This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/YFvRu6poI8Ij__cAkw9ZXzn1ELA.roa File: YFvRu6poI8Ij__cAkw9ZXzn1ELA.roa (raw, json) Hash identifier: TFdZLvuT5jh6qUmHTvzmxP9xeFFqlGN1y9JFOGD2i4E= Subject key identifier: 60:5B:D1:BB:AA:68:23:C2:23:FF:F7:00:93:0F:59:5F:39:F5:10:B0 Certificate issuer: /CN=ec65d31440bf75d25c606f7915c236ca614464a2 Certificate serial: 019B7A5A1586F1DCF205B17C1BB3578B9863 Authority key identifier: EC:65:D3:14:40:BF:75:D2:5C:60:6F:79:15:C2:36:CA:61:44:64:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GXTFEC_ddJcYG95FcI2ymFEZKI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/YFvRu6poI8Ij__cAkw9ZXzn1ELA.roa Signing time: Thu 01 Jan 2026 16:18:02 +0000 ROA not before: Thu 01 Jan 2026 16:18:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42673 IP address blocks: 91.150.160.0/19 maxlen: 32 91.189.216.0/21 maxlen: 32 91.246.64.0/21 maxlen: 32 91.246.72.0/22 maxlen: 32 185.80.32.0/22 maxlen: 32 195.248.246.0/23 maxlen: 32 2a05:7100::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/7GXTFEC_ddJcYG95FcI2ymFEZKI.crl rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/7GXTFEC_ddJcYG95FcI2ymFEZKI.mft rsync://rpki.ripe.net/repository/DEFAULT/7GXTFEC_ddJcYG95FcI2ymFEZKI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:15:86:f1:dc:f2:05:b1:7c:1b:b3:57:8b:98:63 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ec65d31440bf75d25c606f7915c236ca614464a2 Validity Not Before: Jan 1 16:18:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=605bd1bbaa6823c223fff700930f595f39f510b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:22:bf:d1:5c:31:fc:30:1d:b2:19:95:ea:7a: b0:0e:c8:7a:e0:b6:3a:37:a2:bc:9f:23:d6:3e:88: d2:e5:d0:4b:a2:59:f7:39:5b:6c:6e:f8:d2:5d:7e: 07:42:ec:5b:77:54:bc:46:36:fc:11:8a:3a:5c:d1: ee:34:c9:13:e6:24:04:70:26:0f:53:55:98:f8:3e: 2f:d8:15:12:2b:99:34:32:df:97:2a:43:64:61:83: 3d:35:ee:0d:84:3f:cc:a0:87:16:e8:fd:89:8e:aa: 11:15:67:3c:ad:19:6f:e6:34:1f:20:96:1e:9f:c0: f2:bd:5c:55:ad:33:d6:5e:ad:3f:ed:06:dc:b5:94: b4:df:68:a9:e6:b4:cb:3e:85:6f:d0:5c:e2:39:8b: c4:0e:fb:b0:92:91:bb:ff:bf:b6:c2:5a:0d:a4:b1: 8d:53:05:19:25:e8:1f:5d:64:1a:7b:1d:99:76:d4: e5:25:3a:25:1f:be:14:ae:1b:1a:8f:73:90:8b:73: 92:48:80:1e:b6:67:69:d0:3d:61:92:73:5b:07:fc: 2e:2e:93:e6:0d:f8:d4:f8:63:20:36:9e:93:7c:10: b6:aa:79:80:7b:85:32:c4:15:a5:f4:25:e5:72:01: 84:7a:63:dc:c9:5d:d9:fd:75:9b:1a:6e:52:66:47: ba:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:5B:D1:BB:AA:68:23:C2:23:FF:F7:00:93:0F:59:5F:39:F5:10:B0 X509v3 Authority Key Identifier: keyid:EC:65:D3:14:40:BF:75:D2:5C:60:6F:79:15:C2:36:CA:61:44:64:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GXTFEC_ddJcYG95FcI2ymFEZKI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/YFvRu6poI8Ij__cAkw9ZXzn1ELA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/2a6df5-8236-412d-ad79-e29589e8964a/1/7GXTFEC_ddJcYG95FcI2ymFEZKI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.150.160.0/19 