This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/yrl2S3xat8ckzqCZ6OkLRIpKb0o.roa File: yrl2S3xat8ckzqCZ6OkLRIpKb0o.roa (raw, json) Hash identifier: fYzKC9Wd0t1c3BjCgzHftWafmcX/7Uoyfs3cOFYYeNs= Subject key identifier: CA:B9:76:4B:7C:5A:B7:C7:24:CE:A0:99:E8:E9:0B:44:8A:4A:6F:4A Certificate issuer: /CN=b5026c9974092e220542401281f9bdfd356c2842 Certificate serial: 019B797E7E873A286DB794B2FD0644766B7E Authority key identifier: B5:02:6C:99:74:09:2E:22:05:42:40:12:81:F9:BD:FD:35:6C:28:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tQJsmXQJLiIFQkASgfm9_TVsKEI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/yrl2S3xat8ckzqCZ6OkLRIpKb0o.roa Signing time: Thu 01 Jan 2026 12:18:11 +0000 ROA not before: Thu 01 Jan 2026 12:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207925 IP address blocks: 193.143.226.0/24 maxlen: 24 2a10:8700::/32 maxlen: 32 2a10:8703::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/tQJsmXQJLiIFQkASgfm9_TVsKEI.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/tQJsmXQJLiIFQkASgfm9_TVsKEI.mft rsync://rpki.ripe.net/repository/DEFAULT/tQJsmXQJLiIFQkASgfm9_TVsKEI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:7e:87:3a:28:6d:b7:94:b2:fd:06:44:76:6b:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5026c9974092e220542401281f9bdfd356c2842 Validity Not Before: Jan 1 12:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cab9764b7c5ab7c724cea099e8e90b448a4a6f4a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:01:2c:75:66:e1:81:73:60:78:d1:b1:ae:6d: 47:4a:54:05:3e:d2:41:f7:a1:85:a9:56:d5:c7:6e: 2a:bf:8e:3b:14:f3:6c:55:51:f3:05:47:cf:f0:86: 66:a3:dc:bc:57:cc:48:77:ad:03:1a:ae:c2:ec:31: 4e:22:4d:f5:9f:ea:4f:2e:dd:0c:79:4d:76:d9:2f: 9a:39:33:5b:f4:fd:bd:7d:d2:09:04:a3:f7:f5:6f: 4d:b8:b1:aa:c0:dd:ac:04:3d:f3:4d:95:12:c6:eb: 4c:86:dd:1d:72:cf:89:cf:a7:12:19:a1:a7:90:37: e2:9e:05:92:86:ae:9c:31:1b:17:15:8c:bb:7c:5c: f0:5f:83:d9:27:da:d9:eb:54:f4:c8:c8:85:0a:7f: 52:ee:b0:12:ab:6a:21:62:67:e3:e6:d2:8c:b1:80: 15:e8:4f:eb:87:b1:4a:c2:37:fd:24:9a:bd:1b:11: bf:d4:9e:50:f9:85:d3:48:46:72:c3:ca:e7:8a:a7: fb:f0:62:0b:ae:8b:e0:df:f5:03:95:5f:c4:06:55: 47:95:57:c0:9a:21:57:59:1a:69:38:c2:d5:d4:2c: 1e:a2:13:e5:3a:bf:77:d1:fb:a4:34:c8:84:0c:59: 3b:08:e0:94:f0:4f:35:f1:ec:f3:e1:78:2d:3d:aa: fe:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:B9:76:4B:7C:5A:B7:C7:24:CE:A0:99:E8:E9:0B:44:8A:4A:6F:4A X509v3 Authority Key Identifier: keyid:B5:02:6C:99:74:09:2E:22:05:42:40:12:81:F9:BD:FD:35:6C:28:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQJsmXQJLiIFQkASgfm9_TVsKEI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/yrl2S3xat8ckzqCZ6OkLRIpKb0o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/af6232-a4f5-4244-9436-eea267a58494/1/tQJsmXQJLiIFQkASgfm9_TVsKEI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.143.226.0/24 