This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/34d470-49f7-4ae0-b61a-0944bed0ed26/1/Ay40Es4lmjK5Q5DTaQo_Rj0Il34.roa File: Ay40Es4lmjK5Q5DTaQo_Rj0Il34.roa (raw, json) Hash identifier: l6a+NksOUtbW9bPUki0o5wq7kn4tvxRKIpI840BR/qo= Subject key identifier: 03:2E:34:12:CE:25:9A:32:B9:43:90:D3:69:0A:3F:46:3D:08:97:7E Certificate issuer: /CN=b4bdde78415b69c31277c0aac7fca6607d635d88 Certificate serial: 019B7B35432EB1ED6C6B6FD692A1C2414378 Authority key identifier: B4:BD:DE:78:41:5B:69:C3:12:77:C0:AA:C7:FC:A6:60:7D:63:5D:88 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tL3eeEFbacMSd8Cqx_ymYH1jXYg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/34d470-49f7-4ae0-b61a-0944bed0ed26/1/Ay40Es4lmjK5Q5DTaQo_Rj0Il34.roa Signing time: Thu 01 Jan 2026 20:17:26 +0000 ROA not before: Thu 01 Jan 2026 20:17:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42541 IP address blocks: 89.23.224.0/19 maxlen: 19 185.10.220.0/22 maxlen: 22 193.104.135.0/24 maxlen: 24 193.106.164.0/22 maxlen: 22 2a03:5440::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/34d470-49f7-4ae0-b61a-0944bed0ed26/1/tL3eeEFbacMSd8Cqx_ymYH1jXYg.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/34d470-49f7-4ae0-b61a-0944bed0ed26/1/tL3eeEFbacMSd8Cqx_ymYH1jXYg.mft rsync://rpki.ripe.net/repository/DEFAULT/tL3eeEFbacMSd8Cqx_ymYH1jXYg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:43:2e:b1:ed:6c:6b:6f:d6:92:a1:c2:41:43:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4bdde78415b69c31277c0aac7fca6607d635d88 Validity Not Before: Jan 1 20:17:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=032e3412ce259a32b94390d3690a3f463d08977e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:fb:c2:c4:b0:e0:25:73:b8:78:80:87:bc:d2: 9d:29:42:a7:8d:14:f2:3c:4b:3c:21:09:a2:4c:ae: 75:3c:e1:f5:80:bb:dd:03:30:f8:11:ff:76:92:77: 49:30:03:ac:68:13:1c:7f:49:9a:f4:a6:f0:02:57: a2:01:f7:d8:7e:8d:0e:be:1c:c6:9a:48:40:54:5c: 83:3c:a0:e0:f3:2f:6d:1e:bd:94:10:61:98:7b:a5: ba:9c:61:67:10:60:bc:10:b5:d9:21:9a:d6:aa:b2: c6:eb:6d:97:83:41:45:81:d2:b7:ae:16:86:1e:d5: e9:73:f7:e8:a5:2e:97:2f:9c:5f:b7:18:db:6b:31: 9b:3a:65:5d:83:12:2c:12:4d:5d:5c:89:9f:dd:ef: 4c:f2:26:f7:e7:fc:d7:b2:a6:9f:8e:91:86:b4:db: 12:48:6b:a9:0c:40:4d:11:b8:41:5f:a3:90:c8:ef: 2f:09:d0:60:bc:7f:7f:4f:37:4c:97:b5:6c:da:61: 6b:da:41:dd:f4:56:6b:3c:c7:91:57:6d:5a:55:09: 2e:54:56:bc:51:7e:49:09:45:a3:31:5c:ef:ce:54: 0c:8a:24:04:1c:5e:2f:0a:70:c6:3d:0d:78:57:94: 88:31:5c:7a:ae:b2:5d:ff:8d:b1:93:64:c4:cb:7d: 18:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:2E:34:12:CE:25:9A:32:B9:43:90:D3:69:0A:3F:46:3D:08:97:7E X509v3 Authority Key Identifier: keyid:B4:BD:DE:78:41:5B:69:C3:12:77:C0:AA:C7:FC:A6:60:7D:63:5D:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tL3eeEFbacMSd8Cqx_ymYH1jXYg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/34d470-49f7-4ae0-b61a-0944bed0ed26/1/Ay40Es4lmjK5Q5DTaQo_Rj0Il34.