This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/yz9etzU3WAij-xTcB349cOYhteM.roa File: yz9etzU3WAij-xTcB349cOYhteM.roa (raw, json) Hash identifier: MWnxlRDoogvVu7rgyi8dvl0hLzqj48ZRfL2MzhVICvQ= Subject key identifier: CB:3F:5E:B7:35:37:58:08:A3:FB:14:DC:07:7E:3D:70:E6:21:B5:E3 Certificate issuer: /CN=72bbd2fa18319639e25ffbf4bdbfa008660158ae Certificate serial: 019B7D5BF365747F2E46FDBDBBE1F601B61D Authority key identifier: 72:BB:D2:FA:18:31:96:39:E2:5F:FB:F4:BD:BF:A0:08:66:01:58:AE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/yz9etzU3WAij-xTcB349cOYhteM.roa Signing time: Fri 02 Jan 2026 06:18:56 +0000 ROA not before: Fri 02 Jan 2026 06:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43458 IP address blocks: 185.17.248.0/24 maxlen: 24 213.159.136.0/24 maxlen: 24 213.159.137.0/24 maxlen: 24 213.159.138.0/24 maxlen: 24 213.159.140.0/24 maxlen: 24 2a0a:d7c0:724::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.mft rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 04 Jan 2026 08:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:f3:65:74:7f:2e:46:fd:bd:bb:e1:f6:01:b6:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72bbd2fa18319639e25ffbf4bdbfa008660158ae Validity Not Before: Jan 2 06:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb3f5eb735375808a3fb14dc077e3d70e621b5e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:4d:f7:21:79:b4:36:16:44:6a:75:fc:53:83: 87:a1:bd:47:79:a2:b1:97:d4:89:d4:69:d3:c8:0a: e5:1f:44:bf:c4:0c:86:fa:89:5f:28:c9:ce:f8:94: 99:86:af:bd:dd:c6:db:ee:95:cb:33:a2:13:d8:39: a7:23:b5:15:99:03:7b:c7:fc:cd:f5:3e:68:80:79: 5a:c0:35:a1:1f:72:0b:1e:5f:b5:c0:b9:39:13:ce: 09:87:21:23:44:c2:53:1e:28:86:54:1e:72:08:a5: 16:d8:c3:e6:e5:28:a6:59:08:91:2e:ba:d0:8b:96: a5:4c:f9:27:26:63:94:e7:22:c2:94:00:c7:63:bc: 89:ec:99:6d:f2:3b:87:ca:5d:47:87:7d:24:19:f5: 75:54:cb:46:49:65:c7:13:04:bd:e4:de:ac:a2:0c: ca:9f:63:e6:b1:a4:53:56:38:ea:56:b9:32:84:42: ce:8a:de:a2:54:73:82:22:62:17:46:2d:47:7c:a2: 9a:68:f3:d0:30:d5:33:fb:6c:e0:48:e1:88:8e:cf: af:85:b0:11:9e:2b:4b:b2:86:09:fa:d0:46:73:5d: 51:09:ec:1e:34:57:53:ee:3c:01:a9:2d:45:dc:19: 33:4d:d1:c5:38:14:4f:15:76:51:87:af:6e:2b:b5: a7:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:3F:5E:B7:35:37:58:08:A3:FB:14:DC:07:7E:3D:70:E6:21:B5:E3 X509v3 Authority Key Identifier: