This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/ylf5_yxkn6LPt4ZeJuQiy0KaFkA.roa File: ylf5_yxkn6LPt4ZeJuQiy0KaFkA.roa (raw, json) Hash identifier: 0Nce3mcGLsxHxF9BEIwf4WWciMSuNoKxw/P+eNRR6J0= Subject key identifier: CA:57:F9:FF:2C:64:9F:A2:CF:B7:86:5E:26:E4:22:CB:42:9A:16:40 Certificate issuer: /CN=9b23639060ff87a77fc67a6e03c0c4dd2ae4c391 Certificate serial: 019B76EB7993A0A5A7D6DE092FAC9AB40398 Authority key identifier: 9B:23:63:90:60:FF:87:A7:7F:C6:7A:6E:03:C0:C4:DD:2A:E4:C3:91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/myNjkGD_h6d_xnpuA8DE3Srkw5E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/ylf5_yxkn6LPt4ZeJuQiy0KaFkA.roa Signing time: Thu 01 Jan 2026 00:18:22 +0000 ROA not before: Thu 01 Jan 2026 00:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 196678 IP address blocks: 131.117.216.0/24 maxlen: 24 131.117.217.0/24 maxlen: 24 131.117.218.0/23 maxlen: 24 131.117.220.0/22 maxlen: 22 2a00:bd40::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/myNjkGD_h6d_xnpuA8DE3Srkw5E.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/myNjkGD_h6d_xnpuA8DE3Srkw5E.mft rsync://rpki.ripe.net/repository/DEFAULT/myNjkGD_h6d_xnpuA8DE3Srkw5E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:79:93:a0:a5:a7:d6:de:09:2f:ac:9a:b4:03:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9b23639060ff87a77fc67a6e03c0c4dd2ae4c391 Validity Not Before: Jan 1 00:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ca57f9ff2c649fa2cfb7865e26e422cb429a1640 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:43:64:ba:f0:4b:89:18:51:e4:56:a3:29:28: 1d:1f:14:a7:2a:6f:ff:6f:b1:0c:ec:20:cf:48:85: ce:c2:a2:0f:3b:f2:65:b8:12:92:15:37:0b:a8:28: 78:af:f9:1a:b2:7f:19:ef:47:b5:d2:07:4d:31:8c: b1:49:55:fe:99:04:57:1e:34:c5:11:6c:47:b7:df: 4e:8d:b8:dd:02:9b:8c:7b:8f:47:25:4a:e6:4e:b7: 84:66:83:58:6a:23:f9:3b:76:71:ae:bc:00:17:c0: 7c:45:0b:b2:3d:7d:7e:a4:6c:cb:cb:ab:59:ed:32: 45:44:36:10:6e:5c:55:6c:0c:b0:40:c2:d4:e2:47: 02:82:02:86:a3:86:a5:4e:32:2c:74:6d:31:5f:d3: 07:7e:66:bd:ff:e7:f0:d6:fd:ce:c5:23:3a:6e:9b: 2d:31:05:f7:33:b6:79:f8:55:71:25:31:ba:65:4a: 73:f7:26:2d:2f:17:af:0e:2f:af:50:4d:81:9e:32: e1:b1:b9:9a:43:b7:95:9d:f8:c9:62:ed:8c:e9:f4: 93:ba:4e:3f:61:c3:ae:67:df:62:ca:33:98:a0:93: 21:1b:2c:96:c2:89:f0:cf:ac:3f:aa:eb:58:fb:ad: ac:ad:14:63:cb:7e:cc:6e:60:b8:13:36:a1:9e:ef: 5b:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:57:F9:FF:2C:64:9F:A2:CF:B7:86:5E:26:E4:22:CB:42:9A:16:40 X509v3 Authority Key Identifier: keyid:9B:23:63:90:60:FF:87:A7:7F:C6:7A:6E:03:C0:C4:DD:2A:E4:C3:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/myNjkGD_h6d_xnpuA8DE3Srkw5E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/ylf5_yxkn6LPt4ZeJuQiy0KaFkA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/5d5f73-63b9-4aaa-a8ec-5afc3a4fe542/1/myNjkGD_h6d_xnpuA8DE3Srkw5E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 