IPv6: 2a10:8700::/32 2a10:8703::/32 Signature Algorithm: sha256WithRSAEncryption 0a:11:b9:ab:c4:7c:77:a5:06:ab:cb:57:55:03:a7:82:e2:7f: 4a:f5:b3:f9:33:f6:46:0c:d3:df:74:44:84:ee:33:44:0f:92: 74:db:e5:f2:44:18:31:1d:ff:87:97:ab:a0:f2:21:3f:1f:f1: 58:ab:46:2d:8d:67:96:ed:2d:37:39:fd:e2:62:c3:01:81:71: 33:83:02:27:59:e5:04:32:60:5a:9a:2b:a5:6d:69:f9:ad:13: ee:7a:57:84:44:8c:5d:ab:ed:0e:92:7d:69:b6:df:1b:04:50: 5c:22:90:5e:b5:f5:3e:66:8f:a3:b7:72:48:4a:0d:e5:a3:81: 41:c4:da:8c:d0:68:5b:e6:87:39:91:52:0f:b8:c8:a1:fe:b7: 51:27:47:a5:ac:0e:f6:7c:30:3d:78:22:5a:11:25:24:6e:c8: 51:0f:94:1d:00:2c:ed:ab:6d:0b:c4:6d:5c:2b:cc:ff:7e:40: c5:f4:15:78:84:76:7e:06:0d:7c:01:dd:71:b5:be:cf:4e:20: 92:bd:40:1e:97:23:4b:9c:e1:1d:db:19:1b:2a:ef:92:d2:fd: 46:ce:79:fc:09:79:14:14:6c:55:51:ea:80:2f:8c:ae:2e:5d: d9:d3:e9:ca:7d:32:76:f4:7c:da:0e:a0:f3:dc:24:96:e5:e4: 38:c0:d5:74 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt5fn6HOihtt5Sy/QZEdmt+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1MDI2Yzk5NzQwOTJlMjIwNTQyNDAxMjgxZjliZGZkMzU2 YzI4NDIwHhcNMjYwMTAxMTIxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYWI5NzY0YjdjNWFiN2M3MjRjZWEwOTllOGU5MGI0NDhhNGE2ZjRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQEsdWbhgXNgeNGxrm1HSlQFPtJB 96GFqVbVx24qv447FPNsVVHzBUfP8IZmo9y8V8xId60DGq7C7DFOIk31n+pPLt0M eU122S+aOTNb9P29fdIJBKP39W9NuLGqwN2sBD3zTZUSxutMht0dcs+Jz6cSGaGn kDfingWShq6cMRsXFYy7fFzwX4PZJ9rZ61T0yMiFCn9S7rASq2ohYmfj5tKMsYAV 6E/rh7FKwjf9JJq9GxG/1J5Q+YXTSEZyw8rniqf78GILrovg3/UDlV/EBlVHlVfA miFXWRppOMLV1CweohPlOr930fukNMiEDFk7COCU8E818ezz4XgtPar+WwIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFMq5dkt8WrfHJM6gmejpC0SKSm9KMB8GA1UdIwQY MBaAFLUCbJl0CS4iBUJAEoH5vf01bChCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFFKc21YUUpMaUlGUWtBU2dmbTlfVFZzS0VJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZjYyMzItYTRmNS00MjQ0LTk0MzYt ZWVhMjY3YTU4NDk0LzEveXJsMlMzeGF0OGNrenFDWjZPa0xSSXBLYjBvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9hZjYyMzItYTRmNS00MjQ0LTk0MzYtZWVhMjY3YTU4NDk0 LzEvdFFKc21YUUpMaUlGUWtBU2dmbTlfVFZzS0VJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAwY/iMBQE AgACMA4DBQAqEIcAAwUAKhCHAzANBgkqhkiG9w0BAQsFAAOCAQEAChG5q8R8d6UG q8tXVQOnguJ/SvWz+TP2RgzT33REhO4zRA+SdNvl8kQYMR3/h5eroPIhPx/xWKtG LY1nlu0tNzn94mLDAYFxM4MCJ1nlBDJgWporpW1p+a0T7npXhESMXavtDpJ9abbf GwRQXCKQXrX1PmaPo7dySEoN5aOBQcTajNBoW+aHOZFSD7jIof63USdHpawO9nww PXgiWhElJG7IUQ+UHQAs7attC8RtXCvM/35AxfQVeIR2fgYNfAHdcbW+z04gkr1A HpcjS5zhHdsZGyrvktL9Rs55/Al5FBRsVVHqgC+Mri5d2dPpyn0ydvR82g6g89wk luXkOMDVdA== -----END CERTIFICATE-----Generated at Sun Jan 25 19:43:06 2026 by rpki-client