This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/F4LbTheuqBEGIn6fr-Y_BQ5eBhY.roa File: F4LbTheuqBEGIn6fr-Y_BQ5eBhY.roa (raw, json) Hash identifier: ylWhqGU3POwfkleabzCnfc3VdGfQhOi+YLiDFBo46HY= Subject key identifier: 17:82:DB:4E:17:AE:A8:11:06:22:7E:9F:AF:E6:3F:05:0E:5E:06:16 Certificate issuer: /CN=61b866e323382caea961e7d2423e53cab5099131 Certificate serial: 019B775891F1DBF282A00D034012EBF9CD52 Authority key identifier: 61:B8:66:E3:23:38:2C:AE:A9:61:E7:D2:42:3E:53:CA:B5:09:91:31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/F4LbTheuqBEGIn6fr-Y_BQ5eBhY.roa Signing time: Thu 01 Jan 2026 02:17:31 +0000 ROA not before: Thu 01 Jan 2026 02:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20986 IP address blocks: 185.111.52.0/22 maxlen: 22 185.111.56.0/22 maxlen: 22 185.112.16.0/22 maxlen: 22 2a06:5940::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/Ybhm4yM4LK6pYefSQj5TyrUJkTE.crl rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/Ybhm4yM4LK6pYefSQj5TyrUJkTE.mft rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:91:f1:db:f2:82:a0:0d:03:40:12:eb:f9:cd:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b866e323382caea961e7d2423e53cab5099131 Validity Not Before: Jan 1 02:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1782db4e17aea81106227e9fafe63f050e5e0616 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:fd:36:8b:15:6f:c3:a5:98:42:3a:39:0d:1b: f0:00:4b:2c:81:19:da:df:57:08:04:25:04:80:07: 09:4f:73:e3:48:3d:1d:67:1d:74:26:63:44:31:31: df:b6:f6:ee:6e:a5:c8:4e:6d:98:26:9d:5f:3c:f7: fd:ec:55:52:be:8b:ad:66:7f:50:ce:a9:c0:0e:2f: e6:54:46:17:57:0f:59:1e:32:9c:5c:32:ce:84:c8: 86:cb:d1:37:e4:94:0c:da:ff:b4:d8:8a:31:a5:5e: e7:35:a8:c6:1b:61:00:50:4c:29:05:ad:5b:71:5a: 6a:c2:e2:99:81:e6:f3:6a:06:6f:93:4d:68:c3:79: b8:05:68:03:e5:11:10:30:bc:af:09:85:c6:37:1a: 42:a9:be:b0:7d:6b:4a:f9:8f:28:6f:55:ba:37:62: 34:ef:c5:8d:5e:a9:23:31:47:c7:ac:15:ca:6d:8b: 5e:2e:d3:af:cf:ea:a7:c1:0f:d0:90:d8:d7:f2:19: 60:45:98:e4:67:8a:05:31:52:ac:bc:78:9c:f7:85: 0c:f4:26:65:8d:85:d9:6d:36:aa:58:d4:f6:ba:03: 8a:99:99:5c:8c:69:3a:56:f8:fa:fe:27:f6:3e:f8: fe:9a:ae:b5:be:1b:46:98:c4:42:a2:93:00:ec:00: 8d:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:82:DB:4E:17:AE:A8:11:06:22:7E:9F:AF:E6:3F:05:0E:5E:06:16 X509v3 Authority Key Identifier: keyid:61:B8:66:E3:23:38:2C:AE:A9:61:E7:D2:42:3E:53:CA:B5:09:91:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ybhm4yM4LK6pYefSQj5TyrUJkTE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/F4LbTheuqBEGIn6fr-Y_BQ5eBhY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/4ef4a9-6d96-4989-9c81-d92e68dfffe4/1/Ybhm4yM4LK6pYefSQj5TyrUJkTE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.111.52.0-185.111.59.255 