This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/b278df-ed37-4de7-a675-107a8d85bd30/1/ybEmTlBBcJOoXWgr8m9z365o4bg.roa File: ybEmTlBBcJOoXWgr8m9z365o4bg.roa (raw, json) Hash identifier: TRFDu1M5/mKWuPLtqvrlWG7LoIAWdxPjONN7AlGo3v8= Subject key identifier: C9:B1:26:4E:50:41:70:93:A8:5D:68:2B:F2:6F:73:DF:AE:68:E1:B8 Certificate issuer: /CN=ed5a6ba2d2248bc4782ac0fdb3c64b946640b09c Certificate serial: 019B78A318334C774D345288CE3E4B90A2A4 Authority key identifier: ED:5A:6B:A2:D2:24:8B:C4:78:2A:C0:FD:B3:C6:4B:94:66:40:B0:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7VprotIki8R4KsD9s8ZLlGZAsJw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/b278df-ed37-4de7-a675-107a8d85bd30/1/ybEmTlBBcJOoXWgr8m9z365o4bg.roa Signing time: Thu 01 Jan 2026 08:18:33 +0000 ROA not before: Thu 01 Jan 2026 08:18:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210883 IP address blocks: 2a07:1c40::/29 maxlen: 128 2a11:4280::/29 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/b278df-ed37-4de7-a675-107a8d85bd30/1/7VprotIki8R4KsD9s8ZLlGZAsJw.crl rsync://rpki.ripe.net/repository/DEFAULT/80/b278df-ed37-4de7-a675-107a8d85bd30/1/7VprotIki8R4KsD9s8ZLlGZAsJw.mft rsync://rpki.ripe.net/repository/DEFAULT/7VprotIki8R4KsD9s8ZLlGZAsJw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:18:33:4c:77:4d:34:52:88:ce:3e:4b:90:a2:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ed5a6ba2d2248bc4782ac0fdb3c64b946640b09c Validity Not Before: Jan 1 08:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9b1264e50417093a85d682bf26f73dfae68e1b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:81:cf:42:2f:0b:b7:cf:2b:2b:98:ae:d0:35: 5f:a7:9b:07:7e:f6:8d:dc:54:b1:05:31:c7:42:f8: b1:ad:9e:38:12:4d:e2:5e:79:0f:95:07:49:4a:a2: 3a:b3:ba:58:7a:79:26:4d:74:41:b7:13:7c:c3:8b: 60:ca:35:44:27:bc:47:8f:b2:bb:42:86:f9:ec:00: 59:01:68:7e:0a:33:d6:21:63:b5:42:8b:b9:4e:9c: 2e:e4:a1:d6:1a:2f:6e:80:93:6f:d0:c4:7b:44:4e: bc:64:4c:50:d8:47:66:1b:d3:38:55:e0:22:9e:82: 2d:4a:c8:07:43:d9:2c:cf:8f:cc:30:22:4b:f2:eb: c0:23:ad:c0:49:17:55:71:a3:dd:d7:ea:89:a8:b5: e7:d4:86:e1:15:19:2c:77:8e:eb:2f:68:84:b9:b0: d5:0c:9f:5f:10:d9:10:14:8b:25:b7:22:6d:06:af: 85:0f:55:af:8e:4a:81:13:76:67:55:b4:2f:b3:4f: 60:59:ca:e6:6e:f6:fa:72:32:78:09:83:1b:42:df: ae:b7:03:33:6e:3b:25:b4:07:2c:9b:7a:e5:83:a4: b8:a5:eb:ee:2f:05:cd:22:14:dd:1c:6a:ff:dd:36: 2b:b7:26:87:24:d7:b9:08:57:a5:01:7f:96:aa:cd: b7:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:B1:26:4E:50:41:70:93:A8:5D:68:2B:F2:6F:73:DF:AE:68:E1:B8 X509v3 Authority Key Identifier: keyid:ED:5A:6B:A2:D2:24:8B:C4:78:2A:C0:FD:B3:C6:4B:94:66:40:B0:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7VprotIki8R4KsD9s8ZLlGZAsJw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b278df-ed37-4de7-a675-107a8d85bd30/1/ybEmTlBBcJOoXWgr8m9z365o4bg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b278df-ed37-4de7-a675-107a8d85bd30/1/7VprotIki8R4KsD9s8ZLlGZAsJw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:1c40::/29 