This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/YT7TxtjN2dRtXnT4-WJTTfp5eIQ.roa File: YT7TxtjN2dRtXnT4-WJTTfp5eIQ.roa (raw, json) Hash identifier: mFJordH00PdHOWT1Y4dRq5PrI120PAxfDwm/akkRQ/k= Subject key identifier: 61:3E:D3:C6:D8:CD:D9:D4:6D:5E:74:F8:F9:62:53:4D:FA:79:78:84 Certificate issuer: /CN=e686965509a649c508ab8ab72f7257bef35f7930 Certificate serial: 019B271E833431C9B3166190CA086CE781D6 Authority key identifier: E6:86:96:55:09:A6:49:C5:08:AB:8A:B7:2F:72:57:BE:F3:5F:79:30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5oaWVQmmScUIq4q3L3JXvvNfeTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/YT7TxtjN2dRtXnT4-WJTTfp5eIQ.roa Signing time: Tue 16 Dec 2025 12:24:29 +0000 ROA not before: Tue 16 Dec 2025 12:24:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 216058 IP address blocks: 2.56.204.0/24 maxlen: 24 2.56.205.0/24 maxlen: 24 2.56.206.0/24 maxlen: 24 2.56.207.0/24 maxlen: 24 91.195.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/5oaWVQmmScUIq4q3L3JXvvNfeTA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/5oaWVQmmScUIq4q3L3JXvvNfeTA.mft rsync://rpki.ripe.net/repository/DEFAULT/5oaWVQmmScUIq4q3L3JXvvNfeTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:27:1e:83:34:31:c9:b3:16:61:90:ca:08:6c:e7:81:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e686965509a649c508ab8ab72f7257bef35f7930 Validity Not Before: Dec 16 12:24:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=613ed3c6d8cdd9d46d5e74f8f962534dfa797884 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:7d:3e:a4:d3:2d:0e:c6:55:37:9b:fc:a2:dd: 67:e5:9b:70:bb:a5:df:22:b5:4b:8f:7a:33:5c:a4: 74:fb:21:16:f7:38:17:a1:19:aa:70:a3:01:69:3b: f1:71:db:c2:00:12:fb:d4:ef:b3:d8:26:5e:c7:28: 52:02:66:ce:bc:11:1a:29:1b:e3:8b:5b:f4:28:e8: 5b:86:ff:a7:ee:63:7f:e2:01:ba:a4:b6:3b:72:6e: ea:44:92:e1:21:34:57:b6:18:3b:fb:6d:c0:76:64: a6:46:05:de:aa:f5:d7:b0:a7:32:4f:cd:41:4f:24: 32:3d:db:b5:0e:fa:7a:8b:e4:26:4d:9e:1d:52:9d: d8:36:e5:e8:a0:7b:12:bc:e3:5c:cf:ea:e0:7b:3f: 31:93:54:54:ec:a1:e2:06:9e:d5:b1:95:2b:57:b8: 0c:5f:8f:f5:4c:96:30:ae:4b:54:18:59:fb:7f:25: b5:ae:a4:10:6b:1f:f4:ca:06:94:1a:b9:41:d2:a2: 57:86:8d:fe:0f:ab:a3:e8:08:7a:cc:45:77:6b:03: 5e:5b:28:6c:c2:31:d2:76:94:54:a3:f5:58:68:e6: 04:bc:ed:e0:7e:c6:ab:b0:e4:d5:1b:74:d8:75:45: 84:98:66:61:c4:18:34:29:31:0e:1b:76:ee:73:46: 97:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:3E:D3:C6:D8:CD:D9:D4:6D:5E:74:F8:F9:62:53:4D:FA:79:78:84 X509v3 Authority Key Identifier: keyid:E6:86:96:55:09:A6:49:C5:08:AB:8A:B7:2F:72:57:BE:F3:5F:79:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5oaWVQmmScUIq4q3L3JXvvNfeTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/YT7TxtjN2dRtXnT4-WJTTfp5eIQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/68bff6-7b2c-4ecf-8006-ed14af6db888/1/5oaWVQmmScUIq4q3L3JXvvNfeTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.56.204.0/22 