This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/rtoaF4eNoCfBlVaGIH3lILCxwDw.roa File: rtoaF4eNoCfBlVaGIH3lILCxwDw.roa (raw, json) Hash identifier: uP2Cltj1neggz9Zc7r+kubVviQuOHIeAbOo973WtReI= Subject key identifier: AE:DA:1A:17:87:8D:A0:27:C1:95:56:86:20:7D:E5:20:B0:B1:C0:3C Certificate issuer: /CN=f7e679e58e4b8bf63e95002b54be471d634b9506 Certificate serial: 019B7F15D291E4B0CDCE989D2BBECC3550D0 Authority key identifier: F7:E6:79:E5:8E:4B:8B:F6:3E:95:00:2B:54:BE:47:1D:63:4B:95:06 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9-Z55Y5Li_Y-lQArVL5HHWNLlQY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/rtoaF4eNoCfBlVaGIH3lILCxwDw.roa Signing time: Fri 02 Jan 2026 14:21:35 +0000 ROA not before: Fri 02 Jan 2026 14:21:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209358 IP address blocks: 152.89.68.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/9-Z55Y5Li_Y-lQArVL5HHWNLlQY.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/9-Z55Y5Li_Y-lQArVL5HHWNLlQY.mft rsync://rpki.ripe.net/repository/DEFAULT/9-Z55Y5Li_Y-lQArVL5HHWNLlQY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:d2:91:e4:b0:cd:ce:98:9d:2b:be:cc:35:50:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f7e679e58e4b8bf63e95002b54be471d634b9506 Validity Not Before: Jan 2 14:21:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=aeda1a17878da027c1955686207de520b0b1c03c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:ac:45:21:4e:51:f3:94:c2:0a:d0:11:7a:07: a7:cb:52:1c:d7:c8:b9:96:f0:da:d0:ef:79:20:05: 06:b9:2e:b1:ec:34:dd:bd:75:19:a3:62:42:ac:0f: e2:96:bc:95:62:7f:b4:4e:42:83:0e:90:ef:b9:e0: f5:2d:aa:e3:27:07:e9:25:62:23:14:2d:df:14:26: b6:33:7b:b5:15:66:c0:84:7e:e6:16:59:f9:f7:28: 59:e6:9c:d6:da:de:22:ad:f4:41:a3:be:92:47:a7: e3:0a:7f:4f:af:0f:0b:4a:d9:9c:e6:ce:6b:e1:b6: 18:cd:82:1a:b7:a7:b1:7f:a3:06:95:2a:fb:d1:32: 6d:eb:29:4b:0e:95:5c:58:2e:a0:1c:ff:43:24:92: 1d:87:c9:da:f2:5b:18:52:77:6b:0b:03:b4:61:b6: de:82:75:52:dd:4f:38:96:51:b3:a0:ab:35:37:44: dd:09:91:02:2f:21:5d:55:97:e9:7e:22:6e:03:fd: 2e:3d:f1:f4:93:24:bc:e3:f2:31:82:f5:79:d9:19: 00:e8:c1:40:f9:ea:5b:e9:96:8c:9b:88:55:fd:f7: c6:c5:a8:52:1b:ce:2c:80:60:ab:33:2f:db:2d:81: fc:0d:04:62:32:73:6e:c9:48:99:64:9b:5b:9b:f0: 5d:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:DA:1A:17:87:8D:A0:27:C1:95:56:86:20:7D:E5:20:B0:B1:C0:3C X509v3 Authority Key Identifier: keyid:F7:E6:79:E5:8E:4B:8B:F6:3E:95:00:2B:54:BE:47:1D:63:4B:95:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9-Z55Y5Li_Y-lQArVL5HHWNLlQY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/rtoaF4eNoCfBlVaGIH3lILCxwDw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/9-Z55Y5Li_Y-lQArVL5HHWNLlQY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.89.68.0/22 