This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/YARBLfUZ9k_hQNuqCW-GW04WaQI.roa File: YARBLfUZ9k_hQNuqCW-GW04WaQI.roa (raw, json) Hash identifier: YYeeEXSa0og2pjEcv4jU32lCZBeHpaJXhmkA+TmvUbg= Subject key identifier: 60:04:41:2D:F5:19:F6:4F:E1:40:DB:AA:09:6F:86:5B:4E:16:69:02 Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2 Certificate serial: 019B7834A0654B97CC1331831BB432D392C2 Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/YARBLfUZ9k_hQNuqCW-GW04WaQI.roa Signing time: Thu 01 Jan 2026 06:17:53 +0000 ROA not before: Thu 01 Jan 2026 06:17:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 398826 IP address blocks: 104.160.18.0/24 maxlen: 24 104.160.19.0/24 maxlen: 24 104.160.20.0/24 maxlen: 24 104.160.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:a0:65:4b:97:cc:13:31:83:1b:b4:32:d3:92:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2 Validity Not Before: Jan 1 06:17:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6004412df519f64fe140dbaa096f865b4e166902 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:de:3d:d8:1d:16:c7:9c:84:50:c3:71:89:ec: 74:e1:a4:fd:db:57:51:ce:18:89:18:22:0f:0f:6a: a2:81:bc:4f:3d:44:c9:14:23:ad:e5:78:b3:0f:34: 27:f9:ed:11:28:b4:91:50:b7:5f:fa:bc:4b:97:0a: 9a:72:95:b2:51:d1:e1:44:52:d5:9b:53:c5:97:cd: 34:8b:88:70:c5:68:92:93:30:ce:f5:e0:9e:06:7e: 3f:b2:12:92:9f:03:66:38:45:b3:7b:9d:46:46:1a: df:93:05:0d:d3:36:cf:09:f9:81:4a:2c:1e:bb:7e: 66:14:2e:fa:1b:2b:b0:4d:d7:3a:4a:df:cc:15:85: 94:6f:70:9d:4a:e5:70:6c:4b:c1:95:e0:19:b9:fd: 4f:c3:bc:93:ae:ab:4a:b2:ce:d0:35:cf:bf:33:18: ad:8b:67:72:dd:7b:2c:bb:f7:1d:61:1c:27:c4:76: 24:98:e3:d3:c0:0d:d5:22:9f:83:ef:e6:db:45:b6: d2:c9:11:a8:cf:0a:2b:72:79:2c:01:ae:33:f5:22: ec:b1:d1:4d:60:2a:67:cd:ac:59:00:f7:79:57:4b: 89:8b:ef:20:c3:b8:1b:09:72:33:63:98:2f:80:f2: d0:f0:e5:72:24:d7:05:42:cf:4f:5e:37:11:25:42: 59:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:04:41:2D:F5:19:F6:4F:E1:40:DB:AA:09:6F:86:5B:4E:16:69:02 X509v3 Authority Key Identifier: keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/YARBLfUZ9k_hQNuqCW-GW04WaQI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.160.18.0-104.160.21.255 Signature Algorithm: sha256WithRSAEncryption 5f:87:30:95:c1:b5:bc:f1:12:20:ad:07:da:f8:ea:af:0c:e5: 3c:cd:c3:47:a1:b9:4e:15:03:ab:8e:e3:c4:0f:03:f6:16:13: 13:9a:6a:66:f6:4f:ad:44:bc:dc:ea:81:5a:76:1a:c3:56:5a: cf:8f:83:00:68:b7:bc:a8:22:d9:9c:08:d9:15:62:b4:97:34: e6:43:1f:2f:80:da:01:02:1b:41:ee:98:51:08:5a:db:e4:90: 8d:0c:90:d2:35:44:e0:c4:16:48:a1:02:8a:89:2a:1a:c4:85: c4:d4:8f:3d:51:e0:05:c6:3f:37:b0:46:42:77:be:d1:f0:81: e7:58:22:84:cd:02:e9:e9:c2:25:ec:e5:ec:2e:81:c0:6a:a0: 45:c2:3f:b7:40:5e:cf:44:20:37:ae:b5:8d:8a:43:16:9c:b8: 33:b4:f9:01:41:4d:a3:e7:30:aa:ca:ad:7d:19:55:03:e1:4b: 79:e4:4b:ba:5e:aa:8c:2b:e8:7d:5b:09:ef:12:89:27:e6:26: 76:2e:61:5a:94:6a:de:26:92:d8:bc:14:c7:ea:6e:a1:a3:f9: 0d:ab:5e:bd:f4:b5:89:74:aa:f2:f9:74:53:5d:5f:17:ee:af: d8:87:bd:34:5a:0d:fa:92:d6:85:e2:1f:ee:12:93:f2:e7:e4: d2:9c:91:06 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt4NKBlS5fMEzGDG7Qy05LCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy MDdmZDIwHhcNMjYwMTAxMDYxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MDA0NDEyZGY1MTlmNjRmZTE0MGRiYWEwOTZmODY1YjRlMTY2OTAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA69492B0Wx5yEUMNxiex04aT921dR zhiJGCIPD2qigbxPPUTJFCOt5XizDzQn+e0RKLSRULdf+rxLlwqacpWyUdHhRFLV m1PFl800i4hwxWiSkzDO9eCeBn4/shKSnwNmOEWze51GRhrfkwUN0zbPCfmBSiwe u35mFC76GyuwTdc6St/MFYWUb3CdSuVwbEvBleAZuf1Pw7yTrqtKss7QNc+/Mxit i2dy3Xssu/cdYRwnxHYkmOPTwA3VIp+D7+bbRbbSyRGozworcnksAa4z9SLssdFN YCpnzaxZAPd5V0uJi+8gw7gbCXIzY5gvgPLQ8OVyJNcFQs9PXjcRJUJZKwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFGAEQS31GfZP4UDbqglvhltOFmkCMB8GA1UdIwQY MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt MTVmMTNlM2Y3ZDg1LzEvWUFSQkxmVVo5a19oUU51cUNXLUdXMDRXYVFJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1 LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAFooBID BAFooBQwDQYJKoZIhvcNAQELBQADggEBAF+HMJXBtbzxEiCtB9r46q8M5TzNw0eh uU4VA6uO48QPA/YWExOaamb2T61EvNzqgVp2GsNWWs+PgwBot7yoItmcCNkVYrSX NOZDHy+A2gECG0HumFEIWtvkkI0MkNI1RODEFkihAoqJKhrEhcTUjz1R4AXGPzew RkJ3vtHwgedYIoTNAunpwiXs5ewugcBqoEXCP7dAXs9EIDeutY2KQxacuDO0+QFB TaPnMKrKrX0ZVQPhS3nkS7peqowr6H1bCe8SiSfmJnYuYVqUat4mkti8FMfqbqGj +Q2rXr30tYl0qvL5dFNdXxfur9iHvTRaDfqS1oXiH+4Sk/Ln5NKckQY= -----END CERTIFICATE-----Generated at Sun Jan 25 22:16:30 2026 by rpki-client