This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/14f2c5-46fe-4670-9dd6-21c58470b8d2/1/2YFl1nz6ibOdUXICM8EmCPLdQEU.roa File: 2YFl1nz6ibOdUXICM8EmCPLdQEU.roa (raw, json) Hash identifier: e6z98KANzMTmyp6yuocLyiolXniFv4kx3RLaW4TSkDA= Subject key identifier: D9:81:65:D6:7C:FA:89:B3:9D:51:72:02:33:C1:26:08:F2:DD:40:45 Certificate issuer: /CN=e1e8b7cab521e88e8022a36424544185538a7b33 Certificate serial: 019B797EF253BE9E167C0E4F8CD0D425A845 Authority key identifier: E1:E8:B7:CA:B5:21:E8:8E:80:22:A3:64:24:54:41:85:53:8A:7B:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ei3yrUh6I6AIqNkJFRBhVOKezM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/14f2c5-46fe-4670-9dd6-21c58470b8d2/1/2YFl1nz6ibOdUXICM8EmCPLdQEU.roa Signing time: Thu 01 Jan 2026 12:18:41 +0000 ROA not before: Thu 01 Jan 2026 12:18:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44947 IP address blocks: 185.154.190.0/24 maxlen: 24 2a13:1640::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/14f2c5-46fe-4670-9dd6-21c58470b8d2/1/4ei3yrUh6I6AIqNkJFRBhVOKezM.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/14f2c5-46fe-4670-9dd6-21c58470b8d2/1/4ei3yrUh6I6AIqNkJFRBhVOKezM.mft rsync://rpki.ripe.net/repository/DEFAULT/4ei3yrUh6I6AIqNkJFRBhVOKezM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:f2:53:be:9e:16:7c:0e:4f:8c:d0:d4:25:a8:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e1e8b7cab521e88e8022a36424544185538a7b33 Validity Not Before: Jan 1 12:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d98165d67cfa89b39d51720233c12608f2dd4045 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:22:fb:e3:78:8f:cc:97:88:50:ae:1c:9d:41: 85:3f:2b:69:2d:a7:fa:39:79:74:dd:50:9b:ea:fc: 02:9c:4d:8f:a3:26:b9:48:9d:2f:91:07:04:4c:ed: c4:84:08:01:86:35:1c:d6:30:bf:03:05:3d:f0:d3: 84:59:8d:f5:03:00:43:1f:e6:f6:8f:a9:6f:ae:1a: 80:67:04:76:20:fa:ba:92:52:7f:83:56:b0:e6:83: d9:1d:dc:c2:fa:6d:a7:63:ff:d4:b1:0d:c5:59:ef: 7f:18:cf:19:89:cb:35:24:5a:68:c1:fe:d8:0e:ce: f8:7e:5e:e6:e2:09:df:5e:5b:5e:29:5a:0c:dd:05: 91:e8:0b:cd:87:df:db:66:ea:7a:8c:46:1c:5f:8e: c2:3a:53:1b:1d:39:54:42:49:ba:96:9d:75:8d:47: bc:0e:de:99:b8:be:94:df:ba:22:f1:49:8e:cd:3b: cb:31:8b:63:e7:96:6c:0e:23:1e:8e:be:ea:0b:5c: 6f:4a:89:a5:62:2d:d5:fb:ca:e4:4c:c0:f2:27:90: 9c:71:75:0d:ee:4e:60:7e:67:d9:59:f6:37:cf:c3: 38:ad:c4:c9:73:45:64:34:55:d0:54:b0:f0:7f:22: fe:96:fb:5f:7b:6c:b1:46:f4:72:70:f5:86:ff:2d: d6:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:81:65:D6:7C:FA:89:B3:9D:51:72:02:33:C1:26:08:F2:DD:40:45 X509v3 Authority Key Identifier: keyid:E1:E8:B7:CA:B5:21:E8:8E:80:22:A3:64:24:54:41:85:53:8A:7B:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ei3yrUh6I6AIqNkJFRBhVOKezM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/14f2c5-46fe-4670-9dd6-21c58470b8d2/1/2YFl1nz6ibOdUXICM8EmCPLdQEU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/14f2c5-46fe-4670-9dd6-21c58470b8d2/1/4ei3yrUh6I6AIqNkJFRBhVOKezM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.154.190.0/24 