This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/RyL4c5_NFeavotjlWc9ltdGX7O8.roa File: RyL4c5_NFeavotjlWc9ltdGX7O8.roa (raw, json) Hash identifier: dSsA+dzaiaqYnBINWY6V92uBT2cKWLJnMg9X5b/Herc= Subject key identifier: 47:22:F8:73:9F:CD:15:E6:AF:A2:D8:E5:59:CF:65:B5:D1:97:EC:EF Certificate issuer: /CN=0a8bca1a0e86448b73da54c42cb0d75765373f27 Certificate serial: 019B7BA373E02D437B3BFEDCE26A1BE41CE8 Authority key identifier: 0A:8B:CA:1A:0E:86:44:8B:73:DA:54:C4:2C:B0:D7:57:65:37:3F:27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CovKGg6GRItz2lTELLDXV2U3Pyc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/RyL4c5_NFeavotjlWc9ltdGX7O8.roa Signing time: Thu 01 Jan 2026 22:17:48 +0000 ROA not before: Thu 01 Jan 2026 22:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15600 IP address blocks: 37.35.112.0/21 maxlen: 24 46.255.168.0/21 maxlen: 24 77.239.32.0/19 maxlen: 24 185.74.112.0/22 maxlen: 22 2a00:d420::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/CovKGg6GRItz2lTELLDXV2U3Pyc.crl rsync://rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/CovKGg6GRItz2lTELLDXV2U3Pyc.mft rsync://rpki.ripe.net/repository/DEFAULT/CovKGg6GRItz2lTELLDXV2U3Pyc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:73:e0:2d:43:7b:3b:fe:dc:e2:6a:1b:e4:1c:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a8bca1a0e86448b73da54c42cb0d75765373f27 Validity Not Before: Jan 1 22:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4722f8739fcd15e6afa2d8e559cf65b5d197ecef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:ca:6d:47:28:94:ce:a4:2f:f6:df:aa:6d:98: 9d:57:f7:e8:48:19:4e:55:65:fa:1a:70:73:88:33: c8:4c:94:05:1e:96:2f:eb:3d:93:e6:08:fa:e7:14: b1:e1:ab:ec:b7:d0:38:40:4d:52:5b:95:67:28:71: 5a:a2:23:42:3c:3e:1d:d0:02:57:fe:0b:c7:c6:98: 5f:87:e6:c4:71:52:a6:38:37:87:d4:b5:a5:0d:c5: 98:d8:a6:b4:f4:97:b7:f0:f8:9f:44:3f:ca:91:d5: 21:1c:00:32:33:c7:70:3a:5a:cf:e6:8e:5b:61:a9: cc:fa:1a:23:7b:5d:12:d5:f5:50:31:19:6c:3a:14: b0:0f:d7:5b:7d:1b:f1:fa:a7:9c:bc:3f:c1:9a:67: 00:45:de:e8:71:db:10:fa:aa:6b:62:71:52:0c:14: c6:4c:ca:88:75:0a:82:eb:1b:e9:1c:f4:65:c6:ef: 8b:c7:dd:44:d5:9f:91:18:cc:d6:18:f3:ba:e2:69: d0:6a:b4:46:47:a2:76:10:46:2c:57:57:7e:5c:a9: e0:da:59:3a:bb:23:2b:b5:66:89:e0:c2:71:0e:d1: b7:f7:bd:ed:10:8d:4c:c4:1d:a6:fe:7f:14:6f:8a: 08:a4:6a:6b:8b:c9:64:61:fb:72:16:be:e4:65:e7: 64:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:22:F8:73:9F:CD:15:E6:AF:A2:D8:E5:59:CF:65:B5:D1:97:EC:EF X509v3 Authority Key Identifier: keyid:0A:8B:CA:1A:0E:86:44:8B:73:DA:54:C4:2C:B0:D7:57:65:37:3F:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CovKGg6GRItz2lTELLDXV2U3Pyc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/RyL4c5_NFeavotjlWc9ltdGX7O8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/186fd4-3c64-4dbf-a900-a799062589a3/1/CovKGg6GRItz2lTELLDXV2U3Pyc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.35.112.0/21 