This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/YayJGV1AhdhT_2jmvro3f1vZJio.roa File: YayJGV1AhdhT_2jmvro3f1vZJio.roa (raw, json) Hash identifier: ZSfRyhmj0GGAqXcOqtLbroZWUuhIqN/tBzww51XfKiY= Subject key identifier: 61:AC:89:19:5D:40:85:D8:53:FF:68:E6:BE:BA:37:7F:5B:D9:26:2A Certificate issuer: /CN=36fe3a91263e2e8319c2a678e629851d09e77f0d Certificate serial: 019B79EBAB2CA5A82B12EFA6966180BF3428 Authority key identifier: 36:FE:3A:91:26:3E:2E:83:19:C2:A6:78:E6:29:85:1D:09:E7:7F:0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/YayJGV1AhdhT_2jmvro3f1vZJio.roa Signing time: Thu 01 Jan 2026 14:17:26 +0000 ROA not before: Thu 01 Jan 2026 14:17:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199319 IP address blocks: 185.38.224.0/22 maxlen: 22 185.228.140.0/22 maxlen: 22 2a00:fb20::/32 maxlen: 32 2a00:fb20:8000::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/Nv46kSY-LoMZwqZ45imFHQnnfw0.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/Nv46kSY-LoMZwqZ45imFHQnnfw0.mft rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:eb:ab:2c:a5:a8:2b:12:ef:a6:96:61:80:bf:34:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36fe3a91263e2e8319c2a678e629851d09e77f0d Validity Not Before: Jan 1 14:17:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=61ac89195d4085d853ff68e6beba377f5bd9262a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:7e:12:01:32:f5:bd:75:21:30:aa:5a:62:e8: 84:c5:2c:96:bb:83:ce:95:71:be:09:68:e4:03:06: d3:3e:a1:0c:d1:45:39:80:9e:c5:a1:01:dd:6d:f2: b8:83:5e:00:cf:f3:eb:73:49:15:67:db:d2:7e:b4: 0e:53:71:8e:a0:c4:52:67:f1:3a:f2:f4:17:16:de: ac:89:72:38:63:ea:a2:64:d2:cb:91:93:8c:aa:4e: 35:15:a1:90:2d:51:61:10:f7:0e:27:3b:19:69:d1: 01:72:3f:96:a4:51:9e:0d:b4:e7:c4:51:67:77:01: 92:f1:c7:5a:02:6e:bc:13:eb:e5:f0:1b:7b:88:c6: e2:8b:6e:3c:b4:49:f9:52:c0:16:83:7d:a4:84:9e: bb:11:74:35:62:79:4f:4f:3f:dc:42:c3:ec:2d:27: 29:6f:7c:89:c1:f1:74:23:42:65:c5:ea:9a:02:a9: fa:83:af:33:05:64:3d:cb:02:ef:0b:9f:d7:6a:7b: 19:32:21:ed:c0:74:95:32:3a:41:3c:39:22:ad:00: 97:09:db:6a:ad:dd:90:d7:89:26:d3:84:a4:d0:ab: 83:0b:23:79:db:c7:14:35:89:1b:b7:45:f4:a3:c9: 37:76:b7:e2:96:28:50:33:62:da:7d:b5:41:aa:1b: 12:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:AC:89:19:5D:40:85:D8:53:FF:68:E6:BE:BA:37:7F:5B:D9:26:2A X509v3 Authority Key Identifier: keyid:36:FE:3A:91:26:3E:2E:83:19:C2:A6:78:E6:29:85:1D:09:E7:7F:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/YayJGV1AhdhT_2jmvro3f1vZJio.