This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/aYjhOwvnCzlgzbQHnira-ZaC3N8.roa File: aYjhOwvnCzlgzbQHnira-ZaC3N8.roa (raw, json) Hash identifier: ymasb353D4nJPS2cZZCPXG+hFCONgTbrdZ3r87bzCsI= Subject key identifier: 69:88:E1:3B:0B:E7:0B:39:60:CD:B4:07:9E:2A:DA:F9:96:82:DC:DF Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0 Certificate serial: 019B7FF23BF70C6B4B3C634A7C001315CBDD Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/aYjhOwvnCzlgzbQHnira-ZaC3N8.roa Signing time: Fri 02 Jan 2026 18:22:20 +0000 ROA not before: Fri 02 Jan 2026 18:22:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35913 IP address blocks: 45.150.224.0/24 maxlen: 32 45.150.225.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.mft rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:3b:f7:0c:6b:4b:3c:63:4a:7c:00:13:15:cb:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0 Validity Not Before: Jan 2 18:22:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6988e13b0be70b3960cdb4079e2adaf99682dcdf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:ef:1c:89:2f:9d:e2:15:c7:28:85:d6:73:dd: 0d:77:9d:9e:50:98:97:4c:a1:e9:1b:d7:ae:70:22: 88:b1:18:a7:76:49:83:34:25:a5:00:95:8c:32:03: db:94:ac:70:62:cf:b8:c8:0a:74:86:3d:79:33:e6: 00:00:6a:56:ce:ce:60:eb:0e:e4:4f:0f:36:23:30: 8d:fa:33:3b:3e:e2:57:46:c0:12:d9:4e:b5:5a:77: 80:ad:de:25:36:59:73:5c:7d:89:35:9b:55:95:9e: 2b:71:d4:ed:5b:fd:45:1e:48:ac:34:98:67:94:9a: d2:1a:1a:b6:37:87:fa:18:d0:e4:1d:2d:1f:a1:42: 96:58:24:6e:14:c2:49:64:08:a3:a5:06:b9:0d:b3: 25:51:a8:d9:ac:fc:a0:12:6a:4c:4e:02:9a:e5:fc: 1e:78:84:ef:d5:81:56:50:46:3f:b3:fb:9d:75:5f: 68:9a:7f:86:c3:d3:2b:b2:f3:3b:29:19:2f:53:d9: cb:5b:b3:7e:9f:4b:fb:25:d8:11:ea:ba:da:12:76: 18:6c:20:c6:2c:bd:5d:99:2a:9c:9d:82:a6:39:42: 11:cb:da:b7:95:99:9c:e0:ce:60:d2:25:29:8f:fc: 02:9d:a4:de:da:9b:d9:a2:5b:4a:f1:23:93:e6:0e: 7e:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:88:E1:3B:0B:E7:0B:39:60:CD:B4:07:9E:2A:DA:F9:96:82:DC:DF X509v3 Authority Key Identifier: keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/aYjhOwvnCzlgzbQHnira-ZaC3N8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.150.224.0/23 Signature Algorithm: sha256WithRSAEncryption 03:f6:ce:5e:23:96:d3:aa:5e:fe:d6:6d:c0:fd:ac:8b:13:c5: 0e:4a:cd:7c:2d:61:78:45:b2:96:05:81:95:cd:d0:48:ae:94: 6b:22:52:b6:1c:ed:18:c3:7f:36:37:8c:45:ee:53:e2:c0:22: a2:ad:fc:99:cd:48:b3:4b:f0:e2:b3:c4:1d:49:e2:aa:20:9f: be:a6:dd:32:c3:c3:94:fa:66:79:d2:80:05:d4:7b:d6:7a:97: 14:27:17:f5:9d:0f:31:3f:dc:4e:6a:d7:51:3e:51:1e:79:fb: 50:5b:a5:d6:f5:07:2f:32:9e:4d:e4:a0:82:e0:f1:55:86:94: f9:06:f0:a7:f2:2a:51:7c:fe:af:f4:bf:ff:76:7e:8a:23:d0: 93:6c:76:55:a0:09:29:04:5d:aa:ce:64:5e:31:5e:d0:15:af: 5a:43:e9:19:71:da:04:06:a0:6e:28:05:a6:85:81:4e:d3:aa: b0:dc:c9:5c:59:af:a1:e6:0a:21:d5:86:11:a0:89:a1:a3:14: 7e:0f:0c:93:db:83:b8:7d:8f:cd:d9:06:fb:b8:0a:f2:a6:0f: 48:b8:d9:95:d8:36:b4:3d:e8:23:95:65:18:a8:e5:21:a7:4b: b6:cd:95:2b:52:8b:ae:da:f8:e1:ee:9c:0a:63:a9:5a:b3:b0: b2:78:31:88 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/8jv3DGtLPGNKfAATFcvdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk NDI1YjAwHhcNMjYwMTAyMTgyMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OTg4ZTEzYjBiZTcwYjM5NjBjZGI0MDc5ZTJhZGFmOTk2ODJkY2RmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO8ciS+d4hXHKIXWc90Nd52eUJiX TKHpG9eucCKIsRindkmDNCWlAJWMMgPblKxwYs+4yAp0hj15M+YAAGpWzs5g6w7k Tw82IzCN+jM7PuJXRsAS2U61WneArd4lNllzXH2JNZtVlZ4rcdTtW/1FHkisNJhn lJrSGhq2N4f6GNDkHS0foUKWWCRuFMJJZAijpQa5DbMlUajZrPygEmpMTgKa5fwe eITv1YFWUEY/s/uddV9omn+Gw9MrsvM7KRkvU9nLW7N+n0v7JdgR6rraEnYYbCDG LL1dmSqcnYKmOUIRy9q3lZmc4M5g0iUpj/wCnaTe2pvZoltK8SOT5g5+EwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGmI4TsL5ws5YM20B54q2vmWgtzfMB8GA1UdIwQY MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt YjAzZGY5OTZlNDgxLzEvYVlqaE93dm5DemxnemJRSG5pcmEtWmFDM044LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZbgMA0G CSqGSIb3DQEBCwUAA4IBAQAD9s5eI5bTql7+1m3A/ayLE8UOSs18LWF4RbKWBYGV zdBIrpRrIlK2HO0Yw382N4xF7lPiwCKirfyZzUizS/Dis8QdSeKqIJ++pt0yw8OU +mZ50oAF1HvWepcUJxf1nQ8xP9xOatdRPlEeeftQW6XW9QcvMp5N5KCC4PFVhpT5 BvCn8ipRfP6v9L//dn6KI9CTbHZVoAkpBF2qzmReMV7QFa9aQ+kZcdoEBqBuKAWm hYFO06qw3MlcWa+h5goh1YYRoImhoxR+DwyT24O4fY/N2Qb7uArypg9IuNmV2Da0 PegjlWUYqOUhp0u2zZUrUouu2vjh7pwKY6las7CyeDGI -----END CERTIFICATE-----Generated at Wed Jan 21 15:24:30 2026 by rpki-client