131.117.216.0/21 IPv6: 2a00:bd40::/32 Signature Algorithm: sha256WithRSAEncryption 39:f0:82:0e:ab:32:2a:0e:d9:44:fe:b7:00:4c:96:75:16:35: 87:72:2c:37:a0:79:fc:e2:72:5a:1e:6f:fd:71:e5:e2:78:1c: 46:66:71:53:7a:1c:7f:c5:59:58:b5:55:e3:8e:55:60:0f:a9: 40:06:0d:d7:ef:4e:fd:03:fb:c8:f1:67:f3:7d:ae:de:e2:17: 42:7a:aa:81:25:8a:e6:d1:9d:03:de:c6:34:5c:0b:ea:77:3a: 04:08:5e:f7:32:e3:0a:e4:71:2a:40:ec:ac:fa:e5:f1:e8:e2: 9b:af:3a:c6:e2:76:20:53:f7:d0:0e:02:79:e2:ca:80:87:03: 90:a7:bd:53:51:b7:2d:14:28:1f:a3:c6:cb:cc:2c:13:69:19: fc:00:d3:e1:36:bd:7a:69:97:c5:11:52:5a:0f:44:91:8f:98: 6f:b6:b4:3a:f2:71:9c:55:4f:2e:91:d9:dc:d3:be:7e:a6:42: 33:01:90:b5:39:7e:c6:e2:4c:75:37:bd:e3:b8:42:37:8e:fa: ac:b7:78:c0:93:dd:70:5e:c6:50:54:9e:c6:d3:ba:84:55:19: ce:bd:c9:d1:b2:07:f4:4c:6a:8a:cf:df:3c:e1:8b:2a:27:7f: 4b:56:2d:45:ca:e3:32:9e:d9:1e:eb:89:2b:04:32:7a:17:6f: b4:12:ef:50 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt263mToKWn1t4JL6yatAOYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDliMjM2MzkwNjBmZjg3YTc3ZmM2N2E2ZTAzYzBjNGRkMmFl NGMzOTEwHhcNMjYwMTAxMDAxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYTU3ZjlmZjJjNjQ5ZmEyY2ZiNzg2NWUyNmU0MjJjYjQyOWExNjQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkNkuvBLiRhR5FajKSgdHxSnKm// b7EM7CDPSIXOwqIPO/JluBKSFTcLqCh4r/kasn8Z70e10gdNMYyxSVX+mQRXHjTF EWxHt99OjbjdApuMe49HJUrmTreEZoNYaiP5O3ZxrrwAF8B8RQuyPX1+pGzLy6tZ 7TJFRDYQblxVbAywQMLU4kcCggKGo4alTjIsdG0xX9MHfma9/+fw1v3OxSM6bpst MQX3M7Z5+FVxJTG6ZUpz9yYtLxevDi+vUE2BnjLhsbmaQ7eVnfjJYu2M6fSTuk4/ YcOuZ99iyjOYoJMhGyyWwonwz6w/qutY+62srRRjy37MbmC4Ezahnu9b6wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMpX+f8sZJ+iz7eGXibkIstCmhZAMB8GA1UdIwQY MBaAFJsjY5Bg/4enf8Z6bgPAxN0q5MORMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbXlOamtHRF9oNmRfeG5wdUE4REUzU3JrdzVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS81ZDVmNzMtNjNiOS00YWFhLWE4ZWMt NWFmYzNhNGZlNTQyLzEveWxmNV95eGtuNkxQdDRaZUp1UWl5MEthRmtBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZS81ZDVmNzMtNjNiOS00YWFhLWE4ZWMtNWFmYzNhNGZlNTQy LzEvbXlOamtHRF9oNmRfeG5wdUE4REUzU3JrdzVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDg3XYMA0E AgACMAcDBQAqAL1AMA0GCSqGSIb3DQEBCwUAA4IBAQA58IIOqzIqDtlE/rcATJZ1 FjWHciw3oHn84nJaHm/9ceXieBxGZnFTehx/xVlYtVXjjlVgD6lABg3X7079A/vI 8Wfzfa7e4hdCeqqBJYrm0Z0D3sY0XAvqdzoECF73MuMK5HEqQOys+uXx6OKbrzrG 4nYgU/fQDgJ54sqAhwOQp71TUbctFCgfo8bLzCwTaRn8ANPhNr16aZfFEVJaD0SR j5hvtrQ68nGcVU8ukdnc075+pkIzAZC1OX7G4kx1N73juEI3jvqst3jAk91wXsZQ VJ7G07qEVRnOvcnRsgf0TGqKz9884YsqJ39LVi1FyuMyntke64krBDJ6F2+0Eu9Q -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:37 2026 by rpki-client