This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/yFiL8tkuuqorOSaLviO55mABZbI.roa File: yFiL8tkuuqorOSaLviO55mABZbI.roa (raw, json) Hash identifier: Vpu8MbqdOIdKwRCgwYwu57X5qicUb04b2OcX0uiebwg= Subject key identifier: C8:58:8B:F2:D9:2E:BA:AA:2B:39:26:8B:BE:23:B9:E6:60:01:65:B2 Certificate issuer: /CN=01a56c42ed7cb963f285503cec0606d60d0ab387 Certificate serial: 019BEA0A6CDEF3823F8A44044078145BD56A Authority key identifier: 01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/yFiL8tkuuqorOSaLviO55mABZbI.roa Signing time: Fri 23 Jan 2026 08:48:30 +0000 ROA not before: Fri 23 Jan 2026 08:48:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 28676 IP address blocks: 91.245.216.0/23 maxlen: 23 93.95.128.0/21 maxlen: 21 178.250.160.0/21 maxlen: 21 185.158.156.0/22 maxlen: 22 185.169.128.0/22 maxlen: 22 188.172.112.0/20 maxlen: 20 195.64.132.0/23 maxlen: 23 2a00:1f08::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ea:0a:6c:de:f3:82:3f:8a:44:04:40:78:14:5b:d5:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01a56c42ed7cb963f285503cec0606d60d0ab387 Validity Not Before: Jan 23 08:48:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c8588bf2d92ebaaa2b39268bbe23b9e6600165b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d8:64:37:c7:58:5c:4b:7c:30:2c:34:8f:6f: 62:46:c7:f8:af:c1:5b:39:02:cb:1f:74:e0:84:f0: 5e:7a:26:00:ef:52:8f:e6:14:07:68:f8:8d:46:ca: 11:f6:4a:19:be:a1:b7:da:24:8d:a5:34:6c:cf:02: dc:b1:fe:07:a8:52:25:e7:51:1e:7f:09:a9:43:76: ec:f4:f6:d5:47:94:2a:80:9e:f6:9f:90:92:05:c1: 06:ec:78:e6:de:cd:08:70:1a:b1:b7:80:db:b3:8e: 74:f0:f3:47:e2:76:68:da:11:cb:48:55:c6:53:3d: 58:7c:8b:0a:28:c1:3e:25:bc:c7:42:c5:65:1f:08: da:0b:fa:ec:ad:c0:51:a9:2b:b1:b6:df:58:8f:cb: 73:00:6a:b4:32:21:fc:96:2a:e5:d8:a6:2a:0e:e8: f4:26:89:0a:c2:34:a7:5f:5a:35:4f:f5:a2:33:cc: f9:5b:18:33:28:78:73:13:26:d4:79:55:37:a1:34: 05:24:89:01:05:be:2f:3e:54:fe:f7:55:83:c6:7f: 39:2d:55:7b:d7:6f:49:10:e1:c8:fa:f6:f2:73:df: cc:e0:40:c7:4a:d6:93:c9:4c:22:68:b2:d0:86:27: f4:55:54:81:6e:c7:30:9d:91:11:9c:2e:88:15:71: 88:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:58:8B:F2:D9:2E:BA:AA:2B:39:26:8B:BE:23:B9:E6:60:01:65:B2 X509v3 Authority Key Identifier: keyid:01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/yFiL8tkuuqorOSaLviO55mABZbI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.245.216.0/23 93.95.128.0/21 178.250.160.0/21 185.158.156.0/22 185.169.128.0/22 188.172.112.0/20 195.64.132.0/23 