This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/yfk1E30luISg0XzXUtlJ2MNM9eM.roa File: yfk1E30luISg0XzXUtlJ2MNM9eM.roa (raw, json) Hash identifier: WxN+8AXOM93AE57ePd+WfH578Dm9CftwqJPfTKxDhLE= Subject key identifier: C9:F9:35:13:7D:25:B8:84:A0:D1:7C:D7:52:D9:49:D8:C3:4C:F5:E3 Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a Certificate serial: 019B7FF26F48601D81325FC2F4C2AB6DC338 Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/yfk1E30luISg0XzXUtlJ2MNM9eM.roa Signing time: Fri 02 Jan 2026 18:22:33 +0000 ROA not before: Fri 02 Jan 2026 18:22:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34376 IP address blocks: 82.119.93.0/24 maxlen: 24 85.14.31.0/24 maxlen: 24 85.14.32.0/22 maxlen: 22 85.14.32.0/24 maxlen: 24 85.14.33.0/24 maxlen: 24 85.14.34.0/24 maxlen: 24 85.14.35.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.mft rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:6f:48:60:1d:81:32:5f:c2:f4:c2:ab:6d:c3:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a Validity Not Before: Jan 2 18:22:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9f935137d25b884a0d17cd752d949d8c34cf5e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:15:b1:5c:83:88:72:d5:1a:da:d4:71:57:39: ff:36:b7:5b:11:b8:68:30:90:57:a2:29:2e:51:74: a3:ba:eb:dc:07:24:42:7b:ce:9a:43:e1:6c:3b:f3: c8:0e:d9:35:13:20:ee:19:4a:fe:0e:d0:33:6e:9c: 5c:42:da:f5:d4:2d:3e:a1:bb:ed:69:ef:9c:f6:e7: 4c:85:de:98:4a:71:c7:ae:c4:c2:01:67:4b:1c:0d: 60:cd:41:d2:57:9c:76:3c:28:a6:b2:1e:62:04:03: 29:a8:ff:92:5a:ea:70:d0:9a:3e:98:db:da:ad:8d: b8:45:b5:14:24:50:e1:86:6b:2b:f2:72:7a:8b:06: 26:dd:09:77:5c:8e:93:a4:f0:b6:c3:cf:81:77:21: 4b:00:9e:52:a2:67:c6:cf:67:5b:23:9f:66:9c:90: cd:38:8f:23:63:60:5b:e0:9b:62:06:16:25:f1:09: e6:29:66:8e:c6:28:42:14:c2:09:cb:6d:ed:d4:79: 44:a2:1d:8d:6e:e7:a5:07:52:d2:90:f9:54:d5:95: 1e:16:96:dd:4e:7e:06:15:55:d9:eb:13:a3:31:9f: b8:c2:35:39:0f:b1:d4:a9:25:8f:4d:f4:c4:39:e1: 3e:d9:29:d4:92:cf:b1:08:20:12:86:4c:fb:f8:bb: 97:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:F9:35:13:7D:25:B8:84:A0:D1:7C:D7:52:D9:49:D8:C3:4C:F5:E3 X509v3 Authority Key Identifier: keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/yfk1E30luISg0XzXUtlJ2MNM9eM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.119.93.0/24 85.14.31.0-85.14.35.255 Signature Algorithm: sha256WithRSAEncryption 92:04:ce:b1:ff:37:a3:d8:f4:55:f1:23:22:a9:d2:16:5d:28: 18:80:82:80:a2:6c:28:b1:3a:ea:74:a6:01:78:fc:9f:5f:fc: 93:e3:6a:5a:21:40:7a:db:30:fe:96:7d:3d:f7:db:b2:60:ca: 25:6d:0a:f1:b9:32:8e:79:65:24:04:35:87:64:13:51:53:cb: 65:5b:ea:f3:f6:47:e9:02:a6:09:08:71:7e:39:d2:d6:0d:14: 5e:6d:f7:c9:43:3d:bc:f5:cb:a7:40:00:a4:b6:31:f2:0d:d1: 9a:ac:94:85:4e:c8:28:74:3c:a1:9f:bd:ed:5f:65:af:a1:cb: f2:32:0a:f8:b7:2e:a4:36:86:0e:58:f6:73:1b:60:16:27:92: 19:05:b2:52:97:5d:10:96:59:55:b3:fb:68:1a:ff:aa:3f:6c: d7:b0:3b:8f:a9:85:79:a9:d6:d0:5b:31:4f:0b:c7:78:21:d0: 61:d5:1c:31:55:65:ac:3d:ca:a5:19:dd:71:fa:4c:64:e8:03: 3b:f5:f6:c7:23:c6:aa:cd:9f:8d:65:81:9e:b7:37:fb:3f:47: 75:e2:f3:d0:6f:f6:db:26:1c:af:6d:00:4f:81:ab:84:96:6a: a9:4e:2a:7a:2d:dd:cb:d5:b2:0f:df:dc:8c:5f:1d:fe:32:a0: bb:72:1d:96 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt/8m9IYB2BMl/C9MKrbcM4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj M2YwMGEwHhcNMjYwMTAyMTgyMjMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOWY5MzUxMzdkMjViODg0YTBkMTdjZDc1MmQ5NDlkOGMzNGNmNWUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hWxXIOIctUa2tRxVzn/NrdbEbho MJBXoikuUXSjuuvcByRCe86aQ+FsO/PIDtk1EyDuGUr+DtAzbpxcQtr11C0+obvt ae+c9udMhd6YSnHHrsTCAWdLHA1gzUHSV5x2PCimsh5iBAMpqP+SWupw0Jo+mNva rY24RbUUJFDhhmsr8nJ6iwYm3Ql3XI6TpPC2w8+BdyFLAJ5SomfGz2dbI59mnJDN OI8jY2Bb4JtiBhYl8QnmKWaOxihCFMIJy23t1HlEoh2NbuelB1LSkPlU1ZUeFpbd Tn4GFVXZ6xOjMZ+4wjU5D7HUqSWPTfTEOeE+2SnUks+xCCAShkz7+LuX4QIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFMn5NRN9JbiEoNF811LZSdjDTPXjMB8GA1UdIwQY MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt YjI3ZDZlMjc4ZTE4LzEveWZrMUUzMGx1SVNnMFh6WFV0bEoyTU5NOWVNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4 LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAUnddMAwD BABVDh8DBAJVDiAwDQYJKoZIhvcNAQELBQADggEBAJIEzrH/N6PY9FXxIyKp0hZd KBiAgoCibCixOup0pgF4/J9f/JPjalohQHrbMP6WfT3327JgyiVtCvG5Mo55ZSQE NYdkE1FTy2Vb6vP2R+kCpgkIcX450tYNFF5t98lDPbz1y6dAAKS2MfIN0ZqslIVO yCh0PKGfve1fZa+hy/IyCvi3LqQ2hg5Y9nMbYBYnkhkFslKXXRCWWVWz+2ga/6o/ bNewO4+phXmp1tBbMU8Lx3gh0GHVHDFVZaw9yqUZ3XH6TGToAzv19scjxqrNn41l gZ63N/s/R3Xi89Bv9tsmHK9tAE+Bq4SWaqlOKnot3cvVsg/f3IxfHf4yoLtyHZY= -----END CERTIFICATE-----Generated at Sun Jan 25 23:16:32 2026 by rpki-client