This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/YzrXnq3vRorLDkTNpUF7ED1XPXE.roa File: YzrXnq3vRorLDkTNpUF7ED1XPXE.roa (raw, json) Hash identifier: akkM/3QksJnCzoJ9FHhEn+9ohX+WOVP8QHjLBNNOvGc= Subject key identifier: 63:3A:D7:9E:AD:EF:46:8A:CB:0E:44:CD:A5:41:7B:10:3D:57:3D:71 Certificate issuer: /CN=e88c04771e2bfac8f60f1b4c9cbd093aafea974e Certificate serial: 019B7FF1DC73F1938894D2B8BB7AB0CE4234 Authority key identifier: E8:8C:04:77:1E:2B:FA:C8:F6:0F:1B:4C:9C:BD:09:3A:AF:EA:97:4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/YzrXnq3vRorLDkTNpUF7ED1XPXE.roa Signing time: Fri 02 Jan 2026 18:21:55 +0000 ROA not before: Fri 02 Jan 2026 18:21:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202551 IP address blocks: 185.160.208.0/22 maxlen: 22 2a07:c000::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/6IwEdx4r-sj2DxtMnL0JOq_ql04.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/6IwEdx4r-sj2DxtMnL0JOq_ql04.mft rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:dc:73:f1:93:88:94:d2:b8:bb:7a:b0:ce:42:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e88c04771e2bfac8f60f1b4c9cbd093aafea974e Validity Not Before: Jan 2 18:21:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=633ad79eadef468acb0e44cda5417b103d573d71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ea:ff:51:0e:ef:1f:c0:4e:f7:57:b7:4c:e3: ca:20:9a:cd:22:e0:9c:9d:97:5a:f7:72:59:86:d5: cb:9a:49:5d:16:fd:da:49:49:b7:51:0b:de:45:bb: 5e:7c:0d:cd:cf:e0:50:44:53:e7:c6:0b:ce:f7:03: ab:06:d3:bb:95:9f:6a:1b:21:8e:7f:dd:2a:6a:50: cd:ba:a3:19:35:6b:bd:d1:b7:f4:58:f0:39:67:b4: ae:06:d5:e1:9e:5d:1a:66:8a:d9:78:f0:6a:55:64: c5:5f:64:cd:14:c3:cd:eb:de:cd:b1:c4:54:f0:ea: ce:4c:8b:53:ee:63:57:db:0c:84:37:07:1d:1a:84: 7f:9a:83:6b:2f:db:6f:6d:c7:c1:26:ad:8f:25:63: ac:7b:ec:d1:fe:67:d6:5e:39:6b:03:9e:1b:76:1c: 6d:3f:98:86:95:ea:07:96:1d:f1:ba:76:cb:5b:ed: 55:58:3e:be:da:18:b2:67:6a:a2:da:6a:35:9f:a8: b9:35:fc:15:73:7d:20:26:e9:43:90:b6:93:31:f5: 40:38:08:70:23:05:a4:13:c1:96:c6:e1:43:1b:6f: 81:d4:11:ef:ec:35:3a:8c:21:0b:fb:61:68:a7:f7: 9c:db:2b:af:e4:71:e1:9a:43:c4:47:73:3d:04:52: 90:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:3A:D7:9E:AD:EF:46:8A:CB:0E:44:CD:A5:41:7B:10:3D:57:3D:71 X509v3 Authority Key Identifier: keyid:E8:8C:04:77:1E:2B:FA:C8:F6:0F:1B:4C:9C:BD:09:3A:AF:EA:97:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6IwEdx4r-sj2DxtMnL0JOq_ql04.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/YzrXnq3vRorLDkTNpUF7ED1XPXE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/2ae7c3-98a5-4cda-9bae-ba645f19915a/1/6IwEdx4r-sj2DxtMnL0JOq_ql04.