This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/ytyVm3S7Nek5fptdKjR4lszyxVE.roa File: ytyVm3S7Nek5fptdKjR4lszyxVE.roa (raw, json) Hash identifier: fg0+8WvdZTPMhDV0ypT87n2uD/xPs/qDgjBlkh4kxkc= Subject key identifier: CA:DC:95:9B:74:BB:35:E9:39:7E:9B:5D:2A:34:78:96:CC:F2:C5:51 Certificate issuer: /CN=a0606b8aad553f0948c7a894d68671870eb82cb0 Certificate serial: 019B79ED5E1738737739BFD03AD7FD5A4CAF Authority key identifier: A0:60:6B:8A:AD:55:3F:09:48:C7:A8:94:D6:86:71:87:0E:B8:2C:B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oGBriq1VPwlIx6iU1oZxhw64LLA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/ytyVm3S7Nek5fptdKjR4lszyxVE.roa Signing time: Thu 01 Jan 2026 14:19:17 +0000 ROA not before: Thu 01 Jan 2026 14:19:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2200 IP address blocks: 138.102.0.0/16 maxlen: 16 147.99.0.0/16 maxlen: 16 147.100.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/oGBriq1VPwlIx6iU1oZxhw64LLA.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/oGBriq1VPwlIx6iU1oZxhw64LLA.mft rsync://rpki.ripe.net/repository/DEFAULT/oGBriq1VPwlIx6iU1oZxhw64LLA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:5e:17:38:73:77:39:bf:d0:3a:d7:fd:5a:4c:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a0606b8aad553f0948c7a894d68671870eb82cb0 Validity Not Before: Jan 1 14:19:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cadc959b74bb35e9397e9b5d2a347896ccf2c551 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ec:12:c7:44:d1:42:6f:a2:b8:32:f8:64:7a: bf:c8:8a:ca:48:28:60:03:bf:85:cd:78:c8:77:1f: ef:71:45:77:dc:58:6c:b9:b6:20:c8:a3:24:d2:e1: ae:c5:ef:2c:35:d8:6e:dd:a4:b9:70:3e:23:a6:da: ca:1c:c2:78:09:33:c4:2c:b7:49:5e:1b:f2:9c:90: 07:2b:2a:c9:32:16:78:ab:36:a5:9b:b3:7d:37:95: 1f:47:d9:46:a0:ac:2b:2e:b6:a6:85:d9:9a:69:ad: 49:b6:b0:fe:a3:5b:d7:54:4f:7a:08:c1:1e:f5:b6: 49:00:a5:ed:16:7d:77:d3:7a:96:60:62:31:54:23: 09:60:f0:d4:73:25:cd:88:f5:06:22:39:23:f3:f2: 40:da:60:3a:f2:9e:30:a8:64:5f:06:3c:e2:00:2d: 7c:f8:3c:d0:fd:e8:c9:30:94:d5:44:b1:c9:5a:3b: d7:3b:b5:78:47:6b:35:7f:36:38:8f:dd:89:e2:e4: 36:1e:a5:58:3b:38:15:98:48:56:d9:97:1a:75:4f: d1:e2:25:f3:35:1d:49:57:72:ae:2a:64:57:5f:5d: 0a:a1:a5:f4:e8:7e:02:7f:94:5b:47:45:66:d7:4a: ae:7b:17:6c:4b:42:c9:fd:bc:4a:63:52:7d:99:cf: 54:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:DC:95:9B:74:BB:35:E9:39:7E:9B:5D:2A:34:78:96:CC:F2:C5:51 X509v3 Authority Key Identifier: keyid:A0:60:6B:8A:AD:55:3F:09:48:C7:A8:94:D6:86:71:87:0E:B8:2C:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oGBriq1VPwlIx6iU1oZxhw64LLA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/ytyVm3S7Nek5fptdKjR4lszyxVE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9e2dfd-f2e9-416d-8f1f-bb3431fe0285/1/oGBriq1VPwlIx6iU1oZxhw64LLA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 