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/Nv46kSY-LoMZwqZ45imFHQnnfw0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.38.224.0/22 185.228.140.0/22 IPv6: 2a00:fb20::/32 Signature Algorithm: sha256WithRSAEncryption 66:a1:e3:e2:5b:eb:6b:a4:3e:02:6c:6e:b3:32:e8:74:90:6a: 2e:ee:9d:c2:a4:58:06:c6:b0:1d:f8:2c:59:07:96:57:bf:6a: 98:2f:07:aa:5e:fc:31:02:01:63:8f:b5:0e:47:29:8e:f9:df: b6:6d:5b:da:89:71:9d:f8:30:4f:ee:3d:5c:22:e6:ce:37:5c: 01:c8:2a:bd:40:07:e3:2e:55:6e:ae:7c:8f:a7:22:90:99:ec: 4c:ad:56:30:fc:ba:3e:9a:2f:46:b2:43:03:96:bb:58:92:05: 2d:4c:c7:89:37:62:79:48:cf:b0:e7:f9:52:f4:e8:56:ca:44: 19:c8:3e:2b:d1:1e:db:db:f5:5d:3c:18:2f:6b:06:d0:39:7d: 4c:be:3e:b5:97:2d:01:fb:0b:32:41:6d:33:ca:a9:8a:b3:75: 0b:f1:78:19:d0:40:ec:a0:3c:b1:38:25:8c:1d:43:d6:2a:76: e6:a9:ae:ec:b3:6b:3b:67:aa:c8:24:48:71:fb:47:97:8f:43: 87:42:98:7b:ab:ef:a7:74:65:7d:e2:19:90:f3:af:55:35:59: 87:d5:b8:b1:cc:58:e3:ca:14:94:98:bd:32:c5:cd:54:08:3f: 57:87:84:07:61:ae:52:ea:33:45:18:8c:d6:af:16:cb:ba:a2: c3:b8:e7:b3 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt566sspagrEu+mlmGAvzQoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2ZmUzYTkxMjYzZTJlODMxOWMyYTY3OGU2Mjk4NTFkMDll NzdmMGQwHhcNMjYwMTAxMTQxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MWFjODkxOTVkNDA4NWQ4NTNmZjY4ZTZiZWJhMzc3ZjViZDkyNjJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn4SATL1vXUhMKpaYuiExSyWu4PO lXG+CWjkAwbTPqEM0UU5gJ7FoQHdbfK4g14Az/Prc0kVZ9vSfrQOU3GOoMRSZ/E6 8vQXFt6siXI4Y+qiZNLLkZOMqk41FaGQLVFhEPcOJzsZadEBcj+WpFGeDbTnxFFn dwGS8cdaAm68E+vl8Bt7iMbii248tEn5UsAWg32khJ67EXQ1YnlPTz/cQsPsLScp b3yJwfF0I0JlxeqaAqn6g68zBWQ9ywLvC5/XansZMiHtwHSVMjpBPDkirQCXCdtq rd2Q14km04Sk0KuDCyN528cUNYkbt0X0o8k3drfilihQM2LafbVBqhsSEwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFGGsiRldQIXYU/9o5r66N39b2SYqMB8GA1UdIwQY MBaAFDb+OpEmPi6DGcKmeOYphR0J538NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnY0NmtTWS1Mb01ad3FaNDVpbUZIUW5uZncwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lOTZlZjQtNGY0NS00N2MwLWJlYmYt ZmEzZTA5MDFmMjQwLzEvWWF5SkdWMUFoZGhUXzJqbXZybzNmMXZaSmlvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS9lOTZlZjQtNGY0NS00N2MwLWJlYmYtZmEzZTA5MDFmMjQw LzEvTnY0NmtTWS1Mb01ad3FaNDVpbUZIUW5uZncwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSbgAwQC ueSMMA0EAgACMAcDBQAqAPsgMA0GCSqGSIb3DQEBCwUAA4IBAQBmoePiW+trpD4C bG6zMuh0kGou7p3CpFgGxrAd+CxZB5ZXv2qYLweqXvwxAgFjj7UORymO+d+2bVva iXGd+DBP7j1cIubON1wByCq9QAfjLlVurnyPpyKQmexMrVYw/Lo+mi9GskMDlrtY kgUtTMeJN2J5SM+w5/lS9OhWykQZyD4r0R7b2/VdPBgvawbQOX1Mvj61ly0B+wsy QW0zyqmKs3UL8XgZ0EDsoDyxOCWMHUPWKnbmqa7ss2s7Z6rIJEhx+0eXj0OHQph7 q++ndGV94hmQ869VNVmH1bixzFjjyhSUmL0yxc1UCD9Xh4QHYa5S6jNFGIzWrxbL uqLDuOez -----END CERTIFICATE-----Generated at Mon Jan 26 04:38:43 2026 by rpki-client