This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/yx9kD1LZqyaIsOvaZePm4Qmu_lc.roa File: yx9kD1LZqyaIsOvaZePm4Qmu_lc.roa (raw, json) Hash identifier: mBiEmcBw4gmmOpAdt+VnRKLKQFDXrLV0M/SqI72yrjg= Subject key identifier: CB:1F:64:0F:52:D9:AB:26:88:B0:EB:DA:65:E3:E6:E1:09:AE:FE:57 Certificate issuer: /CN=3853af5014499b2fb5cd2c1e68a24ff8256d0d0d Certificate serial: 019B7AC80DFD2BB72CFC339B462FE8422307 Authority key identifier: 38:53:AF:50:14:49:9B:2F:B5:CD:2C:1E:68:A2:4F:F8:25:6D:0D:0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/yx9kD1LZqyaIsOvaZePm4Qmu_lc.roa Signing time: Thu 01 Jan 2026 18:18:09 +0000 ROA not before: Thu 01 Jan 2026 18:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209301 IP address blocks: 5.253.48.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.mft rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:0d:fd:2b:b7:2c:fc:33:9b:46:2f:e8:42:23:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3853af5014499b2fb5cd2c1e68a24ff8256d0d0d Validity Not Before: Jan 1 18:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb1f640f52d9ab2688b0ebda65e3e6e109aefe57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:a5:96:e9:9e:44:03:80:d8:92:d2:cf:38:48: c3:5a:35:92:2f:52:ec:df:4b:3a:c8:4f:99:69:68: 68:25:39:1c:a5:4a:75:a2:eb:93:8c:57:17:21:e6: 34:39:7a:9d:31:0c:ac:dd:f1:45:9b:a1:b3:98:8f: 13:98:59:23:a8:57:e4:c9:ea:5c:08:d7:3e:36:13: 22:f1:5e:19:c1:a7:e0:93:63:0d:d8:b3:62:62:bd: fa:44:84:a1:4c:7b:c4:e4:3d:d7:5d:cf:19:82:39: bb:90:81:19:94:1b:4f:9e:3d:1a:15:22:2d:a2:5a: ba:33:04:62:30:96:1d:0b:7a:dc:dd:69:a8:18:e9: 18:64:5b:44:f7:09:b7:c3:ac:9e:b4:9b:a0:74:5b: 90:a7:04:c1:38:e9:b6:bc:b3:0e:9b:a1:66:03:01: 0f:5c:ac:05:bd:6e:2f:0c:d3:36:00:e6:7e:42:2e: 92:f8:40:b5:5b:cd:03:6e:9f:32:9b:5c:64:06:fe: e2:7f:9f:35:8c:7f:84:a9:cc:27:3c:c0:90:5f:a9: c2:b0:84:d3:44:33:d4:37:b1:0f:0b:d7:04:f0:50: f9:0f:87:f0:24:57:b6:b4:31:8a:09:41:ab:76:72: f6:9f:9c:1d:e9:4a:ef:c5:48:1f:6a:fc:d1:61:13: 7e:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:1F:64:0F:52:D9:AB:26:88:B0:EB:DA:65:E3:E6:E1:09:AE:FE:57 X509v3 Authority Key Identifier: keyid:38:53:AF:50:14:49:9B:2F:B5:CD:2C:1E:68:A2:4F:F8:25:6D:0D:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OFOvUBRJmy-1zSweaKJP-CVtDQ0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/yx9kD1LZqyaIsOvaZePm4Qmu_lc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/30cc41-8aab-4463-99f8-dcb56acb777f/1/OFOvUBRJmy-1zSweaKJP-CVtDQ0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.253.48.0/22 