This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/YkNR8BEJgfCCtECoPe3BJgi2rfY.roa File: YkNR8BEJgfCCtECoPe3BJgi2rfY.roa (raw, json) Hash identifier: kasrWGvKXSrU/ofaa2EPKbGSVhq0XeiVGZU6XO8huwQ= Subject key identifier: 62:43:51:F0:11:09:81:F0:82:B4:40:A8:3D:ED:C1:26:08:B6:AD:F6 Certificate issuer: /CN=7139bc5cef3aeadf32613f7d959ec8e40a742918 Certificate serial: 019B7F14FBD281678D1708F72B5B1B551087 Authority key identifier: 71:39:BC:5C:EF:3A:EA:DF:32:61:3F:7D:95:9E:C8:E4:0A:74:29:18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cTm8XO866t8yYT99lZ7I5Ap0KRg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/YkNR8BEJgfCCtECoPe3BJgi2rfY.roa Signing time: Fri 02 Jan 2026 14:20:40 +0000 ROA not before: Fri 02 Jan 2026 14:20:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 2a10:e341::/32 maxlen: 32 2a10:e342::/32 maxlen: 32 2a10:e343::/32 maxlen: 32 2a10:e344::/32 maxlen: 32 2a10:e345::/32 maxlen: 32 2a10:e346::/32 maxlen: 32 2a10:e347::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/cTm8XO866t8yYT99lZ7I5Ap0KRg.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/cTm8XO866t8yYT99lZ7I5Ap0KRg.mft rsync://rpki.ripe.net/repository/DEFAULT/cTm8XO866t8yYT99lZ7I5Ap0KRg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 08:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:fb:d2:81:67:8d:17:08:f7:2b:5b:1b:55:10:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7139bc5cef3aeadf32613f7d959ec8e40a742918 Validity Not Before: Jan 2 14:20:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=624351f0110981f082b440a83dedc12608b6adf6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:95:34:98:46:f2:5e:46:52:06:79:fd:4a:9e: 60:7c:42:6d:a7:ae:d1:af:33:0c:c6:23:be:bb:88: 52:5e:59:a6:21:a2:60:c2:86:d4:c3:1c:df:ad:96: c0:c5:40:1d:44:93:cd:e2:3f:ac:98:ce:c1:94:e9: 31:c2:47:b8:2a:83:8d:1d:a6:57:14:ac:2b:f1:d1: 08:6b:dc:99:21:5a:a3:ff:e9:42:18:e7:ac:ef:0e: 21:f8:18:27:d5:3d:0b:10:9e:c5:42:c1:3b:8e:78: 47:16:ef:db:44:69:62:03:27:3d:c9:2b:13:77:40: 71:f3:bd:23:18:1c:81:ee:37:3f:7b:e5:45:40:40: 45:7d:73:b6:28:f1:95:bb:72:2e:3f:f8:b4:90:42: 57:34:46:b0:11:d1:70:84:9c:75:4c:79:0f:ed:d7: 4a:17:f9:d6:14:c4:fc:58:c6:3f:88:f5:37:ca:1c: 40:05:11:f4:0b:39:06:6d:45:7d:c7:bc:a4:64:43: 11:ca:6d:80:ff:51:92:7c:3d:21:cf:77:d2:b2:42: 10:69:5b:6f:2d:e8:cb:0d:1b:f4:de:80:cc:b9:11: fe:17:0b:34:38:6d:03:9c:21:6f:11:08:f5:15:1f: aa:da:87:47:4e:9f:ea:92:4e:f4:0f:6f:8f:38:07: cc:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:43:51:F0:11:09:81:F0:82:B4:40:A8:3D:ED:C1:26:08:B6:AD:F6 X509v3 Authority Key Identifier: keyid:71:39:BC:5C:EF:3A:EA:DF:32:61:3F:7D:95:9E:C8:E4:0A:74:29:18 