This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/Y9N-L7Si27hHxnZnHZMexPmebsQ.roa File: Y9N-L7Si27hHxnZnHZMexPmebsQ.roa (raw, json) Hash identifier: i7FIr8RPjsg0aBKK1DwKRHdbEwBpfRlDFKjhoklWDSk= Subject key identifier: 63:D3:7E:2F:B4:A2:DB:B8:47:C6:76:67:1D:93:1E:C4:F9:9E:6E:C4 Certificate issuer: /CN=0e298900355fdf4254c20831f2d7ee3bec429bdb Certificate serial: 019B663CA7F2918AB9F1363BF60302882FE6 Authority key identifier: 0E:29:89:00:35:5F:DF:42:54:C2:08:31:F2:D7:EE:3B:EC:42:9B:DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DimJADVf30JUwggx8tfuO-xCm9s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/Y9N-L7Si27hHxnZnHZMexPmebsQ.roa Signing time: Sun 28 Dec 2025 18:33:29 +0000 ROA not before: Sun 28 Dec 2025 18:33:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 834 IP address blocks: 185.226.154.0/23 maxlen: 23 194.59.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/DimJADVf30JUwggx8tfuO-xCm9s.crl rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/DimJADVf30JUwggx8tfuO-xCm9s.mft rsync://rpki.ripe.net/repository/DEFAULT/DimJADVf30JUwggx8tfuO-xCm9s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 15:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:66:3c:a7:f2:91:8a:b9:f1:36:3b:f6:03:02:88:2f:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0e298900355fdf4254c20831f2d7ee3bec429bdb Validity Not Before: Dec 28 18:33:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=63d37e2fb4a2dbb847c676671d931ec4f99e6ec4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:49:f8:ef:03:68:9e:b4:aa:70:4f:df:fe:dd: 85:38:5a:f9:7f:5a:21:e5:10:cb:17:8f:53:f0:bd: 54:45:dd:ac:23:dd:18:1e:5e:f2:36:58:ab:bc:66: db:b8:2e:0a:02:9a:5f:6a:d4:d0:2e:9c:f0:65:4f: 47:73:a1:e0:99:22:19:cf:ca:85:c6:00:59:3d:d2: 46:dc:19:95:0b:d8:1f:3b:b5:14:be:66:e5:af:07: c5:f4:5e:59:78:c8:5d:c3:14:54:1f:81:f6:56:40: 88:f9:d0:69:04:68:61:0b:11:e1:96:b7:ae:66:70: d3:c2:85:26:60:0f:59:71:0f:fa:b6:1c:af:c5:1a: e9:23:d1:b9:28:17:d8:6d:ea:94:c4:4d:80:3e:84: ce:0a:0c:48:ab:fc:f6:34:7a:2d:f4:88:75:7e:1a: 3a:1f:a4:00:88:d5:c9:bf:13:a4:0f:34:02:b7:a8: 8c:a5:7e:11:56:f4:c8:b2:89:68:7e:22:27:0b:81: 54:f0:4b:2e:c4:71:79:7e:bd:8c:f7:b8:05:f8:f0: 4b:88:4d:10:65:d7:b6:57:12:e9:06:52:e5:29:93: 74:66:14:61:61:2b:27:bd:87:0b:5d:00:a4:99:7b: ee:78:ec:85:46:64:ab:0b:50:ea:21:c4:1c:17:96: fb:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:D3:7E:2F:B4:A2:DB:B8:47:C6:76:67:1D:93:1E:C4:F9:9E:6E:C4 X509v3 Authority Key Identifier: keyid:0E:29:89:00:35:5F:DF:42:54:C2:08:31:F2:D7:EE:3B:EC:42:9B:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DimJADVf30JUwggx8tfuO-xCm9s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/Y9N-L7Si27hHxnZnHZMexPmebsQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/DimJADVf30JUwggx8tfuO-xCm9s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.226.154.0/23 