This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/4ryD7ofmQrN3Mqeu7FPqqWRiYsE.roa File: 4ryD7ofmQrN3Mqeu7FPqqWRiYsE.roa (raw, json) Hash identifier: q+5ychHqPBM+eMaL8WGUlpDBY/rhlRPXMm2CsfC21Bk= Subject key identifier: E2:BC:83:EE:87:E6:42:B3:77:32:A7:AE:EC:53:EA:A9:64:62:62:C1 Certificate issuer: /CN=40f872e4cdb07d6839147e43a4a419bc84ba3214 Certificate serial: 019B78A241280BFEB89B185EDEA0ED207EDD Authority key identifier: 40:F8:72:E4:CD:B0:7D:68:39:14:7E:43:A4:A4:19:BC:84:BA:32:14 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/4ryD7ofmQrN3Mqeu7FPqqWRiYsE.roa Signing time: Thu 01 Jan 2026 08:17:37 +0000 ROA not before: Thu 01 Jan 2026 08:17:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15739 IP address blocks: 185.91.96.0/23 maxlen: 24 185.91.97.0/24 maxlen: 24 185.91.98.0/23 maxlen: 24 185.91.98.0/24 maxlen: 24 2a05:e380::/29 maxlen: 29 2a05:e380:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.crl rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.mft rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 08:19:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:41:28:0b:fe:b8:9b:18:5e:de:a0:ed:20:7e:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40f872e4cdb07d6839147e43a4a419bc84ba3214 Validity Not Before: Jan 1 08:17:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e2bc83ee87e642b37732a7aeec53eaa9646262c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:fd:ea:99:a3:c4:11:41:42:77:c8:f3:e9:1f: 3a:6a:89:fb:53:2a:9d:3e:8d:82:74:af:09:71:07: e8:f7:02:16:29:67:3d:e4:10:b0:f7:04:32:8c:ec: eb:b5:f4:74:95:e4:fc:5d:db:c5:07:71:8c:a3:5c: 43:90:46:1a:8e:1b:9b:16:0e:ec:bf:09:f4:db:28: 02:e7:fe:3e:a1:90:01:cb:d0:6f:8b:88:c6:bc:e3: 7f:5e:aa:93:43:d1:ea:25:2c:5f:c8:9e:b7:98:20: 70:6a:a9:8d:89:b1:0f:a9:69:a0:60:a7:0c:81:82: c3:8e:c2:ab:21:74:7b:54:bf:c2:b1:c9:f6:5c:87: 31:c8:ec:a7:a4:f0:b6:93:f7:b0:87:a7:b3:12:8a: b9:de:0b:05:08:99:52:78:29:d8:49:99:ce:70:44: 5a:d1:76:8d:e4:b8:06:ad:04:44:b4:50:13:88:e7: b0:ca:3f:30:23:e4:cb:dd:0a:0b:d5:d9:bb:da:8b: 7a:41:08:68:9f:4a:5f:a3:43:2a:ec:5b:f3:f1:9e: ef:e6:5c:8b:ba:c9:59:04:6f:f3:5d:d1:f9:ec:2e: 12:d3:e5:a6:a5:05:9a:2b:e8:c0:3b:e0:ca:f4:5c: 03:e9:63:63:13:97:75:77:17:a6:a8:8b:bd:58:c1: 07:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:BC:83:EE:87:E6:42:B3:77:32:A7:AE:EC:53:EA:A9:64:62:62:C1 X509v3 Authority Key Identifier: keyid:40:F8:72:E4:CD:B0:7D:68:39:14:7E:43:A4:A4:19:BC:84:BA:32:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/4ryD7ofmQrN3Mqeu7FPqqWRiYsE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5c92d5-a7eb-4929-ae19-da138ade222b/1/QPhy5M2wfWg5FH5DpKQZvIS6MhQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.91.96.0/22 