This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/311f57-6404-446a-9f08-11b92906406d/1/yX9ydvOKgI9DtKgtlG1m9Fn2ZI8.roa File: yX9ydvOKgI9DtKgtlG1m9Fn2ZI8.roa (raw, json) Hash identifier: qPtAu4bwy3Juh5so6bwqIDZWhOQpRsegMYoucr8NrwE= Subject key identifier: C9:7F:72:76:F3:8A:80:8F:43:B4:A8:2D:94:6D:66:F4:59:F6:64:8F Certificate issuer: /CN=035283e6235edb25e8b54749b6285f5e3ef85371 Certificate serial: 019B797F41C8D367CE8ECC988B739C64D3B9 Authority key identifier: 03:52:83:E6:23:5E:DB:25:E8:B5:47:49:B6:28:5F:5E:3E:F8:53:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A1KD5iNe2yXotUdJtihfXj74U3E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/311f57-6404-446a-9f08-11b92906406d/1/yX9ydvOKgI9DtKgtlG1m9Fn2ZI8.roa Signing time: Thu 01 Jan 2026 12:19:01 +0000 ROA not before: Thu 01 Jan 2026 12:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8881 IP address blocks: 192.166.0.0/21 maxlen: 24 192.166.84.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/311f57-6404-446a-9f08-11b92906406d/1/A1KD5iNe2yXotUdJtihfXj74U3E.crl rsync://rpki.ripe.net/repository/DEFAULT/69/311f57-6404-446a-9f08-11b92906406d/1/A1KD5iNe2yXotUdJtihfXj74U3E.mft rsync://rpki.ripe.net/repository/DEFAULT/A1KD5iNe2yXotUdJtihfXj74U3E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:41:c8:d3:67:ce:8e:cc:98:8b:73:9c:64:d3:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=035283e6235edb25e8b54749b6285f5e3ef85371 Validity Not Before: Jan 1 12:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c97f7276f38a808f43b4a82d946d66f459f6648f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:0a:3c:ee:3c:42:2a:84:f5:3d:ed:0e:56:dc: aa:78:cb:e8:5f:f2:3c:29:4a:71:75:fc:bd:d5:d3: f5:8f:ac:41:19:bd:b7:cf:66:47:8a:97:ec:9a:87: a4:57:00:bc:da:a0:fa:27:30:b0:ad:99:9b:04:d9: d7:16:46:73:81:89:b4:70:aa:cb:68:ed:cb:63:8c: a6:2e:99:19:88:ff:19:9b:30:eb:2f:a7:41:d2:99: da:4f:d3:e2:a3:3d:c1:4a:3a:66:50:22:71:c8:82: a0:81:2f:01:27:2b:69:75:0b:a7:2c:f1:9d:9f:1e: 31:e7:22:28:cb:42:cf:e1:ec:1b:16:9a:af:fe:21: c9:48:54:cd:89:0d:54:a1:d5:47:9a:50:e2:ba:33: 8c:4b:a2:9a:f8:c8:13:6d:23:2f:f4:a5:5b:eb:49: f1:48:17:0c:09:76:a8:fa:c2:80:26:b5:1a:23:5a: f6:51:60:2d:17:d2:b9:11:ee:bc:65:f1:e0:b1:e7: 55:08:4b:21:ba:87:66:15:ec:c0:b8:d7:38:56:d4: c4:9d:9b:46:c0:1e:92:4e:93:d3:2d:f6:30:94:c1: 95:a2:ca:0d:33:8c:a8:ca:55:b1:7f:f5:06:c0:42: b9:06:f8:ca:c4:b5:a8:5e:c6:f9:ab:88:84:3c:1a: 54:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:7F:72:76:F3:8A:80:8F:43:B4:A8:2D:94:6D:66:F4:59:F6:64:8F X509v3 Authority Key Identifier: keyid:03:52:83:E6:23:5E:DB:25:E8:B5:47:49:B6:28:5F:5E:3E:F8:53:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1KD5iNe2yXotUdJtihfXj74U3E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/311f57-6404-446a-9f08-11b92906406d/1/yX9ydvOKgI9DtKgtlG1m9Fn2ZI8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/311f57-6404-446a-9f08-11b92906406d/1/A1KD5iNe2yXotUdJtihfXj74U3E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.166.0.0/21 