This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/yDO02X54f1LQ0eg7vIsPILfqVfg.roa File: yDO02X54f1LQ0eg7vIsPILfqVfg.roa (raw, json) Hash identifier: QejEGgHdQAnoB+VVS4oCOej9y3m34VK1Ik/jfXOr3V8= Subject key identifier: C8:33:B4:D9:7E:78:7F:52:D0:D1:E8:3B:BC:8B:0F:20:B7:EA:55:F8 Certificate issuer: /CN=aafc41aafbbccaa96711849745ef722a5260ac7e Certificate serial: 019B7C12295EC995D7713D6403D141B5DFE4 Authority key identifier: AA:FC:41:AA:FB:BC:CA:A9:67:11:84:97:45:EF:72:2A:52:60:AC:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvxBqvu8yqlnEYSXRe9yKlJgrH4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/yDO02X54f1LQ0eg7vIsPILfqVfg.roa Signing time: Fri 02 Jan 2026 00:18:43 +0000 ROA not before: Fri 02 Jan 2026 00:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42525 IP address blocks: 45.67.92.0/22 maxlen: 24 2a09:7440::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/qvxBqvu8yqlnEYSXRe9yKlJgrH4.crl rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/qvxBqvu8yqlnEYSXRe9yKlJgrH4.mft rsync://rpki.ripe.net/repository/DEFAULT/qvxBqvu8yqlnEYSXRe9yKlJgrH4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:29:5e:c9:95:d7:71:3d:64:03:d1:41:b5:df:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aafc41aafbbccaa96711849745ef722a5260ac7e Validity Not Before: Jan 2 00:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c833b4d97e787f52d0d1e83bbc8b0f20b7ea55f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:5d:88:0b:55:1f:c4:8c:42:4f:96:df:04:90: cd:74:c0:5b:9e:0d:ae:b5:8d:02:69:8e:4f:74:11: 04:3a:c4:d4:37:47:dc:b6:23:1c:90:c7:93:85:e8: 92:53:25:4f:1f:a5:d5:f8:29:47:e9:df:f6:cc:7f: f3:1b:1e:ce:24:81:bd:54:e5:27:f3:ec:40:91:a9: bb:53:b7:3f:e1:99:55:20:fa:b9:03:84:0a:25:0f: 8e:cf:29:15:dd:24:02:02:44:b8:24:ec:6d:d8:7d: 0c:65:d8:b6:ec:78:57:14:d8:17:ed:05:74:31:c6: ef:22:0b:ef:8a:98:65:7f:5b:94:94:26:47:04:9f: b6:cb:f9:ac:25:7c:1a:1d:91:a2:a6:df:3d:3b:87: a4:91:77:c2:4e:26:d7:3e:11:58:de:16:94:58:6a: a4:a5:16:ec:75:9a:2c:b0:b6:3b:9c:cd:e7:97:e3: fb:a6:55:cd:50:28:87:7d:15:19:72:01:ae:2f:c4: e0:7d:16:cb:c8:ac:ab:3c:b4:95:d2:b0:ed:2c:2a: 63:64:3a:7c:73:7f:63:d3:60:0b:6a:b5:97:f8:b1: a9:bf:ac:24:ea:9b:e5:fa:ff:69:46:e9:66:4c:f7: ea:d0:27:7b:e2:cb:b7:aa:62:cb:fc:6a:b5:4d:51: e0:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:33:B4:D9:7E:78:7F:52:D0:D1:E8:3B:BC:8B:0F:20:B7:EA:55:F8 X509v3 Authority Key Identifier: keyid:AA:FC:41:AA:FB:BC:CA:A9:67:11:84:97:45:EF:72:2A:52:60:AC:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvxBqvu8yqlnEYSXRe9yKlJgrH4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/yDO02X54f1LQ0eg7vIsPILfqVfg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/qvxBqvu8yqlnEYSXRe9yKlJgrH4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.67.92.0/22 