This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/YXN8r-rQylSv0290yLBPFVZ4nYk.roa File: YXN8r-rQylSv0290yLBPFVZ4nYk.roa (raw, json) Hash identifier: Dh05gHfbGV1r/sDqJ3IDkiCwAbapfvfrgHbA3nXBY/E= Subject key identifier: 61:73:7C:AF:EA:D0:CA:54:AF:D3:6F:74:C8:B0:4F:15:56:78:9D:89 Certificate issuer: /CN=b194f0304eedd363c6622fd91c59b10871aa3044 Certificate serial: 019B7C12487EE3D28BBBA3F9938DDD507FD9 Authority key identifier: B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/YXN8r-rQylSv0290yLBPFVZ4nYk.roa Signing time: Fri 02 Jan 2026 00:18:51 +0000 ROA not before: Fri 02 Jan 2026 00:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30870 IP address blocks: 87.101.8.0/21 maxlen: 21 171.25.179.0/24 maxlen: 24 185.40.56.0/22 maxlen: 24 185.108.116.0/22 maxlen: 24 194.30.160.0/24 maxlen: 24 2a01:4d60::/32 maxlen: 48 2a06:4a80::/29 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/sZTwME7t02PGYi_ZHFmxCHGqMEQ.crl rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/sZTwME7t02PGYi_ZHFmxCHGqMEQ.mft rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:48:7e:e3:d2:8b:bb:a3:f9:93:8d:dd:50:7f:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b194f0304eedd363c6622fd91c59b10871aa3044 Validity Not Before: Jan 2 00:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=61737cafead0ca54afd36f74c8b04f1556789d89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:94:48:e9:8c:d7:18:da:97:42:cf:83:11:f3: 1e:c6:21:57:6d:a5:fa:9b:84:ca:d9:99:38:a1:0f: e5:3b:71:20:4b:bd:d0:9a:f4:de:ce:6f:4a:e6:1e: 5d:bf:39:6b:97:05:58:d9:a1:1d:52:d0:5e:10:27: e0:31:19:54:5f:99:a8:4e:c2:4f:a2:f3:9c:33:c0: a1:9c:33:37:f4:6a:72:86:88:c7:c0:a7:cf:6a:7a: 91:7b:a1:e0:d0:6e:c4:3c:47:48:e9:a8:3d:ee:c6: e3:6b:82:b1:42:f9:1f:a3:ff:c8:16:a3:35:87:69: 29:0e:1b:36:55:8b:fb:61:ef:08:b8:d9:5d:e9:0e: e3:d1:17:47:a6:bc:5f:d6:eb:2a:4e:04:2b:4a:a4: 93:20:b7:9d:f0:7a:e6:78:97:9c:ee:55:f5:00:6c: d9:34:66:99:93:89:68:d1:fa:08:8f:58:b0:69:7a: 27:cb:17:17:52:03:c9:2a:ea:29:bb:a9:e0:87:45: d8:bc:31:c1:25:89:83:ea:d4:b9:9e:bf:fb:9b:83: b4:34:cd:b7:c8:f4:5d:2e:5e:32:4b:93:ed:b9:07: f0:d8:4f:c9:f1:ac:d7:59:a9:9d:9c:6c:12:f6:10: 43:79:d3:44:c9:08:2a:6f:dd:35:a6:8e:c2:fd:6e: 51:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:73:7C:AF:EA:D0:CA:54:AF:D3:6F:74:C8:B0:4F:15:56:78:9D:89 X509v3 Authority Key Identifier: keyid:B1:94:F0:30:4E:ED:D3:63:C6:62:2F:D9:1C:59:B1:08:71:AA:30:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZTwME7t02PGYi_ZHFmxCHGqMEQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/YXN8r-rQylSv0290yLBPFVZ4nYk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/df84a7-72c9-4a2f-8115-afbdbdad58a5/1/sZTwME7t02PGYi_ZHFmxCHGqMEQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.101.8.0/21 