This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/YQyno2lKbE7U5BS3xEbq3yXKIm0.roa File: YQyno2lKbE7U5BS3xEbq3yXKIm0.roa (raw, json) Hash identifier: jna4Y3wHaJJscui1Bqpz3qs+hJypi2Zl9JxVd4/tujw= Subject key identifier: 61:0C:A7:A3:69:4A:6C:4E:D4:E4:14:B7:C4:46:EA:DF:25:CA:22:6D Certificate issuer: /CN=70fee176f51ce8fd81424ff73a5417341279c0f1 Certificate serial: 019B78A293039FEF3C5A917510EFE0443701 Authority key identifier: 70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/YQyno2lKbE7U5BS3xEbq3yXKIm0.roa Signing time: Thu 01 Jan 2026 08:17:58 +0000 ROA not before: Thu 01 Jan 2026 08:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213671 IP address blocks: 192.48.111.0/24 maxlen: 24 2a05:b100:1000::/36 maxlen: 36 2a05:b100:2000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.crl rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.mft rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:93:03:9f:ef:3c:5a:91:75:10:ef:e0:44:37:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70fee176f51ce8fd81424ff73a5417341279c0f1 Validity Not Before: Jan 1 08:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=610ca7a3694a6c4ed4e414b7c446eadf25ca226d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:6f:2e:32:af:12:dc:df:9d:c9:a7:6e:1a:ac: 55:d1:63:4c:c4:69:7d:12:7b:c2:24:49:22:6f:cc: d1:be:64:4b:6f:fb:76:59:8c:3b:f0:3b:bc:19:cc: 75:34:27:a6:c2:1a:cb:0f:eb:30:d2:7e:4f:ad:85: 68:6e:59:29:ef:9f:d0:90:23:5d:43:dc:a1:d1:a9: 72:f8:e4:f5:dd:7f:31:9b:2f:07:c5:37:8e:76:29: 3f:8a:fe:06:a3:7e:30:9c:50:79:ac:a5:cb:cc:71: 48:7d:8b:d7:ec:cf:aa:fa:03:92:8a:c1:fb:67:56: 0f:f7:6a:83:7f:73:13:b9:5e:6e:36:fb:2f:11:5d: 79:c7:76:bb:5c:3f:0a:01:11:b5:0e:bc:51:2e:65: d1:6d:ab:87:89:5c:fe:19:2a:8d:0b:05:d8:65:7b: 46:b1:6d:6f:d5:81:84:4e:fb:05:8a:eb:26:e9:45: 8c:cc:0b:96:38:75:8b:2a:c1:c4:5e:9b:5b:10:f1: 62:dc:a4:b7:05:9f:cb:44:c2:ff:83:70:98:cf:3c: fa:a0:04:38:28:11:5a:9e:07:b2:8b:ab:d8:14:7f: a3:e3:18:c9:f1:54:77:93:bb:9c:a5:8f:08:ec:50: 71:fb:c0:21:34:f5:51:41:db:1c:73:e2:97:ff:e2: 93:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:0C:A7:A3:69:4A:6C:4E:D4:E4:14:B7:C4:46:EA:DF:25:CA:22:6D X509v3 Authority Key Identifier: keyid:70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/YQyno2lKbE7U5BS3xEbq3yXKIm0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.48.111.0/24 IPv6: 2a05:b100:1000::-2a05:b100:2fff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 57:95:5c:bb:a3:12:8e:3f:83:49:40:98:88:e2:25:ad:2b:c3: 64:af:a6:db:82:ab:45:7b:0c:d9:06:73:44:88:73:46:30:f9: af:f5:5e:d3:09:72:a5:bf:bd:be:82:45:10:32:53:ee:1e:68: d2:ac:90:fa:31:51:5b:e9:55:39:bd:a2:2b:04:3b:a4:fe:15: 38:cf:ca:5d:9b:ae:71:bc:24:c4:34:71:12:f3:af:bd:45:fa: 87:10:e4:7b:2e:e3:42:e4:25:c0:0b:15:21:10:07:c2:58:61: 40:79:94:db:27:a1:f1:9a:73:0c:a5:91:f7:68:b2:2d:28:b5: 05:d8:8f:86:53:b3:9a:f1:c3:e3:57:94:8e:7f:1f:8d:d6:ef: 3e:50:35:c6:74:e0:c6:27:28:e8:62:0e:93:e1:d7:04:a5:90: 99:7e:88:ba:df:a8:e8:4e:7b:cc:99:4b:46:db:ce:cc:0e:29: d6:28:b7:7c:40:fd:37:f1:fc:e9:0f:b5:51:a4:b1:2d:19:b7: c5:73:23:07:71:6b:f2:91:07:96:71:d8:33:3e:e1:f0:30:98: a9:ba:9f:8f:0a:13:b8:ff:73:97:92:85:92:4f:da:f1:18:54: 5d:96:52:9b:a8:c4:ce:4b:57:be:56:d8:f2:0e:81:fd:b6:8c: 31:24:c7:17 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt4opMDn+88WpF1EO/gRDcBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwZmVlMTc2ZjUxY2U4ZmQ4MTQyNGZmNzNhNTQxNzM0MTI3 OWMwZjEwHhcNMjYwMTAxMDgxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MTBjYTdhMzY5NGE2YzRlZDRlNDE0YjdjNDQ2ZWFkZjI1Y2EyMjZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx28uMq8S3N+dyaduGqxV0WNMxGl9 EnvCJEkib8zRvmRLb/t2WYw78Du8Gcx1NCemwhrLD+sw0n5PrYVoblkp75/QkCNd Q9yh0aly+OT13X8xmy8HxTeOdik/iv4Go34wnFB5rKXLzHFIfYvX7M+q+gOSisH7 Z1YP92qDf3MTuV5uNvsvEV15x3a7XD8KARG1DrxRLmXRbauHiVz+GSqNCwXYZXtG sW1v1YGETvsFiusm6UWMzAuWOHWLKsHEXptbEPFi3KS3BZ/LRML/g3CYzzz6oAQ4 KBFangeyi6vYFH+j4xjJ8VR3k7ucpY8I7FBx+8AhNPVRQdscc+KX/+KTbQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFGEMp6NpSmxO1OQUt8RG6t8lyiJtMB8GA1UdIwQY MBaAFHD+4Xb1HOj9gUJP9zpUFzQSecDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYt NzUyZTliOGIwNzU2LzEvWVF5bm8ybEtiRTdVNUJTM3hFYnEzeVhLSW0wLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYtNzUyZTliOGIwNzU2 LzEvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwDBvMBgE AgACMBIwEAMGBCoFsQAQAwYEKgWxACAwDQYJKoZIhvcNAQELBQADggEBAFeVXLuj Eo4/g0lAmIjiJa0rw2SvptuCq0V7DNkGc0SIc0Yw+a/1XtMJcqW/vb6CRRAyU+4e aNKskPoxUVvpVTm9oisEO6T+FTjPyl2brnG8JMQ0cRLzr71F+ocQ5Hsu40LkJcAL FSEQB8JYYUB5lNsnofGacwylkfdosi0otQXYj4ZTs5rxw+NXlI5/H43W7z5QNcZ0 4MYnKOhiDpPh1wSlkJl+iLrfqOhOe8yZS0bbzswOKdYot3xA/Tfx/OkPtVGksS0Z t8VzIwdxa/KRB5Zx2DM+4fAwmKm6n48KE7j/c5eShZJP2vEYVF2WUpuoxM5LV75W 2PIOgf22jDEkxxc= -----END CERTIFICATE-----Generated at Mon Jan 26 06:19:24 2026 by rpki-client