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/34d470-49f7-4ae0-b61a-0944bed0ed26/1/tL3eeEFbacMSd8Cqx_ymYH1jXYg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.23.224.0/19 185.10.220.0/22 193.104.135.0/24 193.106.164.0/22 IPv6: 2a03:5440::/29 Signature Algorithm: sha256WithRSAEncryption 5c:d2:fc:c5:12:10:cb:e6:ce:59:18:c8:4f:3a:d4:79:a8:9d: 68:84:5c:e5:0f:38:a8:91:03:f8:fe:10:7f:06:e3:35:92:a9: a9:71:cc:5f:59:9b:fe:de:2b:c3:85:5c:b7:0d:1d:65:36:34: 6d:06:3d:a3:8a:ec:e4:9b:13:b5:f4:90:02:a5:5b:ab:37:32: 51:b9:68:a1:8e:42:ef:64:f4:00:2e:e6:cf:5b:79:33:8f:06: 06:06:2c:3c:25:8d:3d:55:eb:a1:25:d3:dd:11:3b:b8:76:c6: 58:19:ba:6d:fd:88:cb:b3:89:c2:37:f0:73:79:19:13:85:d8: 37:8e:08:55:af:a6:6b:0e:7f:3d:16:63:16:77:98:88:40:c3: 78:fd:52:df:7b:ef:55:bc:50:de:c9:74:1d:fd:c9:c5:16:cf: 73:f5:63:eb:cd:99:f2:6b:23:b3:d4:bb:39:8f:27:68:fd:4c: 14:e0:ea:93:d8:e8:70:db:02:d5:8c:e4:30:20:06:bd:35:83: 67:02:d3:82:65:8c:6a:58:db:5f:c3:88:e5:5b:72:a4:ec:01: 21:21:f9:bd:5e:5f:95:2e:23:db:3d:59:ef:ae:b0:2a:a5:70: 93:a0:5b:4f:5d:c8:b1:1b:75:7e:ff:e7:5a:5e:b4:b5:9b:d4: b0:33:ff:2f -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt7NUMuse1sa2/WkqHCQUN4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0YmRkZTc4NDE1YjY5YzMxMjc3YzBhYWM3ZmNhNjYwN2Q2 MzVkODgwHhcNMjYwMTAxMjAxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMzJlMzQxMmNlMjU5YTMyYjk0MzkwZDM2OTBhM2Y0NjNkMDg5NzdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvvCxLDgJXO4eICHvNKdKUKnjRTy PEs8IQmiTK51POH1gLvdAzD4Ef92kndJMAOsaBMcf0ma9KbwAleiAffYfo0OvhzG mkhAVFyDPKDg8y9tHr2UEGGYe6W6nGFnEGC8ELXZIZrWqrLG622Xg0FFgdK3rhaG HtXpc/fopS6XL5xftxjbazGbOmVdgxIsEk1dXImf3e9M8ib35/zXsqafjpGGtNsS SGupDEBNEbhBX6OQyO8vCdBgvH9/TzdMl7Vs2mFr2kHd9FZrPMeRV21aVQkuVFa8 UX5JCUWjMVzvzlQMiiQEHF4vCnDGPQ14V5SIMVx6rrJd/42xk2TEy30YBQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFAMuNBLOJZoyuUOQ02kKP0Y9CJd+MB8GA1UdIwQY MBaAFLS93nhBW2nDEnfAqsf8pmB9Y12IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEwzZWVFRmJhY01TZDhDcXhfeW1ZSDFqWFlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8zNGQ0NzAtNDlmNy00YWUwLWI2MWEt MDk0NGJlZDBlZDI2LzEvQXk0MEVzNGxtaks1UTVEVGFRb19SajBJbDM0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC8zNGQ0NzAtNDlmNy00YWUwLWI2MWEtMDk0NGJlZDBlZDI2 LzEvdEwzZWVFRmJhY01TZDhDcXhfeW1ZSDFqWFlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFWRfgAwQC uQrcAwQAwWiHAwQCwWqkMA0EAgACMAcDBQMqA1RAMA0GCSqGSIb3DQEBCwUAA4IB AQBc0vzFEhDL5s5ZGMhPOtR5qJ1ohFzlDziokQP4/hB/BuM1kqmpccxfWZv+3ivD hVy3DR1lNjRtBj2jiuzkmxO19JACpVurNzJRuWihjkLvZPQALubPW3kzjwYGBiw8 JY09VeuhJdPdETu4dsZYGbpt/YjLs4nCN/BzeRkThdg3jghVr6ZrDn89FmMWd5iI QMN4/VLfe+9VvFDeyXQd/cnFFs9z9WPrzZnyayOz1Ls5jydo/UwU4OqT2Ohw2wLV jOQwIAa9NYNnAtOCZYxqWNtfw4jlW3Kk7AEhIfm9Xl+VLiPbPVnvrrAqpXCToFtP XcixG3V+/+daXrS1m9SwM/8v -----END CERTIFICATE-----Generated at Mon Feb 2 08:09:47 2026 by rpki-client