This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/yeLJIzyENF-xSwUvcw-83vXbHV0.roa File: yeLJIzyENF-xSwUvcw-83vXbHV0.roa (raw, json) Hash identifier: /maHsTe7P80FB56mfWTMzRdcMrW1yJ3jN8SeCvnlqtU= Subject key identifier: C9:E2:C9:23:3C:84:34:5F:B1:4B:05:2F:73:0F:BC:DE:F5:DB:1D:5D Certificate issuer: /CN=aa9e86a76bddc1203a029d31475d3ebc57d90a41 Certificate serial: 019B7DCA04619883741F42A2A90D67495856 Authority key identifier: AA:9E:86:A7:6B:DD:C1:20:3A:02:9D:31:47:5D:3E:BC:57:D9:0A:41 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/yeLJIzyENF-xSwUvcw-83vXbHV0.roa Signing time: Fri 02 Jan 2026 08:19:10 +0000 ROA not before: Fri 02 Jan 2026 08:19:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58075 IP address blocks: 91.210.125.0/24 maxlen: 24 185.40.8.0/22 maxlen: 24 185.114.236.0/22 maxlen: 24 194.29.52.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.crl rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.mft rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:04:61:98:83:74:1f:42:a2:a9:0d:67:49:58:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa9e86a76bddc1203a029d31475d3ebc57d90a41 Validity Not Before: Jan 2 08:19:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9e2c9233c84345fb14b052f730fbcdef5db1d5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:47:dc:1d:b2:ce:52:78:b6:bf:08:83:35:d5: 66:7c:15:1a:cf:77:86:26:ed:e1:a1:2a:26:02:cf: 09:e6:3d:c3:c1:2c:b1:5e:35:6f:1b:54:bd:3f:99: c6:b7:8e:bc:9f:cb:72:a5:0f:04:12:30:28:1a:53: 09:49:ec:c1:a9:01:94:dc:9f:4e:83:9c:da:3b:1d: 06:bb:1f:d3:5b:94:a0:aa:f2:c4:52:55:c3:ce:03: 34:98:91:8d:90:82:b8:c6:57:a8:80:cc:da:42:8a: 43:64:01:2c:96:14:ca:39:d3:ae:ca:41:33:d9:bf: c2:61:4a:b1:46:21:82:8f:f3:23:c4:a9:d1:db:de: cf:6a:2f:78:fb:de:9a:33:f4:52:82:06:7a:57:f6: 0f:e8:b8:6d:0f:22:4c:16:14:6c:c9:2d:32:f5:e2: 6e:e6:d1:07:af:45:3c:6a:b8:15:f5:ee:fa:5e:e7: 31:64:e6:d5:a6:47:7b:21:5a:b4:39:cb:5a:bc:10: e8:5a:3c:cc:02:54:95:9b:d0:17:ad:69:4d:38:26: 0b:54:97:c2:57:2f:0b:e4:e4:72:36:ff:6f:c2:07: 90:60:01:82:6b:59:1a:ae:78:94:c8:ad:7e:df:2b: d1:b2:84:59:5b:91:cb:3c:fc:6a:f3:ef:cb:3b:a8: 1f:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:E2:C9:23:3C:84:34:5F:B1:4B:05:2F:73:0F:BC:DE:F5:DB:1D:5D X509v3 Authority Key Identifier: keyid:AA:9E:86:A7:6B:DD:C1:20:3A:02:9D:31:47:5D:3E:BC:57:D9:0A:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/yeLJIzyENF-xSwUvcw-83vXbHV0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/b94831-65bb-406b-84c4-03b0eec7ff29/1/qp6Gp2vdwSA6Ap0xR10-vFfZCkE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.210.125.0/24 185.40.8.0/22 