This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/41dec1-1eb1-49c7-9d50-ca595e34d5ac/1/Y4syH6UzjjHJV7JuJcxsHndTEBM.roa File: Y4syH6UzjjHJV7JuJcxsHndTEBM.roa (raw, json) Hash identifier: JfIRoO3yinIldqjXRJFR4+uBQRShxpVbREXLMon+oyc= Subject key identifier: 63:8B:32:1F:A5:33:8E:31:C9:57:B2:6E:25:CC:6C:1E:77:53:10:13 Certificate issuer: /CN=4e984a5a4b7808bb4ea32d310bdd07ecc9575113 Certificate serial: 019B7834DD3AF60A1D8034287E7A586CE913 Authority key identifier: 4E:98:4A:5A:4B:78:08:BB:4E:A3:2D:31:0B:DD:07:EC:C9:57:51:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TphKWkt4CLtOoy0xC90H7MlXURM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/41dec1-1eb1-49c7-9d50-ca595e34d5ac/1/Y4syH6UzjjHJV7JuJcxsHndTEBM.roa Signing time: Thu 01 Jan 2026 06:18:08 +0000 ROA not before: Thu 01 Jan 2026 06:18:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21162 IP address blocks: 5.157.88.0/21 maxlen: 24 5.157.88.0/24 maxlen: 24 46.231.248.0/21 maxlen: 24 178.248.168.0/21 maxlen: 24 185.44.136.0/22 maxlen: 22 2a02:bd0::/32 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/41dec1-1eb1-49c7-9d50-ca595e34d5ac/1/TphKWkt4CLtOoy0xC90H7MlXURM.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/41dec1-1eb1-49c7-9d50-ca595e34d5ac/1/TphKWkt4CLtOoy0xC90H7MlXURM.mft rsync://rpki.ripe.net/repository/DEFAULT/TphKWkt4CLtOoy0xC90H7MlXURM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:dd:3a:f6:0a:1d:80:34:28:7e:7a:58:6c:e9:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4e984a5a4b7808bb4ea32d310bdd07ecc9575113 Validity Not Before: Jan 1 06:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=638b321fa5338e31c957b26e25cc6c1e77531013 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:55:d5:54:79:07:1f:ff:31:f3:19:b8:64:c7: 7a:2a:35:ae:51:9e:83:8c:12:be:59:b3:a9:d1:50: 10:e0:b2:5f:95:2c:e6:08:38:c6:23:33:1a:2b:de: 5c:8b:d6:6d:d9:53:fc:a3:19:6e:52:59:91:28:96: 0f:95:90:87:99:ac:7a:79:c3:07:39:bc:63:a7:db: 5f:f2:97:93:40:4b:17:09:ec:cb:1e:b1:ee:31:03: d1:92:ff:c4:9f:b9:36:01:38:58:66:fa:55:33:2d: a4:9d:f8:a4:00:73:64:33:1a:91:a9:c7:9a:65:8e: b0:83:8f:6b:84:5f:9c:98:b6:6a:9f:3a:49:43:50: be:75:81:5d:ce:65:16:13:aa:5e:ce:88:f7:43:c8: 67:44:5c:20:42:af:b3:5f:f7:95:b7:b6:a4:14:a7: e2:a8:a4:94:3f:87:17:ef:6a:fb:0c:93:94:c9:0d: 27:61:af:29:3c:f6:aa:f5:84:9f:16:6c:b7:7d:8f: 77:98:8b:6f:c3:88:ae:a1:8c:57:4e:c5:83:65:57: 82:82:5f:10:d2:8c:2c:a4:61:a7:6f:e0:8c:f6:bf: b3:8e:5b:81:50:fc:81:02:9e:0b:ca:7c:e6:72:0a: 52:19:2b:21:46:5b:97:03:0a:0e:e6:84:13:0a:b5: d6:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:8B:32:1F:A5:33:8E:31:C9:57:B2:6E:25:CC:6C:1E:77:53:10:13 X509v3 Authority Key Identifier: keyid:4E:98:4A:5A:4B:78:08:BB:4E:A3:2D:31:0B:DD:07:EC:C9:57:51:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TphKWkt4CLtOoy0xC90H7MlXURM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/41dec1-1eb1-49c7-9d50-ca595e34d5ac/1/Y4syH6UzjjHJV7JuJcxsHndTEBM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/41dec1-1eb1-49c7-9d50-ca595e34d5ac/1/TphKWkt4CLtOoy0xC90H7MlXURM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.157.88.0/21 