This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/YeKyHo-fPzS0PXLTVc_ZhuOAnDE.roa File: YeKyHo-fPzS0PXLTVc_ZhuOAnDE.roa (raw, json) Hash identifier: JasqN/dFTwUl8qybymMvb6Z/5LOD9789U3Jts0vT2yw= Subject key identifier: 61:E2:B2:1E:8F:9F:3F:34:B4:3D:72:D3:55:CF:D9:86:E3:80:9C:31 Certificate issuer: /CN=9914258fb9d3657b3376142bfc63dace4f8211c4 Certificate serial: 019B7C80B0BAD1C834E60A26FF0F04E8FDD1 Authority key identifier: 99:14:25:8F:B9:D3:65:7B:33:76:14:2B:FC:63:DA:CE:4F:82:11:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mRQlj7nTZXszdhQr_GPazk-CEcQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/YeKyHo-fPzS0PXLTVc_ZhuOAnDE.roa Signing time: Fri 02 Jan 2026 02:19:27 +0000 ROA not before: Fri 02 Jan 2026 02:19:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1930 IP address blocks: 192.68.224.0/24 maxlen: 24 192.92.147.0/24 maxlen: 24 192.92.148.0/24 maxlen: 24 192.132.53.0/24 maxlen: 24 192.190.174.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/mRQlj7nTZXszdhQr_GPazk-CEcQ.crl rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/mRQlj7nTZXszdhQr_GPazk-CEcQ.mft rsync://rpki.ripe.net/repository/DEFAULT/mRQlj7nTZXszdhQr_GPazk-CEcQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:b0:ba:d1:c8:34:e6:0a:26:ff:0f:04:e8:fd:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9914258fb9d3657b3376142bfc63dace4f8211c4 Validity Not Before: Jan 2 02:19:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=61e2b21e8f9f3f34b43d72d355cfd986e3809c31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:e5:3a:33:88:f2:37:52:d2:88:b0:e0:dd:82: c8:13:ba:ab:1e:89:ea:4e:51:31:24:b4:00:e8:96: 8b:15:9b:66:13:4c:ea:ef:fa:26:73:16:9d:0b:d9: 56:88:59:6f:5f:ed:b3:ad:cf:78:f0:2c:52:35:58: c2:1f:3b:19:b5:c5:be:99:17:ad:c4:3a:62:62:58: 92:27:ae:2b:ec:6b:fc:23:c4:9c:a8:0f:84:5e:c4: 51:04:6d:60:bd:d0:65:cd:50:56:eb:b8:4a:77:f3: ac:3f:82:d1:f6:ad:aa:c4:d4:50:b2:3f:39:fb:8b: e1:dc:03:55:93:63:99:62:5d:a3:2d:a5:49:d0:d8: a5:18:0e:cd:4d:4c:28:ad:42:2a:83:4c:78:82:c2: cf:d1:a8:a4:03:ce:70:5b:f2:f2:01:9e:27:5f:a0: f4:08:bc:80:6a:84:86:55:e7:46:53:51:f2:ad:13: dd:1e:a4:dd:71:bc:48:45:02:55:c3:e8:f0:e3:5d: 88:1b:7e:c1:4c:84:40:ee:e4:2d:75:d5:2a:2f:63: 26:e8:61:e9:7a:35:a8:45:27:8b:3d:8a:50:b3:75: 8d:9f:a9:3e:ff:88:9e:ce:33:26:5c:b0:3b:3c:1d: 33:5f:5d:1e:15:b6:e3:4d:1c:9c:43:ba:6d:1c:12: d6:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:E2:B2:1E:8F:9F:3F:34:B4:3D:72:D3:55:CF:D9:86:E3:80:9C:31 X509v3 Authority Key Identifier: keyid:99:14:25:8F:B9:D3:65:7B:33:76:14:2B:FC:63:DA:CE:4F:82:11:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mRQlj7nTZXszdhQr_GPazk-CEcQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/YeKyHo-fPzS0PXLTVc_ZhuOAnDE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/86641e-669c-4a8d-ae0b-fe341b3005e3/1/mRQlj7nTZXszdhQr_GPazk-CEcQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.68.224.0/24 