This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/yqbwyn5sfCL6hbkLZAJdRWAyPBM.roa File: yqbwyn5sfCL6hbkLZAJdRWAyPBM.roa (raw, json) Hash identifier: ZWKRKB/jnik25oPS/+Y2ymZERk+OEa7DBYYnhwqGBQc= Subject key identifier: CA:A6:F0:CA:7E:6C:7C:22:FA:85:B9:0B:64:02:5D:45:60:32:3C:13 Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31 Certificate serial: 019BACF680198D6D78AB08784ECEB72A83C1 Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/yqbwyn5sfCL6hbkLZAJdRWAyPBM.roa Signing time: Sun 11 Jan 2026 12:09:54 +0000 ROA not before: Sun 11 Jan 2026 12:09:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48732 IP address blocks: 195.200.235.0/24 maxlen: 24 2a11:600:150::/48 maxlen: 48 2a11:600:151::/48 maxlen: 48 2a11:600:c00::/48 maxlen: 48 2a11:601:c000::/36 maxlen: 36 2a11:601:d000::/36 maxlen: 36 2a11:601:f000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 12:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ac:f6:80:19:8d:6d:78:ab:08:78:4e:ce:b7:2a:83:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31 Validity Not Before: Jan 11 12:09:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=caa6f0ca7e6c7c22fa85b90b64025d4560323c13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:99:44:1d:ed:6b:6e:19:b8:d8:45:5a:62:d1: 0a:ca:6c:1b:b0:4b:b8:8f:17:dd:8f:bf:18:a7:91: d4:9f:26:1e:66:20:0c:db:27:12:87:fd:0e:e5:e9: db:37:36:dc:f6:af:e6:16:c2:37:3f:99:57:70:e2: 19:90:8e:27:af:21:18:9a:fd:b8:43:2b:a6:21:69: 90:93:e5:c3:b1:9f:93:64:59:81:89:11:17:e1:0e: 33:77:1a:69:f6:42:e1:55:0c:67:c6:31:43:97:3a: b6:55:0b:9e:37:56:86:e1:0f:98:6e:51:77:f6:99: 17:5f:2a:ab:63:a2:d1:c6:7e:3c:59:77:ce:8a:4e: 39:bf:6c:28:54:da:33:b5:8f:99:cf:a0:44:19:e8: cc:67:9b:7d:de:05:5a:67:8a:b1:b5:c4:e0:91:48: c6:ac:55:b3:0c:bf:4f:d6:9b:72:02:c6:87:75:1b: bc:73:83:4c:63:92:a6:e1:f6:5c:93:07:6d:44:12: 73:2a:5c:72:3a:c0:a8:34:f7:8c:34:20:6d:fc:c5: e0:f9:92:44:27:c5:20:a1:69:8d:88:ba:ad:71:9b: a2:0f:c1:5a:2d:c2:b4:8d:fa:0a:c2:33:ed:36:80: 0c:f7:e4:1c:b6:07:5c:ee:98:b3:6c:84:5c:6c:80: aa:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:A6:F0:CA:7E:6C:7C:22:FA:85:B9:0B:64:02:5D:45:60:32:3C:13 X509v3 Authority Key Identifier: keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/yqbwyn5sfCL6hbkLZAJdRWAyPBM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.200.235.0/24 IPv6: 2a11:600:150::/47 2a11:600:c00::/48 2a11:601:c000::/35 2a11:601:f000::/36 Signature Algorithm: sha256WithRSAEncryption 6d:06:dc:81:69:e7:1c:91:10:46:04:bb:08:24:11:6e:ea:ba: f4:6b:81:a2:86:ba:e7:bb:f2:c3:d5:6c:9f:a2:e2:41:99:28: 0e:10:ce:b2:8d:1c:6c:9c:1d:b9:94:05:ce:1b:d7:cb:4d:4e: f7:67:7c:c2:c5:aa:d0:f2:84:52:f7:50:d7:be:41:e3:0c:fc: 4c:c5:2b:05:ce:5a:4d:7c:c4:3e:0e:bd:51:69:52:f0:db:02: 93:44:64:6d:c0:8e:12:81:ba:b1:2a:06:dd:ea:05:38:13:53: 02:b2:67:4c:47:e5:3a:0a:40:ec:3e:70:40:53:35:91:56:2c: 31:d9:fa:73:9f:06:7e:2c:47:69:65:52:14:95:cd:db:83:ef: 62:1a:38:00:bc:da:4a:a1:e7:bb:4d:36:70:5a:70:8d:74:ee: 00:c1:ec:a0:52:34:30:04:7b:84:3c:27:6e:a7:df:d8:6b:c3: e5:49:56:e0:33:dd:65:8c:63:45:61:c7:05:a0:7e:7a:46:26: 56:44:ef:2b:7f:3d:e0:e7:2a:94:f4:13:f2:9e:18:1a:de:19: ce:96:8c:20:c8:13:87:09:39:61:06:14:62:ef:36:ed:9d:d5: 7a:7f:50:69:c1:34:61:d4:27:77:d4:c5:47:12:e3:73:fe:d1: d3:d8:54:ed -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZus9oAZjW14qwh4Ts63KoPBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz NDdiMzEwHhcNMjYwMTExMTIwOTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYWE2ZjBjYTdlNmM3YzIyZmE4NWI5MGI2NDAyNWQ0NTYwMzIzYzEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9plEHe1rbhm42EVaYtEKymwbsEu4 jxfdj78Yp5HUnyYeZiAM2ycSh/0O5enbNzbc9q/mFsI3P5lXcOIZkI4nryEYmv24 QyumIWmQk+XDsZ+TZFmBiREX4Q4zdxpp9kLhVQxnxjFDlzq2VQueN1aG4Q+YblF3 9pkXXyqrY6LRxn48WXfOik45v2woVNoztY+Zz6BEGejMZ5t93gVaZ4qxtcTgkUjG rFWzDL9P1ptyAsaHdRu8c4NMY5Km4fZckwdtRBJzKlxyOsCoNPeMNCBt/MXg+ZJE J8UgoWmNiLqtcZuiD8FaLcK0jfoKwjPtNoAM9+Qctgdc7pizbIRcbICqdQIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFMqm8Mp+bHwi+oW5C2QCXUVgMjwTMB8GA1UdIwQY MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt YjY0ZWI4ZDgzNjU4LzEveXFid3luNXNmQ0w2aGJrTFpBSmRSV0F5UEJNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4 LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAMBAIAATAGAwQAw8jrMCgE AgACMCIDBwEqEQYAAVADBwAqEQYADAADBgUqEQYBwAMGBCoRBgHwMA0GCSqGSIb3 DQEBCwUAA4IBAQBtBtyBaecckRBGBLsIJBFu6rr0a4Gihrrnu/LD1WyfouJBmSgO EM6yjRxsnB25lAXOG9fLTU73Z3zCxarQ8oRS91DXvkHjDPxMxSsFzlpNfMQ+Dr1R aVLw2wKTRGRtwI4SgbqxKgbd6gU4E1MCsmdMR+U6CkDsPnBAUzWRViwx2fpznwZ+ LEdpZVIUlc3bg+9iGjgAvNpKoee7TTZwWnCNdO4AweygUjQwBHuEPCdup9/Ya8Pl SVbgM91ljGNFYccFoH56RiZWRO8rfz3g5yqU9BPynhga3hnOlowgyBOHCTlhBhRi 7zbtndV6f1BpwTRh1Cd31MVHEuNz/tHT2FTt -----END CERTIFICATE-----Generated at Mon Jan 26 19:34:33 2026 by rpki-client