This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/YUKRTZrZKbMQuj1koHZDnPDdKkc.roa File: YUKRTZrZKbMQuj1koHZDnPDdKkc.roa (raw, json) Hash identifier: 5JLtSmX5xrQ29vGLGR8NuSK/OU2HfwUbgSXICbmnR28= Subject key identifier: 61:42:91:4D:9A:D9:29:B3:10:BA:3D:64:A0:76:43:9C:F0:DD:2A:47 Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3 Certificate serial: 019B797E45778BDD81B29978B46C46F08B23 Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/YUKRTZrZKbMQuj1koHZDnPDdKkc.roa Signing time: Thu 01 Jan 2026 12:17:57 +0000 ROA not before: Thu 01 Jan 2026 12:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204405 IP address blocks: 2a02:17a5::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.mft rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:45:77:8b:dd:81:b2:99:78:b4:6c:46:f0:8b:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3 Validity Not Before: Jan 1 12:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6142914d9ad929b310ba3d64a076439cf0dd2a47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f1:41:37:36:9e:05:d3:01:54:9f:2f:9d:ce: 3a:30:af:0f:ed:9e:b8:7d:59:f5:ba:a9:8f:67:2d: 6b:35:bb:6a:81:f5:04:13:b1:d0:c2:95:45:74:ed: b5:9e:95:2a:89:44:c6:56:97:be:5a:c5:c4:eb:25: cf:65:19:9b:96:95:53:a1:ba:29:d5:db:61:b5:3a: 47:ee:83:df:bc:c6:ef:bb:0d:d2:eb:f7:f6:31:3a: a1:31:e9:a9:a9:ce:ec:db:fa:bc:51:cd:53:f0:8b: 93:02:f0:0a:a8:50:b7:00:a7:d8:25:34:cf:a4:8e: cd:f9:a4:94:a6:17:e3:92:5b:7e:34:69:2c:6e:40: bb:d1:07:e8:68:2d:06:1e:09:9d:2b:d8:e9:50:2e: 4d:ac:ab:55:74:dc:11:04:4b:c3:c6:37:c1:95:e8: 88:a2:96:c8:6f:ad:13:9a:17:ea:d9:62:66:50:f4: 0c:db:25:68:2e:de:ce:4e:1b:29:90:2a:81:32:71: f6:20:75:68:79:ab:72:0e:2e:90:4f:6a:fa:f7:fa: bc:c9:45:b9:82:79:01:e2:77:db:51:a4:74:c3:e7: 64:15:b2:d2:0c:67:18:4f:91:a1:72:c4:c5:c0:da: 20:4a:e4:27:99:d2:97:39:b7:d8:96:b4:a0:dd:e5: c4:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:42:91:4D:9A:D9:29:B3:10:BA:3D:64:A0:76:43:9C:F0:DD:2A:47 X509v3 Authority Key Identifier: keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/YUKRTZrZKbMQuj1koHZDnPDdKkc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a02:17a5::/32 Signature Algorithm: sha256WithRSAEncryption bb:fe:7c:4a:64:95:b2:b8:d4:69:49:c1:77:c8:e7:ad:41:2d: dd:74:2a:35:bf:ce:43:d1:20:e9:0e:76:54:c2:ad:5e:1e:f9: 4c:30:8e:e2:c7:6b:28:a6:a9:d2:87:d2:48:7b:83:2a:0d:88: 4e:0c:12:e0:2f:60:77:d4:50:a7:1d:28:89:63:c4:9f:d5:21: e4:c1:81:02:13:7d:b8:64:fb:1a:4d:a0:e3:87:dd:30:dc:52: 46:1e:23:97:3e:80:b7:8f:04:02:d2:fc:60:94:c7:77:b3:e3: be:bc:e4:8b:61:0b:44:56:1b:61:5c:d4:0e:60:b4:4e:57:14: 41:6b:62:a0:df:69:50:78:7b:88:fa:62:4e:ab:4a:f3:32:18: dd:c3:4d:85:26:06:a5:15:5a:7d:62:2b:dd:d4:43:5d:8b:28: 4f:a7:dd:67:b9:dc:68:44:00:4f:1b:c6:e6:d6:28:88:eb:95: 70:f0:17:20:25:0d:94:92:8f:de:ec:b8:4e:47:93:fc:a7:19: 95:87:8c:6d:b5:91:99:c1:1e:99:c0:c2:ce:31:8f:65:82:6d: 2c:0c:12:92:92:6b:43:6e:45:d3:77:23:d1:53:cf:fa:3e:26: 8f:bb:68:d8:5a:a2:b3:9f:d9:a5:7c:2a:a6:2c:67:80:46:4f: 6d:9e:f8:0c -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt5fkV3i92Bspl4tGxG8IsjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2 MGY2ZjMwHhcNMjYwMTAxMTIxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MTQyOTE0ZDlhZDkyOWIzMTBiYTNkNjRhMDc2NDM5Y2YwZGQyYTQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPFBNzaeBdMBVJ8vnc46MK8P7Z64 fVn1uqmPZy1rNbtqgfUEE7HQwpVFdO21npUqiUTGVpe+WsXE6yXPZRmblpVTobop 1dthtTpH7oPfvMbvuw3S6/f2MTqhMempqc7s2/q8Uc1T8IuTAvAKqFC3AKfYJTTP pI7N+aSUphfjklt+NGksbkC70QfoaC0GHgmdK9jpUC5NrKtVdNwRBEvDxjfBleiI opbIb60Tmhfq2WJmUPQM2yVoLt7OThspkCqBMnH2IHVoeatyDi6QT2r69/q8yUW5 gnkB4nfbUaR0w+dkFbLSDGcYT5GhcsTFwNogSuQnmdKXObfYlrSg3eXEbwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFGFCkU2a2SmzELo9ZKB2Q5zw3SpHMB8GA1UdIwQY MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It ZDFhYmY0ZWUzMmNiLzEvWVVLUlRaclpLYk1RdWoxa29IWkRuUERkS2tjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgIXpTAN BgkqhkiG9w0BAQsFAAOCAQEAu/58SmSVsrjUaUnBd8jnrUEt3XQqNb/OQ9Eg6Q52 VMKtXh75TDCO4sdrKKap0ofSSHuDKg2ITgwS4C9gd9RQpx0oiWPEn9Uh5MGBAhN9 uGT7Gk2g44fdMNxSRh4jlz6At48EAtL8YJTHd7Pjvrzki2ELRFYbYVzUDmC0TlcU QWtioN9pUHh7iPpiTqtK8zIY3cNNhSYGpRVafWIr3dRDXYsoT6fdZ7ncaEQATxvG 5tYoiOuVcPAXICUNlJKP3uy4TkeT/KcZlYeMbbWRmcEemcDCzjGPZYJtLAwSkpJr Q25F03cj0VPP+j4mj7to2Fqis5/ZpXwqpixngEZPbZ74DA== -----END CERTIFICATE-----Generated at Mon Jan 26 01:01:46 2026 by rpki-client