171.25.179.0/24 185.40.56.0/22 185.108.116.0/22 194.30.160.0/24 IPv6: 2a01:4d60::/32 2a06:4a80::/29 Signature Algorithm: sha256WithRSAEncryption 07:1e:a2:1f:3c:e3:db:70:2e:82:81:5d:76:3f:d3:73:74:11: d9:09:43:ea:9e:d3:c6:70:a0:85:a8:41:b4:2d:03:2a:37:81: 64:7f:e2:27:eb:63:f7:e3:22:58:bb:1b:cb:b4:ab:ba:ef:1a: ac:04:57:3c:31:30:0f:3b:d1:45:c4:08:16:eb:e3:3a:8a:87: 0c:36:17:f5:a8:ef:bc:dc:72:e0:82:f4:41:ce:d8:56:3d:79: ea:d9:e5:90:29:5f:6f:40:db:68:54:e1:6b:ee:7b:79:d6:99: 6b:9d:05:b5:56:1c:cf:be:7b:4a:b5:a0:5a:12:53:b4:77:c8: 32:a9:18:77:d0:bb:c0:70:76:42:bb:71:37:72:6d:c5:8a:96: 8e:47:22:cf:3a:5b:a0:4c:d3:2d:ff:3b:5f:ed:22:5f:d1:67: d6:ed:33:c1:83:b5:9b:52:a6:79:07:39:1c:b8:09:25:06:cc: 95:0e:a9:05:76:4c:6b:f3:56:0a:59:04:d9:ff:11:43:ac:fe: 41:b6:f8:6d:90:de:ff:71:ab:39:9c:f9:81:be:4f:85:cf:9e: e5:69:91:af:96:11:ab:2c:6c:12:d6:94:41:79:b1:db:89:88: 1b:67:7f:92:c3:74:44:6a:a9:00:aa:0c:c5:77:6e:67:50:fc: ea:a8:1f:1c -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgISAZt8Ekh+49KLu6P5k43dUH/ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxOTRmMDMwNGVlZGQzNjNjNjYyMmZkOTFjNTliMTA4NzFh YTMwNDQwHhcNMjYwMTAyMDAxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MTczN2NhZmVhZDBjYTU0YWZkMzZmNzRjOGIwNGYxNTU2Nzg5ZDg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupRI6YzXGNqXQs+DEfMexiFXbaX6 m4TK2Zk4oQ/lO3EgS73QmvTezm9K5h5dvzlrlwVY2aEdUtBeECfgMRlUX5moTsJP ovOcM8ChnDM39GpyhojHwKfPanqRe6Hg0G7EPEdI6ag97sbja4KxQvkfo//IFqM1 h2kpDhs2VYv7Ye8IuNld6Q7j0RdHprxf1usqTgQrSqSTILed8HrmeJec7lX1AGzZ NGaZk4lo0foIj1iwaXonyxcXUgPJKuopu6ngh0XYvDHBJYmD6tS5nr/7m4O0NM23 yPRdLl4yS5PtuQfw2E/J8azXWamdnGwS9hBDedNEyQgqb901po7C/W5R5wIDAQAB o4ICNzCCAjMwHQYDVR0OBBYEFGFzfK/q0MpUr9NvdMiwTxVWeJ2JMB8GA1UdIwQY MBaAFLGU8DBO7dNjxmIv2RxZsQhxqjBEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc1pUd01FN3QwMlBHWWlfWkhGbXhDSEdxTUVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9kZjg0YTctNzJjOS00YTJmLTgxMTUt YWZiZGJkYWQ1OGE1LzEvWVhOOHItclF5bFN2MDI5MHlMQlBGVlo0bllrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS9kZjg0YTctNzJjOS00YTJmLTgxMTUtYWZiZGJkYWQ1OGE1 LzEvc1pUd01FN3QwMlBHWWlfWkhGbXhDSEdxTUVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDV2UIAwQA qxmzAwQCuSg4AwQCuWx0AwQAwh6gMBQEAgACMA4DBQAqAU1gAwUDKgZKgDANBgkq hkiG9w0BAQsFAAOCAQEABx6iHzzj23AugoFddj/Tc3QR2QlD6p7TxnCghahBtC0D KjeBZH/iJ+tj9+MiWLsby7Sruu8arARXPDEwDzvRRcQIFuvjOoqHDDYX9ajvvNxy 4IL0Qc7YVj156tnlkClfb0DbaFTha+57edaZa50FtVYcz757SrWgWhJTtHfIMqkY d9C7wHB2QrtxN3JtxYqWjkcizzpboEzTLf87X+0iX9Fn1u0zwYO1m1KmeQc5HLgJ JQbMlQ6pBXZMa/NWClkE2f8RQ6z+Qbb4bZDe/3GrOZz5gb5Phc+e5WmRr5YRqyxs EtaUQXmx24mIG2d/ksN0RGqpAKoMxXduZ1D86qgfHA== -----END CERTIFICATE-----Generated at Tue Jan 27 07:12:54 2026 by rpki-client