This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ca4ff5-48a8-4ecc-ba73-8d0710f3d276/1/YqpC5sn3lPh34dXLCKoe6SIqByY.roa File: YqpC5sn3lPh34dXLCKoe6SIqByY.roa (raw, json) Hash identifier: t3wpEBucnLMbpU9d5Q7NM5fRdV7jRAGiRx7mg/CI4SQ= Subject key identifier: 62:AA:42:E6:C9:F7:94:F8:77:E1:D5:CB:08:AA:1E:E9:22:2A:07:26 Certificate issuer: /CN=852bc145c5b22394d6feae996bc0bb25254801c6 Certificate serial: 019B797EEE8F65378CB7FA4B2904B414E200 Authority key identifier: 85:2B:C1:45:C5:B2:23:94:D6:FE:AE:99:6B:C0:BB:25:25:48:01:C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSvBRcWyI5TW_q6Za8C7JSVIAcY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ca4ff5-48a8-4ecc-ba73-8d0710f3d276/1/YqpC5sn3lPh34dXLCKoe6SIqByY.roa Signing time: Thu 01 Jan 2026 12:18:40 +0000 ROA not before: Thu 01 Jan 2026 12:18:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197731 IP address blocks: 83.137.192.0/22 maxlen: 24 83.137.196.0/24 maxlen: 24 2a00:a0c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ca4ff5-48a8-4ecc-ba73-8d0710f3d276/1/hSvBRcWyI5TW_q6Za8C7JSVIAcY.crl rsync://rpki.ripe.net/repository/DEFAULT/47/ca4ff5-48a8-4ecc-ba73-8d0710f3d276/1/hSvBRcWyI5TW_q6Za8C7JSVIAcY.mft rsync://rpki.ripe.net/repository/DEFAULT/hSvBRcWyI5TW_q6Za8C7JSVIAcY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:ee:8f:65:37:8c:b7:fa:4b:29:04:b4:14:e2:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=852bc145c5b22394d6feae996bc0bb25254801c6 Validity Not Before: Jan 1 12:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=62aa42e6c9f794f877e1d5cb08aa1ee9222a0726 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:67:1e:0f:f6:ac:1d:23:14:2b:e9:8d:19:31: ee:7b:eb:0b:9b:0f:a1:1a:7a:4e:87:03:d4:4e:5e: aa:8d:01:b6:65:c6:90:76:dc:de:32:b1:1f:3b:2e: 81:85:ed:2b:02:72:12:17:fb:26:01:e8:4d:5d:35: 88:78:3c:33:9b:82:78:bf:26:53:b2:a4:7b:77:20: 42:de:7b:2d:08:d7:e2:ff:d5:28:2a:61:13:d9:88: c0:14:b9:a7:50:8e:e9:78:ea:5e:7c:5a:37:8d:41: 29:64:55:e4:7d:74:df:da:0c:b5:a9:12:c0:96:1a: fc:f7:b6:e2:16:39:c8:91:b1:3e:1b:87:a1:01:18: 32:24:f6:5b:5b:33:ae:58:36:54:fc:2b:96:14:dd: f8:c6:ea:ab:2a:9f:31:c1:db:57:eb:9e:c4:69:17: 34:34:53:97:b8:5e:a6:a4:a7:22:cb:b7:3c:ba:1b: 43:5f:aa:1a:64:46:e1:ef:9b:e6:22:6f:1a:c3:16: 61:a7:3e:8c:ef:9d:0e:03:64:b5:ee:b9:8f:47:b1: 13:70:1b:99:c2:77:d6:a0:cd:45:94:09:91:33:8f: 4a:5b:9e:49:16:18:3b:01:2f:56:92:19:df:42:63: 8c:be:b8:60:63:b7:31:c3:71:79:e7:92:3b:d0:d4: 05:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:AA:42:E6:C9:F7:94:F8:77:E1:D5:CB:08:AA:1E:E9:22:2A:07:26 X509v3 Authority Key Identifier: keyid:85:2B:C1:45:C5:B2:23:94:D6:FE:AE:99:6B:C0:BB:25:25:48:01:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSvBRcWyI5TW_q6Za8C7JSVIAcY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ca4ff5-48a8-4ecc-ba73-8d0710f3d276/1/YqpC5sn3lPh34dXLCKoe6SIqByY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ca4ff5-48a8-4ecc-ba73-8d0710f3d276/1/hSvBRcWyI5TW_q6Za8C7JSVIAcY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.137.192.0-83.137.196.255 