This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4Y1J3i6m9IbdC-lzGxaPWz0w3RA.roa File: 4Y1J3i6m9IbdC-lzGxaPWz0w3RA.roa (raw, json) Hash identifier: eS1CYtvsNIXg9p9zIa1chbjdDJPekFuA6FRHMnRqsUI= Subject key identifier: E1:8D:49:DE:2E:A6:F4:86:DD:0B:E9:73:1B:16:8F:5B:3D:30:DD:10 Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D52DC5EED721CD7BDAB2F40C75BB0 Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4Y1J3i6m9IbdC-lzGxaPWz0w3RA.roa Signing time: Fri 02 Jan 2026 06:20:26 +0000 ROA not before: Fri 02 Jan 2026 06:20:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203144 IP address blocks: 94.176.111.0/24 maxlen: 24 217.74.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:52:dc:5e:ed:72:1c:d7:bd:ab:2f:40:c7:5b:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e18d49de2ea6f486dd0be9731b168f5b3d30dd10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:84:22:b8:f7:93:84:ee:b1:57:8b:8a:26:df: 89:bd:be:74:ef:40:b6:35:1e:dd:00:85:d1:18:d1: d0:53:b4:1a:5f:95:0a:ca:95:2d:ff:1f:62:5a:81: ac:34:44:ce:11:a9:ad:39:44:95:66:ad:1d:11:11: 93:03:80:42:a6:a7:17:f2:62:a7:62:24:c7:fd:d9: ce:8d:32:5e:a7:22:06:4a:76:3c:f9:5c:1c:43:35: 84:53:cb:24:79:ba:d9:ed:3c:8b:4e:25:c5:7c:00: 06:22:92:d6:c5:51:8f:cf:17:44:13:11:d2:3d:1b: fb:9d:c7:89:d2:4c:7b:9d:64:e8:36:27:04:6a:07: a0:99:97:e5:0a:8e:07:b3:2d:f4:36:bc:c9:9d:f5: 6f:46:cc:df:9e:fc:03:8b:25:a6:03:89:1a:e7:05: 21:88:33:f4:ea:de:92:98:b5:f1:f1:04:37:c8:51: 38:54:1e:d9:f1:b3:98:e3:ce:1b:ad:a8:88:b2:34: 1f:c1:e7:0f:88:9a:54:45:ba:99:c2:22:aa:9d:31: f1:66:f1:50:1f:02:5c:6f:5e:be:39:16:d9:b4:e4: d8:01:4e:67:82:09:1c:14:9a:20:87:80:b9:c3:fd: 5b:c5:d3:c1:99:c8:08:8d:63:78:33:11:74:99:a6: 8b:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:8D:49:DE:2E:A6:F4:86:DD:0B:E9:73:1B:16:8F:5B:3D:30:DD:10 X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/4Y1J3i6m9IbdC-lzGxaPWz0w3RA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.176.111.0/24 217.74.20.0/24 Signature Algorithm: sha256WithRSAEncryption 3d:a2:f2:d1:1c:15:f3:c8:66:bd:df:4c:4d:3e:bd:78:46:07: 94:27:9e:35:d9:f7:5a:22:c2:a6:9e:bc:30:be:e1:1b:51:74: 4b:24:f7:db:78:14:bc:30:dd:79:66:c6:46:ab:8d:c9:56:e2: 13:86:17:43:ac:27:bb:27:bf:f2:84:f6:ee:2e:da:41:ae:e2: e9:4e:a6:ff:99:d3:25:d9:11:09:76:64:dd:b8:42:62:f2:03: 01:fc:8c:cf:25:cb:3f:e4:3a:f4:5f:fe:79:5f:c1:e0:1a:43: c0:f5:b6:bb:1c:e7:f5:2c:63:c1:7d:9f:0c:e9:bc:09:6b:c0: 80:e3:56:e1:2a:f5:7a:b0:a9:f2:66:18:92:2b:02:aa:5c:af: 54:8b:42:f0:80:ce:d1:9d:01:a8:8b:10:7f:db:d1:3b:44:2e: 2e:c7:3a:be:cb:1a:4e:f6:41:54:2a:27:ec:76:bb:10:ca:93: 21:78:4c:58:ab:b8:7e:c8:1c:9a:fd:05:7d:b1:97:f3:96:17: 6d:0f:10:5d:5a:b0:cc:27:d2:7d:2c:b7:b9:ad:91:70:f7:0a: 7a:b6:22:1e:7d:a8:61:43:44:59:29:27:0c:26:1c:67:0e:c2: c0:de:74:f6:45:16:c3:82:23:c4:ef:36:33:ee:b1:c4:fb:fa: f0:51:ba:23 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9XVLcXu1yHNe9qy9Ax1uwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMThkNDlkZTJlYTZmNDg2ZGQwYmU5NzMxYjE2OGY1YjNkMzBkZDEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIQiuPeThO6xV4uKJt+Jvb5070C2 NR7dAIXRGNHQU7QaX5UKypUt/x9iWoGsNETOEamtOUSVZq0dERGTA4BCpqcX8mKn YiTH/dnOjTJepyIGSnY8+VwcQzWEU8skebrZ7TyLTiXFfAAGIpLWxVGPzxdEExHS PRv7nceJ0kx7nWToNicEagegmZflCo4Hsy30NrzJnfVvRszfnvwDiyWmA4ka5wUh iDP06t6SmLXx8QQ3yFE4VB7Z8bOY484braiIsjQfwecPiJpURbqZwiKqnTHxZvFQ HwJcb16+ORbZtOTYAU5nggkcFJogh4C5w/1bxdPBmcgIjWN4MxF0maaLSwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFOGNSd4upvSG3QvpcxsWj1s9MN0QMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvNFkxSjNpNm05SWJkQy1sekd4YVBXejB3M1JBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXrBvAwQA 2UoUMA0GCSqGSIb3DQEBCwUAA4IBAQA9ovLRHBXzyGa930xNPr14RgeUJ5412fda IsKmnrwwvuEbUXRLJPfbeBS8MN15ZsZGq43JVuIThhdDrCe7J7/yhPbuLtpBruLp Tqb/mdMl2REJdmTduEJi8gMB/IzPJcs/5Dr0X/55X8HgGkPA9ba7HOf1LGPBfZ8M 6bwJa8CA41bhKvV6sKnyZhiSKwKqXK9Ui0LwgM7RnQGoixB/29E7RC4uxzq+yxpO 9kFUKifsdrsQypMheExYq7h+yBya/QV9sZfzlhdtDxBdWrDMJ9J9LLe5rZFw9wp6 tiIefahhQ0RZKScMJhxnDsLA3nT2RRbDgiPE7zYz7rHE+/rwUboj -----END CERTIFICATE-----Generated at Mon Jan 19 19:59:24 2026 by rpki-client