This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/y-FzahcrPWuirIo1A5JRRRjsemo.roa File: y-FzahcrPWuirIo1A5JRRRjsemo.roa (raw, json) Hash identifier: kxNDS3TbJEVndz4gWetTObrS5wMGJV0CDlWmh/W/1Os= Subject key identifier: CB:E1:73:6A:17:2B:3D:6B:A2:AC:8A:35:03:92:51:45:18:EC:7A:6A Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42 Certificate serial: 019B7F8517E3D61B6B8170A094CCB91CFEAD Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/y-FzahcrPWuirIo1A5JRRRjsemo.roa Signing time: Fri 02 Jan 2026 16:23:07 +0000 ROA not before: Fri 02 Jan 2026 16:23:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213361 IP address blocks: 146.120.243.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:17:e3:d6:1b:6b:81:70:a0:94:cc:b9:1c:fe:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42 Validity Not Before: Jan 2 16:23:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cbe1736a172b3d6ba2ac8a350392514518ec7a6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:82:42:4f:34:98:6f:5f:36:72:d8:f1:6a:1f: 0a:ec:42:f4:1a:10:29:a8:6c:3c:33:d2:82:62:e3: 2a:9b:be:87:87:ee:78:b3:5d:ba:41:04:23:30:a2: 07:98:0e:95:7b:b2:fb:20:4c:f1:fe:10:ed:a9:e4: 0a:44:2b:f5:c4:ee:d8:78:13:20:52:58:1b:74:31: 21:1b:61:17:38:93:3c:b5:0d:fc:be:15:a9:70:65: ea:7a:17:53:73:ab:ce:c0:b1:af:21:1d:c6:f9:14: 67:6d:e4:a5:f9:0e:82:9a:a9:ce:29:7b:c3:ce:19: 35:ce:b2:eb:0a:4f:86:fd:5b:5b:3b:df:03:5e:a1: 3f:af:96:10:0d:ff:00:8f:9e:67:e2:d0:aa:3c:38: 63:a2:24:58:c6:c1:4e:ea:30:d0:82:63:26:ff:20: ec:70:51:49:d8:2e:2a:ee:5f:2b:d8:78:d6:3e:33: 8f:9c:9e:6e:27:d3:41:ac:0e:8b:54:f1:c4:f6:c1: da:31:0f:44:a5:5e:ce:eb:10:b6:a4:87:fe:2a:e8: aa:19:05:21:01:7e:65:a4:43:dc:67:b6:e3:e9:91: af:77:66:26:40:76:e7:37:11:4d:60:ed:2e:67:cd: b0:50:cf:cb:2f:5c:23:b8:d2:44:21:4b:ee:9f:1e: 41:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:E1:73:6A:17:2B:3D:6B:A2:AC:8A:35:03:92:51:45:18:EC:7A:6A X509v3 Authority Key Identifier: keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/y-FzahcrPWuirIo1A5JRRRjsemo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 146.120.243.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:4d:b9:ee:08:dc:e2:ab:bf:00:10:c5:99:5c:54:45:4e:1c: db:f7:48:38:4a:c4:91:cf:ac:3b:c6:0b:1c:fd:ce:80:f6:9b: b8:89:f3:55:fc:88:68:fc:ee:c7:1c:74:18:b3:c0:3a:73:2f: d6:00:78:52:46:9c:d7:c9:b6:4d:c9:d3:e7:c1:46:11:73:ac: 50:45:08:42:1f:f5:31:5f:87:43:06:b5:60:3a:85:73:e6:d4: f5:48:51:40:0a:88:74:b0:d6:13:88:cf:db:84:10:ba:b5:57: 09:6b:3a:0d:fc:f1:1f:ba:e3:e8:ed:1d:92:b9:52:62:96:8f: b5:3a:71:1e:68:5b:4c:39:f8:2f:13:f1:99:30:54:3f:5f:f9: 8c:43:bd:03:a2:8a:e1:63:20:aa:6f:b4:58:86:bd:06:97:03: d8:7d:fe:bc:b0:6d:04:7d:5b:84:95:18:d9:bd:af:35:8a:75: fe:48:11:60:e4:0f:32:52:91:78:b3:f0:61:35:cc:78:d0:f0: 1c:5f:47:8f:76:c5:9d:30:8b:46:0b:70:86:bd:f8:82:a9:ff: 02:3e:a8:81:22:fc:56:f4:76:e4:8c:e5:21:d9:ed:21:be:81: de:19:a3:d2:b5:8f:12:0d:dd:c8:6c:cc:a0:bf:4d:f9:fe:2e: 72:9b:b3:b3 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hRfj1htrgXCglMy5HP6tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh YWVmNDIwHhcNMjYwMTAyMTYyMzA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYmUxNzM2YTE3MmIzZDZiYTJhYzhhMzUwMzkyNTE0NTE4ZWM3YTZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYJCTzSYb182ctjxah8K7EL0GhAp qGw8M9KCYuMqm76Hh+54s126QQQjMKIHmA6Ve7L7IEzx/hDtqeQKRCv1xO7YeBMg UlgbdDEhG2EXOJM8tQ38vhWpcGXqehdTc6vOwLGvIR3G+RRnbeSl+Q6CmqnOKXvD zhk1zrLrCk+G/VtbO98DXqE/r5YQDf8Aj55n4tCqPDhjoiRYxsFO6jDQgmMm/yDs cFFJ2C4q7l8r2HjWPjOPnJ5uJ9NBrA6LVPHE9sHaMQ9EpV7O6xC2pIf+KuiqGQUh AX5lpEPcZ7bj6ZGvd2YmQHbnNxFNYO0uZ82wUM/LL1wjuNJEIUvunx5BmwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMvhc2oXKz1roqyKNQOSUUUY7HpqMB8GA1UdIwQY MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt MDYyYzY5MzNhYmVkLzEveS1GemFoY3JQV3VpcklvMUE1SlJSUmpzZW1vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAknjzMA0G CSqGSIb3DQEBCwUAA4IBAQB/TbnuCNziq78AEMWZXFRFThzb90g4SsSRz6w7xgsc /c6A9pu4ifNV/Iho/O7HHHQYs8A6cy/WAHhSRpzXybZNydPnwUYRc6xQRQhCH/Ux X4dDBrVgOoVz5tT1SFFACoh0sNYTiM/bhBC6tVcJazoN/PEfuuPo7R2SuVJilo+1 OnEeaFtMOfgvE/GZMFQ/X/mMQ70DoorhYyCqb7RYhr0GlwPYff68sG0EfVuElRjZ va81inX+SBFg5A8yUpF4s/BhNcx40PAcX0ePdsWdMItGC3CGvfiCqf8CPqiBIvxW 9HbkjOUh2e0hvoHeGaPStY8SDd3IbMygv035/i5ym7Oz -----END CERTIFICATE-----Generated at Thu Jan 8 09:15:11 2026 by rpki-client