This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/f558aa-55ef-450f-8b97-10090d1e7d94/1/4okKBfXSNKomjqjfKSyXyfQW8mg.roa File: 4okKBfXSNKomjqjfKSyXyfQW8mg.roa (raw, json) Hash identifier: c/G+cvhNW3akdlAhAKvUtf/mU2MrPEwZm3MMXGbYwZo= Subject key identifier: E2:89:0A:05:F5:D2:34:AA:26:8E:A8:DF:29:2C:97:C9:F4:16:F2:68 Certificate issuer: /CN=ca5154158905d1d44c4588dfd25802f324a93d61 Certificate serial: 019B79ED4012DC7F5B466FA4A00AC55FD310 Authority key identifier: CA:51:54:15:89:05:D1:D4:4C:45:88:DF:D2:58:02:F3:24:A9:3D:61 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ylFUFYkF0dRMRYjf0lgC8ySpPWE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/f558aa-55ef-450f-8b97-10090d1e7d94/1/4okKBfXSNKomjqjfKSyXyfQW8mg.roa Signing time: Thu 01 Jan 2026 14:19:10 +0000 ROA not before: Thu 01 Jan 2026 14:19:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213313 IP address blocks: 152.89.148.0/22 maxlen: 24 2a09:34c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/f558aa-55ef-450f-8b97-10090d1e7d94/1/ylFUFYkF0dRMRYjf0lgC8ySpPWE.crl rsync://rpki.ripe.net/repository/DEFAULT/d6/f558aa-55ef-450f-8b97-10090d1e7d94/1/ylFUFYkF0dRMRYjf0lgC8ySpPWE.mft rsync://rpki.ripe.net/repository/DEFAULT/ylFUFYkF0dRMRYjf0lgC8ySpPWE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:40:12:dc:7f:5b:46:6f:a4:a0:0a:c5:5f:d3:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca5154158905d1d44c4588dfd25802f324a93d61 Validity Not Before: Jan 1 14:19:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e2890a05f5d234aa268ea8df292c97c9f416f268 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:5e:e4:f4:29:21:34:c1:f0:7c:36:6e:48:19: df:d7:38:e2:33:bf:cf:5f:42:4c:2a:a7:dd:ee:5a: 77:61:17:66:4d:5d:8e:19:4f:49:e0:60:25:d4:7b: 70:07:c9:77:cc:77:73:3d:c5:a1:0b:7b:95:91:7d: 59:4b:f1:91:ca:a8:43:1b:6b:aa:9f:88:bd:ae:a8: 60:ed:8c:a7:1e:dd:39:9b:21:f2:7a:d5:a3:a3:ec: 8f:47:a4:1a:84:29:15:c8:dd:6c:8e:86:d7:58:2c: 78:59:74:3b:09:8c:d2:1d:dd:0a:5f:a6:2f:a0:e0: 7a:bc:af:85:fe:cb:f0:be:6b:21:89:0e:f6:14:ed: 14:bc:66:eb:b0:25:8c:9d:1b:a4:f3:2a:80:8e:6e: fa:f2:27:37:14:ea:1c:ec:ee:41:1c:89:01:78:ce: d1:fe:6e:96:3c:93:80:fc:d3:53:b2:eb:db:fc:74: 60:08:24:a8:15:21:66:d0:8d:0f:7e:28:1e:cb:c0: 0c:75:77:10:fb:6b:ed:7c:aa:09:aa:4a:ff:64:60: fa:98:5a:dc:2d:00:b4:4d:0d:c0:26:9e:16:03:ba: d3:5c:1c:20:4d:0b:90:45:f6:d6:9d:c6:68:1e:e8: c0:fd:e5:8a:49:be:1c:8f:f8:e1:3b:72:f6:96:a6: 61:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:89:0A:05:F5:D2:34:AA:26:8E:A8:DF:29:2C:97:C9:F4:16:F2:68 X509v3 Authority Key Identifier: keyid:CA:51:54:15:89:05:D1:D4:4C:45:88:DF:D2:58:02:F3:24:A9:3D:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ylFUFYkF0dRMRYjf0lgC8ySpPWE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f558aa-55ef-450f-8b97-10090d1e7d94/1/4okKBfXSNKomjqjfKSyXyfQW8mg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/f558aa-55ef-450f-8b97-10090d1e7d94/1/ylFUFYkF0dRMRYjf0lgC8ySpPWE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.89.148.0/22 