This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/09da87-a2b2-429b-be96-cd009b300a6c/1/rYWvgBpIwofNn7aLhB0mJ0iM21E.roa File: rYWvgBpIwofNn7aLhB0mJ0iM21E.roa (raw, json) Hash identifier: my07QvKsBSoGPzx9lWKg1TKeZIOPYji+dEgnbV20gxM= Subject key identifier: AD:85:AF:80:1A:48:C2:87:CD:9F:B6:8B:84:1D:26:27:48:8C:DB:51 Certificate issuer: /CN=4d98fe502ac16e957cc33ebc2ec1be83bbed7cc4 Certificate serial: 019B7C11E7305F53B2E2663476C2A4EB2EC6 Authority key identifier: 4D:98:FE:50:2A:C1:6E:95:7C:C3:3E:BC:2E:C1:BE:83:BB:ED:7C:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TZj-UCrBbpV8wz68LsG-g7vtfMQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/09da87-a2b2-429b-be96-cd009b300a6c/1/rYWvgBpIwofNn7aLhB0mJ0iM21E.roa Signing time: Fri 02 Jan 2026 00:18:26 +0000 ROA not before: Fri 02 Jan 2026 00:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211401 IP address blocks: 185.46.40.0/22 maxlen: 22 2a00:eee0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/09da87-a2b2-429b-be96-cd009b300a6c/1/TZj-UCrBbpV8wz68LsG-g7vtfMQ.crl rsync://rpki.ripe.net/repository/DEFAULT/7c/09da87-a2b2-429b-be96-cd009b300a6c/1/TZj-UCrBbpV8wz68LsG-g7vtfMQ.mft rsync://rpki.ripe.net/repository/DEFAULT/TZj-UCrBbpV8wz68LsG-g7vtfMQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:e7:30:5f:53:b2:e2:66:34:76:c2:a4:eb:2e:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d98fe502ac16e957cc33ebc2ec1be83bbed7cc4 Validity Not Before: Jan 2 00:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ad85af801a48c287cd9fb68b841d2627488cdb51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:2d:ed:31:88:32:2b:8a:40:30:f9:1f:8e:69: b4:9b:a9:07:f5:0f:57:69:0a:6b:2e:f0:a6:4e:ab: eb:fe:57:c5:7f:0c:ab:12:73:88:b9:cc:c2:aa:15: 88:f5:af:62:f9:10:ef:b9:1f:3d:d2:78:fd:64:f8: 93:c0:05:0a:67:8c:8f:9b:e7:8c:d7:4f:74:83:1c: 1b:96:be:25:c1:4f:25:9e:66:5b:cb:13:64:cf:98: 5f:70:aa:52:8b:04:93:82:fa:b1:e1:81:50:74:60: d4:5d:37:93:68:ee:05:ba:a8:83:ec:3f:38:fb:29: 67:bf:78:a9:b8:d0:91:58:df:05:20:bf:5c:79:95: 1e:1d:47:85:b2:a0:be:90:09:b2:66:5a:e5:29:45: 53:e9:1e:88:54:c9:8c:24:bc:e8:38:b5:d6:9f:52: b0:7a:ad:c5:04:42:50:d5:60:a1:5e:11:d3:56:23: f7:d7:53:9c:3b:32:bd:0c:c0:70:ce:6e:9c:b4:db: ff:54:8b:57:7a:7f:fe:78:db:67:df:ab:bc:fd:10: bf:f8:9b:5f:05:c4:4b:c1:ee:29:7c:15:29:de:33: 7e:db:46:5e:5f:8a:5d:8f:d4:53:d3:26:cf:8e:5a: 55:2b:38:20:8e:e2:d3:b6:17:f4:2d:9b:be:2e:30: 19:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:85:AF:80:1A:48:C2:87:CD:9F:B6:8B:84:1D:26:27:48:8C:DB:51 X509v3 Authority Key Identifier: keyid:4D:98:FE:50:2A:C1:6E:95:7C:C3:3E:BC:2E:C1:BE:83:BB:ED:7C:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TZj-UCrBbpV8wz68LsG-g7vtfMQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/09da87-a2b2-429b-be96-cd009b300a6c/1/rYWvgBpIwofNn7aLhB0mJ0iM21E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/09da87-a2b2-429b-be96-cd009b300a6c/1/TZj-UCrBbpV8wz68LsG-g7vtfMQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.46.40.0/22 