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.160.208.0/22 IPv6: 2a07:c000::/29 Signature Algorithm: sha256WithRSAEncryption 92:74:af:84:aa:36:25:79:7b:4d:d7:ad:13:40:57:7d:1a:48: 0e:5d:ea:e8:23:4e:95:20:5f:c3:a3:8b:10:3f:ba:fb:12:9d: 4a:58:da:ab:be:68:af:b5:e0:54:cf:f0:4d:06:88:70:82:8f: 00:9a:5d:b1:32:d3:a9:5f:2f:16:0a:81:42:0c:49:de:60:12: 5f:ed:15:2f:93:bc:52:e9:25:f9:75:94:22:1f:3d:ae:b4:0f: 89:f7:8c:27:65:85:94:7a:5d:ea:db:d0:8d:b4:62:8b:4b:34: 64:93:ca:d4:76:fd:87:06:bd:2b:de:0e:c3:45:70:de:d3:6b: d3:59:ba:40:85:58:ab:17:a7:2e:cd:b4:8d:74:ae:c2:11:77: c0:7a:d0:3c:7b:87:38:10:2d:ed:98:e9:69:6a:6b:a8:16:c7: ac:cc:8a:36:85:80:29:b5:fe:02:53:cd:8e:84:7f:8f:98:cf: 1d:9e:d4:f5:69:1d:5e:06:a3:d0:bc:0c:9e:d2:58:9e:fb:b0: f3:94:6c:a7:73:74:e4:21:7a:e9:44:7a:23:24:9f:3f:22:cd: b6:70:92:87:c9:c7:5f:57:a8:f7:b5:89:fb:4b:27:74:09:9f: b5:a5:f6:27:80:c1:e1:4f:1a:72:d6:81:50:7a:b6:6b:c3:f2: 4d:7c:f4:86 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/8dxz8ZOIlNK4u3qwzkI0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU4OGMwNDc3MWUyYmZhYzhmNjBmMWI0YzljYmQwOTNhYWZl YTk3NGUwHhcNMjYwMTAyMTgyMTU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MzNhZDc5ZWFkZWY0NjhhY2IwZTQ0Y2RhNTQxN2IxMDNkNTczZDcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOr/UQ7vH8BO91e3TOPKIJrNIuCc nZda93JZhtXLmkldFv3aSUm3UQveRbtefA3Nz+BQRFPnxgvO9wOrBtO7lZ9qGyGO f90qalDNuqMZNWu90bf0WPA5Z7SuBtXhnl0aZorZePBqVWTFX2TNFMPN697NscRU 8OrOTItT7mNX2wyENwcdGoR/moNrL9tvbcfBJq2PJWOse+zR/mfWXjlrA54bdhxt P5iGleoHlh3xunbLW+1VWD6+2hiyZ2qi2mo1n6i5NfwVc30gJulDkLaTMfVAOAhw IwWkE8GWxuFDG2+B1BHv7DU6jCEL+2Fop/ec2yuv5HHhmkPER3M9BFKQ4QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFGM6156t70aKyw5EzaVBexA9Vz1xMB8GA1UdIwQY MBaAFOiMBHceK/rI9g8bTJy9CTqv6pdOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNkl3RWR4NHItc2oyRHh0TW5MMEpPcV9xbDA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8yYWU3YzMtOThhNS00Y2RhLTliYWUt YmE2NDVmMTk5MTVhLzEvWXpyWG5xM3ZSb3JMRGtUTnBVRjdFRDFYUFhFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi8yYWU3YzMtOThhNS00Y2RhLTliYWUtYmE2NDVmMTk5MTVh LzEvNkl3RWR4NHItc2oyRHh0TW5MMEpPcV9xbDA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaDQMA0E AgACMAcDBQMqB8AAMA0GCSqGSIb3DQEBCwUAA4IBAQCSdK+EqjYleXtN160TQFd9 GkgOXeroI06VIF/Do4sQP7r7Ep1KWNqrvmivteBUz/BNBohwgo8Aml2xMtOpXy8W CoFCDEneYBJf7RUvk7xS6SX5dZQiHz2utA+J94wnZYWUel3q29CNtGKLSzRkk8rU dv2HBr0r3g7DRXDe02vTWbpAhVirF6cuzbSNdK7CEXfAetA8e4c4EC3tmOlpamuo FseszIo2hYAptf4CU82OhH+PmM8dntT1aR1eBqPQvAye0lie+7DzlGync3TkIXrp RHojJJ8/Is22cJKHycdfV6j3tYn7Syd0CZ+1pfYngMHhTxpy1oFQerZrw/JNfPSG -----END CERTIFICATE-----Generated at Tue Jan 27 01:16:15 2026 by rpki-client