IPv6: 2a09:34c0::/29 Signature Algorithm: sha256WithRSAEncryption 91:c7:0d:75:44:d7:4d:e3:3b:d0:a4:70:2b:bf:da:ba:52:3d: 91:3f:ba:42:93:c5:e7:f6:47:af:f7:09:8d:3c:45:4b:ac:8c: ad:07:22:7c:93:84:70:19:1d:3a:bf:d8:4b:57:83:86:ca:16: 21:11:e4:55:be:d8:fb:90:2d:c4:33:f6:db:17:2b:8c:3b:42: 24:f4:d2:db:9a:ef:d9:0a:a8:f1:e2:e8:9b:89:c7:e5:b1:33: e4:58:0d:f2:e1:6c:08:92:8b:14:ab:60:0e:71:c5:3b:c0:a8: 0b:d5:a9:8c:a1:be:5d:97:bf:00:c2:f7:de:74:00:4b:74:27: 4e:dd:24:e1:84:66:3c:24:99:f7:e1:4c:4e:54:fe:a2:30:2f: d4:c7:4a:c4:dd:b1:34:1d:f0:85:47:95:e6:f6:8a:80:b5:10: 89:6a:20:a7:b2:70:86:c9:8c:96:ab:ed:bf:d9:71:d5:72:b0: 08:ed:fd:7d:b1:97:b0:b0:8d:06:6f:2d:d0:94:e9:45:3f:2b: ef:6b:73:6f:ea:51:2e:11:7b:f9:e4:37:1d:27:98:2b:14:65: 63:57:1d:0b:49:01:4e:e3:55:f4:ef:dd:fb:1d:98:7b:35:28: ae:fb:fe:c2:b1:74:ca:18:95:0e:7f:70:e8:32:4d:cf:73:0b: 9e:71:93:c2 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt57UAS3H9bRm+koArFX9MQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhNTE1NDE1ODkwNWQxZDQ0YzQ1ODhkZmQyNTgwMmYzMjRh OTNkNjEwHhcNMjYwMTAxMTQxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMjg5MGEwNWY1ZDIzNGFhMjY4ZWE4ZGYyOTJjOTdjOWY0MTZmMjY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4V7k9CkhNMHwfDZuSBnf1zjiM7/P X0JMKqfd7lp3YRdmTV2OGU9J4GAl1HtwB8l3zHdzPcWhC3uVkX1ZS/GRyqhDG2uq n4i9rqhg7YynHt05myHyetWjo+yPR6QahCkVyN1sjobXWCx4WXQ7CYzSHd0KX6Yv oOB6vK+F/svwvmshiQ72FO0UvGbrsCWMnRuk8yqAjm768ic3FOoc7O5BHIkBeM7R /m6WPJOA/NNTsuvb/HRgCCSoFSFm0I0Pfigey8AMdXcQ+2vtfKoJqkr/ZGD6mFrc LQC0TQ3AJp4WA7rTXBwgTQuQRfbWncZoHujA/eWKSb4cj/jhO3L2lqZhPQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFOKJCgX10jSqJo6o3yksl8n0FvJoMB8GA1UdIwQY MBaAFMpRVBWJBdHUTEWI39JYAvMkqT1hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWxGVUZZa0YwZFJNUllqZjBsZ0M4eVNwUFdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mNTU4YWEtNTVlZi00NTBmLThiOTct MTAwOTBkMWU3ZDk0LzEvNG9rS0JmWFNOS29tanFqZktTeVh5ZlFXOG1nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNi9mNTU4YWEtNTVlZi00NTBmLThiOTctMTAwOTBkMWU3ZDk0 LzEveWxGVUZZa0YwZFJNUllqZjBsZ0M4eVNwUFdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCmFmUMA0E AgACMAcDBQMqCTTAMA0GCSqGSIb3DQEBCwUAA4IBAQCRxw11RNdN4zvQpHArv9q6 Uj2RP7pCk8Xn9kev9wmNPEVLrIytByJ8k4RwGR06v9hLV4OGyhYhEeRVvtj7kC3E M/bbFyuMO0Ik9NLbmu/ZCqjx4uibicflsTPkWA3y4WwIkosUq2AOccU7wKgL1amM ob5dl78AwvfedABLdCdO3SThhGY8JJn34UxOVP6iMC/Ux0rE3bE0HfCFR5Xm9oqA tRCJaiCnsnCGyYyWq+2/2XHVcrAI7f19sZewsI0Gby3QlOlFPyvva3Nv6lEuEXv5 5DcdJ5grFGVjVx0LSQFO41X07937HZh7NSiu+/7CsXTKGJUOf3DoMk3PcwuecZPC -----END CERTIFICATE-----Generated at Mon Feb 2 07:53:46 2026 by rpki-client