IPv6: 2a00:eee0::/32 Signature Algorithm: sha256WithRSAEncryption 3d:56:32:3c:35:5e:74:b4:43:91:30:1c:5e:3c:da:b5:6c:c8: b9:4e:85:a2:4c:e6:7c:b3:0b:31:72:e6:37:0c:af:8c:ac:a9: 17:5c:0d:b7:0e:0b:1c:bf:3e:05:12:73:7d:62:48:99:d1:75: f8:98:c3:48:18:88:be:87:7a:33:67:ff:a4:46:e7:67:97:ae: 3b:cb:be:bf:a7:0a:84:28:57:d1:dd:39:70:0e:51:1f:b0:ba: 15:e0:54:51:06:9c:c0:01:b7:03:54:92:1e:73:1e:b1:34:c6: 21:c9:75:c6:01:f1:da:a8:1b:ed:9d:32:b8:02:71:4d:0e:fb: 4a:ba:5b:13:66:91:55:34:0a:75:f9:74:20:57:11:c4:5e:ca: 9c:31:fb:39:d6:b3:20:f2:5a:db:00:08:8e:a0:c8:20:4e:7a: bb:be:b6:2a:59:31:df:8b:38:86:68:af:a3:93:ce:c0:a3:a7: c7:ec:1c:14:69:63:8c:a8:5f:a8:5f:4b:48:c9:3c:05:15:5a: 5d:84:45:c5:e6:5f:68:96:dc:74:00:f1:d5:5c:d8:c0:df:1f: d1:c1:cb:91:b7:16:2d:00:c2:90:f5:d3:e2:a3:36:61:de:d1: 51:85:9f:f2:51:e6:d1:3c:47:76:34:f4:95:77:4b:c0:23:c3: 6c:eb:d7:05 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8EecwX1Oy4mY0dsKk6y7GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkOThmZTUwMmFjMTZlOTU3Y2MzM2ViYzJlYzFiZTgzYmJl ZDdjYzQwHhcNMjYwMTAyMDAxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZDg1YWY4MDFhNDhjMjg3Y2Q5ZmI2OGI4NDFkMjYyNzQ4OGNkYjUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1y3tMYgyK4pAMPkfjmm0m6kH9Q9X aQprLvCmTqvr/lfFfwyrEnOIuczCqhWI9a9i+RDvuR890nj9ZPiTwAUKZ4yPm+eM 1090gxwblr4lwU8lnmZbyxNkz5hfcKpSiwSTgvqx4YFQdGDUXTeTaO4FuqiD7D84 +ylnv3ipuNCRWN8FIL9ceZUeHUeFsqC+kAmyZlrlKUVT6R6IVMmMJLzoOLXWn1Kw eq3FBEJQ1WChXhHTViP311OcOzK9DMBwzm6ctNv/VItXen/+eNtn36u8/RC/+Jtf BcRLwe4pfBUp3jN+20ZeX4pdj9RT0ybPjlpVKzggjuLTthf0LZu+LjAZCQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFK2Fr4AaSMKHzZ+2i4QdJidIjNtRMB8GA1UdIwQY MBaAFE2Y/lAqwW6VfMM+vC7BvoO77XzEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFpqLVVDckJicFY4d3o2OExzRy1nN3Z0Zk1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wOWRhODctYTJiMi00MjliLWJlOTYt Y2QwMDliMzAwYTZjLzEvcllXdmdCcEl3b2ZObjdhTGhCMG1KMGlNMjFFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yy8wOWRhODctYTJiMi00MjliLWJlOTYtY2QwMDliMzAwYTZj LzEvVFpqLVVDckJicFY4d3o2OExzRy1nN3Z0Zk1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuS4oMA0E AgACMAcDBQAqAO7gMA0GCSqGSIb3DQEBCwUAA4IBAQA9VjI8NV50tEORMBxePNq1 bMi5ToWiTOZ8swsxcuY3DK+MrKkXXA23Dgscvz4FEnN9YkiZ0XX4mMNIGIi+h3oz Z/+kRudnl647y76/pwqEKFfR3TlwDlEfsLoV4FRRBpzAAbcDVJIecx6xNMYhyXXG AfHaqBvtnTK4AnFNDvtKulsTZpFVNAp1+XQgVxHEXsqcMfs51rMg8lrbAAiOoMgg Tnq7vrYqWTHfiziGaK+jk87Ao6fH7BwUaWOMqF+oX0tIyTwFFVpdhEXF5l9oltx0 APHVXNjA3x/RwcuRtxYtAMKQ9dPiozZh3tFRhZ/yUebRPEd2NPSVd0vAI8Ns69cF -----END CERTIFICATE-----Generated at Tue Jan 27 00:31:12 2026 by rpki-client