This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/yh8RCY-bj175I6qO1y_qoa8Z7Jc.roa File: yh8RCY-bj175I6qO1y_qoa8Z7Jc.roa (raw, json) Hash identifier: 4zdPWYLlDQUfMdRZQkA+GGAtm8jeXR0HD9R4ibPVvfY= Subject key identifier: CA:1F:11:09:8F:9B:8F:5E:F9:23:AA:8E:D7:2F:EA:A1:AF:19:EC:97 Certificate issuer: /CN=638d9a5004c592d093cc89b0d90752e279d51854 Certificate serial: 019B7CED2CFD381DB42C4CF1008AF50BA514 Authority key identifier: 63:8D:9A:50:04:C5:92:D0:93:CC:89:B0:D9:07:52:E2:79:D5:18:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y42aUATFktCTzImw2QdS4nnVGFQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/yh8RCY-bj175I6qO1y_qoa8Z7Jc.roa Signing time: Fri 02 Jan 2026 04:17:56 +0000 ROA not before: Fri 02 Jan 2026 04:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35388 IP address blocks: 85.209.24.0/22 maxlen: 24 2a09:9240::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/Y42aUATFktCTzImw2QdS4nnVGFQ.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/Y42aUATFktCTzImw2QdS4nnVGFQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Y42aUATFktCTzImw2QdS4nnVGFQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:2c:fd:38:1d:b4:2c:4c:f1:00:8a:f5:0b:a5:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=638d9a5004c592d093cc89b0d90752e279d51854 Validity Not Before: Jan 2 04:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ca1f11098f9b8f5ef923aa8ed72feaa1af19ec97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:bb:c4:57:19:ab:9b:68:25:6b:1c:0d:c2:39: a4:b8:48:d0:7e:a7:57:3d:bb:ab:e4:f3:7e:1f:a3: 98:e0:92:8e:e4:eb:87:26:f0:28:d9:31:55:66:b3: e6:76:86:37:ba:ff:ea:d9:a2:3e:ca:53:d3:05:50: 6f:aa:a9:9a:48:45:04:05:78:8a:1b:37:11:42:7b: 66:ac:3b:e2:e0:75:44:00:e3:a6:35:54:cd:e8:2d: 6f:ff:6d:9e:57:11:27:98:78:08:52:65:2e:5a:bb: c6:eb:ed:f7:6a:6a:9f:3b:da:ec:5a:4c:95:5e:8b: e2:d3:e1:e3:1e:44:bf:b1:af:f8:16:fa:96:08:5f: c5:9e:41:eb:15:f4:2a:17:ef:b1:17:8f:aa:c6:be: dd:27:50:10:9d:4d:fa:72:d4:f1:cf:3c:b0:ed:c5: c6:f6:f6:67:d9:c6:c1:02:9b:55:c7:2e:43:e0:cd: 36:d7:fe:21:ac:41:63:7b:76:23:31:ae:60:60:0e: b3:89:e1:03:65:5c:10:5a:43:41:81:eb:d7:55:90: e6:f7:57:4a:ea:63:15:5a:8b:bf:88:8f:28:22:4e: c6:69:5d:72:08:6b:e4:32:8b:34:ee:a7:78:cf:ca: 12:34:e1:9a:f1:6b:3e:43:26:95:a3:74:f7:86:99: d5:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:1F:11:09:8F:9B:8F:5E:F9:23:AA:8E:D7:2F:EA:A1:AF:19:EC:97 X509v3 Authority Key Identifier: keyid:63:8D:9A:50:04:C5:92:D0:93:CC:89:B0:D9:07:52:E2:79:D5:18:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y42aUATFktCTzImw2QdS4nnVGFQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/yh8RCY-bj175I6qO1y_qoa8Z7Jc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/Y42aUATFktCTzImw2QdS4nnVGFQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.209.24.0/22 