91.189.216.0/21 91.246.64.0-91.246.75.255 185.80.32.0/22 195.248.246.0/23 IPv6: 2a05:7100::/29 Signature Algorithm: sha256WithRSAEncryption 93:bc:f8:f5:2d:09:c2:db:54:17:d9:dc:ea:8f:78:d7:dd:57: 49:b9:63:c5:47:84:6a:06:97:d2:82:da:2c:7f:55:9f:86:61: 3a:89:da:fb:a5:e9:b3:8b:24:c3:4f:9a:ae:b7:9f:88:e4:9e: d3:f6:a4:7a:99:e1:ea:76:8e:88:b5:c7:5e:36:ba:fa:74:b0: 6f:1b:de:40:94:72:b1:83:4b:a3:da:34:99:a0:46:14:4a:7f: 28:23:17:87:d0:78:fe:fa:33:73:49:88:c7:dd:11:1a:e9:62: 2f:df:f3:28:92:4c:a9:60:ff:30:e1:36:3b:d1:aa:b4:39:f9: 98:ad:03:a2:af:fc:19:c5:86:cd:b3:05:c7:0e:a7:e4:75:78: 14:0e:59:19:ea:93:29:1c:07:33:4d:f2:39:c5:69:d1:4a:30: 87:23:4c:4c:1b:1d:bf:0e:73:51:8f:ef:39:7b:04:8b:ce:61: b3:fa:1b:bc:3b:ae:57:93:49:26:6a:e6:06:e4:e8:8d:c4:49: 2f:e2:86:c2:4c:39:53:04:b7:96:63:d5:5d:2a:9d:47:fc:95: 88:f5:2a:85:55:a2:d3:28:5f:7a:eb:41:fd:3c:dc:15:01:66: b7:cd:fb:db:8c:35:71:52:db:7d:20:47:43:fa:d9:57:35:0a: 0e:2c:e1:05 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgISAZt6WhWG8dzyBbF8G7NXi5hjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVjNjVkMzE0NDBiZjc1ZDI1YzYwNmY3OTE1YzIzNmNhNjE0 NDY0YTIwHhcNMjYwMTAxMTYxODAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MDViZDFiYmFhNjgyM2MyMjNmZmY3MDA5MzBmNTk1ZjM5ZjUxMGIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SK/0Vwx/DAdshmV6nqwDsh64LY6 N6K8nyPWPojS5dBLoln3OVtsbvjSXX4HQuxbd1S8Rjb8EYo6XNHuNMkT5iQEcCYP U1WY+D4v2BUSK5k0Mt+XKkNkYYM9Ne4NhD/MoIcW6P2JjqoRFWc8rRlv5jQfIJYe n8DyvVxVrTPWXq0/7QbctZS032ip5rTLPoVv0FziOYvEDvuwkpG7/7+2wloNpLGN UwUZJegfXWQaex2ZdtTlJTolH74Urhsaj3OQi3OSSIAetmdp0D1hknNbB/wuLpPm DfjU+GMgNp6TfBC2qnmAe4UyxBWl9CXlcgGEemPcyV3Z/XWbGm5SZke6oQIDAQAB o4ICODCCAjQwHQYDVR0OBBYEFGBb0buqaCPCI//3AJMPWV859RCwMB8GA1UdIwQY MBaAFOxl0xRAv3XSXGBveRXCNsphRGSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN0dYVEZFQ19kZEpjWUc5NUZjSTJ5bUZFWktJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8yYTZkZjUtODIzNi00MTJkLWFkNzkt ZTI5NTg5ZTg5NjRhLzEvWUZ2UnU2cG9JOElqX19jQWt3OVpYem4xRUxBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My8yYTZkZjUtODIzNi00MTJkLWFkNzktZTI5NTg5ZTg5NjRh LzEvN0dYVEZFQ19kZEpjWUc5NUZjSTJ5bUZFWktJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQFW5agAwQD W73YMAwDBAZb9kADBAJb9kgDBAK5UCADBAHD+PYwDQQCAAIwBwMFAyoFcQAwDQYJ KoZIhvcNAQELBQADggEBAJO8+PUtCcLbVBfZ3OqPeNfdV0m5Y8VHhGoGl9KC2ix/ VZ+GYTqJ2vul6bOLJMNPmq63n4jkntP2pHqZ4ep2joi1x142uvp0sG8b3kCUcrGD S6PaNJmgRhRKfygjF4fQeP76M3NJiMfdERrpYi/f8yiSTKlg/zDhNjvRqrQ5+Zit A6Kv/BnFhs2zBccOp+R1eBQOWRnqkykcBzNN8jnFadFKMIcjTEwbHb8Oc1GP7zl7 BIvOYbP6G7w7rleTSSZq5gbk6I3ESS/ihsJMOVMEt5Zj1V0qnUf8lYj1KoVVotMo X3rrQf083BUBZrfN+9uMNXFS230gR0P62Vc1Cg4s4QU= -----END CERTIFICATE-----Generated at Mon Jan 26 05:49:46 2026 by rpki-client