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTm8XO866t8yYT99lZ7I5Ap0KRg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/YkNR8BEJgfCCtECoPe3BJgi2rfY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cae652-a218-42f6-97af-794b28eb16c5/1/cTm8XO866t8yYT99lZ7I5Ap0KRg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:e341::-2a10:e347:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 80:cd:99:1f:1b:1d:12:fc:de:c6:0d:89:b3:34:29:32:63:77: 84:21:69:7c:8a:2a:ae:97:88:93:ef:79:42:d3:66:7d:bc:05: 96:3a:4e:17:db:34:85:19:2f:8d:ea:b4:ef:74:25:a7:20:e8: 7e:c9:ae:51:ba:cb:48:0e:05:b8:65:3d:f6:bf:ae:cb:3f:53: 73:f4:6d:e8:8c:66:f1:a7:ed:44:65:ca:5d:8b:f5:4f:ae:c5: a9:22:94:05:b7:c6:b7:2f:16:58:5e:63:b6:87:06:17:47:f8: 78:5c:8d:09:0b:20:30:10:6c:71:83:45:6e:41:ed:ed:56:ad: 4a:c3:6e:c4:b5:17:99:61:7e:ed:e5:61:03:70:90:0c:fa:fe: 75:f1:89:5e:0c:b0:d6:4a:92:af:32:ff:61:bb:1d:07:6a:9e: 14:94:b0:eb:84:49:b4:9d:2a:9e:b4:8d:ff:9b:05:57:88:19: dc:a5:e6:58:26:c5:db:22:22:fc:04:5e:9a:1c:03:f9:27:6f: fc:9d:1b:0b:4b:9b:96:b4:0d:7e:24:fc:f0:c1:61:bb:df:19: 41:39:f3:90:9e:0d:76:78:70:f7:cc:64:f3:bf:ef:02:a9:6b: d3:38:a8:6f:c1:b9:99:23:27:b9:b5:4c:f2:78:74:04:72:d4: ee:f1:93:d1 -----BEGIN CERTIFICATE----- MIIFBzCCA++gAwIBAgISAZt/FPvSgWeNFwj3K1sbVRCHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxMzliYzVjZWYzYWVhZGYzMjYxM2Y3ZDk1OWVjOGU0MGE3 NDI5MTgwHhcNMjYwMTAyMTQyMDQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MjQzNTFmMDExMDk4MWYwODJiNDQwYTgzZGVkYzEyNjA4YjZhZGY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JU0mEbyXkZSBnn9Sp5gfEJtp67R rzMMxiO+u4hSXlmmIaJgwobUwxzfrZbAxUAdRJPN4j+smM7BlOkxwke4KoONHaZX FKwr8dEIa9yZIVqj/+lCGOes7w4h+Bgn1T0LEJ7FQsE7jnhHFu/bRGliAyc9ySsT d0Bx870jGByB7jc/e+VFQEBFfXO2KPGVu3IuP/i0kEJXNEawEdFwhJx1THkP7ddK F/nWFMT8WMY/iPU3yhxABRH0CzkGbUV9x7ykZEMRym2A/1GSfD0hz3fSskIQaVtv LejLDRv03oDMuRH+Fws0OG0DnCFvEQj1FR+q2odHTp/qkk70D2+POAfMmwIDAQAB o4ICEzCCAg8wHQYDVR0OBBYEFGJDUfARCYHwgrRAqD3twSYItq32MB8GA1UdIwQY MBaAFHE5vFzvOurfMmE/fZWeyOQKdCkYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY1RtOFhPODY2dDh5WVQ5OWxaN0k1QXAwS1JnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jYWU2NTItYTIxOC00MmY2LTk3YWYt Nzk0YjI4ZWIxNmM1LzEvWWtOUjhCRUpnZkNDdEVDb1BlM0JKZ2kycmZZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC9jYWU2NTItYTIxOC00MmY2LTk3YWYtNzk0YjI4ZWIxNmM1 LzEvY1RtOFhPODY2dDh5WVQ5OWxaN0k1QXAwS1JnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQMA4DBQAqEONB AwUDKhDjQDANBgkqhkiG9w0BAQsFAAOCAQEAgM2ZHxsdEvzexg2JszQpMmN3hCFp fIoqrpeIk+95QtNmfbwFljpOF9s0hRkvjeq073QlpyDofsmuUbrLSA4FuGU99r+u yz9Tc/Rt6Ixm8aftRGXKXYv1T67FqSKUBbfGty8WWF5jtocGF0f4eFyNCQsgMBBs cYNFbkHt7VatSsNuxLUXmWF+7eVhA3CQDPr+dfGJXgyw1kqSrzL/YbsdB2qeFJSw 64RJtJ0qnrSN/5sFV4gZ3KXmWCbF2yIi/ARemhwD+Sdv/J0bC0ublrQNfiT88MFh u98ZQTnzkJ4Ndnhw98xk87/vAqlr0ziob8G5mSMnubVM8nh0BHLU7vGT0Q== -----END CERTIFICATE-----Generated at Fri Jan 9 17:04:38 2026 by rpki-client