This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/87eafc-17a6-4903-b951-4d20da0c530e/1/yMHe_AcZ7t0DOCfavN3ISgqxc3c.roa File: yMHe_AcZ7t0DOCfavN3ISgqxc3c.roa (raw, json) Hash identifier: 9DwkTaaH9QdGqF+hvGsRneF8svXbKCB6hQgeZ0/mVuk= Subject key identifier: C8:C1:DE:FC:07:19:EE:DD:03:38:27:DA:BC:DD:C8:4A:0A:B1:73:77 Certificate issuer: /CN=1a6a1467223bd31510c14f21bd33d7d769829d28 Certificate serial: 019B78344981AB7A0052DF76C9CF2C8B1D2B Authority key identifier: 1A:6A:14:67:22:3B:D3:15:10:C1:4F:21:BD:33:D7:D7:69:82:9D:28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GmoUZyI70xUQwU8hvTPX12mCnSg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/87eafc-17a6-4903-b951-4d20da0c530e/1/yMHe_AcZ7t0DOCfavN3ISgqxc3c.roa Signing time: Thu 01 Jan 2026 06:17:31 +0000 ROA not before: Thu 01 Jan 2026 06:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31317 IP address blocks: 2001:678:42c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/87eafc-17a6-4903-b951-4d20da0c530e/1/GmoUZyI70xUQwU8hvTPX12mCnSg.crl rsync://rpki.ripe.net/repository/DEFAULT/05/87eafc-17a6-4903-b951-4d20da0c530e/1/GmoUZyI70xUQwU8hvTPX12mCnSg.mft rsync://rpki.ripe.net/repository/DEFAULT/GmoUZyI70xUQwU8hvTPX12mCnSg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:49:81:ab:7a:00:52:df:76:c9:cf:2c:8b:1d:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1a6a1467223bd31510c14f21bd33d7d769829d28 Validity Not Before: Jan 1 06:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c8c1defc0719eedd033827dabcddc84a0ab17377 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:38:d4:15:9a:a6:12:3b:7c:e7:6a:48:b1:6b: bc:a5:dd:b6:5b:65:bd:6c:48:9e:0d:72:0c:78:47: e3:af:55:f9:55:d5:0b:28:33:60:32:32:96:4f:38: 09:b3:c2:f5:31:c6:f5:ab:ca:3a:87:f9:a9:cd:cc: 91:04:c2:b1:53:0e:4e:43:81:40:09:2c:09:b9:95: 36:da:22:92:67:f5:eb:37:2d:cd:31:89:2f:e9:4b: 68:9c:b2:81:c1:ae:4d:77:61:74:da:27:a3:01:14: ca:51:58:6e:47:22:3a:e1:9d:b1:4b:19:19:3e:05: 2f:d1:22:8f:7b:89:c1:30:38:8c:08:73:58:77:8c: 23:de:1a:44:9f:3e:87:db:d0:4f:61:e6:29:f3:7e: ca:fc:22:05:4e:2b:9a:81:fb:6c:88:0c:83:20:a3: 95:77:4a:b7:5f:3f:f5:a1:42:81:bb:a9:d9:3c:4c: 0c:3b:d3:21:67:b1:99:66:31:63:2b:d7:b6:ce:83: 73:e5:f1:fb:00:47:4c:06:d8:68:ed:aa:e2:95:e3: 55:ea:9a:fe:2d:ba:5a:42:5f:87:a5:27:a2:c0:4d: fa:2e:13:69:a7:88:21:e7:45:7b:45:7e:ff:d0:6a: 75:5d:8b:5b:a7:e5:69:d8:c7:3e:5f:45:a1:65:2e: 18:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:C1:DE:FC:07:19:EE:DD:03:38:27:DA:BC:DD:C8:4A:0A:B1:73:77 X509v3 Authority Key Identifier: keyid:1A:6A:14:67:22:3B:D3:15:10:C1:4F:21:BD:33:D7:D7:69:82:9D:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GmoUZyI70xUQwU8hvTPX12mCnSg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/87eafc-17a6-4903-b951-4d20da0c530e/1/yMHe_AcZ7t0DOCfavN3ISgqxc3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/87eafc-17a6-4903-b951-4d20da0c530e/1/GmoUZyI70xUQwU8hvTPX12mCnSg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:42c::/48 