This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/e60828-88db-4e3b-9a47-e148235b7723/1/y0EXH7ROarOi9kpgsz591gLVxK4.roa File: y0EXH7ROarOi9kpgsz591gLVxK4.roa (raw, json) Hash identifier: k4u5/XxA6Sf9mSKxl8oxoWnS212/XxShJpEKu6orXMQ= Subject key identifier: CB:41:17:1F:B4:4E:6A:B3:A2:F6:4A:60:B3:3E:7D:D6:02:D5:C4:AE Certificate issuer: /CN=340e53014bf038ade0d77ae678ff6df34ca53dc0 Certificate serial: 019B7F135513720081E78DF361D07EE99A36 Authority key identifier: 34:0E:53:01:4B:F0:38:AD:E0:D7:7A:E6:78:FF:6D:F3:4C:A5:3D:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NA5TAUvwOK3g13rmeP9t80ylPcA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/e60828-88db-4e3b-9a47-e148235b7723/1/y0EXH7ROarOi9kpgsz591gLVxK4.roa Signing time: Fri 02 Jan 2026 14:18:51 +0000 ROA not before: Fri 02 Jan 2026 14:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60191 IP address blocks: 91.223.31.0/24 maxlen: 24 176.123.60.0/23 maxlen: 23 185.47.64.0/23 maxlen: 23 185.47.66.0/23 maxlen: 23 185.206.112.0/22 maxlen: 22 185.223.53.0/24 maxlen: 24 193.162.104.0/24 maxlen: 24 213.108.112.0/21 maxlen: 21 2a01:8a60::/32 maxlen: 32 2a01:8a60:100::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/e60828-88db-4e3b-9a47-e148235b7723/1/NA5TAUvwOK3g13rmeP9t80ylPcA.crl rsync://rpki.ripe.net/repository/DEFAULT/3d/e60828-88db-4e3b-9a47-e148235b7723/1/NA5TAUvwOK3g13rmeP9t80ylPcA.mft rsync://rpki.ripe.net/repository/DEFAULT/NA5TAUvwOK3g13rmeP9t80ylPcA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:55:13:72:00:81:e7:8d:f3:61:d0:7e:e9:9a:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=340e53014bf038ade0d77ae678ff6df34ca53dc0 Validity Not Before: Jan 2 14:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb41171fb44e6ab3a2f64a60b33e7dd602d5c4ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:be:8c:32:9a:42:e0:26:a2:92:fa:7d:ba:24: 22:ae:01:41:73:06:f4:7f:ad:66:dc:98:04:91:15: 9c:e5:a1:a8:46:c0:98:0c:67:1f:43:1b:88:fd:23: d0:b9:56:61:3c:2e:76:c8:31:43:03:e5:34:2d:1b: c5:32:80:69:a2:d7:5b:6b:ea:8c:28:46:cc:22:8b: 59:26:12:73:d9:97:2d:85:b9:58:8b:1d:7c:c1:78: 4c:c4:71:f8:da:97:47:26:ac:d9:f4:22:eb:01:c6: f5:94:e3:9c:03:f8:f0:95:cf:20:ca:b7:75:99:5a: 8a:73:37:23:7b:38:b4:88:67:34:66:db:b8:19:52: 3c:65:a9:68:b8:20:b2:5b:fc:cc:81:09:0b:06:ed: ac:8e:50:c3:82:31:0d:49:d8:6b:8e:c9:cc:cf:a1: 20:cb:15:9b:35:68:ca:26:44:c7:3d:bf:8d:df:ea: 84:cd:d3:a0:9a:5a:79:38:49:d2:0f:5a:49:3d:ca: 6f:c9:91:a3:bf:d4:57:a1:68:56:db:0a:87:51:69: 8b:65:7b:62:23:f5:f0:16:f6:1b:e5:72:68:7b:87: dc:a2:45:b9:68:5c:81:ea:9f:0b:7a:9e:72:03:34: a5:03:55:7f:c3:e2:1c:56:46:ec:8e:5d:cd:0f:14: a2:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:41:17:1F:B4:4E:6A:B3:A2:F6:4A:60:B3:3E:7D:D6:02:D5:C4:AE X509v3 Authority Key Identifier: keyid:34:0E:53:01:4B:F0:38:AD:E0:D7:7A:E6:78:FF:6D:F3:4C:A5:3D:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NA5TAUvwOK3g13rmeP9t80ylPcA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/e60828-88db-4e3b-9a47-e148235b7723/1/y0EXH7ROarOi9kpgsz591gLVxK4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/e60828-88db-4e3b-9a47-e148235b7723/1/NA5TAUvwOK3g13rmeP9t80ylPcA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.223.31.0/24 176.123.60.0/23 185.47.64.0/22 185.206.112.0/22 185.223.53.0/24 193.162.104.0/24 213.108.112.0/21 IPv6: 2a01:8a60::/32 Signature Algorithm: sha256WithRSAEncryption 8a:98:b7:80:b6:62:58:fe:d4:ce:99:89:db:c3:f4:e5:bf:0e: 01:b0:ff:11:3c:4c:ec:24:da:4d:3e:40:ee:f8:d6:32:e1:52: 34:ef:92:60:28:4e:96:20:b8:b5:86:17:ee:0e:50:95:40:85: d2:fa:a8:a7:85:d6:92:f7:9b:52:16:6a:77:fb:a1:51:35:e6: 31:1f:30:fc:33:cf:a4:a5:da:81:07:df:f4:27:16:cc:8b:e7: 1f:fd:85:38:a8:f3:69:ad:92:a5:01:6b:3e:3b:42:40:91:38: 30:80:51:25:84:87:20:65:16:6f:6c:e8:86:db:d2:08:ac:f4: a4:d2:32:e7:a4:58:61:d2:1a:dc:3f:5f:09:e2:23:16:06:d2: 8f:55:e7:93:48:42:d3:81:d8:99:0d:84:6a:74:f5:9f:26:66: 28:d6:8c:39:bb:7f:5e:b3:36:b7:ad:16:cf:60:1b:50:d4:53: 9e:07:df:7a:ee:92:0d:db:39:3e:5d:ec:b4:f1:e9:9f:cf:e8: 19:f6:a5:ab:c4:40:f0:1a:f6:c4:4f:88:86:55:b9:3a:eb:32: b4:83:5c:92:27:1e:94:fe:50:42:9c:84:c2:9e:f0:9e:08:0a: 7e:b4:78:20:f8:39:48:0f:29:cd:03:38:5a:d0:c3:74:c0:f2: a5:aa:bd:c5 -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISAZt/E1UTcgCB543zYdB+6Zo2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MGU1MzAxNGJmMDM4YWRlMGQ3N2FlNjc4ZmY2ZGYzNGNh NTNkYzAwHhcNMjYwMTAyMTQxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjQxMTcxZmI0NGU2YWIzYTJmNjRhNjBiMzNlN2RkNjAyZDVjNGFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkL6MMppC4Caikvp9uiQirgFBcwb0 f61m3JgEkRWc5aGoRsCYDGcfQxuI/SPQuVZhPC52yDFDA+U0LRvFMoBpotdba+qM KEbMIotZJhJz2ZcthblYix18wXhMxHH42pdHJqzZ9CLrAcb1lOOcA/jwlc8gyrd1 mVqKczcjezi0iGc0Ztu4GVI8ZalouCCyW/zMgQkLBu2sjlDDgjENSdhrjsnMz6Eg yxWbNWjKJkTHPb+N3+qEzdOgmlp5OEnSD1pJPcpvyZGjv9RXoWhW2wqHUWmLZXti I/XwFvYb5XJoe4fcokW5aFyB6p8Lep5yAzSlA1V/w+IcVkbsjl3NDxSiwQIDAQAB o4ICPDCCAjgwHQYDVR0OBBYEFMtBFx+0TmqzovZKYLM+fdYC1cSuMB8GA1UdIwQY MBaAFDQOUwFL8Dit4Nd65nj/bfNMpT3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkE1VEFVdndPSzNnMTNybWVQOXQ4MHlsUGNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9lNjA4MjgtODhkYi00ZTNiLTlhNDct ZTE0ODIzNWI3NzIzLzEveTBFWEg3Uk9hck9pOWtwZ3N6NTkxZ0xWeEs0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZC9lNjA4MjgtODhkYi00ZTNiLTlhNDctZTE0ODIzNWI3NzIz LzEvTkE1VEFVdndPSzNnMTNybWVQOXQ4MHlsUGNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAW98fAwQB sHs8AwQCuS9AAwQCuc5wAwQAud81AwQAwaJoAwQD1WxwMA0EAgACMAcDBQAqAYpg MA0GCSqGSIb3DQEBCwUAA4IBAQCKmLeAtmJY/tTOmYnbw/Tlvw4BsP8RPEzsJNpN PkDu+NYy4VI075JgKE6WILi1hhfuDlCVQIXS+qinhdaS95tSFmp3+6FRNeYxHzD8 M8+kpdqBB9/0JxbMi+cf/YU4qPNprZKlAWs+O0JAkTgwgFElhIcgZRZvbOiG29II rPSk0jLnpFhh0hrcP18J4iMWBtKPVeeTSELTgdiZDYRqdPWfJmYo1ow5u39esza3 rRbPYBtQ1FOeB9967pIN2zk+Xey08emfz+gZ9qWrxEDwGvbET4iGVbk66zK0g1yS Jx6U/lBCnITCnvCeCAp+tHgg+DlIDynNAzha0MN0wPKlqr3F -----END CERTIFICATE-----Generated at Tue Feb 10 04:32:07 2026 by rpki-client