This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Ys2JBow3_V_MN0_5hxc72OkyCBo.roa File: Ys2JBow3_V_MN0_5hxc72OkyCBo.roa (raw, json) Hash identifier: YdH0jB0pZTDnI1KYcu9QCo2zstqP7/Rzu1bDgvqdOs8= Subject key identifier: 62:CD:89:06:8C:37:FD:5F:CC:37:4F:F9:87:17:3B:D8:E9:32:08:1A Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Certificate serial: 019B7EA70364C0F113997D9CD952669B6806 Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Ys2JBow3_V_MN0_5hxc72OkyCBo.roa Signing time: Fri 02 Jan 2026 12:20:33 +0000 ROA not before: Fri 02 Jan 2026 12:20:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213288 IP address blocks: 2a0c:9a40:1022::/48 maxlen: 48 2a0c:9a40:10a0::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 02:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:03:64:c0:f1:13:99:7d:9c:d9:52:66:9b:68:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008 Validity Not Before: Jan 2 12:20:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=62cd89068c37fd5fcc374ff987173bd8e932081a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:66:1c:1b:30:d1:94:d1:8c:d6:2b:ed:a6:79: 41:de:66:63:a2:b5:9f:c5:70:fe:d6:1c:55:c0:d1: 3c:a6:c5:d8:0f:e4:ff:d2:f5:09:33:b1:1e:c8:1a: 55:6b:ff:10:fa:bd:ec:2d:73:e1:0a:e2:68:2e:ab: 77:f0:3f:5e:1e:25:06:63:b5:29:bb:10:95:01:c9: 83:9b:05:52:fd:c5:10:1a:ee:19:55:c8:41:24:70: 02:12:c0:e3:32:ae:64:bc:5b:a3:b5:2d:b7:bf:69: 8c:2e:d8:4a:4e:e3:33:c7:39:12:b6:74:e1:0a:c9: 80:97:01:9d:eb:6e:4e:ee:5b:f7:8b:73:a9:1a:c1: 57:cb:be:96:c4:48:32:1e:a8:c4:0b:1c:90:9e:c9: 99:e1:30:5e:ce:d6:01:91:7d:9e:54:4f:43:5c:96: d1:5b:18:04:27:53:f5:c1:44:68:31:84:ee:da:0a: 46:9e:d7:de:51:47:d0:f8:62:36:66:4d:bb:b1:70: 1f:9e:0e:e0:cc:43:04:fd:ef:2f:44:ea:1a:b4:55: 5c:74:e4:df:1f:8b:74:43:b1:43:f1:c6:89:0a:0e: f1:1b:7e:1c:ac:1e:15:f5:b2:49:0f:8c:cb:2c:46: 7e:43:4a:75:66:cf:79:d1:62:43:88:8d:57:53:8c: ed:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:CD:89:06:8C:37:FD:5F:CC:37:4F:F9:87:17:3B:D8:E9:32:08:1A X509v3 Authority Key Identifier: keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/Ys2JBow3_V_MN0_5hxc72OkyCBo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:9a40:1022::/48 2a0c:9a40:10a0::/44 Signature Algorithm: sha256WithRSAEncryption ce:4f:cb:d2:e4:80:fb:99:53:b1:30:6f:c8:ef:f2:01:a7:4d: 1a:20:0b:8d:c7:58:2c:a6:74:1c:15:c7:49:1e:b9:3c:35:55: 6d:6e:5f:fc:cb:ca:ba:64:bc:76:05:44:01:29:79:28:03:52: c4:76:b7:34:45:d8:87:d5:87:6f:ef:3e:67:7a:da:28:68:de: cb:91:fb:ff:8d:fa:61:6f:e5:b5:ba:13:1f:02:26:83:15:99: 99:3e:41:47:f9:6a:5d:2f:af:4d:f2:66:e3:e7:e7:fc:48:e9: e3:77:09:7f:9d:81:d6:41:e6:e6:5d:e9:cd:8f:c4:fe:11:31: bc:51:c2:dd:4f:fc:00:ad:a3:46:46:12:52:cf:3f:63:9b:42: 40:09:0d:63:92:01:24:d8:99:56:80:68:14:00:c4:0c:a4:1b: e5:37:6f:e1:04:e3:c6:6c:57:43:1c:52:c5:c1:0a:d8:9f:a1: 3d:c5:13:8d:6e:0a:8b:60:dc:fc:dc:aa:24:63:9a:2a:3e:2b: d3:87:cd:3e:26:29:47:6b:88:17:b1:09:ab:9a:1a:a4:a0:2e: 38:03:c9:5b:af:49:ac:c0:a1:9d:88:e5:98:52:82:79:5b:cb: c7:c0:ea:1a:c6:6f:6e:a6:05:9f:d8:98:13:11:18:e0:a8:43: 2f:ff:ee:bd -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+pwNkwPETmX2c2VJmm2gGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl NDgwMDgwHhcNMjYwMTAyMTIyMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MmNkODkwNjhjMzdmZDVmY2MzNzRmZjk4NzE3M2JkOGU5MzIwODFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmYcGzDRlNGM1ivtpnlB3mZjorWf xXD+1hxVwNE8psXYD+T/0vUJM7EeyBpVa/8Q+r3sLXPhCuJoLqt38D9eHiUGY7Up uxCVAcmDmwVS/cUQGu4ZVchBJHACEsDjMq5kvFujtS23v2mMLthKTuMzxzkStnTh CsmAlwGd625O7lv3i3OpGsFXy76WxEgyHqjECxyQnsmZ4TBeztYBkX2eVE9DXJbR WxgEJ1P1wURoMYTu2gpGntfeUUfQ+GI2Zk27sXAfng7gzEME/e8vROoatFVcdOTf H4t0Q7FD8caJCg7xG34crB4V9bJJD4zLLEZ+Q0p1Zs950WJDiI1XU4zt0QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFGLNiQaMN/1fzDdP+YcXO9jpMggaMB8GA1UdIwQY MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt YmY0ZTUyN2I5ZmE4LzEvWXMySkJvdzNfVl9NTjBfNWh4YzcyT2t5Q0JvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4 LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgyaQBAi AwcEKgyaQBCgMA0GCSqGSIb3DQEBCwUAA4IBAQDOT8vS5ID7mVOxMG/I7/IBp00a IAuNx1gspnQcFcdJHrk8NVVtbl/8y8q6ZLx2BUQBKXkoA1LEdrc0RdiH1Ydv7z5n etooaN7Lkfv/jfphb+W1uhMfAiaDFZmZPkFH+WpdL69N8mbj5+f8SOnjdwl/nYHW QebmXenNj8T+ETG8UcLdT/wAraNGRhJSzz9jm0JACQ1jkgEk2JlWgGgUAMQMpBvl N2/hBOPGbFdDHFLFwQrYn6E9xRONbgqLYNz83KokY5oqPivTh80+JilHa4gXsQmr mhqkoC44A8lbr0mswKGdiOWYUoJ5W8vHwOoaxm9upgWf2JgTERjgqEMv/+69 -----END CERTIFICATE-----Generated at Tue Jan 20 09:04:36 2026 by rpki-client