This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/xY4otenPhOP0H70AgN8yfipmuag.roa File: xY4otenPhOP0H70AgN8yfipmuag.roa (raw, json) Hash identifier: j8oE81MNRmqQfvzLQxhYODVo2K+D9FqNssi/KIrbHB4= Subject key identifier: C5:8E:28:B5:E9:CF:84:E3:F4:1F:BD:00:80:DF:32:7E:2A:66:B9:A8 Certificate issuer: /CN=d3624e908c7498fdb613542753ef56c75cd704bd Certificate serial: 019B7E3789DE563A4341350DF79272D4E9F0 Authority key identifier: D3:62:4E:90:8C:74:98:FD:B6:13:54:27:53:EF:56:C7:5C:D7:04:BD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02JOkIx0mP22E1QnU-9Wx1zXBL0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/xY4otenPhOP0H70AgN8yfipmuag.roa Signing time: Fri 02 Jan 2026 10:18:47 +0000 ROA not before: Fri 02 Jan 2026 10:18:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8829 IP address blocks: 45.11.84.0/22 maxlen: 22 62.106.0.0/19 maxlen: 19 62.106.32.0/20 maxlen: 20 185.158.72.0/22 maxlen: 22 2a03:c80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.mft rsync://rpki.ripe.net/repository/DEFAULT/02JOkIx0mP22E1QnU-9Wx1zXBL0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:89:de:56:3a:43:41:35:0d:f7:92:72:d4:e9:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3624e908c7498fdb613542753ef56c75cd704bd Validity Not Before: Jan 2 10:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c58e28b5e9cf84e3f41fbd0080df327e2a66b9a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:80:c3:74:de:90:cd:9e:48:df:8f:1c:0a:0f: 1d:cd:63:78:97:41:1a:03:7a:57:c5:f4:6a:20:2e: 83:3a:58:42:a4:c6:84:39:19:32:86:fc:ee:78:77: 4c:a8:cf:57:5e:ea:b0:71:8f:0c:45:ae:5a:3f:73: 20:1e:13:18:3c:a8:af:c6:f8:ca:e5:e6:a4:ec:ad: 25:84:18:36:5f:d7:c7:4e:12:7d:48:99:c9:2e:4a: 52:8c:53:74:56:7c:3a:81:09:48:f4:bc:9b:a4:8c: 42:40:30:01:c0:b9:5d:37:25:f4:b9:a9:d4:6a:3d: 78:87:54:20:8e:cc:09:91:50:d0:89:57:48:89:45: 61:71:38:84:ea:48:7a:44:c9:8c:94:a6:ed:00:22: ad:a0:0b:d6:82:c7:46:51:34:2b:9b:02:b2:32:90: b2:d0:65:84:b0:16:f6:5b:0d:3a:9a:fa:3d:7e:cd: 1f:c8:62:6d:69:e9:23:bf:a6:f6:29:c2:10:47:3f: 9a:17:79:7b:cc:44:3a:36:08:a3:b8:5f:bc:c0:8b: d9:e4:58:08:45:f5:d5:f0:3b:c2:7e:cc:44:ff:f6: 1a:40:91:92:75:a2:6a:94:39:03:1d:84:a0:ce:b8: 27:51:a3:c9:d8:3d:cd:69:7c:de:95:79:8a:10:b9: 90:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:8E:28:B5:E9:CF:84:E3:F4:1F:BD:00:80:DF:32:7E:2A:66:B9:A8 X509v3 Authority Key Identifier: keyid:D3:62:4E:90:8C:74:98:FD:B6:13:54:27:53:EF:56:C7:5C:D7:04:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02JOkIx0mP22E1QnU-9Wx1zXBL0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/xY4otenPhOP0H70AgN8yfipmuag.