185.114.236.0/22 194.29.52.0/24 Signature Algorithm: sha256WithRSAEncryption 34:9e:51:04:d6:31:e9:d3:d0:73:75:9b:2f:62:69:3e:62:45: 62:c4:47:aa:18:97:ed:5e:f7:42:1f:bd:03:79:61:67:95:7c: 25:25:68:b8:c7:0f:0a:4e:d5:4c:ec:c3:dd:25:6c:63:d6:3f: 23:73:61:8e:f1:cd:66:c4:94:87:95:2a:3c:82:de:13:45:34: 7b:25:98:c9:70:2d:e3:95:fe:27:d5:71:43:e5:f6:96:4d:16: 40:78:2a:02:a1:4b:0d:c8:83:48:fd:02:35:0c:50:ea:48:5b: c2:bc:34:70:7c:8e:f7:b1:64:fa:e6:02:75:95:87:fa:1c:f0: 6f:b9:55:db:cc:94:d9:84:db:95:db:0a:e1:c5:b2:6c:75:60: 61:96:2d:ad:95:59:d2:23:52:3d:ac:76:fe:dd:54:21:e1:7b: cb:7c:bb:33:4b:ae:26:e9:d7:c6:29:50:36:14:06:37:05:08: 07:1b:72:51:f2:bf:ca:4e:45:f5:69:9f:2e:50:e7:22:3a:84: 18:c3:49:6f:d7:df:a9:fd:6c:23:63:c8:01:1b:8f:51:16:ef: 04:5e:fd:70:2c:c2:2d:10:4c:cd:98:b3:29:5a:e6:68:4f:a9: ad:2f:6c:d0:bd:da:22:e8:2b:a7:83:c7:52:c4:20:e9:44:ae: c0:9d:a6:93 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt9ygRhmIN0H0KiqQ1nSVhWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhOWU4NmE3NmJkZGMxMjAzYTAyOWQzMTQ3NWQzZWJjNTdk OTBhNDEwHhcNMjYwMTAyMDgxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOWUyYzkyMzNjODQzNDVmYjE0YjA1MmY3MzBmYmNkZWY1ZGIxZDVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEfcHbLOUni2vwiDNdVmfBUaz3eG Ju3hoSomAs8J5j3DwSyxXjVvG1S9P5nGt468n8typQ8EEjAoGlMJSezBqQGU3J9O g5zaOx0Gux/TW5SgqvLEUlXDzgM0mJGNkIK4xleogMzaQopDZAEslhTKOdOuykEz 2b/CYUqxRiGCj/MjxKnR297Pai94+96aM/RSggZ6V/YP6LhtDyJMFhRsyS0y9eJu 5tEHr0U8argV9e76XucxZObVpkd7IVq0OctavBDoWjzMAlSVm9AXrWlNOCYLVJfC Vy8L5ORyNv9vwgeQYAGCa1karniUyK1+3yvRsoRZW5HLPPxq8+/LO6gfoQIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFMniySM8hDRfsUsFL3MPvN712x1dMB8GA1UdIwQY MBaAFKqehqdr3cEgOgKdMUddPrxX2QpBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXA2R3AydmR3U0E2QXAweFIxMC12RmZaQ2tFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9iOTQ4MzEtNjViYi00MDZiLTg0YzQt MDNiMGVlYzdmZjI5LzEveWVMSkl6eUVORi14U3dVdmN3LTgzdlhiSFYwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC9iOTQ4MzEtNjViYi00MDZiLTg0YzQtMDNiMGVlYzdmZjI5 LzEvcXA2R3AydmR3U0E2QXAweFIxMC12RmZaQ2tFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW9J9AwQC uSgIAwQCuXLsAwQAwh00MA0GCSqGSIb3DQEBCwUAA4IBAQA0nlEE1jHp09BzdZsv Ymk+YkVixEeqGJftXvdCH70DeWFnlXwlJWi4xw8KTtVM7MPdJWxj1j8jc2GO8c1m xJSHlSo8gt4TRTR7JZjJcC3jlf4n1XFD5faWTRZAeCoCoUsNyINI/QI1DFDqSFvC vDRwfI73sWT65gJ1lYf6HPBvuVXbzJTZhNuV2wrhxbJsdWBhli2tlVnSI1I9rHb+ 3VQh4XvLfLszS64m6dfGKVA2FAY3BQgHG3JR8r/KTkX1aZ8uUOciOoQYw0lv19+p /WwjY8gBG49RFu8EXv1wLMItEEzNmLMpWuZoT6mtL2zQvdoi6Cung8dSxCDpRK7A naaT -----END CERTIFICATE-----Generated at Mon Jan 26 08:39:12 2026 by rpki-client