This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/bym9GRTaQWoyTuXrKo4RqKoL5XU.roa File: bym9GRTaQWoyTuXrKo4RqKoL5XU.roa (raw, json) Hash identifier: /U5VFGEjkXG97DPwKGp9iZ6D0eP8N7dLqjJVI4Njw9s= Subject key identifier: 6F:29:BD:19:14:DA:41:6A:32:4E:E5:EB:2A:8E:11:A8:AA:0B:E5:75 Certificate issuer: /CN=0f74e5af2fa7215ca469b27c1079f1ffd5fcaef8 Certificate serial: 019B7B3596EA81FF0A32D30736C30E437F12 Authority key identifier: 0F:74:E5:AF:2F:A7:21:5C:A4:69:B2:7C:10:79:F1:FF:D5:FC:AE:F8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D3Tlry-nIVykabJ8EHnx_9X8rvg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/bym9GRTaQWoyTuXrKo4RqKoL5XU.roa Signing time: Thu 01 Jan 2026 20:17:48 +0000 ROA not before: Thu 01 Jan 2026 20:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2559 IP address blocks: 198.217.240.0/24 maxlen: 24 198.217.241.0/24 maxlen: 24 198.217.242.0/24 maxlen: 24 198.217.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.crl rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.mft rsync://rpki.ripe.net/repository/DEFAULT/D3Tlry-nIVykabJ8EHnx_9X8rvg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:96:ea:81:ff:0a:32:d3:07:36:c3:0e:43:7f:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0f74e5af2fa7215ca469b27c1079f1ffd5fcaef8 Validity Not Before: Jan 1 20:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6f29bd1914da416a324ee5eb2a8e11a8aa0be575 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:fe:a6:5e:55:ef:9b:1d:c9:78:64:6e:d9:64: ba:84:9b:c9:45:4b:79:da:d6:df:d0:24:b9:20:5a: 64:1a:5f:b6:20:63:ad:6b:c6:1d:63:c9:0d:43:1c: 4d:fb:08:9f:ff:09:35:a2:00:11:25:34:00:8f:41: 2e:91:1e:7c:7c:c1:6e:1a:95:11:63:3a:ee:98:88: b0:43:38:7b:78:6c:e9:36:4b:bb:50:46:6e:0f:00: e7:08:ef:0f:a7:08:84:a3:07:8e:df:53:88:ee:5e: f1:d8:d9:41:08:d4:66:e3:c3:8a:30:7a:5d:94:3e: 98:59:58:4a:cb:5a:fc:94:f0:34:d0:55:ce:df:34: e7:06:ad:e3:5d:0a:d0:eb:a8:6a:c4:38:e0:01:cf: 59:06:ac:15:a8:24:fc:58:19:1e:51:aa:a0:ef:11: 4c:45:48:85:3d:04:52:42:e2:84:2f:35:56:00:93: 0a:f1:19:6e:5f:36:11:01:da:39:48:47:3b:4b:3b: f3:48:57:d6:31:2b:83:9d:8e:46:28:67:64:77:32: f4:d6:17:de:ed:64:df:8c:2e:10:3f:b8:29:ec:d9: 5a:71:63:cd:8a:d0:70:d6:49:38:04:15:a1:a1:5c: bf:2d:51:c8:d1:13:5d:d1:e7:c1:f1:e0:b6:7c:3a: 54:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:29:BD:19:14:DA:41:6A:32:4E:E5:EB:2A:8E:11:A8:AA:0B:E5:75 X509v3 Authority Key Identifier: keyid:0F:74:E5:AF:2F:A7:21:5C:A4:69:B2:7C:10:79:F1:FF:D5:FC:AE:F8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3Tlry-nIVykabJ8EHnx_9X8rvg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/bym9GRTaQWoyTuXrKo4RqKoL5XU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/49ace8-291d-4d4f-922e-eabcbc083f9b/1/D3Tlry-nIVykabJ8EHnx_9X8rvg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 