This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/y9B1yRT2L1CpocEMlMSztYleiKE.roa File: y9B1yRT2L1CpocEMlMSztYleiKE.roa (raw, json) Hash identifier: acQC4SJfpVi8DhZSpM0QbOyG3xLLJbfeh5kJQP7hozY= Subject key identifier: CB:D0:75:C9:14:F6:2F:50:A9:A1:C1:0C:94:C4:B3:B5:89:5E:88:A1 Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9 Certificate serial: 019B791151EF107A520FD047BECF15F4D48E Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/y9B1yRT2L1CpocEMlMSztYleiKE.roa Signing time: Thu 01 Jan 2026 10:18:56 +0000 ROA not before: Thu 01 Jan 2026 10:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210715 IP address blocks: 45.43.163.0/24 maxlen: 24 216.173.77.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:51:ef:10:7a:52:0f:d0:47:be:cf:15:f4:d4:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9 Validity Not Before: Jan 1 10:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cbd075c914f62f50a9a1c10c94c4b3b5895e88a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:f7:3a:49:c3:b0:05:a0:28:0c:52:9e:4d:28: 7c:da:13:ca:4f:9b:cd:8d:21:2d:6f:dc:05:96:51: 8c:ea:43:38:d4:d0:ee:f3:74:7d:4a:d5:da:4a:3e: 0f:02:23:3a:8c:1f:93:e1:73:f5:da:16:a1:d3:1b: 51:14:6e:96:ae:fe:e7:a5:03:62:20:bf:35:76:be: 64:e7:35:a6:a4:40:5e:c0:46:1e:fb:99:bd:b8:4f: 4f:08:52:4c:dd:93:26:42:7b:1b:25:16:9a:20:00: 9d:66:dc:19:1f:b5:44:b7:6a:cd:ff:a9:f6:a0:f3: 78:5f:08:50:cc:89:56:05:ad:16:7c:38:5a:ef:18: 49:cd:8e:b8:86:9e:a4:ee:c6:8b:f9:43:90:54:8a: f4:15:af:f4:68:48:b3:76:29:e7:d0:9e:55:67:03: cc:db:d9:85:b5:ce:07:2f:80:5e:5b:c8:fa:43:84: 98:54:ad:fc:47:7a:b8:aa:d6:da:e9:c1:8d:f2:8a: 85:71:bc:b0:49:b3:a4:10:aa:8b:fb:27:7e:07:a6: b1:94:22:cd:5c:12:09:fb:98:15:3e:3e:94:d6:98: bc:95:6c:ec:bc:8e:f2:4c:47:97:c2:99:03:aa:06: 2f:ec:e7:b6:f6:63:b2:7c:da:67:b5:07:d3:83:51: 9c:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:D0:75:C9:14:F6:2F:50:A9:A1:C1:0C:94:C4:B3:B5:89:5E:88:A1 X509v3 Authority Key Identifier: keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/y9B1yRT2L1CpocEMlMSztYleiKE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.43.163.0/24 216.173.77.0/24 Signature Algorithm: sha256WithRSAEncryption 63:d3:c7:8c:22:5e:e0:16:5e:cf:bc:eb:22:69:17:23:0c:22: 2a:8f:c8:f1:0a:5c:a1:27:99:eb:91:16:57:60:1f:28:0d:2f: ca:5b:56:79:6b:f5:d4:3a:fe:9e:aa:d2:68:8c:a6:70:83:39: a6:7b:fa:b0:ce:c5:0f:18:14:1a:ac:0c:c1:0f:90:b0:51:b4: 7f:0d:dc:40:e5:63:c4:3c:b2:de:cb:87:51:96:d2:5b:a5:de: df:91:92:c4:b6:74:45:c4:3b:61:b5:f0:80:ae:07:f4:dc:ea: 70:a7:83:3a:7e:69:c8:15:75:3b:67:52:28:81:a5:45:da:56: b0:79:c2:44:42:c2:19:a4:b6:a9:94:40:25:8f:b5:f1:c9:fd: 9d:c5:f6:72:a2:a0:9a:6a:b4:bf:dd:0a:83:8c:45:39:0a:06: 23:d2:9d:75:9e:c8:35:ab:bb:f4:3b:f4:26:9b:cc:36:ca:07: 77:c5:f1:02:e1:78:c0:dc:c0:57:fd:62:7a:d4:c4:05:84:74: d5:c5:38:ca:0b:41:a7:d2:e4:f3:97:40:dc:e7:38:75:51:fa: 25:ab:58:ac:8a:20:b8:fd:10:75:0f:f3:1f:f3:39:a1:2b:0f: 5f:56:fa:49:d6:f7:a9:4c:64:b2:7f:ef:e3:51:cc:cd:c4:e2: b0:6a:f6:c7 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EVHvEHpSD9BHvs8V9NSOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj Mzg1ZTkwHhcNMjYwMTAxMTAxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYmQwNzVjOTE0ZjYyZjUwYTlhMWMxMGM5NGM0YjNiNTg5NWU4OGExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vc6ScOwBaAoDFKeTSh82hPKT5vN jSEtb9wFllGM6kM41NDu83R9StXaSj4PAiM6jB+T4XP12hah0xtRFG6Wrv7npQNi IL81dr5k5zWmpEBewEYe+5m9uE9PCFJM3ZMmQnsbJRaaIACdZtwZH7VEt2rN/6n2 oPN4XwhQzIlWBa0WfDha7xhJzY64hp6k7saL+UOQVIr0Fa/0aEizdinn0J5VZwPM 29mFtc4HL4BeW8j6Q4SYVK38R3q4qtba6cGN8oqFcbywSbOkEKqL+yd+B6axlCLN XBIJ+5gVPj6U1pi8lWzsvI7yTEeXwpkDqgYv7Oe29mOyfNpntQfTg1GcPwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMvQdckU9i9QqaHBDJTEs7WJXoihMB8GA1UdIwQY MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt ZmIwNzk1NWYzYWFhLzEveTlCMXlSVDJMMUNwb2NFTWxNU3p0WWxlaUtFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALSujAwQA 2K1NMA0GCSqGSIb3DQEBCwUAA4IBAQBj08eMIl7gFl7PvOsiaRcjDCIqj8jxClyh J5nrkRZXYB8oDS/KW1Z5a/XUOv6eqtJojKZwgzmme/qwzsUPGBQarAzBD5CwUbR/ DdxA5WPEPLLey4dRltJbpd7fkZLEtnRFxDthtfCArgf03Opwp4M6fmnIFXU7Z1Io gaVF2lawecJEQsIZpLaplEAlj7Xxyf2dxfZyoqCaarS/3QqDjEU5CgYj0p11nsg1 q7v0O/Qmm8w2ygd3xfEC4XjA3MBX/WJ61MQFhHTVxTjKC0Gn0uTzl0Dc5zh1Ufol q1isiiC4/RB1D/Mf8zmhKw9fVvpJ1vepTGSyf+/jUczNxOKwavbH -----END CERTIFICATE-----Generated at Fri Jan 2 02:40:51 2026 by rpki-client