IPv6: 2a00:a0c0::/32 Signature Algorithm: sha256WithRSAEncryption 58:29:58:85:2f:13:d0:94:ac:00:fd:3f:80:08:32:04:a5:1a: ac:47:66:7a:a2:85:23:b6:37:f1:43:5b:2a:99:ae:53:c6:a4: bb:fb:8b:05:c8:85:eb:31:7a:c0:3d:3d:73:a7:b2:c6:6a:69: b4:f8:40:89:c6:34:ed:d0:ff:1f:44:5a:04:b0:ab:2e:c3:db: 42:95:31:33:6c:ca:cc:5a:c0:8d:40:b3:45:ee:31:4a:16:47: d9:45:8f:fc:2a:db:cd:0e:b4:57:03:4b:18:85:2c:79:a1:02: 55:8e:03:95:74:f2:2e:c6:ca:76:8e:24:26:32:57:9d:d0:50: 98:b1:a9:19:29:f8:e7:20:92:c8:63:c4:29:ff:03:cf:8d:fc: 53:3b:a3:2b:49:35:64:ab:25:99:8e:32:10:7c:59:26:0c:a5: ee:bb:1c:73:38:bf:a3:8e:85:a8:06:92:f8:03:6a:2c:63:a9: 92:61:49:bd:6b:75:16:55:16:f4:86:2e:36:16:a6:98:8e:c4: 2a:2c:de:a7:61:75:47:24:11:93:dd:df:e8:d2:48:72:d9:90: 52:50:80:4d:10:04:df:4a:88:f6:3a:c0:05:f7:64:38:31:0c: 58:41:22:6c:df:5d:79:83:9f:82:f2:42:ee:1c:ea:9d:af:c6: 21:f1:97:e8 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt5fu6PZTeMt/pLKQS0FOIAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1MmJjMTQ1YzViMjIzOTRkNmZlYWU5OTZiYzBiYjI1MjU0 ODAxYzYwHhcNMjYwMTAxMTIxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MmFhNDJlNmM5Zjc5NGY4NzdlMWQ1Y2IwOGFhMWVlOTIyMmEwNzI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmceD/asHSMUK+mNGTHue+sLmw+h GnpOhwPUTl6qjQG2ZcaQdtzeMrEfOy6Bhe0rAnISF/smAehNXTWIeDwzm4J4vyZT sqR7dyBC3nstCNfi/9UoKmET2YjAFLmnUI7peOpefFo3jUEpZFXkfXTf2gy1qRLA lhr897biFjnIkbE+G4ehARgyJPZbWzOuWDZU/CuWFN34xuqrKp8xwdtX657EaRc0 NFOXuF6mpKciy7c8uhtDX6oaZEbh75vmIm8awxZhpz6M750OA2S17rmPR7ETcBuZ wnfWoM1FlAmRM49KW55JFhg7AS9WkhnfQmOMvrhgY7cxw3F555I70NQFuQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFGKqQubJ95T4d+HVywiqHukiKgcmMB8GA1UdIwQY MBaAFIUrwUXFsiOU1v6umWvAuyUlSAHGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFN2QlJjV3lJNVRXX3E2WmE4QzdKU1ZJQWNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9jYTRmZjUtNDhhOC00ZWNjLWJhNzMt OGQwNzEwZjNkMjc2LzEvWXFwQzVzbjNsUGgzNGRYTENLb2U2U0lxQnlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ny9jYTRmZjUtNDhhOC00ZWNjLWJhNzMtOGQwNzEwZjNkMjc2 LzEvaFN2QlJjV3lJNVRXX3E2WmE4QzdKU1ZJQWNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAZTicAD BABTicQwDQQCAAIwBwMFACoAoMAwDQYJKoZIhvcNAQELBQADggEBAFgpWIUvE9CU rAD9P4AIMgSlGqxHZnqihSO2N/FDWyqZrlPGpLv7iwXIhesxesA9PXOnssZqabT4 QInGNO3Q/x9EWgSwqy7D20KVMTNsysxawI1As0XuMUoWR9lFj/wq280OtFcDSxiF LHmhAlWOA5V08i7GynaOJCYyV53QUJixqRkp+OcgkshjxCn/A8+N/FM7oytJNWSr JZmOMhB8WSYMpe67HHM4v6OOhagGkvgDaixjqZJhSb1rdRZVFvSGLjYWppiOxCos 3qdhdUckEZPd3+jSSHLZkFJQgE0QBN9KiPY6wAX3ZDgxDFhBImzfXXmDn4LyQu4c 6p2vxiHxl+g= -----END CERTIFICATE-----Generated at Mon Feb 9 22:32:02 2026 by rpki-client