This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/yJRtFYZIq2TOGzV7ilFECs7J7Zc.roa File: yJRtFYZIq2TOGzV7ilFECs7J7Zc.roa (raw, json) Hash identifier: fPibGbrSNASPGx7KwHc/ufm+crotS6eMW8BFtw5lenA= Subject key identifier: C8:94:6D:15:86:48:AB:64:CE:1B:35:7B:8A:51:44:0A:CE:C9:ED:97 Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Certificate serial: 019B797F370E86D66FD0249CE8644D8FE349 Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/yJRtFYZIq2TOGzV7ilFECs7J7Zc.roa Signing time: Thu 01 Jan 2026 12:18:58 +0000 ROA not before: Thu 01 Jan 2026 12:18:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203869 IP address blocks: 170.168.128.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:37:0e:86:d6:6f:d0:24:9c:e8:64:4d:8f:e3:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce Validity Not Before: Jan 1 12:18:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c8946d158648ab64ce1b357b8a51440acec9ed97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:4b:97:f7:86:bb:72:ce:20:3e:21:5d:8d:37: 6d:bc:a1:17:3c:67:77:f6:bf:34:6f:81:05:1e:e5: fc:d9:82:3d:59:11:58:82:50:04:19:c9:09:f9:fe: dc:da:2e:34:5b:f1:c8:a0:f2:c5:47:c2:10:17:0a: f9:19:3f:4e:45:63:9b:aa:ca:cb:a5:de:d1:45:87: ce:a9:5b:23:64:97:bc:be:9f:af:65:97:7e:bb:13: 6c:dc:24:8c:17:f0:cf:f8:16:68:75:26:ac:fa:8d: 88:c9:b7:2e:7d:c5:e0:5a:46:4f:57:1a:95:8d:00: 96:75:f6:33:be:7b:66:4b:3c:02:ea:e8:a7:43:30: 7b:3b:8b:d7:45:b2:2b:47:63:12:2b:5e:ef:72:3e: 72:2e:a4:f2:75:0b:62:9b:55:87:11:7b:21:49:f6: 7e:07:95:23:9e:46:01:c4:9b:16:2a:f2:de:00:e6: c2:09:4c:8f:60:c5:be:d9:f0:f7:8c:ff:30:f8:f2: c2:91:08:ce:d6:34:2c:c8:f1:12:e5:84:5d:1f:9d: bb:8f:90:52:1f:47:4c:a7:41:04:fb:12:40:44:e9: fc:a5:9a:14:6f:c4:df:4a:41:93:7c:27:09:c7:c1: 59:20:81:50:f2:3b:57:f9:34:44:bc:2a:ac:d8:c6: a1:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:94:6D:15:86:48:AB:64:CE:1B:35:7B:8A:51:44:0A:CE:C9:ED:97 X509v3 Authority Key Identifier: keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/yJRtFYZIq2TOGzV7ilFECs7J7Zc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 170.168.128.0/24 Signature Algorithm: sha256WithRSAEncryption 4b:86:46:9d:3a:1c:e1:66:19:6a:20:d3:f8:70:1e:7b:2c:9b: 2e:38:20:85:75:f7:8c:5f:3e:b7:82:96:1f:77:13:3e:0c:9b: d1:77:1d:b8:c3:e6:f5:f8:e0:44:54:9e:b3:15:00:a4:56:2c: ae:ef:86:f9:ba:3d:b3:6b:68:3c:0b:5d:7d:5f:fd:73:92:d6: 09:a7:b2:46:93:13:c2:d0:fc:ea:15:c6:83:2f:e9:ea:46:80: 96:31:9f:6a:7d:1a:ff:88:92:9c:b2:9b:47:1d:d3:45:e1:bc: 4b:5e:a5:f2:c5:4b:06:5b:ad:34:da:b2:57:f4:cb:8f:43:20: 06:09:92:32:1b:3f:c0:28:ca:6e:ee:e2:9d:af:4f:8e:b4:53: 90:e9:45:8f:ed:d5:9a:9d:61:f1:14:de:54:4d:d7:b4:cb:58: e3:e5:91:70:ab:17:5e:e6:dc:d6:c9:39:bf:34:bb:9f:5b:40: a4:78:e8:06:ca:03:42:4b:6b:34:98:2f:95:70:89:92:87:ce: 45:62:40:1e:6e:1b:9b:ac:9d:ec:35:15:01:7a:89:b7:91:7c: 7a:7b:07:27:25:44:1a:f8:05:a1:81:dc:45:9a:f1:b8:cc:cf: 65:ff:a3:92:fd:37:c1:ab:d2:9f:2c:03:20:fa:51:d1:16:50: 37:3d:83:f1 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5fzcOhtZv0CSc6GRNj+NJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh MGYwY2UwHhcNMjYwMTAxMTIxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjODk0NmQxNTg2NDhhYjY0Y2UxYjM1N2I4YTUxNDQwYWNlYzllZDk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0uX94a7cs4gPiFdjTdtvKEXPGd3 9r80b4EFHuX82YI9WRFYglAEGckJ+f7c2i40W/HIoPLFR8IQFwr5GT9ORWObqsrL pd7RRYfOqVsjZJe8vp+vZZd+uxNs3CSMF/DP+BZodSas+o2IybcufcXgWkZPVxqV jQCWdfYzvntmSzwC6uinQzB7O4vXRbIrR2MSK17vcj5yLqTydQtim1WHEXshSfZ+ B5UjnkYBxJsWKvLeAObCCUyPYMW+2fD3jP8w+PLCkQjO1jQsyPES5YRdH527j5BS H0dMp0EE+xJAROn8pZoUb8TfSkGTfCcJx8FZIIFQ8jtX+TREvCqs2MahtQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMiUbRWGSKtkzhs1e4pRRArOye2XMB8GA1UdIwQY MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et YTY2N2JiNzY1MDYwLzEveUpSdEZZWklxMlRPR3pWN2lsRkVDczdKN1pjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqqiAMA0G CSqGSIb3DQEBCwUAA4IBAQBLhkadOhzhZhlqINP4cB57LJsuOCCFdfeMXz63gpYf dxM+DJvRdx24w+b1+OBEVJ6zFQCkViyu74b5uj2za2g8C119X/1zktYJp7JGkxPC 0PzqFcaDL+nqRoCWMZ9qfRr/iJKcsptHHdNF4bxLXqXyxUsGW6002rJX9MuPQyAG CZIyGz/AKMpu7uKdr0+OtFOQ6UWP7dWanWHxFN5UTde0y1jj5ZFwqxde5tzWyTm/ NLufW0CkeOgGygNCS2s0mC+VcImSh85FYkAebhubrJ3sNRUBeom3kXx6ewcnJUQa +AWhgdxFmvG4zM9l/6OS/TfBq9KfLAMg+lHRFlA3PYPx -----END CERTIFICATE-----Generated at Sun Jan 25 18:20:13 2026 by rpki-client