This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/4LTSiiIXCY2aVQheO-OK2Ks1zVc.roa File: 4LTSiiIXCY2aVQheO-OK2Ks1zVc.roa (raw, json) Hash identifier: /HUlN5mU4nQlfn3Lbzxe64CdVsxaFWp5WmzIr3dsQ+U= Subject key identifier: E0:B4:D2:8A:22:17:09:8D:9A:55:08:5E:3B:E3:8A:D8:AB:35:CD:57 Certificate issuer: /CN=70f9b16adf2fd31988859922b4457481dd7eef40 Certificate serial: 019B7DC8A762A502BE50AD4C229107AE990D Authority key identifier: 70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/4LTSiiIXCY2aVQheO-OK2Ks1zVc.roa Signing time: Fri 02 Jan 2026 08:17:40 +0000 ROA not before: Fri 02 Jan 2026 08:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5511 IP address blocks: 213.137.89.0/24 maxlen: 24 213.137.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.mft rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 02:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c8:a7:62:a5:02:be:50:ad:4c:22:91:07:ae:99:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70f9b16adf2fd31988859922b4457481dd7eef40 Validity Not Before: Jan 2 08:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e0b4d28a2217098d9a55085e3be38ad8ab35cd57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:32:74:2b:da:71:86:e4:9d:bb:3a:29:3f:d8: 8b:2b:4f:ef:b0:a1:e5:e2:93:37:0a:3f:ab:7c:af: cf:84:35:98:36:f6:70:25:bb:73:ff:b0:bf:1b:98: f8:f5:31:50:40:09:78:ed:fa:da:da:40:f4:33:a8: 3f:19:24:9b:50:50:0d:08:6c:c2:27:d4:67:d8:cb: a8:33:57:b2:8a:32:c6:13:69:ee:89:55:37:07:5d: 26:9f:ad:73:ce:94:0c:10:f0:64:7a:e7:bd:53:a9: fa:56:4c:cb:c8:9f:63:c9:94:f1:dd:43:8c:f4:17: 32:7a:7c:69:0c:ae:d9:79:60:29:53:0a:86:33:8e: 9d:b5:2a:71:0a:66:d3:14:d3:dd:15:c6:ac:17:a0: 79:cc:8b:f2:2c:42:08:4b:4d:d1:09:bb:50:2f:3a: e7:51:a0:e1:55:a8:e6:07:bf:a5:af:62:3c:61:b0: af:1a:01:59:c8:02:01:f1:e8:69:de:01:5f:23:67: e5:e0:de:c3:11:dd:da:ea:6a:4b:db:f1:ce:41:3a: 52:1f:ee:d5:68:47:54:ff:43:b9:e0:0b:f0:1d:a7: f6:61:fd:2b:2f:20:67:80:b3:c9:60:25:79:dd:30: f8:c2:3b:f0:0f:4d:ad:16:3f:8d:58:06:e2:cd:ab: cd:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:B4:D2:8A:22:17:09:8D:9A:55:08:5E:3B:E3:8A:D8:AB:35:CD:57 X509v3 Authority Key Identifier: keyid:70:F9:B1:6A:DF:2F:D3:19:88:85:99:22:B4:45:74:81:DD:7E:EF:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPmxat8v0xmIhZkitEV0gd1-70A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/4LTSiiIXCY2aVQheO-OK2Ks1zVc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/956db9-c8f7-4b9f-a56e-bc6db7248add/1/cPmxat8v0xmIhZkitEV0gd1-70A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.137.89.0/24 