This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/YyS0FsjSPcRe5OVpS-bddQflhs0.roa File: YyS0FsjSPcRe5OVpS-bddQflhs0.roa (raw, json) Hash identifier: BHCA82IrgZgjYdpNT21uf8Z5RHz1RwAUgryBUXbtYGs= Subject key identifier: 63:24:B4:16:C8:D2:3D:C4:5E:E4:E5:69:4B:E6:DD:75:07:E5:86:CD Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17 Certificate serial: 019B7F839E62D7843D1A09174814883E7015 Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/YyS0FsjSPcRe5OVpS-bddQflhs0.roa Signing time: Fri 02 Jan 2026 16:21:30 +0000 ROA not before: Fri 02 Jan 2026 16:21:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212238 IP address blocks: 2a10:aa40::/32 maxlen: 32 2a10:aa41::/32 maxlen: 32 2a10:aa42::/32 maxlen: 32 2a10:aa43::/32 maxlen: 32 2a10:aa44::/32 maxlen: 32 2a10:aa45::/32 maxlen: 32 2a10:aa46::/32 maxlen: 32 2a10:aa47::/32 maxlen: 32 2a13:b440::/32 maxlen: 32 2a13:b441::/32 maxlen: 32 2a13:b442::/32 maxlen: 32 2a13:b443::/32 maxlen: 32 2a13:b444::/32 maxlen: 32 2a13:b445::/32 maxlen: 32 2a13:b446::/32 maxlen: 32 2a13:b447::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.mft rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:9e:62:d7:84:3d:1a:09:17:48:14:88:3e:70:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17 Validity Not Before: Jan 2 16:21:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6324b416c8d23dc45ee4e5694be6dd7507e586cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:da:5d:74:e2:8e:6f:92:b0:11:04:c2:b2:c5: b2:2e:80:cf:3d:20:28:b9:c5:d6:2f:55:7a:88:f1: c7:87:fb:a0:af:ed:0c:8f:79:7e:89:ff:0a:7d:fb: 00:94:ed:5b:a2:5d:05:0c:1e:1b:23:b1:25:7e:2c: 30:21:e2:0c:8a:ae:66:3d:ea:c2:a7:5b:1e:b9:72: 2b:0f:c3:3b:b0:fe:11:18:1b:81:a3:e0:c8:ce:d0: b4:c7:2b:62:34:ed:68:a4:be:aa:28:41:3f:d6:78: bd:58:0d:d0:72:f7:01:cd:8e:fc:01:2a:24:36:04: 2b:31:a7:bf:8a:83:f9:43:38:3e:26:c5:67:26:38: 1b:3b:5c:ef:39:84:43:ee:94:ed:8c:7f:62:39:85: 0d:e3:58:47:f6:5c:b5:d6:f1:18:b2:d4:52:ac:ce: 60:cf:5b:2a:73:7d:57:2a:f4:3b:e2:93:68:22:c9: f6:f2:c9:85:1b:06:16:74:10:8f:98:01:0c:b8:9d: 38:ba:9a:59:fd:47:fa:17:3d:b7:9b:01:63:42:a2: 31:0c:4c:65:93:cf:64:1e:b8:2f:cc:bb:35:14:a5: 67:8c:ce:35:6b:1e:4f:15:53:31:17:63:6f:75:14: 37:72:fb:8c:87:60:00:8d:73:06:fc:36:80:19:1a: 28:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:24:B4:16:C8:D2:3D:C4:5E:E4:E5:69:4B:E6:DD:75:07:E5:86:CD X509v3 Authority Key Identifier: keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/YyS0FsjSPcRe5OVpS-bddQflhs0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:aa40::/29 2a13:b440::/29 Signature Algorithm: sha256WithRSAEncryption 6c:51:de:3e:f6:d2:33:68:36:5c:55:b3:ba:05:97:b1:8d:fb: 16:30:d6:ba:60:52:3b:36:78:c6:f9:4f:56:87:6d:eb:6f:ad: 98:78:6b:04:29:b2:f5:64:4f:a4:5e:c7:4d:5f:8f:5c:90:18: 8b:0e:46:79:35:70:a1:64:8a:8d:05:68:2c:ff:9b:22:dd:87: 0b:08:d6:76:bb:f3:a5:9a:63:91:9e:82:e2:82:31:c6:a7:01: 80:c9:09:91:27:8a:46:f0:ba:eb:2b:a2:77:ba:21:ca:b2:66: d4:8e:dd:a7:be:4d:7a:cb:c4:ac:1a:25:e4:bc:c9:22:c6:ef: 1d:74:22:ef:ab:6e:81:ef:7b:fe:c6:21:77:58:c7:a1:0e:39: 20:08:d0:eb:a5:e0:7b:aa:46:31:ca:20:aa:0d:ad:55:b9:29: ec:e1:53:1a:42:23:c5:0b:98:69:1e:4f:33:bf:99:9e:7f:02: a6:e9:7d:85:22:83:d8:7f:6d:a8:07:bd:48:44:f2:29:00:f1: 74:9a:36:be:84:2c:70:e0:5b:fe:cd:7f:25:ee:6a:16:39:21: bb:89:54:5d:41:79:f3:81:bf:82:df:c4:39:cb:94:bf:62:d0: 7a:18:10:bb:ef:a4:b2:28:70:2b:0d:6d:50:52:72:ed:f9:ae: e2:13:19:af -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt/g55i14Q9GgkXSBSIPnAVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx ZTZiMTcwHhcNMjYwMTAyMTYyMTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MzI0YjQxNmM4ZDIzZGM0NWVlNGU1Njk0YmU2ZGQ3NTA3ZTU4NmNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dpddOKOb5KwEQTCssWyLoDPPSAo ucXWL1V6iPHHh/ugr+0Mj3l+if8KffsAlO1bol0FDB4bI7ElfiwwIeIMiq5mPerC p1seuXIrD8M7sP4RGBuBo+DIztC0xytiNO1opL6qKEE/1ni9WA3QcvcBzY78ASok NgQrMae/ioP5Qzg+JsVnJjgbO1zvOYRD7pTtjH9iOYUN41hH9ly11vEYstRSrM5g z1sqc31XKvQ74pNoIsn28smFGwYWdBCPmAEMuJ04uppZ/Uf6Fz23mwFjQqIxDExl k89kHrgvzLs1FKVnjM41ax5PFVMxF2NvdRQ3cvuMh2AAjXMG/DaAGRootQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFGMktBbI0j3EXuTlaUvm3XUH5YbNMB8GA1UdIwQY MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt OWU4OTVkMGVmOGQyLzEvWXlTMEZzalNQY1JlNU9WcFMtYmRkUWZsaHMwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKhCqQAMF AyoTtEAwDQYJKoZIhvcNAQELBQADggEBAGxR3j720jNoNlxVs7oFl7GN+xYw1rpg Ujs2eMb5T1aHbetvrZh4awQpsvVkT6Rex01fj1yQGIsORnk1cKFkio0FaCz/myLd hwsI1na786WaY5GeguKCMcanAYDJCZEnikbwuusrone6IcqyZtSO3ae+TXrLxKwa JeS8ySLG7x10Iu+rboHve/7GIXdYx6EOOSAI0Oul4HuqRjHKIKoNrVW5KezhUxpC I8ULmGkeTzO/mZ5/AqbpfYUig9h/bagHvUhE8ikA8XSaNr6ELHDgW/7NfyXuahY5 IbuJVF1BefOBv4LfxDnLlL9i0HoYELvvpLIocCsNbVBScu35ruITGa8= -----END CERTIFICATE-----Generated at Sun Jan 25 18:05:48 2026 by rpki-client