IPv6: 2a05:e380::/29 Signature Algorithm: sha256WithRSAEncryption b8:57:66:6f:fe:71:f3:91:4c:c7:95:71:de:b4:09:76:eb:00: 3a:5d:9a:d5:fc:87:96:35:f3:26:4c:57:d4:40:47:d4:a9:de: 94:f2:a3:94:00:d1:6d:55:68:7c:24:4a:1a:b2:ae:3d:3d:cb: c4:1e:15:cf:da:53:e5:59:0a:1f:91:4b:1b:b5:00:bb:96:5c: c5:a9:83:5f:e3:f2:84:11:a1:c6:b8:83:40:d8:68:61:e0:cc: 42:01:1a:65:62:af:b5:4e:64:c1:c2:2c:16:9c:b4:31:34:d8: a8:13:27:81:f7:a6:0f:e7:77:fb:a4:d6:2e:60:bc:68:96:1f: e0:52:ef:01:fe:d7:26:68:3a:0b:34:55:8f:dd:82:88:4d:a3: b1:c7:c4:61:e1:21:e6:a5:12:2c:96:a3:61:9e:7d:ba:d0:2e: ad:27:53:72:92:2b:06:10:f4:3a:7f:af:93:57:23:91:43:d7: d4:42:a8:6e:60:1d:38:12:ba:d4:a6:d5:bb:cd:1c:cc:a2:e2: f2:ed:54:19:d6:60:a1:fd:1b:f7:d3:7b:8f:a9:0c:b8:2f:1d: 7b:66:f3:1a:49:96:a5:4b:ab:55:25:6d:de:f3:c3:5e:46:ad: 19:ad:f4:7c:42:a5:19:82:21:a6:46:a1:e1:4f:a2:49:9b:c4: 69:00:c7:ce -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4okEoC/64mxhe3qDtIH7dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwZjg3MmU0Y2RiMDdkNjgzOTE0N2U0M2E0YTQxOWJjODRi YTMyMTQwHhcNMjYwMTAxMDgxNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMmJjODNlZTg3ZTY0MmIzNzczMmE3YWVlYzUzZWFhOTY0NjI2MmMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0v3qmaPEEUFCd8jz6R86aon7Uyqd Po2CdK8JcQfo9wIWKWc95BCw9wQyjOzrtfR0leT8XdvFB3GMo1xDkEYajhubFg7s vwn02ygC5/4+oZABy9Bvi4jGvON/XqqTQ9HqJSxfyJ63mCBwaqmNibEPqWmgYKcM gYLDjsKrIXR7VL/Cscn2XIcxyOynpPC2k/ewh6ezEoq53gsFCJlSeCnYSZnOcERa 0XaN5LgGrQREtFATiOewyj8wI+TL3QoL1dm72ot6QQhon0pfo0Mq7Fvz8Z7v5lyL uslZBG/zXdH57C4S0+WmpQWaK+jAO+DK9FwD6WNjE5d1dxemqIu9WMEHRwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFOK8g+6H5kKzdzKnruxT6qlkYmLBMB8GA1UdIwQY MBaAFED4cuTNsH1oORR+Q6SkGbyEujIUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVBoeTVNMndmV2c1Rkg1RHBLUVp2SVM2TWhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC81YzkyZDUtYTdlYi00OTI5LWFlMTkt ZGExMzhhZGUyMjJiLzEvNHJ5RDdvZm1Rck4zTXFldTdGUHFxV1JpWXNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC81YzkyZDUtYTdlYi00OTI5LWFlMTktZGExMzhhZGUyMjJi LzEvUVBoeTVNMndmV2c1Rkg1RHBLUVp2SVM2TWhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVtgMA0E AgACMAcDBQMqBeOAMA0GCSqGSIb3DQEBCwUAA4IBAQC4V2Zv/nHzkUzHlXHetAl2 6wA6XZrV/IeWNfMmTFfUQEfUqd6U8qOUANFtVWh8JEoasq49PcvEHhXP2lPlWQof kUsbtQC7llzFqYNf4/KEEaHGuINA2Ghh4MxCARplYq+1TmTBwiwWnLQxNNioEyeB 96YP53f7pNYuYLxolh/gUu8B/tcmaDoLNFWP3YKITaOxx8Rh4SHmpRIslqNhnn26 0C6tJ1NykisGEPQ6f6+TVyORQ9fUQqhuYB04ErrUptW7zRzMouLy7VQZ1mCh/Rv3 03uPqQy4Lx17ZvMaSZalS6tVJW3e88NeRq0ZrfR8QqUZgiGmRqHhT6JJm8RpAMfO -----END CERTIFICATE-----Generated at Thu Jan 1 14:06:42 2026 by rpki-client