185.112.16.0/22 IPv6: 2a06:5940::/29 Signature Algorithm: sha256WithRSAEncryption 40:46:db:e3:b5:ba:f4:b1:dd:ec:e7:2c:1d:c1:fe:8b:e4:20: 1f:68:ff:ef:55:0b:6e:7d:93:c2:d5:67:e4:df:e6:20:a7:04: b9:47:65:ef:5d:fb:2e:f5:c0:b2:72:46:62:0b:f2:3f:6d:26: 53:08:5d:14:9b:d9:96:d7:93:64:4f:c2:86:79:76:71:1e:60: de:d4:ab:30:b9:b5:c2:1b:4f:7e:0e:82:0d:89:6c:8f:80:22: 9d:58:13:c1:d4:26:a9:c1:e3:85:2d:5e:6c:12:e6:3b:d4:96: 85:24:e6:d5:76:33:a8:f4:98:47:38:f7:04:d7:c9:9c:fc:ff: d1:e2:96:b8:99:7a:3a:b5:17:e3:51:6d:ec:a0:db:d2:21:c1: 2b:78:d0:a4:72:9d:7c:b6:61:5f:cd:b1:0b:43:97:bc:0c:41: 82:68:9a:5a:ac:ba:bd:ce:73:1a:58:e5:32:f0:2a:e6:b8:ee: 47:21:94:f2:45:61:0c:f8:c9:d7:23:c7:28:84:25:25:24:58: 57:06:8e:54:ac:76:a7:89:be:b3:f7:5e:8c:5b:3a:ba:39:97: d1:98:11:4a:ef:ff:14:af:90:b8:d6:1d:84:39:49:d4:8f:1f: 2d:cb:6e:48:53:5b:89:f2:dc:30:11:24:91:4d:d7:39:bf:49: 90:dd:4d:23 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt3WJHx2/KCoA0DQBLr+c1SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxYjg2NmUzMjMzODJjYWVhOTYxZTdkMjQyM2U1M2NhYjUw OTkxMzEwHhcNMjYwMTAxMDIxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNzgyZGI0ZTE3YWVhODExMDYyMjdlOWZhZmU2M2YwNTBlNWUwNjE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7f02ixVvw6WYQjo5DRvwAEssgRna 31cIBCUEgAcJT3PjSD0dZx10JmNEMTHftvbubqXITm2YJp1fPPf97FVSvoutZn9Q zqnADi/mVEYXVw9ZHjKcXDLOhMiGy9E35JQM2v+02IoxpV7nNajGG2EAUEwpBa1b cVpqwuKZgebzagZvk01ow3m4BWgD5REQMLyvCYXGNxpCqb6wfWtK+Y8ob1W6N2I0 78WNXqkjMUfHrBXKbYteLtOvz+qnwQ/QkNjX8hlgRZjkZ4oFMVKsvHic94UM9CZl jYXZbTaqWNT2ugOKmZlcjGk6Vvj6/if2Pvj+mq61vhtGmMRCopMA7ACNCQIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFBeC204XrqgRBiJ+n6/mPwUOXgYWMB8GA1UdIwQY MBaAFGG4ZuMjOCyuqWHn0kI+U8q1CZExMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWJobTR5TTRMSzZwWWVmU1FqNVR5clVKa1RFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS80ZWY0YTktNmQ5Ni00OTg5LTljODEt ZDkyZTY4ZGZmZmU0LzEvRjRMYlRoZXVxQkVHSW42ZnItWV9CUTVlQmhZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS80ZWY0YTktNmQ5Ni00OTg5LTljODEtZDkyZTY4ZGZmZmU0 LzEvWWJobTR5TTRMSzZwWWVmU1FqNVR5clVKa1RFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAK5bzQD BAK5bzgDBAK5cBAwDQQCAAIwBwMFAyoGWUAwDQYJKoZIhvcNAQELBQADggEBAEBG 2+O1uvSx3eznLB3B/ovkIB9o/+9VC259k8LVZ+Tf5iCnBLlHZe9d+y71wLJyRmIL 8j9tJlMIXRSb2ZbXk2RPwoZ5dnEeYN7UqzC5tcIbT34Ogg2JbI+AIp1YE8HUJqnB 44UtXmwS5jvUloUk5tV2M6j0mEc49wTXyZz8/9HilriZejq1F+NRbeyg29IhwSt4 0KRynXy2YV/NsQtDl7wMQYJomlqsur3OcxpY5TLwKua47kchlPJFYQz4ydcjxyiE JSUkWFcGjlSsdqeJvrP3XoxbOro5l9GYEUrv/xSvkLjWHYQ5SdSPHy3LbkhTW4ny 3DARJJFN1zm/SZDdTSM= -----END CERTIFICATE-----Generated at Tue Feb 10 04:15:03 2026 by rpki-client