 maxlen: 21 2a01:aa40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.mft rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 11 Feb 2026 00:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:c1:b7:ad:e3:22:61:09:00:04:52:8e:57:75:74:54:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05a41ebe1272a21cae0ea1b35dc083fad68a5d7d Validity Not Before: Jan 15 12:53:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f02ca2bbd4c682650e5339d3cf0ba29afa41cfed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:b6:74:90:ca:66:d2:ce:33:43:e0:c4:f6:ac: 18:c7:03:11:ac:19:72:20:85:7f:79:fb:e2:f5:8b: 94:3b:dc:6e:cc:18:2c:67:f4:9b:72:10:39:e7:c2: 7f:55:da:3e:2f:15:90:c5:ff:c7:8b:09:09:54:e5: 5d:30:7f:2a:2f:71:05:5f:75:13:6d:e8:bb:15:ad: 08:b2:76:c7:79:4a:fe:3a:9c:22:ac:56:ef:d7:11: e3:2f:7a:cf:e8:b9:18:be:7d:7a:83:3d:20:48:86: f1:3b:1d:db:c5:2c:fb:b0:14:a2:f9:5c:f0:d4:6f: 9a:b6:e4:92:18:73:a8:f5:92:71:eb:c9:8a:78:60: 61:57:79:ea:7b:cb:d2:0c:46:00:e2:c6:7d:d3:af: a3:bb:d7:2b:ae:e7:bf:e0:68:f1:02:f9:52:af:48: 51:c8:8c:76:3d:da:ad:9b:d1:74:ff:fb:23:05:85: 27:af:11:a1:9b:79:18:53:21:d4:1a:0e:a8:7a:48: a0:bb:c8:0b:da:8b:cf:d6:4f:32:45:ff:13:9e:45: f8:8d:b4:c4:b1:9c:70:bf:a3:32:81:ea:cc:6e:bd: 05:f4:ba:a4:b4:04:2d:f8:e4:70:80:62:07:b0:6b: 12:7a:4d:74:b2:9d:fa:69:90:66:c9:c2:33:d2:30: b2:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:2C:A2:BB:D4:C6:82:65:0E:53:39:D3:CF:0B:A2:9A:FA:41:CF:ED X509v3 Authority Key Identifier: keyid:05:A4:1E:BE:12:72:A2:1C:AE:0E:A1:B3:5D:C0:83:FA:D6:8A:5D:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BaQevhJyohyuDqGzXcCD-taKXX0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/8Cyiu9TGgmUOUznTzwuimvpBz-0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/95602e-9eb3-418b-bc00-167831613145/1/BaQevhJyohyuDqGzXcCD-taKXX0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.252.32.0/21 IPv6: 2a01:aa40::/32 Signature Algorithm: sha256WithRSAEncryption 15:03:6d:b1:2c:86:25:25:4e:d1:c8:21:b4:f4:5a:df:65:7d: a1:24:e8:f7:ec:58:a1:33:cf:7d:62:28:ce:07:fb:b2:64:52: 4e:b7:a2:85:6c:4e:0c:11:e3:3d:c7:f4:e3:ae:08:a2:87:ba: 8d:0c:77:c0:36:58:b2:96:63:25:ee:78:31:fd:b8:d5:94:20: 9b:17:32:e9:c5:b8:8c:34:f9:76:de:b8:e0:53:79:b0:2e:75: 12:2b:5a:3b:2d:97:e5:fc:71:73:3c:69:77:ff:5d:ac:9f:95: a5:d8:1b:18:04:82:35:e7:f6:76:4b:4d:73:51:30:f0:df:20: ba:7f:77:d2:02:53:72:cb:0e:16:29:07:d1:4c:66:e8:d5:68: 8b:67:5b:49:2b:51:3e:04:fa:44:65:e0:0a:53:ac:05:f2:82: e8:2f:8f:63:12:fc:94:da:47:af:cb:d3:98:45:94:8d:b2:73: fd:ce:e9:57:35:12:05:fa:4d:26:04:aa:8d:d8:bf:07:ec:c5: 50:b4:7a:d0:93:79:6f:18:e6:e0:7a:e2:3f:da:41:3e:0e:73: e2:82:2d:a1:89:15:8b:b1:62:ae:75:cd:f1:d7:f1:ae:85:34: ab:94:91:1e:61:08:d8:9e:e0:50:2c:45:b8:81:fe:09:7c:9a: a8:02:76:24 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZvBt63jImEJAARSjld1dFRiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1YTQxZWJlMTI3MmEyMWNhZTBlYTFiMzVkYzA4M2ZhZDY4 YTVkN2QwHhcNMjYwMTE1MTI1MzE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMDJjYTJiYmQ0YzY4MjY1MGU1MzM5ZDNjZjBiYTI5YWZhNDFjZmVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7Z0kMpm0s4zQ+DE9qwYxwMRrBly IIV/efvi9YuUO9xuzBgsZ/SbchA558J/Vdo+LxWQxf/HiwkJVOVdMH8qL3EFX3UT bei7Fa0IsnbHeUr+OpwirFbv1xHjL3rP6LkYvn16gz0gSIbxOx3bxSz7sBSi+Vzw 1G+atuSSGHOo9ZJx68mKeGBhV3nqe8vSDEYA4sZ906+ju9crrue/4GjxAvlSr0hR yIx2Pdqtm9F0//sjBYUnrxGhm3kYUyHUGg6oekigu8gL2ovP1k8yRf8TnkX4jbTE sZxwv6MygerMbr0F9LqktAQt+ORwgGIHsGsSek10sp36aZBmycIz0jCyIQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFPAsorvUxoJlDlM5088Lopr6Qc/tMB8GA1UdIwQY MBaAFAWkHr4ScqIcrg6hs13Ag/rWil19MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi85NTYwMmUtOWViMy00MThiLWJjMDAt MTY3ODMxNjEzMTQ1LzEvOEN5aXU5VEdnbVVPVXpuVHp3dWltdnBCei0wLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi85NTYwMmUtOWViMy00MThiLWJjMDAtMTY3ODMxNjEzMTQ1 LzEvQmFRZXZoSnlvaHl1RHFHelhjQ0QtdGFLWFgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDl/wgMA0E AgACMAcDBQAqAapAMA0GCSqGSIb3DQEBCwUAA4IBAQAVA22xLIYlJU7RyCG09Frf ZX2hJOj37FihM899YijOB/uyZFJOt6KFbE4MEeM9x/Tjrgiih7qNDHfANliylmMl 7ngx/bjVlCCbFzLpxbiMNPl23rjgU3mwLnUSK1o7LZfl/HFzPGl3/12sn5Wl2BsY BII15/Z2S01zUTDw3yC6f3fSAlNyyw4WKQfRTGbo1WiLZ1tJK1E+BPpEZeAKU6wF 8oLoL49jEvyU2kevy9OYRZSNsnP9zulXNRIF+k0mBKqN2L8H7MVQtHrQk3lvGObg euI/2kE+DnPigi2hiRWLsWKudc3x1/GuhTSrlJEeYQjYnuBQLEW4gf4JfJqoAnYk -----END CERTIFICATE-----Generated at Tue Feb 10 08:39:11 2026 by rpki-client