This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yXrFSLagAb6hP-StHvd00dY4nQU.roa File: yXrFSLagAb6hP-StHvd00dY4nQU.roa (raw, json) Hash identifier: LIz8FkaBSr+7aLLG4W4A7K62sr6cPCmCcsdTKlZOqFQ= Subject key identifier: C9:7A:C5:48:B6:A0:01:BE:A1:3F:E4:AD:1E:F7:74:D1:D6:38:9D:05 Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019B7DCB64EF123DB3C2C066FFE7346F2A39 Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yXrFSLagAb6hP-StHvd00dY4nQU.roa Signing time: Fri 02 Jan 2026 08:20:40 +0000 ROA not before: Fri 02 Jan 2026 08:20:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202828 IP address blocks: 151.247.0.0/24 maxlen: 24 151.247.1.0/24 maxlen: 24 151.247.2.0/24 maxlen: 24 151.247.3.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 21:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:64:ef:12:3d:b3:c2:c0:66:ff:e7:34:6f:2a:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Jan 2 08:20:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c97ac548b6a001bea13fe4ad1ef774d1d6389d05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:54:a9:1f:dd:a7:11:6e:29:d9:d5:56:a1:d5: f3:7b:9b:8f:c3:de:20:3d:d4:95:cc:ac:b3:31:25: 80:a5:90:20:76:29:76:ce:fd:27:45:5f:76:19:8a: 0a:f9:45:b7:98:f7:33:54:76:1d:68:fe:06:55:e5: 0f:d0:82:e4:c4:9b:2e:05:0c:84:c9:10:34:36:5e: 7b:ff:cc:11:7f:a9:65:35:53:99:f9:1c:fb:f5:c9: 44:99:0a:26:30:9e:f8:22:83:a0:bd:b4:42:3b:6f: 8e:b2:12:a9:f0:23:45:23:f8:96:ba:28:13:98:a6: 38:e5:7a:c1:67:ed:db:58:3d:1f:b6:45:b6:10:9a: 92:e8:ed:8e:cb:56:41:d4:64:8f:e1:b3:52:0f:91: e1:3b:67:03:51:4c:ae:1e:5c:5a:c1:cf:31:1d:6d: cc:62:73:0d:1b:5b:6d:43:e4:d6:6e:2c:33:11:87: cc:19:27:dd:a3:01:50:04:4d:b3:00:d4:7a:73:a8: a2:ee:50:6a:9b:65:1c:72:f8:7e:e4:3b:2b:41:5c: 60:6d:b9:8a:20:3a:fc:b4:3d:7e:91:e6:7b:83:22: 7b:e5:02:79:ff:bb:ec:07:8d:49:ff:8c:e5:d3:35: ce:75:26:08:f9:c3:c7:7c:65:43:fc:dd:da:5f:49: f6:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:7A:C5:48:B6:A0:01:BE:A1:3F:E4:AD:1E:F7:74:D1:D6:38:9D:05 X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yXrFSLagAb6hP-StHvd00dY4nQU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.247.0.0/22 Signature Algorithm: sha256WithRSAEncryption 3e:5b:52:f1:5b:4b:b7:ff:92:1a:de:4a:9c:92:0a:15:ce:bd: 39:8f:a1:c6:9c:28:7e:ac:66:cc:5b:ac:44:bd:fb:4d:cd:f0: 75:83:d3:07:5f:f9:55:d2:83:63:22:7e:5b:a3:8e:e0:30:45: 92:82:53:72:f0:c0:de:ed:9d:66:c9:6e:0d:b6:61:d9:ef:13: 22:71:6f:4f:7e:f1:e7:3d:e0:ed:76:27:99:46:a0:f8:b5:1b: 30:ca:f7:ec:6e:26:bb:f5:83:1b:e9:8f:6a:fd:b4:fb:4f:38: 38:ae:71:07:1c:38:0b:b3:b2:2d:95:96:c4:2a:47:35:7f:aa: d6:89:fe:05:bb:58:28:40:1f:51:5a:e2:57:d0:88:87:11:65: 97:5f:ea:d5:f1:78:6f:d0:2c:9a:b0:2d:08:b0:59:37:92:74: f7:7d:50:c0:c5:f3:76:21:b7:21:09:d1:2c:c5:3f:17:2d:7b: 51:f2:50:54:e2:cf:11:ab:62:c0:59:c3:55:cd:ba:86:c4:46: 92:30:0f:e5:f6:fa:16:14:f4:88:82:0c:c3:66:13:6b:22:53: eb:a9:3a:1b:8a:f8:e2:30:3d:66:b4:56:f9:45:80:19:d0:39: 8a:84:a7:d7:f5:cb:d9:65:c4:ff:ff:dc:4c:92:c3:4c:23:24: 07:d8:81:5a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9y2TvEj2zwsBm/+c0byo5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjYwMTAyMDgyMDQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOTdhYzU0OGI2YTAwMWJlYTEzZmU0YWQxZWY3NzRkMWQ2Mzg5ZDA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VSpH92nEW4p2dVWodXze5uPw94g PdSVzKyzMSWApZAgdil2zv0nRV92GYoK+UW3mPczVHYdaP4GVeUP0ILkxJsuBQyE yRA0Nl57/8wRf6llNVOZ+Rz79clEmQomMJ74IoOgvbRCO2+OshKp8CNFI/iWuigT mKY45XrBZ+3bWD0ftkW2EJqS6O2Oy1ZB1GSP4bNSD5HhO2cDUUyuHlxawc8xHW3M YnMNG1ttQ+TWbiwzEYfMGSfdowFQBE2zANR6c6ii7lBqm2Uccvh+5DsrQVxgbbmK IDr8tD1+keZ7gyJ75QJ5/7vsB41J/4zl0zXOdSYI+cPHfGVD/N3aX0n2zwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMl6xUi2oAG+oT/krR73dNHWOJ0FMB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEveVhyRlNMYWdBYjZoUC1TdEh2ZDAwZFk0blFVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCl/cAMA0G CSqGSIb3DQEBCwUAA4IBAQA+W1LxW0u3/5Ia3kqckgoVzr05j6HGnCh+rGbMW6xE vftNzfB1g9MHX/lV0oNjIn5bo47gMEWSglNy8MDe7Z1myW4NtmHZ7xMicW9PfvHn PeDtdieZRqD4tRswyvfsbia79YMb6Y9q/bT7Tzg4rnEHHDgLs7ItlZbEKkc1f6rW if4Fu1goQB9RWuJX0IiHEWWXX+rV8Xhv0CyasC0IsFk3knT3fVDAxfN2IbchCdEs xT8XLXtR8lBU4s8Rq2LAWcNVzbqGxEaSMA/l9voWFPSIggzDZhNrIlPrqTobivji MD1mtFb5RYAZ0DmKhKfX9cvZZcT//9xMksNMIyQH2IFa -----END CERTIFICATE-----Generated at Sun Jan 18 06:30:04 2026 by rpki-client