IPv6: 2a09:9240::/29 Signature Algorithm: sha256WithRSAEncryption 50:ba:99:be:b2:ee:1b:5d:e2:5b:3a:ff:65:cd:8e:b1:71:a6: 1e:72:e8:7c:7b:72:57:9c:d3:2f:d1:34:39:d0:6b:50:5f:94: ed:e3:87:31:9a:b7:a4:fa:ba:e8:70:55:f7:68:f2:4e:1f:d9: 18:cb:f9:29:e5:47:fb:0e:02:65:eb:0b:fd:24:47:6e:d3:b1: 38:ee:e2:c0:36:34:f8:16:d9:2f:79:09:6e:9b:e0:f3:4d:3b: b0:58:26:c9:94:29:5b:40:22:f3:d1:7e:52:be:73:07:a5:79: 26:ed:54:3a:e9:f1:dc:a8:9d:f3:4d:14:84:f2:d0:87:21:59: 3e:a9:3b:d2:7e:52:94:f3:8c:92:d4:5d:b8:27:4b:c8:e3:ab: e0:58:73:4a:37:bb:ef:46:c3:ec:75:b0:da:a1:bd:41:ef:5c: 2b:e4:1c:76:5c:19:c4:95:e8:46:6e:ce:de:b6:50:b5:b3:af: ad:d1:a9:c3:b5:99:d3:fc:c4:d7:51:c5:e7:a1:d3:f1:cd:c4: fb:c4:20:f2:ba:99:81:70:e1:20:bb:bc:ac:3a:7c:37:08:50: c5:1d:e3:77:a0:f7:7b:c4:ba:f5:ee:29:94:0d:57:cc:df:f7: 3d:a0:8a:68:c4:c7:dc:c0:ce:47:15:a9:06:bb:ad:2d:91:75: a8:c1:86:7a -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt87Sz9OB20LEzxAIr1C6UUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzOGQ5YTUwMDRjNTkyZDA5M2NjODliMGQ5MDc1MmUyNzlk NTE4NTQwHhcNMjYwMTAyMDQxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYTFmMTEwOThmOWI4ZjVlZjkyM2FhOGVkNzJmZWFhMWFmMTllYzk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37vEVxmrm2glaxwNwjmkuEjQfqdX Pbur5PN+H6OY4JKO5OuHJvAo2TFVZrPmdoY3uv/q2aI+ylPTBVBvqqmaSEUEBXiK GzcRQntmrDvi4HVEAOOmNVTN6C1v/22eVxEnmHgIUmUuWrvG6+33amqfO9rsWkyV Xovi0+HjHkS/sa/4FvqWCF/FnkHrFfQqF++xF4+qxr7dJ1AQnU36ctTxzzyw7cXG 9vZn2cbBAptVxy5D4M021/4hrEFje3YjMa5gYA6zieEDZVwQWkNBgevXVZDm91dK 6mMVWou/iI8oIk7GaV1yCGvkMos07qd4z8oSNOGa8Ws+QyaVo3T3hpnVVwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMofEQmPm49e+SOqjtcv6qGvGeyXMB8GA1UdIwQY MBaAFGONmlAExZLQk8yJsNkHUuJ51RhUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWTQyYVVBVEZrdENUekltdzJRZFM0bm5WR0ZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wY2Y2ZDctZDhlZi00NGE4LWFhMDct Nzc2OGQ0ZmJkY2QzLzEveWg4UkNZLWJqMTc1STZxTzF5X3FvYThaN0pjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS8wY2Y2ZDctZDhlZi00NGE4LWFhMDctNzc2OGQ0ZmJkY2Qz LzEvWTQyYVVBVEZrdENUekltdzJRZFM0bm5WR0ZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdEYMA0E AgACMAcDBQMqCZJAMA0GCSqGSIb3DQEBCwUAA4IBAQBQupm+su4bXeJbOv9lzY6x caYecuh8e3JXnNMv0TQ50GtQX5Tt44cxmrek+rrocFX3aPJOH9kYy/kp5Uf7DgJl 6wv9JEdu07E47uLANjT4FtkveQlum+DzTTuwWCbJlClbQCLz0X5SvnMHpXkm7VQ6 6fHcqJ3zTRSE8tCHIVk+qTvSflKU84yS1F24J0vI46vgWHNKN7vvRsPsdbDaob1B 71wr5Bx2XBnElehGbs7etlC1s6+t0anDtZnT/MTXUcXnodPxzcT7xCDyupmBcOEg u7ysOnw3CFDFHeN3oPd7xLr17imUDVfM3/c9oIpoxMfcwM5HFakGu60tkXWowYZ6 -----END CERTIFICATE-----Generated at Mon Feb 9 22:36:59 2026 by rpki-client