This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/yCYfu-nQ-r5mmuWB4csYdJl_brA.roa File: yCYfu-nQ-r5mmuWB4csYdJl_brA.roa (raw, json) Hash identifier: bFBh8jKzarYm0VKcZxzPkcXMAVEV0oykNxP7fDtsTwM= Subject key identifier: C8:26:1F:BB:E9:D0:FA:BE:66:9A:E5:81:E1:CB:18:74:99:7F:6E:B0 Certificate issuer: /CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20 Certificate serial: 019B7F80FF35C2DA8D68D4E470E844A05B87 Authority key identifier: 3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/yCYfu-nQ-r5mmuWB4csYdJl_brA.roa Signing time: Fri 02 Jan 2026 16:18:38 +0000 ROA not before: Fri 02 Jan 2026 16:18:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34125 IP address blocks: 193.29.2.0/24 maxlen: 24 212.2.64.0/19 maxlen: 24 2a0a:ba80::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.mft rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:80:ff:35:c2:da:8d:68:d4:e4:70:e8:44:a0:5b:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20 Validity Not Before: Jan 2 16:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c8261fbbe9d0fabe669ae581e1cb1874997f6eb0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:88:de:1f:fd:5c:a5:d1:cb:fd:10:4b:4b:46: b9:eb:e3:7d:97:bd:8c:68:03:a0:bf:b7:d0:25:d0: 02:b1:0f:3b:c8:de:b1:09:23:23:2b:e8:48:c6:34: e8:7c:c2:e4:74:21:7d:94:0e:6a:55:fb:57:76:39: 98:dc:01:5e:0d:12:9a:10:54:84:d0:2c:41:1a:61: c3:e4:86:7a:53:34:9a:15:21:c4:39:9b:34:fe:6d: 92:99:f5:18:c5:b8:3a:25:61:97:1d:66:2a:c0:13: 7c:e1:28:4d:4b:dd:b4:68:11:32:4e:61:b2:85:90: 7d:05:8f:3e:5f:64:88:1b:a2:ed:f8:5a:58:87:fb: 2c:83:97:92:7c:3b:61:33:a4:fc:b5:56:fe:01:fc: fb:1a:23:08:7f:ea:50:9d:8e:44:df:ed:17:b5:38: 7f:e4:ec:e4:e4:f3:9e:e2:e1:d7:c5:fb:74:a5:6e: 83:a5:16:51:b0:1b:3e:3e:21:d7:35:97:e3:48:89: 80:78:fd:77:82:15:c2:4d:c6:58:e9:0a:4e:c7:c3: 96:6a:31:cf:ac:49:48:3d:01:f9:6f:7d:7c:8e:9d: 72:a3:3f:31:6a:b1:60:e3:ca:4f:0b:91:0d:68:9a: 28:44:ef:83:93:ad:10:fb:d4:1a:af:10:29:5a:17: 9b:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:26:1F:BB:E9:D0:FA:BE:66:9A:E5:81:E1:CB:18:74:99:7F:6E:B0 X509v3 Authority Key Identifier: keyid:3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/yCYfu-nQ-r5mmuWB4csYdJl_brA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.29.2.0/24 212.2.64.0/19 IPv6: 2a0a:ba80::/29 Signature Algorithm: sha256WithRSAEncryption 1c:85:ef:e8:df:d4:06:e1:82:e1:b7:74:39:e2:e2:ec:77:28: 20:0f:5e:8b:37:13:fa:4e:8c:93:c4:2a:a3:b7:98:f1:f2:4d: 41:b0:bc:3f:a7:19:80:c7:c6:a3:52:7d:46:c5:2b:a3:d8:78: 06:8b:d2:ff:f6:f1:6d:03:4f:69:1b:4d:86:00:94:22:34:05: 9d:ea:b4:8b:93:c0:fa:92:47:07:2d:a8:8f:e2:ba:56:82:02: 3b:6e:2d:e7:56:03:76:ea:37:14:79:dc:d7:9b:fd:d5:51:d8: 40:ce:3d:15:b8:c9:2c:70:02:97:02:34:51:4d:a3:23:e7:33: 65:29:08:7e:de:ff:a5:cc:77:5b:6d:b3:a6:e6:48:e8:20:40: 30:67:84:8b:2b:bd:0e:d4:7a:5c:00:f1:90:78:57:b9:ee:dd: 31:f9:21:bb:58:ee:35:08:f6:92:e1:dd:c8:e8:11:ec:ac:13: bd:7a:d6:80:78:7d:85:c7:06:03:fa:82:a8:21:f1:4e:11:15: 5d:3e:ad:42:fe:49:5f:5d:d7:e6:df:ce:d7:96:53:dc:17:de: 69:05:ba:06:0b:f4:b6:30:58:22:f4:a8:f8:85:28:ba:2b:14: 40:ba:6f:b9:d7:a7:4d:a4:b9:a4:09:b8:ca:2b:24:3d:35:d5: 22:cb:9d:92 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/gP81wtqNaNTkcOhEoFuHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhMTkzNWIzY2JjMjUyN2VhZjE2N2Q2OWIyMDc4ZDMzZTRj NGRhMjAwHhcNMjYwMTAyMTYxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjODI2MWZiYmU5ZDBmYWJlNjY5YWU1ODFlMWNiMTg3NDk5N2Y2ZWIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4jeH/1cpdHL/RBLS0a56+N9l72M aAOgv7fQJdACsQ87yN6xCSMjK+hIxjTofMLkdCF9lA5qVftXdjmY3AFeDRKaEFSE 0CxBGmHD5IZ6UzSaFSHEOZs0/m2SmfUYxbg6JWGXHWYqwBN84ShNS920aBEyTmGy hZB9BY8+X2SIG6Lt+FpYh/ssg5eSfDthM6T8tVb+Afz7GiMIf+pQnY5E3+0XtTh/ 5Ozk5POe4uHXxft0pW6DpRZRsBs+PiHXNZfjSImAeP13ghXCTcZY6QpOx8OWajHP rElIPQH5b318jp1yoz8xarFg48pPC5ENaJooRO+Dk60Q+9QarxApWhebyQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFMgmH7vp0Pq+ZprlgeHLGHSZf26wMB8GA1UdIwQY MBaAFDoZNbPLwlJ+rxZ9abIHjTPkxNogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYt YWJmODM3YWNlOGU0LzEveUNZZnUtblEtcjVtbXVXQjRjc1lkSmxfYnJBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYtYWJmODM3YWNlOGU0 LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwR0CAwQF 1AJAMA0EAgACMAcDBQMqCrqAMA0GCSqGSIb3DQEBCwUAA4IBAQAche/o39QG4YLh t3Q54uLsdyggD16LNxP6ToyTxCqjt5jx8k1BsLw/pxmAx8ajUn1GxSuj2HgGi9L/ 9vFtA09pG02GAJQiNAWd6rSLk8D6kkcHLaiP4rpWggI7bi3nVgN26jcUedzXm/3V UdhAzj0VuMkscAKXAjRRTaMj5zNlKQh+3v+lzHdbbbOm5kjoIEAwZ4SLK70O1Hpc APGQeFe57t0x+SG7WO41CPaS4d3I6BHsrBO9etaAeH2FxwYD+oKoIfFOERVdPq1C /klfXdfm387XllPcF95pBboGC/S2MFgi9Kj4hSi6KxRAum+516dNpLmkCbjKKyQ9 NdUiy52S -----END CERTIFICATE-----Generated at Tue Feb 10 04:30:47 2026 by rpki-client