IPv6: 2a09:7440::/32 Signature Algorithm: sha256WithRSAEncryption 3c:82:9e:a8:86:fd:0b:7b:4b:da:80:db:15:0f:fb:77:84:92: 5d:0e:27:e1:fd:2b:78:35:e2:50:0c:fe:5a:f6:ca:a1:01:41: 6c:a8:33:70:7b:8a:3c:e3:6d:bb:8c:8e:39:38:45:08:17:12: 3b:5f:d5:f3:20:91:6a:01:59:24:10:ef:00:ec:c0:c3:24:47: d0:ba:f8:85:39:5f:0c:10:eb:12:78:4a:9e:bc:f2:27:ed:fb: 79:4d:64:d9:11:7a:f7:c0:9b:f2:ec:ea:77:6c:c2:3b:2f:a6: eb:f3:22:96:92:de:4d:c6:06:07:b5:bb:c8:46:21:60:07:cd: d8:eb:23:01:e2:07:78:d0:6d:29:27:66:f0:15:1f:cc:85:5c: 27:9a:17:b1:4d:f6:cf:27:8c:21:72:68:f3:b3:b8:c2:67:18: 19:56:aa:5b:36:b8:a6:2c:14:6b:7c:c0:0d:04:97:03:87:3d: cc:4b:36:64:80:bc:15:ca:eb:5c:cc:42:29:0c:dd:d3:7a:89: 5c:84:c2:8a:64:e0:5f:da:d8:c3:c7:5f:e8:e6:95:95:ef:44: 44:3a:34:94:05:87:85:f8:3d:61:f8:b9:bc:47:f5:bb:cc:03: 5e:75:e6:98:99:65:f7:a1:e2:ba:de:d0:8b:05:82:5c:f2:2f: 6c:a6:50:5a -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt8EileyZXXcT1kA9FBtd/kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhZmM0MWFhZmJiY2NhYTk2NzExODQ5NzQ1ZWY3MjJhNTI2 MGFjN2UwHhcNMjYwMTAyMDAxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjODMzYjRkOTdlNzg3ZjUyZDBkMWU4M2JiYzhiMGYyMGI3ZWE1NWY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjV2IC1UfxIxCT5bfBJDNdMBbng2u tY0CaY5PdBEEOsTUN0fctiMckMeTheiSUyVPH6XV+ClH6d/2zH/zGx7OJIG9VOUn 8+xAkam7U7c/4ZlVIPq5A4QKJQ+OzykV3SQCAkS4JOxt2H0MZdi27HhXFNgX7QV0 McbvIgvviphlf1uUlCZHBJ+2y/msJXwaHZGipt89O4ekkXfCTibXPhFY3haUWGqk pRbsdZossLY7nM3nl+P7plXNUCiHfRUZcgGuL8TgfRbLyKyrPLSV0rDtLCpjZDp8 c39j02ALarWX+LGpv6wk6pvl+v9pRulmTPfq0Cd74su3qmLL/Gq1TVHgvwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMgztNl+eH9S0NHoO7yLDyC36lX4MB8GA1UdIwQY MBaAFKr8Qar7vMqpZxGEl0XvcipSYKx+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXZ4QnF2dTh5cWxuRVlTWFJlOXlLbEpnckg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85ZmRkZDQtNTI2YS00ODA3LWIxMjct MWJjMzFjNjI0MDFmLzEveURPMDJYNTRmMUxRMGVnN3ZJc1BJTGZxVmZnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS85ZmRkZDQtNTI2YS00ODA3LWIxMjctMWJjMzFjNjI0MDFm LzEvcXZ4QnF2dTh5cWxuRVlTWFJlOXlLbEpnckg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUNcMA0E AgACMAcDBQAqCXRAMA0GCSqGSIb3DQEBCwUAA4IBAQA8gp6ohv0Le0vagNsVD/t3 hJJdDifh/St4NeJQDP5a9sqhAUFsqDNwe4o84227jI45OEUIFxI7X9XzIJFqAVkk EO8A7MDDJEfQuviFOV8MEOsSeEqevPIn7ft5TWTZEXr3wJvy7Op3bMI7L6br8yKW kt5NxgYHtbvIRiFgB83Y6yMB4gd40G0pJ2bwFR/MhVwnmhexTfbPJ4whcmjzs7jC ZxgZVqpbNrimLBRrfMANBJcDhz3MSzZkgLwVyutczEIpDN3TeolchMKKZOBf2tjD x1/o5pWV70REOjSUBYeF+D1h+Lm8R/W7zANedeaYmWX3oeK63tCLBYJc8i9splBa -----END CERTIFICATE-----Generated at Mon Jan 26 04:55:21 2026 by rpki-client