213.137.91.0/24 Signature Algorithm: sha256WithRSAEncryption 41:ae:a9:2f:ff:bb:e5:a3:20:41:e8:b6:39:36:fb:c1:42:2b: 34:a8:1b:d0:5c:3f:3c:41:da:70:53:6d:8b:64:73:1f:a7:ab: 52:ef:6f:45:fb:f6:44:f0:c4:57:ee:9f:6b:6f:de:f4:d7:c4: ae:55:4d:eb:3d:e8:56:eb:c8:9d:21:68:69:a0:c8:41:a7:56: e5:27:61:87:a2:86:d7:9b:a8:81:7a:95:8b:0b:db:20:62:1b: 94:b0:de:98:af:a9:b6:38:c2:8a:bc:a3:70:29:78:4f:f9:69: 68:40:9b:96:0e:b1:ce:9e:4c:30:37:52:f8:39:a0:9e:3f:2a: 7b:37:b9:51:9f:1e:61:b5:66:19:a5:4d:a0:4a:d3:ec:23:15: 11:53:04:0f:a8:ad:8f:2e:b8:c5:54:ef:24:e4:67:58:a2:7c: eb:f1:49:2c:12:2a:b4:50:bf:91:50:2c:3f:b4:0b:4d:e1:58: 01:8a:d2:67:70:e7:54:e2:2c:30:aa:cb:f2:8c:c3:93:66:24: 83:2e:cf:45:bd:6f:86:fc:18:96:5c:cc:28:dd:44:2b:28:ff: 66:26:29:4a:98:f1:2c:7f:9f:04:21:31:e2:75:b9:f1:e5:16: f3:e0:46:9c:0d:07:4f:0c:68:09:17:21:7e:49:1b:69:0b:f1: 70:f8:79:78 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9yKdipQK+UK1MIpEHrpkNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwZjliMTZhZGYyZmQzMTk4ODg1OTkyMmI0NDU3NDgxZGQ3 ZWVmNDAwHhcNMjYwMTAyMDgxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMGI0ZDI4YTIyMTcwOThkOWE1NTA4NWUzYmUzOGFkOGFiMzVjZDU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizJ0K9pxhuSduzopP9iLK0/vsKHl 4pM3Cj+rfK/PhDWYNvZwJbtz/7C/G5j49TFQQAl47fra2kD0M6g/GSSbUFANCGzC J9Rn2MuoM1eyijLGE2nuiVU3B10mn61zzpQMEPBkeue9U6n6VkzLyJ9jyZTx3UOM 9BcyenxpDK7ZeWApUwqGM46dtSpxCmbTFNPdFcasF6B5zIvyLEIIS03RCbtQLzrn UaDhVajmB7+lr2I8YbCvGgFZyAIB8ehp3gFfI2fl4N7DEd3a6mpL2/HOQTpSH+7V aEdU/0O54AvwHaf2Yf0rLyBngLPJYCV53TD4wjvwD02tFj+NWAbizavNqwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFOC00ooiFwmNmlUIXjvjitirNc1XMB8GA1UdIwQY MBaAFHD5sWrfL9MZiIWZIrRFdIHdfu9AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUt YmM2ZGI3MjQ4YWRkLzEvNExUU2lpSVhDWTJhVlFoZU8tT0syS3MxelZjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi85NTZkYjktYzhmNy00YjlmLWE1NmUtYmM2ZGI3MjQ4YWRk LzEvY1BteGF0OHYweG1JaFpraXRFVjBnZDEtNzBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1YlZAwQA 1YlbMA0GCSqGSIb3DQEBCwUAA4IBAQBBrqkv/7vloyBB6LY5NvvBQis0qBvQXD88 QdpwU22LZHMfp6tS729F+/ZE8MRX7p9rb97018SuVU3rPehW68idIWhpoMhBp1bl J2GHoobXm6iBepWLC9sgYhuUsN6Yr6m2OMKKvKNwKXhP+WloQJuWDrHOnkwwN1L4 OaCePyp7N7lRnx5htWYZpU2gStPsIxURUwQPqK2PLrjFVO8k5GdYonzr8UksEiq0 UL+RUCw/tAtN4VgBitJncOdU4iwwqsvyjMOTZiSDLs9FvW+G/BiWXMwo3UQrKP9m JilKmPEsf58EITHidbnx5Rbz4EacDQdPDGgJFyF+SRtpC/Fw+Hl4 -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:13 2026 by rpki-client