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/42ef1b-10c7-4dac-9c13-6450f1841122/1/02JOkIx0mP22E1QnU-9Wx1zXBL0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.11.84.0/22 62.106.0.0-62.106.47.255 185.158.72.0/22 IPv6: 2a03:c80::/32 Signature Algorithm: sha256WithRSAEncryption 3e:21:36:f4:4b:db:90:97:d2:18:98:cd:a4:73:87:a8:7b:38: ed:91:0e:dc:e9:c6:27:bd:c9:fc:b1:7a:f7:9a:84:d0:e2:35: ea:7d:b7:42:a4:28:13:b0:14:33:97:84:56:93:f1:d5:82:13: ef:0a:92:4d:1f:54:0f:ce:c1:9b:45:45:72:4b:6f:bc:6e:72: 9e:2f:7a:ec:e6:67:da:a5:69:ee:88:5d:f2:89:ba:99:a6:d0: 79:54:a7:61:62:f9:f1:47:2e:58:d0:e0:19:ae:db:ed:0a:23: 53:61:30:bf:0b:32:24:14:9f:09:5e:1a:55:15:b5:1c:45:29: ee:fd:f1:89:8b:12:a6:e1:d9:49:85:a1:65:2d:1e:67:e5:aa: 52:b6:1f:1e:56:07:8c:83:b4:69:5c:6f:78:cc:3d:1a:d8:11: b4:de:e7:21:35:06:43:b2:4b:ea:36:b8:e0:34:e4:7e:6b:da: 86:5d:87:f2:60:56:8a:02:7a:07:fe:ed:9c:f0:2d:02:fc:f6: 17:7d:38:c2:c1:e4:e2:ea:df:f7:ec:56:0c:90:e5:26:ba:bc: 85:de:ec:f2:76:1c:bc:96:d8:03:4e:1a:6a:30:4b:0c:c8:cf: 71:0a:e0:96:10:51:ab:da:68:37:22:c5:a1:3e:48:3b:f7:c8: 5c:38:37:a4 -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZt+N4neVjpDQTUN95Jy1OnwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNjI0ZTkwOGM3NDk4ZmRiNjEzNTQyNzUzZWY1NmM3NWNk NzA0YmQwHhcNMjYwMTAyMTAxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNThlMjhiNWU5Y2Y4NGUzZjQxZmJkMDA4MGRmMzI3ZTJhNjZiOWE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4DDdN6QzZ5I348cCg8dzWN4l0Ea A3pXxfRqIC6DOlhCpMaEORkyhvzueHdMqM9XXuqwcY8MRa5aP3MgHhMYPKivxvjK 5eak7K0lhBg2X9fHThJ9SJnJLkpSjFN0Vnw6gQlI9LybpIxCQDABwLldNyX0uanU aj14h1QgjswJkVDQiVdIiUVhcTiE6kh6RMmMlKbtACKtoAvWgsdGUTQrmwKyMpCy 0GWEsBb2Ww06mvo9fs0fyGJtaekjv6b2KcIQRz+aF3l7zEQ6NgijuF+8wIvZ5FgI RfXV8DvCfsxE//YaQJGSdaJqlDkDHYSgzrgnUaPJ2D3NaXzelXmKELmQbQIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFMWOKLXpz4Tj9B+9AIDfMn4qZrmoMB8GA1UdIwQY MBaAFNNiTpCMdJj9thNUJ1PvVsdc1wS9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDJKT2tJeDBtUDIyRTFRblUtOVd4MXpYQkwwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC80MmVmMWItMTBjNy00ZGFjLTljMTMt NjQ1MGYxODQxMTIyLzEveFk0b3RlblBoT1AwSDcwQWdOOHlmaXBtdWFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC80MmVmMWItMTBjNy00ZGFjLTljMTMtNjQ1MGYxODQxMTIy LzEvMDJKT2tJeDBtUDIyRTFRblUtOVd4MXpYQkwwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAfBAIAATAZAwQCLQtUMAsD AwE+agMEBD5qIAMEArmeSDANBAIAAjAHAwUAKgMMgDANBgkqhkiG9w0BAQsFAAOC AQEAPiE29EvbkJfSGJjNpHOHqHs47ZEO3OnGJ73J/LF695qE0OI16n23QqQoE7AU M5eEVpPx1YIT7wqSTR9UD87Bm0VFcktvvG5yni967OZn2qVp7ohd8om6mabQeVSn YWL58UcuWNDgGa7b7QojU2EwvwsyJBSfCV4aVRW1HEUp7v3xiYsSpuHZSYWhZS0e Z+WqUrYfHlYHjIO0aVxveMw9GtgRtN7nITUGQ7JL6ja44DTkfmvahl2H8mBWigJ6 B/7tnPAtAvz2F304wsHk4urf9+xWDJDlJrq8hd7s8nYcvJbYA04aajBLDMjPcQrg lhBRq9poNyLFoT5IO/fIXDg3pA== -----END CERTIFICATE-----Generated at Mon Feb 9 18:44:40 2026 by rpki-client