91.195.254.0/24 Signature Algorithm: sha256WithRSAEncryption 95:3a:6b:dd:00:ba:7a:50:80:ae:42:2c:27:59:d2:29:93:63: 10:77:db:2a:48:80:de:d4:1f:d0:a3:77:c8:5a:e6:d0:ba:45: a2:98:dd:69:84:48:96:4b:28:b3:f5:79:60:00:40:33:89:d0: 35:c2:40:93:fa:a9:24:67:6c:11:c8:6f:62:f5:62:51:f9:14: 9a:28:f2:62:b7:8a:eb:f7:bb:a9:00:89:6e:c4:c7:0a:0f:69: a6:bc:ea:21:3f:22:c7:e0:80:b0:d4:43:26:9f:43:e6:35:36: 1e:eb:2f:91:b9:4c:5f:21:fe:6e:08:d1:c6:77:9b:22:df:67: 2a:9d:72:39:cf:ad:29:77:4a:03:cf:17:09:eb:e5:de:4a:f4: 37:9b:ef:fa:a9:7c:84:aa:f8:f8:61:7d:37:c3:c9:01:5c:b5: cd:6f:93:6a:b2:1e:05:61:56:9d:03:ef:ad:dc:15:c6:fd:52: fa:75:45:46:0a:1c:a3:b2:6b:94:5e:c7:16:cd:04:fa:51:39: 1c:01:2b:df:22:3f:93:18:80:42:b7:a7:d2:9b:91:18:85:91: c6:d4:5f:39:03:7a:79:6a:a7:f2:5d:d6:71:2b:1c:fd:fa:ca: f4:3e:f8:3e:b9:7b:d6:db:26:bb:94:bd:99:94:06:06:76:7f: 8c:93:bb:c2 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZsnHoM0McmzFmGQyghs54HWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU2ODY5NjU1MDlhNjQ5YzUwOGFiOGFiNzJmNzI1N2JlZjM1 Zjc5MzAwHhcNMjUxMjE2MTIyNDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MTNlZDNjNmQ4Y2RkOWQ0NmQ1ZTc0ZjhmOTYyNTM0ZGZhNzk3ODg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzn0+pNMtDsZVN5v8ot1n5Ztwu6Xf IrVLj3ozXKR0+yEW9zgXoRmqcKMBaTvxcdvCABL71O+z2CZexyhSAmbOvBEaKRvj i1v0KOhbhv+n7mN/4gG6pLY7cm7qRJLhITRXthg7+23AdmSmRgXeqvXXsKcyT81B TyQyPdu1Dvp6i+QmTZ4dUp3YNuXooHsSvONcz+rgez8xk1RU7KHiBp7VsZUrV7gM X4/1TJYwrktUGFn7fyW1rqQQax/0ygaUGrlB0qJXho3+D6uj6Ah6zEV3awNeWyhs wjHSdpRUo/VYaOYEvO3gfsarsOTVG3TYdUWEmGZhxBg0KTEOG3buc0aXqQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGE+08bYzdnUbV50+PliU036eXiEMB8GA1UdIwQY MBaAFOaGllUJpknFCKuKty9yV77zX3kwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNW9hV1ZRbW1TY1VJcTRxM0wzSlh2dk5mZVRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82OGJmZjYtN2IyYy00ZWNmLTgwMDYt ZWQxNGFmNmRiODg4LzEvWVQ3VHh0ak4yZFJ0WG5UNC1XSlRUZnA1ZUlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS82OGJmZjYtN2IyYy00ZWNmLTgwMDYtZWQxNGFmNmRiODg4 LzEvNW9hV1ZRbW1TY1VJcTRxM0wzSlh2dk5mZVRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCAjjMAwQA W8P+MA0GCSqGSIb3DQEBCwUAA4IBAQCVOmvdALp6UICuQiwnWdIpk2MQd9sqSIDe 1B/Qo3fIWubQukWimN1phEiWSyiz9XlgAEAzidA1wkCT+qkkZ2wRyG9i9WJR+RSa KPJit4rr97upAIluxMcKD2mmvOohPyLH4ICw1EMmn0PmNTYe6y+RuUxfIf5uCNHG d5si32cqnXI5z60pd0oDzxcJ6+XeSvQ3m+/6qXyEqvj4YX03w8kBXLXNb5Nqsh4F YVadA++t3BXG/VL6dUVGChyjsmuUXscWzQT6UTkcASvfIj+TGIBCt6fSm5EYhZHG 1F85A3p5aqfyXdZxKxz9+sr0Pvg+uXvW2ya7lL2ZlAYGdn+Mk7vC -----END CERTIFICATE-----Generated at Sun Dec 21 00:51:08 2025 by rpki-client