This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/RY-r8degIdRULqk_qmxjFefq8O0.roa File: RY-r8degIdRULqk_qmxjFefq8O0.roa (raw, json) Hash identifier: lLpPZuz/t5Yw8zlJe7ERdvGB1DRM1TuO1Rrg7Us/30Q= Subject key identifier: 45:8F:AB:F1:D7:A0:21:D4:54:2E:A9:3F:AA:6C:63:15:E7:EA:F0:ED Certificate issuer: /CN=07b7a0c1babd621e8220d0d777877a844b413c10 Certificate serial: 019B7C117227F97C303C21510412E99A4E60 Authority key identifier: 07:B7:A0:C1:BA:BD:62:1E:82:20:D0:D7:77:87:7A:84:4B:41:3C:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B7egwbq9Yh6CINDXd4d6hEtBPBA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/RY-r8degIdRULqk_qmxjFefq8O0.roa Signing time: Fri 02 Jan 2026 00:17:56 +0000 ROA not before: Fri 02 Jan 2026 00:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50629 IP address blocks: 193.203.2.0/23 maxlen: 23 193.203.16.0/23 maxlen: 23 2a0f:e280::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/B7egwbq9Yh6CINDXd4d6hEtBPBA.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/B7egwbq9Yh6CINDXd4d6hEtBPBA.mft rsync://rpki.ripe.net/repository/DEFAULT/B7egwbq9Yh6CINDXd4d6hEtBPBA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 09:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:72:27:f9:7c:30:3c:21:51:04:12:e9:9a:4e:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=07b7a0c1babd621e8220d0d777877a844b413c10 Validity Not Before: Jan 2 00:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=458fabf1d7a021d4542ea93faa6c6315e7eaf0ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:34:ed:92:bc:00:d8:2e:eb:0b:fa:c7:dd:2e: 0f:28:23:89:3f:a6:41:ad:7c:2c:27:a7:6a:83:7f: a9:69:09:ff:04:54:81:49:6f:42:f3:5f:9c:dc:68: ad:d2:86:27:15:ef:d0:27:11:1f:9c:57:8e:0d:19: 98:08:72:44:3e:78:ea:8f:f6:28:30:f7:87:28:f7: be:d6:b1:06:85:8c:d9:3e:a6:cb:0b:59:7e:c1:11: af:c6:00:c7:45:85:74:4c:76:57:80:04:bb:d9:d1: c5:40:43:99:dd:2f:2f:35:0d:e7:c1:84:1b:ae:a9: 58:bd:57:cb:34:64:47:7b:43:24:29:72:8b:2b:da: 0b:dd:7d:4d:64:fd:88:4e:d5:3b:5a:72:9c:9e:fe: ac:d3:c1:70:9a:36:fc:66:12:98:7e:ec:c6:82:fd: 50:1e:71:2e:a7:50:da:2b:eb:2f:6f:1a:ad:be:a6: 8b:8b:29:4e:fc:97:84:6c:d9:d4:f9:0d:8f:fe:7c: ce:9a:9f:52:14:f2:a5:1c:7a:5a:54:cb:f9:e2:7d: 88:67:ce:76:c8:c9:d2:e5:e8:d3:16:87:31:3c:d8: cb:a5:91:e9:1b:45:fc:56:e7:d5:9c:27:1b:24:9f: 98:d2:9f:11:bf:4b:41:63:4e:03:18:38:3f:f0:3a: 95:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:8F:AB:F1:D7:A0:21:D4:54:2E:A9:3F:AA:6C:63:15:E7:EA:F0:ED X509v3 Authority Key Identifier: keyid:07:B7:A0:C1:BA:BD:62:1E:82:20:D0:D7:77:87:7A:84:4B:41:3C:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B7egwbq9Yh6CINDXd4d6hEtBPBA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/RY-r8degIdRULqk_qmxjFefq8O0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/5c3fc3-35e8-4a0c-a30f-fb9217028c5c/1/B7egwbq9Yh6CINDXd4d6hEtBPBA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.203.2.0/23 