This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YXqFBM3Wgxl248Uckf87jL9-Y10.roa File: YXqFBM3Wgxl248Uckf87jL9-Y10.roa (raw, json) Hash identifier: R/aH1v+NPoF+QYmVFlQRN2Ii0gntVyI3TwXZnW5icOc= Subject key identifier: 61:7A:85:04:CD:D6:83:19:76:E3:C5:1C:91:FF:3B:8C:BF:7E:63:5D Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75 Certificate serial: 019B76EB0B57FF2BE617A9CF37FD9AB042D4 Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YXqFBM3Wgxl248Uckf87jL9-Y10.roa Signing time: Thu 01 Jan 2026 00:17:53 +0000 ROA not before: Thu 01 Jan 2026 00:17:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59631 IP address blocks: 176.121.64.0/21 maxlen: 24 185.83.104.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:0b:57:ff:2b:e6:17:a9:cf:37:fd:9a:b0:42:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75 Validity Not Before: Jan 1 00:17:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=617a8504cdd6831976e3c51c91ff3b8cbf7e635d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:6c:54:4d:ef:dd:c3:bb:05:b8:b8:01:93:ac: f3:af:e9:7c:2d:ca:41:ba:1f:7c:58:37:32:59:2c: cf:74:2c:d6:62:24:e4:a0:fc:dc:74:9e:d1:72:6b: 4c:9d:68:ef:d8:4a:90:19:f5:b7:3f:ae:bf:0f:24: fe:ca:e2:1e:34:70:b1:17:d9:6e:09:c3:da:b5:6e: 99:b7:3a:65:08:be:61:c2:c2:ba:75:4c:28:5e:e1: 52:c4:d0:d6:93:8d:d9:58:8f:8b:f5:10:6b:87:ce: 46:04:26:aa:d7:aa:3f:49:97:9e:ce:cb:cc:fe:ea: 16:be:09:7c:27:f7:2e:15:9f:6a:82:d7:be:08:4e: 38:7a:f6:d6:b8:c9:5f:da:8b:2f:41:fd:01:75:43: dc:ea:29:6c:8a:e1:d3:0f:e9:64:08:77:3c:d4:90: 5a:7f:9c:21:54:7e:31:3d:99:ae:71:10:ac:e7:e3: 75:36:36:13:02:f6:06:a2:15:16:5c:cd:76:6f:c4: 27:72:f7:90:ec:53:37:61:be:a5:2f:44:ca:30:92: ab:dc:29:5b:48:e2:3e:38:8b:9b:01:b5:2b:60:8f: 27:cb:f1:40:fd:0a:42:03:c4:9d:b1:dc:79:e4:24: 08:10:f5:f0:48:0d:28:14:8b:02:61:84:d3:80:87: f7:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:7A:85:04:CD:D6:83:19:76:E3:C5:1C:91:FF:3B:8C:BF:7E:63:5D X509v3 Authority Key Identifier: keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/YXqFBM3Wgxl248Uckf87jL9-Y10.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.121.64.0/21 185.83.104.0/22 Signature Algorithm: sha256WithRSAEncryption bb:38:af:c8:16:8a:54:b3:42:12:2f:9c:da:d9:20:46:e6:4e: b1:c6:24:5a:3d:ff:cd:a3:da:7e:e4:cf:34:55:fe:30:cf:70: 95:92:56:30:a5:14:a3:61:16:49:1a:10:ec:a9:f8:db:2a:b2: 94:14:85:38:7a:8e:b0:f4:a2:6a:72:77:2b:01:44:ab:8b:45: 24:b3:84:a8:f0:59:cb:a1:9b:f6:fb:2f:15:b6:d9:b8:51:54: 37:bc:bc:22:e2:3d:d3:fc:46:1a:a4:69:2a:03:25:8c:6d:a0: 09:f9:98:57:a5:57:9c:12:bd:d7:f9:f7:7e:55:54:f6:88:e8: 7c:47:75:d2:b2:ad:c3:64:69:a0:c7:a9:a8:5c:3a:e8:53:2c: fb:e9:40:b3:18:f5:f0:a5:29:51:ec:6c:45:73:b8:80:b1:b9: e5:3f:77:35:95:85:6a:df:85:d4:f5:da:eb:f4:0f:4e:2b:cf: b0:a9:21:22:04:06:58:02:ec:4e:c6:45:68:e2:a0:e2:87:84: 69:9e:1b:62:f6:58:6e:5f:9d:ba:39:c1:5c:fa:56:74:c3:ff: f1:ea:dd:32:89:92:b0:ee:9d:3f:1d:92:65:f8:fb:82:f4:12: a8:42:a5:4e:b0:af:f6:fd:1f:65:cb:91:49:84:d1:72:cf:be: 14:15:30:b2 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt26wtX/yvmF6nPN/2asELUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4 YjZiNzUwHhcNMjYwMTAxMDAxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MTdhODUwNGNkZDY4MzE5NzZlM2M1MWM5MWZmM2I4Y2JmN2U2MzVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGxUTe/dw7sFuLgBk6zzr+l8LcpB uh98WDcyWSzPdCzWYiTkoPzcdJ7RcmtMnWjv2EqQGfW3P66/DyT+yuIeNHCxF9lu CcPatW6ZtzplCL5hwsK6dUwoXuFSxNDWk43ZWI+L9RBrh85GBCaq16o/SZeezsvM /uoWvgl8J/cuFZ9qgte+CE44evbWuMlf2osvQf0BdUPc6ilsiuHTD+lkCHc81JBa f5whVH4xPZmucRCs5+N1NjYTAvYGohUWXM12b8QncveQ7FM3Yb6lL0TKMJKr3Clb SOI+OIubAbUrYI8ny/FA/QpCA8Sdsdx55CQIEPXwSA0oFIsCYYTTgIf3KwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGF6hQTN1oMZduPFHJH/O4y/fmNdMB8GA1UdIwQY MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt Yzc5MTRhYjY0MjczLzEvWVhxRkJNM1dneGwyNDhVY2tmODdqTDktWTEwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsHlAAwQC uVNoMA0GCSqGSIb3DQEBCwUAA4IBAQC7OK/IFopUs0ISL5za2SBG5k6xxiRaPf/N o9p+5M80Vf4wz3CVklYwpRSjYRZJGhDsqfjbKrKUFIU4eo6w9KJqcncrAUSri0Uk s4So8FnLoZv2+y8Vttm4UVQ3vLwi4j3T/EYapGkqAyWMbaAJ+ZhXpVecEr3X+fd+ VVT2iOh8R3XSsq3DZGmgx6moXDroUyz76UCzGPXwpSlR7GxFc7iAsbnlP3c1lYVq 34XU9drr9A9OK8+wqSEiBAZYAuxOxkVo4qDih4Rpnhti9lhuX526OcFc+lZ0w//x 6t0yiZKw7p0/HZJl+PuC9BKoQqVOsK/2/R9ly5FJhNFyz74UFTCy -----END CERTIFICATE-----Generated at Sun Jan 25 16:28:31 2026 by rpki-client