Signature Algorithm: sha256WithRSAEncryption 6a:58:04:16:88:11:0f:90:13:6a:31:fd:2a:5a:a4:af:1b:07: 84:d5:37:5e:60:a0:eb:3b:88:fd:f2:f9:35:b2:d9:0c:c2:a7: f8:81:4b:91:07:bc:cc:49:c1:00:14:31:b7:27:93:60:f5:b0: 68:06:21:8c:83:ef:92:94:b0:3b:b6:b6:53:8b:eb:29:a1:9a: 2c:7f:66:31:d6:b9:a0:9c:7f:20:5b:20:9c:31:06:9b:79:fc: 4b:a6:19:36:2b:84:24:eb:02:ca:a3:9e:ef:c8:ad:ae:69:1c: 23:84:d1:a6:57:f2:c2:6c:76:d6:97:f0:b2:f9:3b:8b:ea:cd: 1c:20:a0:74:9c:88:6d:ba:61:7c:41:05:ad:84:2e:4c:aa:5d: bb:60:53:81:80:3c:04:61:ff:8b:bd:1a:0b:7a:c7:e4:fe:e4: 88:b9:f4:8f:a9:1c:06:b6:77:e6:fa:57:33:7b:71:38:2f:c5: b6:5f:1f:76:c8:a9:53:7d:76:a8:ec:1d:90:d2:46:1b:66:48: 2a:dd:e7:96:0c:94:7e:2f:d3:4f:f8:e6:fd:7b:49:8b:bf:82: d0:0b:ab:f2:57:ec:cc:db:0e:fd:50:32:62:b6:e6:17:5e:4f: 9a:65:af:39:84:ce:9a:a4:55:b1:eb:ec:27:b6:7c:e4:1c:1d: 6e:24:5e:06 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FdKR5LDNzpidK77MNVDQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY3ZTY3OWU1OGU0YjhiZjYzZTk1MDAyYjU0YmU0NzFkNjM0 Yjk1MDYwHhcNMjYwMTAyMTQyMTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZWRhMWExNzg3OGRhMDI3YzE5NTU2ODYyMDdkZTUyMGIwYjFjMDNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0axFIU5R85TCCtARegeny1Ic18i5 lvDa0O95IAUGuS6x7DTdvXUZo2JCrA/ilryVYn+0TkKDDpDvueD1LarjJwfpJWIj FC3fFCa2M3u1FWbAhH7mFln59yhZ5pzW2t4irfRBo76SR6fjCn9Prw8LStmc5s5r 4bYYzYIat6exf6MGlSr70TJt6ylLDpVcWC6gHP9DJJIdh8na8lsYUndrCwO0Ybbe gnVS3U84llGzoKs1N0TdCZECLyFdVZfpfiJuA/0uPfH0kyS84/IxgvV52RkA6MFA +epb6ZaMm4hV/ffGxahSG84sgGCrMy/bLYH8DQRiMnNuyUiZZJtbm/BdpQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFK7aGheHjaAnwZVWhiB95SCwscA8MB8GA1UdIwQY MBaAFPfmeeWOS4v2PpUAK1S+Rx1jS5UGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOS1aNTVZNUxpX1ktbFFBclZMNUhIV05MbFFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC80ZmM3ODctZTY4MS00ZTE2LWIxZWMt YTFjNWQ3ZWI0YmQ3LzEvcnRvYUY0ZU5vQ2ZCbFZhR0lIM2xJTEN4d0R3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC80ZmM3ODctZTY4MS00ZTE2LWIxZWMtYTFjNWQ3ZWI0YmQ3 LzEvOS1aNTVZNUxpX1ktbFFBclZMNUhIV05MbFFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFlEMA0G CSqGSIb3DQEBCwUAA4IBAQBqWAQWiBEPkBNqMf0qWqSvGweE1TdeYKDrO4j98vk1 stkMwqf4gUuRB7zMScEAFDG3J5Ng9bBoBiGMg++SlLA7trZTi+spoZosf2Yx1rmg nH8gWyCcMQabefxLphk2K4Qk6wLKo57vyK2uaRwjhNGmV/LCbHbWl/Cy+TuL6s0c IKB0nIhtumF8QQWthC5Mql27YFOBgDwEYf+LvRoLesfk/uSIufSPqRwGtnfm+lcz e3E4L8W2Xx92yKlTfXao7B2Q0kYbZkgq3eeWDJR+L9NP+Ob9e0mLv4LQC6vyV+zM 2w79UDJituYXXk+aZa85hM6apFWx6+wntnzkHB1uJF4G -----END CERTIFICATE-----Generated at Wed Jan 21 10:34:13 2026 by rpki-client