198.217.240.0/22 Signature Algorithm: sha256WithRSAEncryption 6a:00:fe:27:c3:1b:f5:5e:86:e7:45:52:dc:c5:f9:2d:c3:1e: 29:17:2d:e2:15:b0:7d:a6:27:60:2c:3f:e1:6d:04:aa:6b:05: c9:6a:ad:f5:72:20:84:3b:0f:77:cf:0d:08:bb:78:62:79:e0: 42:54:94:d2:08:83:23:1d:b9:52:95:bf:89:b6:73:5c:cb:87: ba:c6:c2:bf:fa:22:83:bf:77:67:1a:7b:9c:e8:4a:f1:da:06: 00:66:fd:d5:a8:c7:72:83:80:44:8a:08:ea:c3:78:fd:e3:0d: 25:3e:52:c6:1d:ad:c7:c6:69:70:03:1d:08:6a:de:dc:34:4f: d5:e6:75:d8:34:33:c8:e8:38:c7:11:1f:54:b6:2d:c5:a3:db: c4:30:b4:90:2a:3d:66:a3:35:18:2f:71:83:7e:fb:39:0a:0e: 84:aa:35:28:e1:c4:ee:c3:29:c7:00:fa:c8:7d:a3:99:71:95: ad:89:70:b9:bf:8e:e7:9d:32:68:f0:af:6c:34:fd:e0:f4:8b: 9d:63:0f:7b:dd:0c:b3:d7:0c:ce:f7:d3:52:59:cc:22:eb:5f: 31:91:bd:2c:c8:a2:f3:b1:77:14:f6:3a:0a:81:d7:33:7a:1e: 95:7f:06:67:a9:c8:81:f7:8e:5a:45:73:00:fb:e3:02:e9:44: ce:e3:28:46 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7NZbqgf8KMtMHNsMOQ38SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmNzRlNWFmMmZhNzIxNWNhNDY5YjI3YzEwNzlmMWZmZDVm Y2FlZjgwHhcNMjYwMTAxMjAxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ZjI5YmQxOTE0ZGE0MTZhMzI0ZWU1ZWIyYThlMTFhOGFhMGJlNTc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv6mXlXvmx3JeGRu2WS6hJvJRUt5 2tbf0CS5IFpkGl+2IGOta8YdY8kNQxxN+wif/wk1ogARJTQAj0EukR58fMFuGpUR YzrumIiwQzh7eGzpNku7UEZuDwDnCO8PpwiEoweO31OI7l7x2NlBCNRm48OKMHpd lD6YWVhKy1r8lPA00FXO3zTnBq3jXQrQ66hqxDjgAc9ZBqwVqCT8WBkeUaqg7xFM RUiFPQRSQuKELzVWAJMK8RluXzYRAdo5SEc7SzvzSFfWMSuDnY5GKGdkdzL01hfe 7WTfjC4QP7gp7NlacWPNitBw1kk4BBWhoVy/LVHI0RNd0efB8eC2fDpUFwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFG8pvRkU2kFqMk7l6yqOEaiqC+V1MB8GA1UdIwQY MBaAFA905a8vpyFcpGmyfBB58f/V/K74MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDNUbHJ5LW5JVnlrYWJKOEVIbnhfOVg4cnZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80OWFjZTgtMjkxZC00ZDRmLTkyMmUt ZWFiY2JjMDgzZjliLzEvYnltOUdSVGFRV295VHVYcktvNFJxS29MNVhVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC80OWFjZTgtMjkxZC00ZDRmLTkyMmUtZWFiY2JjMDgzZjli LzEvRDNUbHJ5LW5JVnlrYWJKOEVIbnhfOVg4cnZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCxtnwMA0G CSqGSIb3DQEBCwUAA4IBAQBqAP4nwxv1XobnRVLcxfktwx4pFy3iFbB9pidgLD/h bQSqawXJaq31ciCEOw93zw0Iu3hieeBCVJTSCIMjHblSlb+JtnNcy4e6xsK/+iKD v3dnGnuc6Erx2gYAZv3VqMdyg4BEigjqw3j94w0lPlLGHa3HxmlwAx0Iat7cNE/V 5nXYNDPI6DjHER9Uti3Fo9vEMLSQKj1mozUYL3GDfvs5Cg6EqjUo4cTuwynHAPrI faOZcZWtiXC5v47nnTJo8K9sNP3g9IudYw973Qyz1wzO99NSWcwi618xkb0syKLz sXcU9joKgdczeh6VfwZnqciB945aRXMA++MC6UTO4yhG -----END CERTIFICATE-----Generated at Mon Jan 26 08:20:41 2026 by rpki-client