This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/YFh9-2nTeDmUHEyrVn852pFgnwo.roa File: YFh9-2nTeDmUHEyrVn852pFgnwo.roa (raw, json) Hash identifier: yyThjzHGK9fG9mEurU44rgO6nvdWGooy3WaBaE5pipY= Subject key identifier: 60:58:7D:FB:69:D3:78:39:94:1C:4C:AB:56:7F:39:DA:91:60:9F:0A Certificate issuer: /CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56 Certificate serial: 019B7834881BE0D8CB5CF356B68325B8612D Authority key identifier: C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/YFh9-2nTeDmUHEyrVn852pFgnwo.roa Signing time: Thu 01 Jan 2026 06:17:47 +0000 ROA not before: Thu 01 Jan 2026 06:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39912 IP address blocks: 2a04:d200:211::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/wtgszwyN6n1_atcujmJGLXviDVY.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/wtgszwyN6n1_atcujmJGLXviDVY.mft rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:88:1b:e0:d8:cb:5c:f3:56:b6:83:25:b8:61:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c2d82ccf0c8dea7d7f6ad72e8e62462d7be20d56 Validity Not Before: Jan 1 06:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=60587dfb69d37839941c4cab567f39da91609f0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:bb:09:3e:e6:a0:e6:f2:c3:d6:49:cd:b4:2c: a4:c1:b5:09:e6:08:28:af:52:53:d2:d3:2d:bd:6f: 5e:ec:8d:1a:66:9d:f5:e1:c0:0c:61:18:30:3d:7e: e7:02:76:66:f1:e9:4e:61:2c:68:52:51:18:d8:64: f7:b5:40:27:f4:86:73:7e:e3:81:45:4e:2f:dc:17: 10:9f:c4:ac:24:89:69:8e:fa:67:8a:02:e9:b6:81: 91:35:45:27:24:2d:f6:f8:c4:ef:22:b9:7f:67:f4: 00:3e:82:ef:4b:37:bd:3c:ea:2d:7d:50:ae:79:0f: 3f:22:8a:cf:e0:39:05:43:6f:ca:1c:6a:54:47:44: 48:f4:ea:21:27:a8:2f:ab:dd:bb:b7:eb:4c:85:6c: 7b:0e:4e:73:ce:3e:b7:dc:37:10:eb:e4:df:70:1f: ae:6d:c1:42:a5:49:36:62:19:cf:91:4e:5e:a0:96: 91:8d:24:92:63:13:0d:40:f9:76:cc:1f:42:2a:7f: b5:ad:a0:54:14:6b:f3:75:8d:48:51:80:a5:8a:2a: 26:62:c5:5f:89:d9:a3:1e:b0:53:e7:ab:05:bb:ff: 27:b2:67:e2:db:55:a5:c7:19:ae:b4:b6:07:91:f6: c2:fd:22:c2:b9:3a:df:bf:86:70:e1:51:7c:58:5e: 74:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:58:7D:FB:69:D3:78:39:94:1C:4C:AB:56:7F:39:DA:91:60:9F:0A X509v3 Authority Key Identifier: keyid:C2:D8:2C:CF:0C:8D:EA:7D:7F:6A:D7:2E:8E:62:46:2D:7B:E2:0D:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wtgszwyN6n1_atcujmJGLXviDVY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/YFh9-2nTeDmUHEyrVn852pFgnwo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/327952-4c66-4b95-b6de-43118e496d40/1/wtgszwyN6n1_atcujmJGLXviDVY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a04:d200:211::/48 