This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/4ca005-177d-44b5-9d96-c5469fc7d2d0/1/yAHDJdh6TZDYQNe65Bbps1iPzTk.roa File: yAHDJdh6TZDYQNe65Bbps1iPzTk.roa (raw, json) Hash identifier: 5IpdbJAl2pBKTXogrAl7O2M9edHwJaiAiuSdMux7Juc= Subject key identifier: C8:01:C3:25:D8:7A:4D:90:D8:40:D7:BA:E4:16:E9:B3:58:8F:CD:39 Certificate issuer: /CN=1cb4092ea2d1296dfe61d78a7dfb3c1e03916408 Certificate serial: 019B7FF20FF8F1FB3CFA311EDDEF2E23BDA8 Authority key identifier: 1C:B4:09:2E:A2:D1:29:6D:FE:61:D7:8A:7D:FB:3C:1E:03:91:64:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HLQJLqLRKW3-YdeKffs8HgORZAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/4ca005-177d-44b5-9d96-c5469fc7d2d0/1/yAHDJdh6TZDYQNe65Bbps1iPzTk.roa Signing time: Fri 02 Jan 2026 18:22:08 +0000 ROA not before: Fri 02 Jan 2026 18:22:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214011 IP address blocks: 213.134.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/4ca005-177d-44b5-9d96-c5469fc7d2d0/1/HLQJLqLRKW3-YdeKffs8HgORZAg.crl rsync://rpki.ripe.net/repository/DEFAULT/98/4ca005-177d-44b5-9d96-c5469fc7d2d0/1/HLQJLqLRKW3-YdeKffs8HgORZAg.mft rsync://rpki.ripe.net/repository/DEFAULT/HLQJLqLRKW3-YdeKffs8HgORZAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:0f:f8:f1:fb:3c:fa:31:1e:dd:ef:2e:23:bd:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1cb4092ea2d1296dfe61d78a7dfb3c1e03916408 Validity Not Before: Jan 2 18:22:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c801c325d87a4d90d840d7bae416e9b3588fcd39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:41:63:35:53:38:46:51:ae:55:dd:50:20:22: 9d:73:bd:e6:d6:0f:00:33:83:f1:25:4c:3f:fa:a4: 84:ea:c8:a1:4a:85:f4:1c:0f:5f:d1:e0:13:f4:45: 48:e1:90:44:1a:d4:2c:0f:92:07:28:a0:b7:85:12: ed:61:fe:e3:15:9a:4a:f0:85:b6:11:3e:7a:7c:e1: 27:3c:03:2b:4a:82:a4:67:6e:31:6c:80:54:cf:ad: 2c:29:6e:d4:2f:5e:df:3b:53:11:91:86:4f:0a:6d: 05:d1:92:c4:c4:38:b8:e1:63:c9:7a:54:a2:a1:b9: 1c:e5:ff:4d:35:e4:1f:30:b5:4f:d6:2c:89:48:c2: e6:91:3c:30:40:80:47:86:d6:56:c9:65:f3:57:aa: 2b:c0:44:04:c6:76:fc:dd:05:fa:18:6e:e7:25:55: 7f:96:65:1b:b9:77:59:02:b2:4b:b8:f0:4e:98:db: 66:1d:e7:f1:c1:c2:b5:1e:13:b1:33:4e:36:fa:37: 90:21:0e:1e:63:fd:e9:3e:3c:ab:bc:8a:b2:49:01: 3b:ba:2e:f5:93:bc:90:e0:17:3b:d1:56:7c:6f:2c: 37:a3:21:26:0a:b7:af:70:49:a6:4b:28:60:5c:91: bd:ce:fb:51:54:12:b9:4c:36:b0:9f:c7:8f:cd:af: b0:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:01:C3:25:D8:7A:4D:90:D8:40:D7:BA:E4:16:E9:B3:58:8F:CD:39 X509v3 Authority Key Identifier: keyid:1C:B4:09:2E:A2:D1:29:6D:FE:61:D7:8A:7D:FB:3C:1E:03:91:64:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HLQJLqLRKW3-YdeKffs8HgORZAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/4ca005-177d-44b5-9d96-c5469fc7d2d0/1/yAHDJdh6TZDYQNe65Bbps1iPzTk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/4ca005-177d-44b5-9d96-c5469fc7d2d0/1/HLQJLqLRKW3-YdeKffs8HgORZAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.134.4.0/24 