46.255.168.0/21 77.239.32.0/19 185.74.112.0/22 IPv6: 2a00:d420::/29 Signature Algorithm: sha256WithRSAEncryption 25:b0:20:b2:59:5c:0a:c6:06:e8:f2:d6:2f:f2:28:12:2d:24: 77:1a:d0:b2:38:7a:1d:34:c4:09:99:8a:cc:13:6e:f8:a7:a4: 11:e4:3a:16:bf:06:4b:36:cb:b8:cb:03:9f:c3:ea:b3:34:ca: 84:0f:62:ea:30:d4:fc:92:dd:f5:7e:02:28:8e:82:24:d0:67: 9d:b9:42:c1:c0:6e:65:58:a7:84:de:25:05:a7:c1:66:e6:83: 28:7f:05:a4:38:06:38:c1:e2:ef:3a:30:c5:01:3a:4c:e9:05: 22:25:7d:b3:8e:ac:e8:db:18:3b:c9:b7:8c:d2:4a:12:a6:30: 0b:20:84:5b:61:ed:63:1c:cc:dc:d3:b7:4d:57:c9:1c:4a:a8: 13:cb:ec:4d:c1:a6:39:a0:00:98:16:f7:eb:e0:c6:d0:89:18: db:47:2d:80:b7:ec:0e:0a:42:f2:14:77:2c:d2:f9:47:68:34: e4:26:75:ff:c6:5c:fa:1e:37:80:dd:5f:df:2f:ea:21:9c:85: c5:86:67:e2:aa:4d:01:1d:dc:22:e3:3b:88:b3:46:30:0a:01: aa:5c:cb:20:e1:f5:c5:eb:00:d8:e5:b2:ad:08:6f:41:b1:15: a9:12:c3:c8:af:63:d6:0b:8e:43:6b:d0:ee:dd:9d:d8:07:af: 1a:e0:e3:51 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt7o3PgLUN7O/7c4mob5BzoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhOGJjYTFhMGU4NjQ0OGI3M2RhNTRjNDJjYjBkNzU3NjUz NzNmMjcwHhcNMjYwMTAxMjIxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NzIyZjg3MzlmY2QxNWU2YWZhMmQ4ZTU1OWNmNjViNWQxOTdlY2VmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA78ptRyiUzqQv9t+qbZidV/foSBlO VWX6GnBziDPITJQFHpYv6z2T5gj65xSx4avst9A4QE1SW5VnKHFaoiNCPD4d0AJX /gvHxphfh+bEcVKmODeH1LWlDcWY2Ka09Je38PifRD/KkdUhHAAyM8dwOlrP5o5b YanM+hoje10S1fVQMRlsOhSwD9dbfRvx+qecvD/BmmcARd7ocdsQ+qprYnFSDBTG TMqIdQqC6xvpHPRlxu+Lx91E1Z+RGMzWGPO64mnQarRGR6J2EEYsV1d+XKng2lk6 uyMrtWaJ4MJxDtG3973tEI1MxB2m/n8Ub4oIpGpri8lkYftyFr7kZedkMQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFEci+HOfzRXmr6LY5VnPZbXRl+zvMB8GA1UdIwQY MBaAFAqLyhoOhkSLc9pUxCyw11dlNz8nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ292S0dnNkdSSXR6MmxURUxMRFhWMlUzUHljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8xODZmZDQtM2M2NC00ZGJmLWE5MDAt YTc5OTA2MjU4OWEzLzEvUnlMNGM1X05GZWF2b3RqbFdjOWx0ZEdYN084LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMC8xODZmZDQtM2M2NC00ZGJmLWE5MDAtYTc5OTA2MjU4OWEz LzEvQ292S0dnNkdSSXR6MmxURUxMRFhWMlUzUHljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJSNwAwQD Lv+oAwQFTe8gAwQCuUpwMA0EAgACMAcDBQMqANQgMA0GCSqGSIb3DQEBCwUAA4IB AQAlsCCyWVwKxgbo8tYv8igSLSR3GtCyOHodNMQJmYrME274p6QR5DoWvwZLNsu4 ywOfw+qzNMqED2LqMNT8kt31fgIojoIk0GeduULBwG5lWKeE3iUFp8Fm5oMofwWk OAY4weLvOjDFATpM6QUiJX2zjqzo2xg7ybeM0koSpjALIIRbYe1jHMzc07dNV8kc SqgTy+xNwaY5oACYFvfr4MbQiRjbRy2At+wOCkLyFHcs0vlHaDTkJnX/xlz6HjeA 3V/fL+ohnIXFhmfiqk0BHdwi4zuIs0YwCgGqXMsg4fXF6wDY5bKtCG9BsRWpEsPI r2PWC45Da9Du3Z3YB68a4ONR -----END CERTIFICATE-----Generated at Mon Jan 26 20:41:33 2026 by rpki-client