Signature Algorithm: sha256WithRSAEncryption 73:04:59:4a:ea:a2:4f:36:81:ed:59:77:31:de:a0:27:be:9f: 81:06:18:ba:0d:38:41:c5:84:0b:08:18:9b:8d:dd:91:b6:d3: 87:6f:4e:e3:52:78:59:ae:9d:0a:a2:2b:23:d8:d0:9a:c8:9c: 43:e2:32:01:ea:c8:b2:c4:a8:b1:db:e2:45:ac:55:8d:8f:d9: 0d:32:ad:dd:7b:32:13:f4:2d:6c:d3:6f:54:37:59:89:a6:2e: e4:3b:15:82:4d:95:9f:66:5e:dc:1d:f0:e6:58:ed:5d:e8:9b: 02:97:4f:0b:24:16:12:c2:6c:c4:ed:7c:9c:44:9e:ab:87:04: 17:05:fe:a1:b8:0e:84:0e:97:17:f9:8a:91:b6:69:84:21:f4: da:19:85:30:d7:5e:22:67:13:a2:1f:98:32:33:1d:dc:13:dc: df:2a:22:65:9d:84:6d:48:49:81:4b:1f:d5:f4:c4:0a:81:2a: 10:e5:13:b5:0d:21:74:a6:2e:bc:8a:63:8b:a5:cb:93:00:d0: c6:27:31:4e:83:f3:f8:19:12:a1:d7:47:1e:7e:a1:c2:89:6e: c3:76:ba:ab:ad:d3:0c:3c:9a:6a:fb:d1:31:14:23:76:b2:ec: b0:82:ff:2f:3f:24:4b:0b:18:56:13:9f:64:4b:c6:f2:33:d8: 54:25:ef:9e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6yA39K7cs/DObRi/oQiMHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4NTNhZjUwMTQ0OTliMmZiNWNkMmMxZTY4YTI0ZmY4MjU2 ZDBkMGQwHhcNMjYwMTAxMTgxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjFmNjQwZjUyZDlhYjI2ODhiMGViZGE2NWUzZTZlMTA5YWVmZTU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6WW6Z5EA4DYktLPOEjDWjWSL1Ls 30s6yE+ZaWhoJTkcpUp1ouuTjFcXIeY0OXqdMQys3fFFm6GzmI8TmFkjqFfkyepc CNc+NhMi8V4Zwafgk2MN2LNiYr36RIShTHvE5D3XXc8Zgjm7kIEZlBtPnj0aFSIt olq6MwRiMJYdC3rc3WmoGOkYZFtE9wm3w6yetJugdFuQpwTBOOm2vLMOm6FmAwEP XKwFvW4vDNM2AOZ+Qi6S+EC1W80Dbp8ym1xkBv7if581jH+EqcwnPMCQX6nCsITT RDPUN7EPC9cE8FD5D4fwJFe2tDGKCUGrdnL2n5wd6UrvxUgfavzRYRN+HwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMsfZA9S2asmiLDr2mXj5uEJrv5XMB8GA1UdIwQY MBaAFDhTr1AUSZsvtc0sHmiiT/glbQ0NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zMGNjNDEtOGFhYi00NDYzLTk5Zjgt ZGNiNTZhY2I3NzdmLzEveXg5a0QxTFpxeWFJc092YVplUG00UW11X2xjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8zMGNjNDEtOGFhYi00NDYzLTk5ZjgtZGNiNTZhY2I3Nzdm LzEvT0ZPdlVCUkpteS0xelN3ZWFLSlAtQ1Z0RFEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBf0wMA0G CSqGSIb3DQEBCwUAA4IBAQBzBFlK6qJPNoHtWXcx3qAnvp+BBhi6DThBxYQLCBib jd2RttOHb07jUnhZrp0Koisj2NCayJxD4jIB6siyxKix2+JFrFWNj9kNMq3dezIT 9C1s029UN1mJpi7kOxWCTZWfZl7cHfDmWO1d6JsCl08LJBYSwmzE7XycRJ6rhwQX Bf6huA6EDpcX+YqRtmmEIfTaGYUw114iZxOiH5gyMx3cE9zfKiJlnYRtSEmBSx/V 9MQKgSoQ5RO1DSF0pi68imOLpcuTANDGJzFOg/P4GRKh10cefqHCiW7DdrqrrdMM PJpq+9ExFCN2suywgv8vPyRLCxhWE59kS8byM9hUJe+e -----END CERTIFICATE-----Generated at Mon Feb 9 22:36:26 2026 by rpki-client