Signature Algorithm: sha256WithRSAEncryption 97:04:fa:66:21:ef:48:60:6f:a0:b7:50:b6:69:c3:86:50:71: 9e:e2:64:1d:96:0f:1a:8e:2c:23:54:98:4b:ee:95:29:1b:8f: 44:a2:a1:f8:28:8d:d8:61:86:34:2f:a9:d2:45:3f:ce:ac:e3: f6:6c:02:0d:66:7d:73:69:6b:a4:80:8d:9e:b1:07:42:9a:4c: 57:c9:f1:a1:08:35:6a:01:7a:36:2c:76:6e:98:79:aa:9a:fb: 17:1b:56:95:6f:56:1a:ad:e8:08:79:5d:c0:cf:9b:1d:54:c1: 29:00:03:0e:c4:b6:5b:75:9b:10:9a:f9:12:45:de:82:e6:95: 10:09:eb:d9:72:04:be:bf:f5:1c:6b:25:ba:f6:19:cd:24:e3: 85:29:0c:ab:64:1c:8e:4e:76:01:78:64:11:8e:b4:26:c8:31: a4:dd:4d:3c:37:ab:b9:47:79:4f:ad:3e:2d:5a:d7:3f:37:d4: 87:3b:62:98:68:86:cf:03:f2:38:6f:80:a0:44:b7:d6:e7:ec: fa:1d:bb:fa:59:dc:f7:16:a2:11:cf:13:ab:18:5b:f0:fe:b6: c0:79:81:94:db:dc:c9:65:03:6a:dc:3b:4b:fc:48:0a:51:97: be:bf:2b:79:e2:c2:85:3e:ed:08:c7:53:48:87:06:24:ac:19: a1:c6:0d:18 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/8g/48fs8+jEe3e8uI72oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjYjQwOTJlYTJkMTI5NmRmZTYxZDc4YTdkZmIzYzFlMDM5 MTY0MDgwHhcNMjYwMTAyMTgyMjA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjODAxYzMyNWQ4N2E0ZDkwZDg0MGQ3YmFlNDE2ZTliMzU4OGZjZDM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkFjNVM4RlGuVd1QICKdc73m1g8A M4PxJUw/+qSE6sihSoX0HA9f0eAT9EVI4ZBEGtQsD5IHKKC3hRLtYf7jFZpK8IW2 ET56fOEnPAMrSoKkZ24xbIBUz60sKW7UL17fO1MRkYZPCm0F0ZLExDi44WPJelSi obkc5f9NNeQfMLVP1iyJSMLmkTwwQIBHhtZWyWXzV6orwEQExnb83QX6GG7nJVV/ lmUbuXdZArJLuPBOmNtmHefxwcK1HhOxM042+jeQIQ4eY/3pPjyrvIqySQE7ui71 k7yQ4Bc70VZ8byw3oyEmCrevcEmmSyhgXJG9zvtRVBK5TDawn8ePza+w3QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMgBwyXYek2Q2EDXuuQW6bNYj805MB8GA1UdIwQY MBaAFBy0CS6i0Slt/mHXin37PB4DkWQIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSExRSkxxTFJLVzMtWWRlS2ZmczhIZ09SWkFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC80Y2EwMDUtMTc3ZC00NGI1LTlkOTYt YzU0NjlmYzdkMmQwLzEveUFIREpkaDZUWkRZUU5lNjVCYnBzMWlQelRrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC80Y2EwMDUtMTc3ZC00NGI1LTlkOTYtYzU0NjlmYzdkMmQw LzEvSExRSkxxTFJLVzMtWWRlS2ZmczhIZ09SWkFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1YYEMA0G CSqGSIb3DQEBCwUAA4IBAQCXBPpmIe9IYG+gt1C2acOGUHGe4mQdlg8ajiwjVJhL 7pUpG49EoqH4KI3YYYY0L6nSRT/OrOP2bAINZn1zaWukgI2esQdCmkxXyfGhCDVq AXo2LHZumHmqmvsXG1aVb1YaregIeV3Az5sdVMEpAAMOxLZbdZsQmvkSRd6C5pUQ CevZcgS+v/UcayW69hnNJOOFKQyrZByOTnYBeGQRjrQmyDGk3U08N6u5R3lPrT4t Wtc/N9SHO2KYaIbPA/I4b4CgRLfW5+z6Hbv6Wdz3FqIRzxOrGFvw/rbAeYGU29zJ ZQNq3DtL/EgKUZe+vyt54sKFPu0Ix1NIhwYkrBmhxg0Y -----END CERTIFICATE-----Generated at Tue Feb 10 04:14:16 2026 by rpki-client