193.203.16.0/23 IPv6: 2a0f:e280::/29 Signature Algorithm: sha256WithRSAEncryption a4:4c:37:9f:ed:be:b9:90:17:df:84:68:d0:71:3c:e5:22:8a: 58:d1:d8:15:32:8d:68:7f:f2:4d:f5:5e:fd:e1:e8:b8:4f:04: 06:eb:9e:b0:64:3e:ba:95:d1:85:fa:43:c8:c9:48:a7:53:ac: 48:2d:c7:67:e6:43:43:94:97:aa:aa:49:5f:6a:d3:1f:28:2e: 02:f0:cc:39:df:cb:74:e1:2f:91:20:cf:cf:4b:b0:ec:5a:35: a9:0b:94:b7:c8:ec:0d:54:77:44:5a:b0:b2:15:d1:25:5a:96: af:50:6f:3f:b5:a1:9d:2e:9d:66:17:62:6e:96:84:d1:79:c9: 31:db:bc:b2:5c:f1:7a:26:3d:1f:e1:f8:13:ce:d8:17:d4:f4: 8c:d7:39:8a:0b:5e:b2:dc:43:79:62:26:5f:9a:59:46:e6:81: 21:08:3e:ca:bf:92:49:48:7e:9c:a2:e2:9c:1b:0b:a3:bb:10: e7:86:38:58:df:64:0f:fb:9f:17:9d:96:3a:4c:db:0f:60:ee: 4a:bd:2d:bb:a5:e9:f3:dc:53:41:9c:09:dc:ab:12:c3:9f:7d: a4:09:b5:b8:b8:b5:4c:82:79:5b:8f:63:a0:88:4a:b8:73:98: 37:b7:28:53:7c:aa:32:50:70:01:d4:8a:3d:3f:c9:bb:26:03: c3:56:65:18 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8EXIn+XwwPCFRBBLpmk5gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA3YjdhMGMxYmFiZDYyMWU4MjIwZDBkNzc3ODc3YTg0NGI0 MTNjMTAwHhcNMjYwMTAyMDAxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NThmYWJmMWQ3YTAyMWQ0NTQyZWE5M2ZhYTZjNjMxNWU3ZWFmMGVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TTtkrwA2C7rC/rH3S4PKCOJP6ZB rXwsJ6dqg3+paQn/BFSBSW9C81+c3Git0oYnFe/QJxEfnFeODRmYCHJEPnjqj/Yo MPeHKPe+1rEGhYzZPqbLC1l+wRGvxgDHRYV0THZXgAS72dHFQEOZ3S8vNQ3nwYQb rqlYvVfLNGRHe0MkKXKLK9oL3X1NZP2ITtU7WnKcnv6s08Fwmjb8ZhKYfuzGgv1Q HnEup1DaK+svbxqtvqaLiylO/JeEbNnU+Q2P/nzOmp9SFPKlHHpaVMv54n2IZ852 yMnS5ejTFocxPNjLpZHpG0X8VufVnCcbJJ+Y0p8Rv0tBY04DGDg/8DqVwwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFEWPq/HXoCHUVC6pP6psYxXn6vDtMB8GA1UdIwQY MBaAFAe3oMG6vWIegiDQ13eHeoRLQTwQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQjdlZ3dicTlZaDZDSU5EWGQ0ZDZoRXRCUEJBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS81YzNmYzMtMzVlOC00YTBjLWEzMGYt ZmI5MjE3MDI4YzVjLzEvUlktcjhkZWdJZFJVTHFrX3FteGpGZWZxOE8wLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS81YzNmYzMtMzVlOC00YTBjLWEzMGYtZmI5MjE3MDI4YzVj LzEvQjdlZ3dicTlZaDZDSU5EWGQ0ZDZoRXRCUEJBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwcsCAwQB wcsQMA0EAgACMAcDBQMqD+KAMA0GCSqGSIb3DQEBCwUAA4IBAQCkTDef7b65kBff hGjQcTzlIopY0dgVMo1of/JN9V794ei4TwQG656wZD66ldGF+kPIyUinU6xILcdn 5kNDlJeqqklfatMfKC4C8Mw538t04S+RIM/PS7DsWjWpC5S3yOwNVHdEWrCyFdEl WpavUG8/taGdLp1mF2JuloTReckx27yyXPF6Jj0f4fgTztgX1PSM1zmKC16y3EN5 YiZfmllG5oEhCD7Kv5JJSH6couKcGwujuxDnhjhY32QP+58XnZY6TNsPYO5KvS27 penz3FNBnAncqxLDn32kCbW4uLVMgnlbj2OgiEq4c5g3tyhTfKoyUHAB1Io9P8m7 JgPDVmUY -----END CERTIFICATE-----Generated at Mon Jan 26 17:45:33 2026 by rpki-client