IPv6: 2a13:1640::/29 Signature Algorithm: sha256WithRSAEncryption 27:df:c8:ba:88:1c:63:b0:b2:cb:47:15:d8:2a:c5:e2:3d:83: 58:b3:1d:2f:e5:dc:88:ed:d4:3a:55:89:90:2d:5a:57:38:42: 9d:cb:6c:f7:94:91:a7:e2:1c:13:e0:8c:cd:18:ac:f5:71:3c: bf:df:b0:ef:13:30:a1:57:dd:3c:d0:90:4a:c6:58:74:d0:50: 90:77:87:59:8e:8b:9e:b6:5c:ad:a5:eb:a2:8c:ac:c1:d2:dd: 9c:68:c5:72:c9:c9:4d:ec:e8:2d:05:cb:34:07:8f:ae:d3:e7: 0b:af:44:5c:ea:dc:b6:b6:18:68:e3:3a:9b:5d:ab:a6:27:3f: e2:5c:63:a0:eb:c6:33:b2:cf:29:99:88:7e:81:39:40:dd:c9: 08:f1:71:f5:63:2b:f9:30:29:2c:33:38:2a:49:0d:95:1a:90: 60:a2:de:d5:f3:ae:8a:e8:29:c6:03:d4:8e:a6:f7:da:ae:3e: e6:dc:84:f3:a7:52:be:cf:9d:3b:32:d4:08:24:30:dc:36:4b: 1a:9a:38:30:c2:db:10:d6:d7:59:89:a8:f8:ee:05:6d:f9:94: cd:03:1c:54:2d:9f:59:4e:0a:20:69:14:23:8a:ed:eb:aa:78: ef:34:a1:2b:08:89:2f:c5:07:5d:65:e3:09:c3:27:34:76:ec: 18:cc:b3:7d -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5fvJTvp4WfA5PjNDUJahFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUxZThiN2NhYjUyMWU4OGU4MDIyYTM2NDI0NTQ0MTg1NTM4 YTdiMzMwHhcNMjYwMTAxMTIxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTgxNjVkNjdjZmE4OWIzOWQ1MTcyMDIzM2MxMjYwOGYyZGQ0MDQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyL743iPzJeIUK4cnUGFPytpLaf6 OXl03VCb6vwCnE2Poya5SJ0vkQcETO3EhAgBhjUc1jC/AwU98NOEWY31AwBDH+b2 j6lvrhqAZwR2IPq6klJ/g1aw5oPZHdzC+m2nY//UsQ3FWe9/GM8Zics1JFpowf7Y Ds74fl7m4gnfXlteKVoM3QWR6AvNh9/bZup6jEYcX47COlMbHTlUQkm6lp11jUe8 Dt6ZuL6U37oi8UmOzTvLMYtj55ZsDiMejr7qC1xvSomlYi3V+8rkTMDyJ5CccXUN 7k5gfmfZWfY3z8M4rcTJc0VkNFXQVLDwfyL+lvtfe2yxRvRycPWG/y3WHwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFNmBZdZ8+omznVFyAjPBJgjy3UBFMB8GA1UdIwQY MBaAFOHot8q1IeiOgCKjZCRUQYVTinszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNGVpM3lyVWg2STZBSXFOa0pGUkJoVk9LZXpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8xNGYyYzUtNDZmZS00NjcwLTlkZDYt MjFjNTg0NzBiOGQyLzEvMllGbDFuejZpYk9kVVhJQ004RW1DUExkUUVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC8xNGYyYzUtNDZmZS00NjcwLTlkZDYtMjFjNTg0NzBiOGQy LzEvNGVpM3lyVWg2STZBSXFOa0pGUkJoVk9LZXpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZq+MA0E AgACMAcDBQMqExZAMA0GCSqGSIb3DQEBCwUAA4IBAQAn38i6iBxjsLLLRxXYKsXi PYNYsx0v5dyI7dQ6VYmQLVpXOEKdy2z3lJGn4hwT4IzNGKz1cTy/37DvEzChV908 0JBKxlh00FCQd4dZjouetlytpeuijKzB0t2caMVyyclN7OgtBcs0B4+u0+cLr0Rc 6ty2thho4zqbXaumJz/iXGOg68Yzss8pmYh+gTlA3ckI8XH1Yyv5MCksMzgqSQ2V GpBgot7V866K6CnGA9SOpvfarj7m3ITzp1K+z507MtQIJDDcNksamjgwwtsQ1tdZ iaj47gVt+ZTNAxxULZ9ZTgogaRQjiu3rqnjvNKErCIkvxQddZeMJwyc0duwYzLN9 -----END CERTIFICATE-----Generated at Sun Jan 25 18:20:36 2026 by rpki-client