46.231.248.0/21 178.248.168.0/21 185.44.136.0/22 IPv6: 2a02:bd0::/32 Signature Algorithm: sha256WithRSAEncryption 6c:e6:20:80:04:f3:0e:49:25:f4:f6:34:1b:45:8b:69:e3:0c: 94:94:a1:15:dd:17:35:99:e6:5a:54:8f:47:16:b1:25:26:c7: 91:1d:9a:c6:2d:e3:db:e5:41:93:e7:19:27:66:27:dd:c0:85: 52:97:30:f2:f3:67:75:19:2c:c2:bf:47:23:ff:5a:79:d4:fa: bf:81:e0:ff:bb:f4:d2:4d:aa:b4:61:24:a7:94:b3:31:c9:2b: 71:1e:49:4f:4a:d9:d9:80:06:90:8f:2f:34:26:13:f6:2e:24: fa:05:e6:0d:c3:02:2f:71:8c:ad:76:80:ef:6d:1e:90:cd:18: 64:1f:9f:43:e7:e7:06:0e:85:64:ba:d4:a8:3a:61:6e:38:94: 33:db:94:53:4b:ba:d9:26:63:0d:51:c5:79:9f:a9:ae:de:07: fd:ee:47:67:8b:e6:b8:d1:16:d5:de:b1:75:74:ad:c6:24:ff: 8c:5f:a9:d2:4c:be:41:42:55:64:8b:b6:ab:61:69:e1:07:a3: d2:d5:3c:a9:24:17:a0:4a:ec:ed:d4:15:ff:bb:1e:97:8c:8c: 4c:9e:06:3e:dd:41:91:04:21:a3:61:23:70:7c:f6:3c:b0:e8: 72:4d:5d:5d:11:96:a6:21:7f:b0:80:39:17:72:a0:b1:68:c0: 8d:76:ab:56 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt4NN069godgDQofnpYbOkTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlOTg0YTVhNGI3ODA4YmI0ZWEzMmQzMTBiZGQwN2VjYzk1 NzUxMTMwHhcNMjYwMTAxMDYxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MzhiMzIxZmE1MzM4ZTMxYzk1N2IyNmUyNWNjNmMxZTc3NTMxMDEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVXVVHkHH/8x8xm4ZMd6KjWuUZ6D jBK+WbOp0VAQ4LJflSzmCDjGIzMaK95ci9Zt2VP8oxluUlmRKJYPlZCHmax6ecMH Obxjp9tf8peTQEsXCezLHrHuMQPRkv/En7k2AThYZvpVMy2knfikAHNkMxqRqcea ZY6wg49rhF+cmLZqnzpJQ1C+dYFdzmUWE6pezoj3Q8hnRFwgQq+zX/eVt7akFKfi qKSUP4cX72r7DJOUyQ0nYa8pPPaq9YSfFmy3fY93mItvw4iuoYxXTsWDZVeCgl8Q 0owspGGnb+CM9r+zjluBUPyBAp4LynzmcgpSGSshRluXAwoO5oQTCrXWiQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFGOLMh+lM44xyVeybiXMbB53UxATMB8GA1UdIwQY MBaAFE6YSlpLeAi7TqMtMQvdB+zJV1ETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHBoS1drdDRDTHRPb3kweEM5MEg3TWxYVVJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80MWRlYzEtMWViMS00OWM3LTlkNTAt Y2E1OTVlMzRkNWFjLzEvWTRzeUg2VXpqakhKVjdKdUpjeHNIbmRURUJNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC80MWRlYzEtMWViMS00OWM3LTlkNTAtY2E1OTVlMzRkNWFj LzEvVHBoS1drdDRDTHRPb3kweEM5MEg3TWxYVVJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBZ1YAwQD Luf4AwQDsvioAwQCuSyIMA0EAgACMAcDBQAqAgvQMA0GCSqGSIb3DQEBCwUAA4IB AQBs5iCABPMOSSX09jQbRYtp4wyUlKEV3Rc1meZaVI9HFrElJseRHZrGLePb5UGT 5xknZifdwIVSlzDy82d1GSzCv0cj/1p51Pq/geD/u/TSTaq0YSSnlLMxyStxHklP StnZgAaQjy80JhP2LiT6BeYNwwIvcYytdoDvbR6QzRhkH59D5+cGDoVkutSoOmFu OJQz25RTS7rZJmMNUcV5n6mu3gf97kdni+a40RbV3rF1dK3GJP+MX6nSTL5BQlVk i7arYWnhB6PS1TypJBegSuzt1BX/ux6XjIxMngY+3UGRBCGjYSNwfPY8sOhyTV1d EZamIX+wgDkXcqCxaMCNdqtW -----END CERTIFICATE-----Generated at Mon Feb 9 22:37:14 2026 by rpki-client