2a11:4280::/29 Signature Algorithm: sha256WithRSAEncryption 4c:ba:87:79:30:8e:c8:9c:97:45:3f:f8:e8:23:17:c5:90:5f: d7:3c:18:95:50:d2:86:29:65:ad:67:60:c6:0e:52:6b:2f:77: de:3d:f9:6e:7a:17:c2:59:be:93:24:89:49:77:ae:4a:32:5d: d1:4b:f6:39:e4:32:02:9c:3d:71:f3:df:6f:48:24:32:dc:86: b9:9a:47:5d:09:b5:dd:51:2a:c3:86:8f:ee:b7:00:ae:ef:94: 13:53:3c:99:67:ff:30:45:fb:ab:2d:32:eb:0e:55:ef:be:54: 8a:f5:86:71:c2:32:2d:54:2a:2a:3a:6e:e5:18:60:7b:f8:b7: 2d:34:6b:f3:a6:62:ae:69:5d:c7:3e:e1:ae:75:87:4d:53:36: d2:79:35:58:07:6b:b5:26:dd:a2:3b:96:c4:a4:6a:10:b7:57: a5:12:ac:5f:60:8e:e2:3a:aa:8c:b0:b3:ec:17:f2:5c:03:6c: 3f:7a:5f:a6:e8:95:5a:2e:e7:8e:26:22:e3:86:f4:5d:93:74: 95:37:fa:26:6e:a3:ef:b2:5a:a5:3e:51:a1:4d:53:46:b7:e1: 46:0e:5f:46:d2:18:53:da:42:ac:14:4b:79:1c:9c:ad:d2:02: f6:8b:6f:74:fb:50:b8:c8:7f:96:ce:40:9d:8f:20:4b:6a:ef: f6:d1:96:46 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt4oxgzTHdNNFKIzj5LkKKkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVkNWE2YmEyZDIyNDhiYzQ3ODJhYzBmZGIzYzY0Yjk0NjY0 MGIwOWMwHhcNMjYwMTAxMDgxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOWIxMjY0ZTUwNDE3MDkzYTg1ZDY4MmJmMjZmNzNkZmFlNjhlMWI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6oHPQi8Lt88rK5iu0DVfp5sHfvaN 3FSxBTHHQvixrZ44Ek3iXnkPlQdJSqI6s7pYenkmTXRBtxN8w4tgyjVEJ7xHj7K7 Qob57ABZAWh+CjPWIWO1Qou5Tpwu5KHWGi9ugJNv0MR7RE68ZExQ2EdmG9M4VeAi noItSsgHQ9ksz4/MMCJL8uvAI63ASRdVcaPd1+qJqLXn1IbhFRksd47rL2iEubDV DJ9fENkQFIsltyJtBq+FD1WvjkqBE3ZnVbQvs09gWcrmbvb6cjJ4CYMbQt+utwMz bjsltAcsm3rlg6S4pevuLwXNIhTdHGr/3TYrtyaHJNe5CFelAX+Wqs237QIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFMmxJk5QQXCTqF1oK/Jvc9+uaOG4MB8GA1UdIwQY MBaAFO1aa6LSJIvEeCrA/bPGS5RmQLCcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN1Zwcm90SWtpOFI0S3NEOXM4WkxsR1pBc0p3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iMjc4ZGYtZWQzNy00ZGU3LWE2NzUt MTA3YThkODViZDMwLzEveWJFbVRsQkJjSk9vWFdncjhtOXozNjVvNGJnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC9iMjc4ZGYtZWQzNy00ZGU3LWE2NzUtMTA3YThkODViZDMw LzEvN1Zwcm90SWtpOFI0S3NEOXM4WkxsR1pBc0p3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgccQAMF AyoRQoAwDQYJKoZIhvcNAQELBQADggEBAEy6h3kwjsicl0U/+OgjF8WQX9c8GJVQ 0oYpZa1nYMYOUmsvd949+W56F8JZvpMkiUl3rkoyXdFL9jnkMgKcPXHz329IJDLc hrmaR10Jtd1RKsOGj+63AK7vlBNTPJln/zBF+6stMusOVe++VIr1hnHCMi1UKio6 buUYYHv4ty00a/OmYq5pXcc+4a51h01TNtJ5NVgHa7Um3aI7lsSkahC3V6USrF9g juI6qoyws+wX8lwDbD96X6bolVou544mIuOG9F2TdJU3+iZuo++yWqU+UaFNU0a3 4UYOX0bSGFPaQqwUS3kcnK3SAvaLb3T7ULjIf5bOQJ2PIEtq7/bRlkY= -----END CERTIFICATE-----Generated at Sun Jan 25 10:33:04 2026 by rpki-client