This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/yUZKLH7R2JtKQc0S4DdHsOUEQU0.roa File: yUZKLH7R2JtKQc0S4DdHsOUEQU0.roa (raw, json) Hash identifier: wwrcXsGyyFttGj2nkBh3bs0XPOa0z7A1reDz9TIBgKo= Subject key identifier: C9:46:4A:2C:7E:D1:D8:9B:4A:41:CD:12:E0:37:47:B0:E5:04:41:4D Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3 Certificate serial: 019B7F157617B1D9270E9E582240B765AFE6 Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/yUZKLH7R2JtKQc0S4DdHsOUEQU0.roa Signing time: Fri 02 Jan 2026 14:21:11 +0000 ROA not before: Fri 02 Jan 2026 14:21:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3258 IP address blocks: 45.12.89.0/24 maxlen: 24 2a14:640:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:76:17:b1:d9:27:0e:9e:58:22:40:b7:65:af:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3 Validity Not Before: Jan 2 14:21:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9464a2c7ed1d89b4a41cd12e03747b0e504414d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:f0:78:ed:e0:f9:5e:62:b3:1f:32:1c:a5:ce: 44:58:09:d7:6f:42:27:df:e1:5e:dc:91:6b:f1:c1: a3:30:7b:4e:bd:c4:09:3d:32:07:13:3e:98:2d:20: 4b:86:30:83:ee:3d:ac:58:d9:70:a9:c7:ea:d2:ad: 72:ef:89:3f:c1:85:b8:44:8b:3b:2b:a3:7c:8f:b9: ba:64:f4:19:96:bc:9b:f9:94:fd:f7:95:cd:27:f3: 95:31:68:8b:04:1c:17:c0:11:9c:b2:7e:93:3e:23: 01:d6:ab:68:5b:6f:ef:71:d7:e2:94:29:84:67:25: 96:90:e3:6f:8e:7a:0c:62:3b:5a:7a:bc:56:68:22: ff:bd:9d:6d:ba:27:74:41:d8:26:7f:e2:bc:e5:8c: e7:aa:2f:6c:5a:21:54:4d:ea:7c:15:3c:ed:62:26: 8c:1f:d1:27:5f:9a:4f:fc:49:d6:e9:7a:53:7b:f0: 9a:8e:9b:2f:56:94:ee:18:36:31:f4:1e:cb:4f:92: 5a:b6:1a:74:12:4f:d9:6a:41:d5:f0:18:02:cb:3f: 5b:8b:45:dc:b1:e3:0a:f8:5c:f2:64:fd:70:09:a5: d7:c7:c6:78:ef:3a:a7:f4:27:cd:54:d3:78:57:5b: 75:0b:46:3d:5a:2c:49:e0:c8:46:9a:91:b1:7d:27: 96:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:46:4A:2C:7E:D1:D8:9B:4A:41:CD:12:E0:37:47:B0:E5:04:41:4D X509v3 Authority Key Identifier: keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/yUZKLH7R2JtKQc0S4DdHsOUEQU0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.12.89.0/24 IPv6: 2a14:640:1::/48 Signature Algorithm: sha256WithRSAEncryption 82:88:aa:f6:39:0f:f8:ab:69:b8:16:a2:a9:39:06:ef:0a:f7: 6b:56:81:47:d8:d4:6d:6b:78:6a:f8:19:32:87:55:72:e9:a2: 2c:ed:7c:67:18:a3:dd:fc:5f:de:09:5d:b4:7d:72:a4:3c:cc: b0:cc:82:13:0f:48:66:5f:0c:a1:47:95:cc:e1:fd:20:cf:77: 71:82:b4:d7:75:53:8f:18:ec:32:5c:31:a3:58:4b:2d:65:5a: cf:af:74:05:6d:ce:39:89:5f:b1:51:13:e5:30:74:8a:83:b7: 92:78:81:dd:22:68:a1:84:6b:f2:dd:3a:f1:bd:63:dd:7c:0e: 0c:01:13:aa:5c:dd:bd:15:4c:08:ee:85:5e:8c:85:c6:a7:31: bf:92:51:6b:5d:a3:10:ee:2c:d6:34:c1:88:70:66:84:03:ce: 30:6e:8e:b4:b9:19:69:73:78:d8:04:89:9a:15:26:9d:ba:62: 2a:a7:2c:6d:9c:d7:44:80:11:9a:f3:49:0f:84:a1:b7:11:ce: 74:0b:e7:5c:f0:fe:ec:0b:d4:fe:78:78:c2:63:c7:6a:62:1b: ca:7c:55:be:f8:d9:63:2f:74:ef:81:6e:0d:4f:09:8c:e2:a5: 75:eb:47:0a:a3:b7:60:84:69:b2:2e:d9:c4:91:0a:b0:47:1c: b7:88:99:75 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/FXYXsdknDp5YIkC3Za/mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1 YmVlZTMwHhcNMjYwMTAyMTQyMTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOTQ2NGEyYzdlZDFkODliNGE0MWNkMTJlMDM3NDdiMGU1MDQ0MTRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfB47eD5XmKzHzIcpc5EWAnXb0In 3+Fe3JFr8cGjMHtOvcQJPTIHEz6YLSBLhjCD7j2sWNlwqcfq0q1y74k/wYW4RIs7 K6N8j7m6ZPQZlryb+ZT995XNJ/OVMWiLBBwXwBGcsn6TPiMB1qtoW2/vcdfilCmE ZyWWkONvjnoMYjtaerxWaCL/vZ1tuid0Qdgmf+K85Yznqi9sWiFUTep8FTztYiaM H9EnX5pP/EnW6XpTe/CajpsvVpTuGDYx9B7LT5Jathp0Ek/ZakHV8BgCyz9bi0Xc seMK+FzyZP1wCaXXx8Z47zqn9CfNVNN4V1t1C0Y9WixJ4MhGmpGxfSeW+QIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFMlGSix+0dibSkHNEuA3R7DlBEFNMB8GA1UdIwQY MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt YTQ3M2VjNTQxMGMzLzEveVVaS0xIN1IySnRLUWMwUzREZEhzT1VFUVUwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALQxZMA8E AgACMAkDBwAqFAZAAAEwDQYJKoZIhvcNAQELBQADggEBAIKIqvY5D/irabgWoqk5 Bu8K92tWgUfY1G1reGr4GTKHVXLpoiztfGcYo938X94JXbR9cqQ8zLDMghMPSGZf DKFHlczh/SDPd3GCtNd1U48Y7DJcMaNYSy1lWs+vdAVtzjmJX7FRE+UwdIqDt5J4 gd0iaKGEa/LdOvG9Y918DgwBE6pc3b0VTAjuhV6MhcanMb+SUWtdoxDuLNY0wYhw ZoQDzjBujrS5GWlzeNgEiZoVJp26YiqnLG2c10SAEZrzSQ+EobcRznQL51zw/uwL 1P54eMJjx2piG8p8Vb742WMvdO+Bbg1PCYzipXXrRwqjt2CEabIu2cSRCrBHHLeI mXU= -----END CERTIFICATE-----Generated at Sun Jan 25 10:14:55 2026 by rpki-client