Signature Algorithm: sha256WithRSAEncryption 39:74:ca:2c:4e:7c:81:59:cc:a2:1d:39:15:6d:26:76:cd:15: d8:68:14:32:74:93:11:ed:fa:25:b2:07:d9:b9:bb:bd:6f:75: 5e:60:fa:68:b0:5a:33:e3:38:51:45:c0:86:d5:6e:b7:85:53: 9c:7d:e8:99:9b:db:32:b3:49:76:1c:e6:78:df:44:18:21:26: f0:ac:ee:b3:b1:98:08:7b:8b:5a:41:d6:15:62:4b:20:55:0a: fa:10:0b:15:7f:a1:74:16:9b:a5:1c:63:d5:71:0d:9c:3f:d7: cb:85:2d:85:2c:a8:84:89:99:62:48:66:fd:a3:e5:75:a9:2c: 04:6a:c9:c0:7a:08:04:66:6b:92:49:00:0b:e0:c1:58:5b:24: 09:72:b1:44:3c:a2:38:61:b8:ba:fe:45:38:ea:b6:c5:c4:9a: fb:dd:e6:81:db:65:81:a1:01:ec:c2:19:9c:cb:c1:84:21:f9: b8:78:fe:d1:23:3c:bb:f7:72:39:04:38:af:88:33:11:22:06: 9b:59:4f:2b:d4:e0:8f:d6:62:62:08:33:c3:09:87:a2:70:bb: fd:1b:86:f2:0f:b3:fe:f1:4c:c3:68:54:d6:dd:d7:fa:f8:ef: 3e:0f:6b:69:11:87:e5:98:86:be:3b:0e:2d:5a:0d:f0:22:1d: 39:23:c8:28 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt4NEmBq3oAUt92yc8six0rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhNmExNDY3MjIzYmQzMTUxMGMxNGYyMWJkMzNkN2Q3Njk4 MjlkMjgwHhcNMjYwMTAxMDYxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOGMxZGVmYzA3MTllZWRkMDMzODI3ZGFiY2RkYzg0YTBhYjE3Mzc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjjUFZqmEjt852pIsWu8pd22W2W9 bEieDXIMeEfjr1X5VdULKDNgMjKWTzgJs8L1Mcb1q8o6h/mpzcyRBMKxUw5OQ4FA CSwJuZU22iKSZ/XrNy3NMYkv6UtonLKBwa5Nd2F02iejARTKUVhuRyI64Z2xSxkZ PgUv0SKPe4nBMDiMCHNYd4wj3hpEnz6H29BPYeYp837K/CIFTiuagftsiAyDIKOV d0q3Xz/1oUKBu6nZPEwMO9MhZ7GZZjFjK9e2zoNz5fH7AEdMBtho7arileNV6pr+ LbpaQl+HpSeiwE36LhNpp4gh50V7RX7/0Gp1XYtbp+Vp2Mc+X0WhZS4YaQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFMjB3vwHGe7dAzgn2rzdyEoKsXN3MB8GA1UdIwQY MBaAFBpqFGciO9MVEMFPIb0z19dpgp0oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR21vVVp5STcweFVRd1U4aHZUUFgxMm1DblNnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84N2VhZmMtMTdhNi00OTAzLWI5NTEt NGQyMGRhMGM1MzBlLzEveU1IZV9BY1o3dDBET0NmYXZOM0lTZ3F4YzNjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS84N2VhZmMtMTdhNi00OTAzLWI5NTEtNGQyMGRhMGM1MzBl LzEvR21vVVp5STcweFVRd1U4aHZUUFgxMm1DblNnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAQs MA0GCSqGSIb3DQEBCwUAA4IBAQA5dMosTnyBWcyiHTkVbSZ2zRXYaBQydJMR7fol sgfZubu9b3VeYPposFoz4zhRRcCG1W63hVOcfeiZm9sys0l2HOZ430QYISbwrO6z sZgIe4taQdYVYksgVQr6EAsVf6F0FpulHGPVcQ2cP9fLhS2FLKiEiZliSGb9o+V1 qSwEasnAeggEZmuSSQAL4MFYWyQJcrFEPKI4Ybi6/kU46rbFxJr73eaB22WBoQHs whmcy8GEIfm4eP7RIzy793I5BDiviDMRIgabWU8r1OCP1mJiCDPDCYeicLv9G4by D7P+8UzDaFTW3df6+O8+D2tpEYflmIa+Ow4tWg3wIh05I8go -----END CERTIFICATE-----Generated at Mon Feb 9 23:41:41 2026 by rpki-client