192.166.84.0/22 Signature Algorithm: sha256WithRSAEncryption 85:9a:66:7e:d4:d4:8c:af:f8:ec:ce:7a:46:1d:13:ac:1d:55: 65:8f:21:a3:ff:41:58:9b:77:30:01:1e:e3:1d:2f:03:da:0e: d4:88:7c:a0:4a:62:11:33:b2:0f:41:bd:12:ba:59:8d:55:3e: 61:cf:8e:9e:9e:97:0c:17:75:3c:1f:3d:95:5f:66:2b:62:32: af:b4:db:ee:a1:22:3e:db:d2:52:fd:59:08:dc:42:8e:ef:e1: 3f:0b:fd:1d:c7:bd:65:ba:01:34:59:90:67:3d:90:d2:14:b1: 42:95:83:4e:89:71:8d:7d:15:af:f0:4e:4b:db:99:41:5e:af: 09:c0:5d:8d:22:f0:33:9f:03:ef:43:3a:b7:48:e3:6a:35:ac: 7c:43:f2:1c:4a:55:91:55:18:e2:bb:e5:ac:08:58:62:c6:32: 12:d5:65:f1:f8:ec:d1:69:5f:11:7d:18:79:31:82:44:4e:c5: 2b:ef:ef:95:0e:d2:1e:2c:72:fb:b9:e9:ec:b7:db:e9:1b:68: 39:97:db:3d:f5:6c:02:d4:2b:c0:51:d9:9f:6d:70:e3:78:a0: 06:fd:78:54:26:39:18:fb:64:04:09:9d:8c:9e:b4:de:2f:98: b7:47:e5:6c:bc:65:33:45:f6:9b:d2:6a:84:ea:64:69:f5:d5: 05:cd:b5:63 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5f0HI02fOjsyYi3OcZNO5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzNTI4M2U2MjM1ZWRiMjVlOGI1NDc0OWI2Mjg1ZjVlM2Vm ODUzNzEwHhcNMjYwMTAxMTIxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOTdmNzI3NmYzOGE4MDhmNDNiNGE4MmQ5NDZkNjZmNDU5ZjY2NDhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQo87jxCKoT1Pe0OVtyqeMvoX/I8 KUpxdfy91dP1j6xBGb23z2ZHipfsmoekVwC82qD6JzCwrZmbBNnXFkZzgYm0cKrL aO3LY4ymLpkZiP8ZmzDrL6dB0pnaT9Pioz3BSjpmUCJxyIKggS8BJytpdQunLPGd nx4x5yIoy0LP4ewbFpqv/iHJSFTNiQ1UodVHmlDiujOMS6Ka+MgTbSMv9KVb60nx SBcMCXao+sKAJrUaI1r2UWAtF9K5Ee68ZfHgsedVCEshuodmFezAuNc4VtTEnZtG wB6STpPTLfYwlMGVosoNM4yoylWxf/UGwEK5BvjKxLWoXsb5q4iEPBpUYQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMl/cnbzioCPQ7SoLZRtZvRZ9mSPMB8GA1UdIwQY MBaAFANSg+YjXtsl6LVHSbYoX14++FNxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQTFLRDVpTmUyeVhvdFVkSnRpaGZYajc0VTNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8zMTFmNTctNjQwNC00NDZhLTlmMDgt MTFiOTI5MDY0MDZkLzEveVg5eWR2T0tnSTlEdEtndGxHMW05Rm4yWkk4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS8zMTFmNTctNjQwNC00NDZhLTlmMDgtMTFiOTI5MDY0MDZk LzEvQTFLRDVpTmUyeVhvdFVkSnRpaGZYajc0VTNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDwKYAAwQC wKZUMA0GCSqGSIb3DQEBCwUAA4IBAQCFmmZ+1NSMr/jsznpGHROsHVVljyGj/0FY m3cwAR7jHS8D2g7UiHygSmIRM7IPQb0SulmNVT5hz46enpcMF3U8Hz2VX2YrYjKv tNvuoSI+29JS/VkI3EKO7+E/C/0dx71lugE0WZBnPZDSFLFClYNOiXGNfRWv8E5L 25lBXq8JwF2NIvAznwPvQzq3SONqNax8Q/IcSlWRVRjiu+WsCFhixjIS1WXx+OzR aV8RfRh5MYJETsUr7++VDtIeLHL7uenst9vpG2g5l9s99WwC1CvAUdmfbXDjeKAG /XhUJjkY+2QECZ2MnrTeL5i3R+VsvGUzRfab0mqE6mRp9dUFzbVj -----END CERTIFICATE-----Generated at Fri Jan 2 18:33:53 2026 by rpki-client