192.92.147.0-192.92.148.255 192.132.53.0/24 192.190.174.0/24 Signature Algorithm: sha256WithRSAEncryption 80:f3:db:c7:ae:ac:6d:94:da:62:f1:24:ed:9f:68:07:e4:d9: ba:f7:32:4c:ec:09:3e:b9:6b:48:3f:21:2f:1c:75:88:9e:ea: 32:fc:73:16:f4:e6:02:92:65:e0:02:59:31:db:db:91:88:e2: 60:ae:ac:9e:72:cf:5b:8b:89:7d:19:52:52:42:23:cf:61:2a: 62:79:8b:1b:a8:a9:15:24:df:2d:b0:88:95:a8:fa:46:84:0f: 18:fe:83:9c:b1:36:2d:ab:8d:d4:a4:10:9e:d6:33:58:05:90: 41:87:3d:ce:1f:b7:57:60:10:b8:32:c8:07:d5:d1:5b:0c:84: 3b:ab:a2:f1:b8:5b:01:5f:79:0a:84:10:12:d9:ba:b6:9d:53: 09:b7:d6:23:9f:90:0e:05:eb:20:5e:46:11:cb:42:31:94:6b: 41:1e:01:ff:ca:c4:d6:7a:0a:98:64:7b:0e:b8:81:2d:d9:68: 1e:5f:6b:2e:e9:4c:26:e2:fd:46:e0:44:91:72:83:72:f7:bd: 7c:8d:e4:5b:18:3b:9c:8b:dd:a6:5c:86:d0:22:93:6e:70:11: 99:3c:aa:a7:26:db:0d:57:28:16:6b:19:cb:55:3a:f8:10:c3: cc:8a:41:63:b7:7a:ab:e4:47:9b:44:80:5a:8c:31:c9:08:4b: f8:4f:b5:ed -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt8gLC60cg05gom/w8E6P3RMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5MTQyNThmYjlkMzY1N2IzMzc2MTQyYmZjNjNkYWNlNGY4 MjExYzQwHhcNMjYwMTAyMDIxOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MWUyYjIxZThmOWYzZjM0YjQzZDcyZDM1NWNmZDk4NmUzODA5YzMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+U6M4jyN1LSiLDg3YLIE7qrHonq TlExJLQA6JaLFZtmE0zq7/omcxadC9lWiFlvX+2zrc948CxSNVjCHzsZtcW+mRet xDpiYliSJ64r7Gv8I8ScqA+EXsRRBG1gvdBlzVBW67hKd/OsP4LR9q2qxNRQsj85 +4vh3ANVk2OZYl2jLaVJ0NilGA7NTUworUIqg0x4gsLP0aikA85wW/LyAZ4nX6D0 CLyAaoSGVedGU1HyrRPdHqTdcbxIRQJVw+jw412IG37BTIRA7uQtddUqL2Mm6GHp ejWoRSeLPYpQs3WNn6k+/4iezjMmXLA7PB0zX10eFbbjTRycQ7ptHBLWYQIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFGHish6Pnz80tD1y01XP2YbjgJwxMB8GA1UdIwQY MBaAFJkUJY+502V7M3YUK/xj2s5PghHEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbVJRbGo3blRaWHN6ZGhRcl9HUGF6ay1DRWNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS84NjY0MWUtNjY5Yy00YThkLWFlMGIt ZmUzNDFiMzAwNWUzLzEvWWVLeUhvLWZQelMwUFhMVFZjX1podU9BbkRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS84NjY0MWUtNjY5Yy00YThkLWFlMGItZmUzNDFiMzAwNWUz LzEvbVJRbGo3blRaWHN6ZGhRcl9HUGF6ay1DRWNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAwETgMAwD BADAXJMDBADAXJQDBADAhDUDBADAvq4wDQYJKoZIhvcNAQELBQADggEBAIDz28eu rG2U2mLxJO2faAfk2br3MkzsCT65a0g/IS8cdYie6jL8cxb05gKSZeACWTHb25GI 4mCurJ5yz1uLiX0ZUlJCI89hKmJ5ixuoqRUk3y2wiJWo+kaEDxj+g5yxNi2rjdSk EJ7WM1gFkEGHPc4ft1dgELgyyAfV0VsMhDurovG4WwFfeQqEEBLZuradUwm31iOf kA4F6yBeRhHLQjGUa0EeAf/KxNZ6Cphkew64gS3ZaB5fay7pTCbi/UbgRJFyg3L3 vXyN5FsYO5yL3aZchtAik25wEZk8qqcm2w1XKBZrGctVOvgQw8yKQWO3eqvkR5tE gFqMMckIS/hPte0= -----END CERTIFICATE-----Generated at Mon Jan 26 22:32:39 2026 by rpki-client