This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/4byt47T9P5nk3X_gigH5gnqHF-k.roa File: 4byt47T9P5nk3X_gigH5gnqHF-k.roa (raw, json) Hash identifier: Orh4zcSvF8oNjvR/+aqIkRi0Mad/ngDthWaNG9Uv6DM= Subject key identifier: E1:BC:AD:E3:B4:FD:3F:99:E4:DD:7F:E0:8A:01:F9:82:7A:87:17:E9 Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8 Certificate serial: 019B7F8176D39A5F93754BE1B1E64E096014 Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/4byt47T9P5nk3X_gigH5gnqHF-k.roa Signing time: Fri 02 Jan 2026 16:19:09 +0000 ROA not before: Fri 02 Jan 2026 16:19:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62240 IP address blocks: 168.199.129.0/24 maxlen: 24 168.199.131.0/24 maxlen: 24 168.199.160.0/24 maxlen: 24 168.199.161.0/24 maxlen: 24 168.199.162.0/24 maxlen: 24 168.199.163.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 10:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:81:76:d3:9a:5f:93:75:4b:e1:b1:e6:4e:09:60:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8 Validity Not Before: Jan 2 16:19:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e1bcade3b4fd3f99e4dd7fe08a01f9827a8717e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:74:48:e7:9b:ea:a4:8c:e0:82:6a:2c:b3:ed: d7:9d:e0:d0:78:f9:72:a7:72:38:ae:b0:46:72:b9: 45:87:ba:76:bf:66:78:3b:e4:28:e9:ac:a5:e8:34: d2:55:c3:ed:19:36:16:de:45:86:68:ea:8e:63:43: 63:30:1d:70:0b:d8:6a:7c:3e:29:19:03:b6:c0:f7: 54:d1:76:dc:80:1f:be:fc:0c:8b:ad:5a:c0:bc:8e: b4:c7:f4:09:72:b1:4c:3b:62:7d:74:7f:73:7f:95: 09:c8:42:64:73:ce:c0:5c:a6:d7:0d:0e:20:3e:4f: 3d:76:df:81:72:f6:a9:29:1a:14:9f:6a:2b:e6:19: 6d:80:c1:64:8b:b8:82:c4:7a:d9:3f:44:ea:96:89: 7f:59:db:de:47:23:2e:19:eb:52:99:2b:c1:79:06: 8a:88:e1:6b:cb:12:a4:60:12:52:e9:ca:4f:27:44: 8e:ad:b4:40:ef:7d:c3:7c:47:9b:00:3c:26:83:ea: f7:9e:20:45:ec:df:70:c3:2d:bc:94:35:ca:75:fc: 14:e6:88:9a:4e:05:f5:f7:9c:f0:60:0d:16:41:39: bc:3c:3a:83:6e:97:15:8a:bc:ea:d7:cb:41:8b:14: ef:76:90:19:34:d5:aa:b9:20:10:d3:fa:f0:18:d1: b0:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:BC:AD:E3:B4:FD:3F:99:E4:DD:7F:E0:8A:01:F9:82:7A:87:17:E9 X509v3 Authority Key Identifier: keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/4byt47T9P5nk3X_gigH5gnqHF-k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 168.199.129.0/24 168.199.131.0/24 168.199.160.0/22 Signature Algorithm: sha256WithRSAEncryption 3d:e1:40:3f:10:d0:93:d6:35:20:50:80:39:96:62:44:51:c0: 9d:c4:cf:3e:34:18:cf:87:94:f7:57:a3:a1:9e:68:dc:df:aa: b0:08:e5:1d:88:9e:61:bd:0d:ec:96:16:57:28:fa:19:b5:56: 7a:3d:23:4c:52:55:6e:fb:6b:4f:c5:f9:b5:ee:dd:e7:01:78: a2:48:57:78:2a:1c:7b:b7:75:99:c2:9b:02:4a:6b:7a:05:92: a3:c1:58:47:38:ed:70:74:a0:8c:84:6a:78:8f:8f:d7:a3:8f: 83:2e:c3:91:a0:68:99:9e:2d:1e:15:a6:69:dd:e2:e9:6e:cd: f6:17:21:1a:50:78:94:c1:ed:17:40:85:54:90:8f:c8:0b:03: 2c:ba:70:20:8a:62:d4:05:f0:87:6b:94:57:01:ba:20:ee:0e: a1:a1:1a:15:8c:7e:62:b0:3b:34:b1:bc:0a:a9:5b:14:7f:25: b4:16:3f:98:27:82:83:80:47:64:06:77:27:8c:18:5a:df:64: cf:bc:38:e5:54:4d:d8:4c:42:52:2b:84:ec:ad:70:dc:2d:64: 41:70:b4:a0:98:dd:a4:5c:ca:7a:c8:54:86:48:d3:57:19:c5: 54:9b:4b:b7:21:f4:2e:76:f7:e8:bf:12:a9:ef:66:61:3f:cb: 58:e2:32:60 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/gXbTml+TdUvhseZOCWAUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4 ODE3ZDgwHhcNMjYwMTAyMTYxOTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMWJjYWRlM2I0ZmQzZjk5ZTRkZDdmZTA4YTAxZjk4MjdhODcxN2U5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunRI55vqpIzggmoss+3XneDQePly p3I4rrBGcrlFh7p2v2Z4O+Qo6ayl6DTSVcPtGTYW3kWGaOqOY0NjMB1wC9hqfD4p GQO2wPdU0XbcgB++/AyLrVrAvI60x/QJcrFMO2J9dH9zf5UJyEJkc87AXKbXDQ4g Pk89dt+BcvapKRoUn2or5hltgMFki7iCxHrZP0Tqlol/WdveRyMuGetSmSvBeQaK iOFryxKkYBJS6cpPJ0SOrbRA733DfEebADwmg+r3niBF7N9wwy28lDXKdfwU5oia TgX195zwYA0WQTm8PDqDbpcVirzq18tBixTvdpAZNNWquSAQ0/rwGNGwZwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFOG8reO0/T+Z5N1/4IoB+YJ6hxfpMB8GA1UdIwQY MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt MmQxOTE4YmExYzBlLzEvNGJ5dDQ3VDlQNW5rM1hfZ2lnSDVnbnFIRi1rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAqMeBAwQA qMeDAwQCqMegMA0GCSqGSIb3DQEBCwUAA4IBAQA94UA/ENCT1jUgUIA5lmJEUcCd xM8+NBjPh5T3V6Ohnmjc36qwCOUdiJ5hvQ3slhZXKPoZtVZ6PSNMUlVu+2tPxfm1 7t3nAXiiSFd4Khx7t3WZwpsCSmt6BZKjwVhHOO1wdKCMhGp4j4/Xo4+DLsORoGiZ ni0eFaZp3eLpbs32FyEaUHiUwe0XQIVUkI/ICwMsunAgimLUBfCHa5RXAbog7g6h oRoVjH5isDs0sbwKqVsUfyW0Fj+YJ4KDgEdkBncnjBha32TPvDjlVE3YTEJSK4Ts rXDcLWRBcLSgmN2kXMp6yFSGSNNXGcVUm0u3IfQudvfovxKp72ZhP8tY4jJg -----END CERTIFICATE-----Generated at Fri Jan 9 16:52:10 2026 by rpki-client