138.102.0.0/16 147.99.0.0-147.100.255.255 Signature Algorithm: sha256WithRSAEncryption 62:00:99:73:94:24:a2:3d:1a:c7:dd:1c:a6:ea:77:3c:40:81: b9:c2:3b:b8:75:17:3c:fa:b3:27:2d:53:e9:c3:38:35:6b:d9: 53:79:2d:b0:c2:86:6a:ef:40:04:7b:f0:fd:1b:1f:7e:a3:f6: ca:5d:cc:92:8f:84:88:e6:80:c0:90:00:93:24:bc:68:12:02: 8a:0b:b2:2c:74:05:97:a5:5b:bd:ce:c4:8f:5d:1b:b4:9d:99: ec:d7:a7:31:d8:b3:a1:9a:36:dc:7b:1a:52:c6:f1:32:7e:2d: 2f:ae:39:66:a6:73:0f:93:e4:ea:25:ab:39:27:1c:93:e3:df: 4a:b4:63:00:f6:c3:fe:46:10:bc:ad:e1:4a:c7:7e:11:0a:62: 00:ba:9f:93:ec:dc:cd:89:c1:76:72:7c:ec:fc:09:f6:f4:d9: fa:06:4a:e8:0c:0d:77:80:47:ba:49:0b:d0:2a:ec:7a:d4:2d: aa:5c:98:ea:04:7f:a1:00:9c:43:5b:2b:e1:24:76:c2:70:97: 34:df:d7:15:ed:08:1b:2c:11:a8:8c:20:3f:95:5e:87:60:2d: 50:69:d9:ce:ef:b9:9a:b8:f7:10:bf:36:35:6a:28:cd:56:00: c3:c5:a9:69:5a:49:22:dc:d4:89:29:c5:cf:9a:1a:21:c9:6c: 68:e6:5a:69 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgISAZt57V4XOHN3Ob/QOtf9WkyvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwNjA2YjhhYWQ1NTNmMDk0OGM3YTg5NGQ2ODY3MTg3MGVi ODJjYjAwHhcNMjYwMTAxMTQxOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYWRjOTU5Yjc0YmIzNWU5Mzk3ZTliNWQyYTM0Nzg5NmNjZjJjNTUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOwSx0TRQm+iuDL4ZHq/yIrKSChg A7+FzXjIdx/vcUV33FhsubYgyKMk0uGuxe8sNdhu3aS5cD4jptrKHMJ4CTPELLdJ XhvynJAHKyrJMhZ4qzalm7N9N5UfR9lGoKwrLramhdmaaa1JtrD+o1vXVE96CMEe 9bZJAKXtFn1303qWYGIxVCMJYPDUcyXNiPUGIjkj8/JA2mA68p4wqGRfBjziAC18 +DzQ/ejJMJTVRLHJWjvXO7V4R2s1fzY4j92J4uQ2HqVYOzgVmEhW2ZcadU/R4iXz NR1JV3KuKmRXX10KoaX06H4Cf5RbR0Vm10quexdsS0LJ/bxKY1J9mc9U+wIDAQAB o4ICFDCCAhAwHQYDVR0OBBYEFMrclZt0uzXpOX6bXSo0eJbM8sVRMB8GA1UdIwQY MBaAFKBga4qtVT8JSMeolNaGcYcOuCywMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0dCcmlxMVZQd2xJeDZpVTFvWnhodzY0TExBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85ZTJkZmQtZjJlOS00MTZkLThmMWYt YmIzNDMxZmUwMjg1LzEveXR5Vm0zUzdOZWs1ZnB0ZEtqUjRsc3p5eFZFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC85ZTJkZmQtZjJlOS00MTZkLThmMWYtYmIzNDMxZmUwMjg1 LzEvb0dCcmlxMVZQd2xJeDZpVTFvWnhodzY0TExBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMAimYwCgMD AJNjAwMAk2QwDQYJKoZIhvcNAQELBQADggEBAGIAmXOUJKI9GsfdHKbqdzxAgbnC O7h1Fzz6syctU+nDODVr2VN5LbDChmrvQAR78P0bH36j9spdzJKPhIjmgMCQAJMk vGgSAooLsix0BZelW73OxI9dG7SdmezXpzHYs6GaNtx7GlLG8TJ+LS+uOWamcw+T 5OolqzknHJPj30q0YwD2w/5GELyt4UrHfhEKYgC6n5Ps3M2JwXZyfOz8Cfb02foG SugMDXeAR7pJC9Aq7HrULapcmOoEf6EAnENbK+EkdsJwlzTf1xXtCBssEaiMID+V XodgLVBp2c7vuZq49xC/NjVqKM1WAMPFqWlaSSLc1Ikpxc+aGiHJbGjmWmk= -----END CERTIFICATE-----Generated at Mon Jan 26 04:38:50 2026 by rpki-client