Signature Algorithm: sha256WithRSAEncryption 39:73:63:6c:f2:f1:6e:19:6d:a7:f5:f1:07:45:b2:8a:ff:70: e3:fe:b3:ce:e3:d1:61:32:78:e8:00:95:dc:68:94:d6:94:d2: 81:a8:a5:cd:c4:b6:fe:84:b2:44:73:80:11:9d:d7:c9:a9:c5: 03:09:c2:6b:c7:a4:a6:b3:62:18:48:b6:50:cf:fe:22:5b:b0: d7:93:d1:a9:4b:3d:9e:34:82:26:b2:51:e5:ac:70:c4:5b:30: 2d:74:3c:70:dd:dc:c7:5a:26:2c:f2:11:fd:fa:22:ed:e9:e6: e1:f6:ec:b3:02:3e:9b:48:61:5b:2b:19:3a:9f:10:48:06:cc: bf:86:be:b9:99:6b:75:36:60:7e:b1:68:9e:36:e1:e5:8c:65: 82:ad:fd:52:96:6a:7d:5b:ad:65:2f:14:d2:38:b1:43:f1:20: 41:59:cf:72:67:02:fe:e5:fe:b2:80:36:e0:f8:23:4f:e7:3a: ac:e9:70:2f:e2:2a:d9:12:fe:ff:f0:e7:59:d1:40:71:c4:02: 4d:78:6f:78:75:ed:c5:0c:58:3c:c0:08:47:f9:27:72:0f:51: a4:9e:d8:74:21:27:cb:82:c0:10:63:20:99:70:8f:49:69:cf: e1:de:33:09:a2:5c:28:2c:68:1a:73:ca:08:bd:62:ef:4a:9a: ef:bc:e1:10 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt4NIgb4NjLXPNWtoMluGEtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGMyZDgyY2NmMGM4ZGVhN2Q3ZjZhZDcyZThlNjI0NjJkN2Jl MjBkNTYwHhcNMjYwMTAxMDYxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MDU4N2RmYjY5ZDM3ODM5OTQxYzRjYWI1NjdmMzlkYTkxNjA5ZjBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLsJPuag5vLD1knNtCykwbUJ5ggo r1JT0tMtvW9e7I0aZp314cAMYRgwPX7nAnZm8elOYSxoUlEY2GT3tUAn9IZzfuOB RU4v3BcQn8SsJIlpjvpnigLptoGRNUUnJC32+MTvIrl/Z/QAPoLvSze9POotfVCu eQ8/IorP4DkFQ2/KHGpUR0RI9OohJ6gvq927t+tMhWx7Dk5zzj633DcQ6+TfcB+u bcFCpUk2YhnPkU5eoJaRjSSSYxMNQPl2zB9CKn+1raBUFGvzdY1IUYCliiomYsVf idmjHrBT56sFu/8nsmfi21WlxxmutLYHkfbC/SLCuTrfv4Zw4VF8WF505QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFGBYfftp03g5lBxMq1Z/OdqRYJ8KMB8GA1UdIwQY MBaAFMLYLM8Mjep9f2rXLo5iRi174g1WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvd3Rnc3p3eU42bjFfYXRjdWptSkdMWHZpRFZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zMjc5NTItNGM2Ni00Yjk1LWI2ZGUt NDMxMThlNDk2ZDQwLzEvWUZoOS0yblRlRG1VSEV5clZuODUycEZnbndvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy8zMjc5NTItNGM2Ni00Yjk1LWI2ZGUtNDMxMThlNDk2ZDQw LzEvd3Rnc3p3eU42bjFfYXRjdWptSkdMWHZpRFZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgTSAAIR MA0GCSqGSIb3DQEBCwUAA4IBAQA5c2Ns8vFuGW2n9fEHRbKK/3Dj/rPO49FhMnjo AJXcaJTWlNKBqKXNxLb+hLJEc4ARndfJqcUDCcJrx6Sms2IYSLZQz/4iW7DXk9Gp Sz2eNIImslHlrHDEWzAtdDxw3dzHWiYs8hH9+iLt6ebh9uyzAj6bSGFbKxk6nxBI Bsy/hr65mWt1NmB+sWieNuHljGWCrf1Slmp9W61lLxTSOLFD8SBBWc9yZwL+5f6y gDbg+CNP5zqs6XAv4irZEv7/8OdZ0UBxxAJNeG94de3FDFg8wAhH+SdyD1Gknth0 ISfLgsAQYyCZcI9Jac/h3jMJolwoLGgac8oIvWLvSprvvOEQ -----END CERTIFICATE-----Generated at Mon Jan 12 16:18:11 2026 by rpki-client