194.59.223.0/24 Signature Algorithm: sha256WithRSAEncryption 42:a9:c3:17:b5:62:78:34:1c:fb:9e:0a:0c:d3:a2:60:bb:f7: 9b:39:0a:8a:fb:fc:60:79:d2:a9:f4:cb:09:19:63:70:c2:69: 9a:6c:6e:41:68:82:2a:c6:e5:10:89:f8:a4:34:01:5c:73:42: 9e:7c:17:3b:a2:c9:11:8f:e2:4c:03:af:ea:d1:6b:11:ab:88: 06:3d:50:3b:64:80:6f:5b:62:c2:87:4c:1d:8a:16:ce:9a:31: 79:b1:97:1b:14:07:38:70:27:58:ac:6a:7b:48:7d:21:11:7e: dc:6a:1f:72:24:29:0a:23:49:06:af:8b:2e:99:4f:27:a0:52: f0:23:32:bc:b7:ad:dd:ae:75:78:e4:86:c0:8f:d7:92:06:49: f3:9e:a9:dd:d0:b7:8c:fc:87:b6:e3:65:c9:55:b2:67:b0:c2: 68:0b:56:4d:2a:a0:b3:15:44:ee:34:d0:18:c4:51:5f:a1:9f: 31:4e:a4:a7:b3:5b:f2:17:7d:ea:87:37:ef:e5:ac:af:ca:fa: 0c:6c:89:49:53:bb:e9:98:87:88:4c:02:26:2b:0e:e7:41:aa: 4d:27:ba:ca:d6:a4:f7:a8:a5:e2:f9:a3:6e:8a:51:d9:fe:98: 79:18:c4:89:a8:fd:38:20:0d:5d:89:3b:0e:d2:bc:38:ea:3e: 4d:ce:c4:4a -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZtmPKfykYq58TY79gMCiC/mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBlMjk4OTAwMzU1ZmRmNDI1NGMyMDgzMWYyZDdlZTNiZWM0 MjliZGIwHhcNMjUxMjI4MTgzMzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2M2QzN2UyZmI0YTJkYmI4NDdjNjc2NjcxZDkzMWVjNGY5OWU2ZWM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskn47wNonrSqcE/f/t2FOFr5f1oh 5RDLF49T8L1URd2sI90YHl7yNlirvGbbuC4KAppfatTQLpzwZU9Hc6HgmSIZz8qF xgBZPdJG3BmVC9gfO7UUvmblrwfF9F5ZeMhdwxRUH4H2VkCI+dBpBGhhCxHhlreu ZnDTwoUmYA9ZcQ/6thyvxRrpI9G5KBfYbeqUxE2APoTOCgxIq/z2NHot9Ih1fho6 H6QAiNXJvxOkDzQCt6iMpX4RVvTIsolofiInC4FU8EsuxHF5fr2M97gF+PBLiE0Q Zde2VxLpBlLlKZN0ZhRhYSsnvYcLXQCkmXvueOyFRmSrC1DqIcQcF5b7qQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFGPTfi+0otu4R8Z2Zx2THsT5nm7EMB8GA1UdIwQY MBaAFA4piQA1X99CVMIIMfLX7jvsQpvbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRGltSkFEVmYzMEpVd2dneDh0ZnVPLXhDbTlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9jZmVhOWUtYmVlMi00YmNiLThkZWYt M2U0Yjc0ZGQwNThkLzEvWTlOLUw3U2kyN2hIeG5abkhaTWV4UG1lYnNRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNi9jZmVhOWUtYmVlMi00YmNiLThkZWYtM2U0Yjc0ZGQwNThk LzEvRGltSkFEVmYzMEpVd2dneDh0ZnVPLXhDbTlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBueKaAwQA wjvfMA0GCSqGSIb3DQEBCwUAA4IBAQBCqcMXtWJ4NBz7ngoM06Jgu/ebOQqK+/xg edKp9MsJGWNwwmmabG5BaIIqxuUQifikNAFcc0KefBc7oskRj+JMA6/q0WsRq4gG PVA7ZIBvW2LCh0wdihbOmjF5sZcbFAc4cCdYrGp7SH0hEX7cah9yJCkKI0kGr4su mU8noFLwIzK8t63drnV45IbAj9eSBknznqnd0LeM/Ie242XJVbJnsMJoC1ZNKqCz FUTuNNAYxFFfoZ8xTqSns1vyF33qhzfv5ayvyvoMbIlJU7vpmIeITAImKw7nQapN J7rK1qT3qKXi+aNuilHZ/ph5GMSJqP04IA1diTsO0rw46j5NzsRK -----END CERTIFICATE-----Generated at Tue Dec 30 21:05:14 2025 by rpki-client