This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/4ZM_NkLGnwTeIz13poSrqEXJQVY.roa File: 4ZM_NkLGnwTeIz13poSrqEXJQVY.roa (raw, json) Hash identifier: +7kz+vGEZauHKMTS/iyE4xlukZjS1oS+EfnKTKve9ZU= Subject key identifier: E1:93:3F:36:42:C6:9F:04:DE:23:3D:77:A6:84:AB:A8:45:C9:41:56 Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56 Certificate serial: 019B7C805181B9C7D4E25FB7D407B22B8996 Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/4ZM_NkLGnwTeIz13poSrqEXJQVY.roa Signing time: Fri 02 Jan 2026 02:19:02 +0000 ROA not before: Fri 02 Jan 2026 02:19:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41718 IP address blocks: 194.156.120.0/24 maxlen: 24 194.156.121.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 21:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:51:81:b9:c7:d4:e2:5f:b7:d4:07:b2:2b:89:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56 Validity Not Before: Jan 2 02:19:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e1933f3642c69f04de233d77a684aba845c94156 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:92:de:64:f2:ec:31:18:ee:2c:df:97:0d:f0: 2a:5d:f6:77:18:b3:3d:26:0f:8b:23:97:b2:fb:7c: 39:4e:d2:2f:33:ba:31:e0:08:01:11:cf:f0:e2:d0: 92:39:11:d8:c4:5e:77:fa:34:e5:42:29:89:55:02: ad:f9:47:b9:3f:7c:5f:e3:79:44:e6:07:4a:84:07: 96:de:f5:a4:8e:c1:a7:c9:3f:11:af:06:88:64:c9: 82:80:6b:80:75:e1:9f:d6:be:c4:25:20:12:67:72: e7:60:01:f1:85:8b:77:a8:13:b4:6e:b1:4e:fb:90: 66:0f:db:eb:0e:7a:1d:73:e3:f5:eb:0e:7e:fa:aa: ce:c4:88:c6:24:2e:5a:b3:ab:02:e4:8f:64:d1:59: b7:e2:82:83:ff:9c:56:cc:36:d4:cc:85:1c:ab:84: c6:0c:da:33:f0:12:80:97:45:44:07:da:59:fe:aa: 56:d6:ef:93:54:67:24:e1:74:b1:10:68:61:6f:eb: 20:10:47:67:56:1f:fd:ba:81:8b:3a:c2:0c:0b:8e: 26:23:97:e8:8c:7a:1c:29:01:1e:c2:11:bc:67:57: dd:2f:8c:20:5d:05:73:10:8f:03:2f:5f:87:2d:c6: 16:90:9a:43:de:be:c1:e7:ad:4d:b2:38:2f:ec:c2: 5a:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:93:3F:36:42:C6:9F:04:DE:23:3D:77:A6:84:AB:A8:45:C9:41:56 X509v3 Authority Key Identifier: keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/4ZM_NkLGnwTeIz13poSrqEXJQVY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.156.120.0/23 Signature Algorithm: sha256WithRSAEncryption 2c:e6:68:fa:ac:76:9c:d8:93:e8:0c:b1:3b:ce:cf:6e:4b:87: eb:16:3e:f3:be:73:5a:8b:3b:6f:c3:9f:5e:c0:ab:cb:5d:16: 2b:11:5d:a7:d1:3f:b3:c8:38:2b:f0:dd:c1:d6:21:b4:7d:f0: 1c:fe:82:5a:b7:25:f3:42:36:01:7b:92:e1:fe:03:a5:5b:71: b9:af:70:65:82:cf:26:18:51:05:c7:9a:ca:9f:ac:46:b4:74: 4a:75:3e:c6:8f:25:dd:19:51:f8:84:fc:36:f4:a0:b7:bf:c6: 2d:49:fd:a8:aa:d7:97:75:26:ad:b1:29:e3:4c:33:28:ae:b7: 90:a8:30:8f:d7:a6:36:06:13:d2:92:da:0d:42:96:39:9e:a2: 2f:a6:35:11:52:d1:d2:9f:ee:3b:35:34:73:21:8a:59:dc:3f: 92:16:dd:fe:05:2f:c5:66:bc:b2:2d:c5:31:06:c6:9e:f6:ca: c6:dd:63:cf:df:f4:0f:71:82:14:db:1f:2b:7f:fd:8f:1e:a8: 10:9f:49:a4:85:1d:8e:c2:78:a8:0f:b6:12:b2:9d:cf:eb:f5: 37:59:22:9b:d4:d7:d6:55:c2:0b:93:27:97:49:de:5c:b2:fb: aa:f3:ff:8e:a6:ec:cd:40:2e:36:81:90:6b:92:39:3e:1d:83: 3c:db:d9:ae -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8gFGBucfU4l+31AeyK4mWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0 ZjVlNTYwHhcNMjYwMTAyMDIxOTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMTkzM2YzNjQyYzY5ZjA0ZGUyMzNkNzdhNjg0YWJhODQ1Yzk0MTU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5LeZPLsMRjuLN+XDfAqXfZ3GLM9 Jg+LI5ey+3w5TtIvM7ox4AgBEc/w4tCSORHYxF53+jTlQimJVQKt+Ue5P3xf43lE 5gdKhAeW3vWkjsGnyT8RrwaIZMmCgGuAdeGf1r7EJSASZ3LnYAHxhYt3qBO0brFO +5BmD9vrDnodc+P16w5++qrOxIjGJC5as6sC5I9k0Vm34oKD/5xWzDbUzIUcq4TG DNoz8BKAl0VEB9pZ/qpW1u+TVGck4XSxEGhhb+sgEEdnVh/9uoGLOsIMC44mI5fo jHocKQEewhG8Z1fdL4wgXQVzEI8DL1+HLcYWkJpD3r7B561Nsjgv7MJaTwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOGTPzZCxp8E3iM9d6aEq6hFyUFWMB8GA1UdIwQY MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt YmE5OGYxMTIyMTIxLzEvNFpNX05rTEdud1RlSXoxM3BvU3JxRVhKUVZZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpx4MA0G CSqGSIb3DQEBCwUAA4IBAQAs5mj6rHac2JPoDLE7zs9uS4frFj7zvnNaiztvw59e wKvLXRYrEV2n0T+zyDgr8N3B1iG0ffAc/oJatyXzQjYBe5Lh/gOlW3G5r3Blgs8m GFEFx5rKn6xGtHRKdT7GjyXdGVH4hPw29KC3v8YtSf2oqteXdSatsSnjTDMorreQ qDCP16Y2BhPSktoNQpY5nqIvpjURUtHSn+47NTRzIYpZ3D+SFt3+BS/FZryyLcUx Bsae9srG3WPP3/QPcYIU2x8rf/2PHqgQn0mkhR2OwnioD7YSsp3P6/U3WSKb1NfW VcILkyeXSd5csvuq8/+OpuzNQC42gZBrkjk+HYM829mu -----END CERTIFICATE-----Generated at Sat Jan 10 03:56:10 2026 by rpki-client