IPv6: 2a00:1f08::/32 Signature Algorithm: sha256WithRSAEncryption 6e:48:6f:6c:8e:c7:e7:07:ae:4b:a1:3c:dd:33:4d:b6:80:bb: 19:c2:0e:5e:4c:23:c2:5c:e5:f3:c1:8b:ea:da:fe:48:d7:0c: fe:9b:09:97:17:83:d4:1f:71:f8:c3:aa:71:e8:c5:32:46:fb: aa:4c:9b:0e:97:0b:e2:b9:06:1f:65:e0:f7:1d:16:e8:47:b1: 17:58:e1:45:3e:7b:a6:b1:1e:3f:7f:44:59:21:f2:bb:22:5b: 4e:fd:f4:1f:62:e1:db:e6:d7:1e:28:25:e3:1c:df:26:ca:c1: 0f:f3:ae:f8:15:71:5c:55:ba:9e:dc:d0:46:f7:6b:4e:41:35: 2a:3c:34:73:17:b9:3f:4e:ae:0b:91:d7:d4:0f:7b:fb:dd:8f: 34:d4:2a:8f:ed:0d:cd:c3:36:6f:a5:19:ab:1c:30:b6:68:30: 32:b2:bc:b8:15:1c:30:85:e9:68:0d:c4:90:cf:58:af:02:83: 0d:36:63:e4:57:bd:7d:71:c8:f6:5b:6f:e2:ee:e3:ad:64:9e: 0c:27:0a:e5:5e:ce:99:95:1a:6c:07:05:e2:2c:5d:87:b9:e4: 9a:0b:65:ee:55:cc:c2:5d:67:af:25:9c:a1:dd:7b:09:c1:74: c1:84:4e:23:ee:f6:ad:d2:31:f6:2a:21:8d:d9:16:e6:34:f4: db:9a:8e:e0 -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISAZvqCmze84I/ikQEQHgUW9VqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxYTU2YzQyZWQ3Y2I5NjNmMjg1NTAzY2VjMDYwNmQ2MGQw YWIzODcwHhcNMjYwMTIzMDg0ODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjODU4OGJmMmQ5MmViYWFhMmIzOTI2OGJiZTIzYjllNjYwMDE2NWIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydhkN8dYXEt8MCw0j29iRsf4r8Fb OQLLH3TghPBeeiYA71KP5hQHaPiNRsoR9koZvqG32iSNpTRszwLcsf4HqFIl51Ee fwmpQ3bs9PbVR5QqgJ72n5CSBcEG7Hjm3s0IcBqxt4Dbs4508PNH4nZo2hHLSFXG Uz1YfIsKKME+JbzHQsVlHwjaC/rsrcBRqSuxtt9Yj8tzAGq0MiH8lirl2KYqDuj0 JokKwjSnX1o1T/WiM8z5WxgzKHhzEybUeVU3oTQFJIkBBb4vPlT+91WDxn85LVV7 129JEOHI+vbyc9/M4EDHStaTyUwiaLLQhif0VVSBbscwnZERnC6IFXGIrQIDAQAB o4ICPDCCAjgwHQYDVR0OBBYEFMhYi/LZLrqqKzkmi74jueZgAWWyMB8GA1UdIwQY MBaAFAGlbELtfLlj8oVQPOwGBtYNCrOHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMt ZWQwN2Y1Y2FkNmQ3LzEveUZpTDh0a3V1cW9yT1NhTHZpTzU1bUFCWmJJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMtZWQwN2Y1Y2FkNmQ3 LzEvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQBW/XYAwQD XV+AAwQDsvqgAwQCuZ6cAwQCuamAAwQEvKxwAwQBw0CEMA0EAgACMAcDBQAqAB8I MA0GCSqGSIb3DQEBCwUAA4IBAQBuSG9sjsfnB65LoTzdM022gLsZwg5eTCPCXOXz wYvq2v5I1wz+mwmXF4PUH3H4w6px6MUyRvuqTJsOlwviuQYfZeD3HRboR7EXWOFF PnumsR4/f0RZIfK7IltO/fQfYuHb5tceKCXjHN8mysEP8674FXFcVbqe3NBG92tO QTUqPDRzF7k/Tq4LkdfUD3v73Y801CqP7Q3NwzZvpRmrHDC2aDAysry4FRwwhelo DcSQz1ivAoMNNmPkV719ccj2W2/i7uOtZJ4MJwrlXs6ZlRpsBwXiLF2HueSaC2Xu VczCXWevJZyh3XsJwXTBhE4j7vat0jH2KiGN2RbmNPTbmo7g -----END CERTIFICATE-----Generated at Sun Jan 25 18:20:12 2026 by rpki-client