keyid:72:BB:D2:FA:18:31:96:39:E2:5F:FB:F4:BD:BF:A0:08:66:01:58:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crvS-hgxljniX_v0vb-gCGYBWK4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/yz9etzU3WAij-xTcB349cOYhteM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dc4420-4062-4778-9358-0af2e541646c/1/crvS-hgxljniX_v0vb-gCGYBWK4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.17.248.0/24 213.159.136.0-213.159.138.255 213.159.140.0/24 IPv6: 2a0a:d7c0:724::/48 Signature Algorithm: sha256WithRSAEncryption 3a:17:52:a9:9c:bc:ba:9f:c2:53:6e:9b:c6:09:a4:fe:92:26: 42:6d:c2:3a:6b:3d:83:a5:32:f5:17:49:2a:b8:4a:e1:75:1c: 76:fd:19:6d:7e:d4:c6:d9:da:18:06:71:67:31:5f:38:3e:4c: 97:37:48:da:10:10:99:05:97:1b:64:a0:3a:ca:de:82:2d:6e: 5d:fb:e3:15:11:3c:7f:b5:d2:27:15:2b:ec:b4:ed:c1:d7:f7: 07:42:76:28:ff:9d:9e:4f:70:32:e5:57:bb:d1:d1:ac:1d:bc: 7f:a3:e8:96:b9:1d:1a:57:8f:c5:e7:95:4c:44:91:6d:2a:24: e2:cc:1e:b4:1b:2f:b3:6f:f2:7e:b2:f0:4d:85:b8:d7:83:ab: 0b:7e:cd:e0:bd:ff:1b:6d:36:db:06:20:fb:f2:68:81:ff:a8: ad:5c:61:8e:ee:cc:f8:3d:37:6e:e0:06:c0:43:9a:51:b5:0a: 06:b0:11:28:4d:43:7b:ff:54:fc:4f:c5:00:a5:ee:14:be:05: 3a:4e:92:de:12:34:6c:2c:5d:f2:34:7a:c3:85:b0:5b:bf:03: 10:d0:00:56:3a:e7:a0:de:b0:f4:41:94:84:f2:c4:32:16:08: df:b0:8a:3c:60:46:53:d8:b0:65:ba:d1:e5:e0:f7:f4:5f:9a: 5a:17:13:d2 -----BEGIN CERTIFICATE----- MIIFIjCCBAqgAwIBAgISAZt9W/NldH8uRv29u+H2AbYdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyYmJkMmZhMTgzMTk2MzllMjVmZmJmNGJkYmZhMDA4NjYw MTU4YWUwHhcNMjYwMTAyMDYxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjNmNWViNzM1Mzc1ODA4YTNmYjE0ZGMwNzdlM2Q3MGU2MjFiNWUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE33IXm0NhZEanX8U4OHob1HeaKx l9SJ1GnTyArlH0S/xAyG+olfKMnO+JSZhq+93cbb7pXLM6IT2DmnI7UVmQN7x/zN 9T5ogHlawDWhH3ILHl+1wLk5E84JhyEjRMJTHiiGVB5yCKUW2MPm5SimWQiRLrrQ i5alTPknJmOU5yLClADHY7yJ7Jlt8juHyl1Hh30kGfV1VMtGSWXHEwS95N6sogzK n2PmsaRTVjjqVrkyhELOit6iVHOCImIXRi1HfKKaaPPQMNUz+2zgSOGIjs+vhbAR nitLsoYJ+tBGc11RCeweNFdT7jwBqS1F3BkzTdHFOBRPFXZRh69uK7WnwQIDAQAB o4ICLjCCAiowHQYDVR0OBBYEFMs/Xrc1N1gIo/sU3Ad+PXDmIbXjMB8GA1UdIwQY MBaAFHK70voYMZY54l/79L2/oAhmAViuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3J2Uy1oZ3hsam5pWF92MHZiLWdDR1lCV0s0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kYzQ0MjAtNDA2Mi00Nzc4LTkzNTgt MGFmMmU1NDE2NDZjLzEveXo5ZXR6VTNXQWlqLXhUY0IzNDljT1lodGVNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi9kYzQ0MjAtNDA2Mi00Nzc4LTkzNTgtMGFmMmU1NDE2NDZj LzEvY3J2Uy1oZ3hsam5pWF92MHZiLWdDR1lCV0s0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQAuRH4MAwD BAPVn4gDBADVn4oDBADVn4wwDwQCAAIwCQMHACoK18AHJDANBgkqhkiG9w0BAQsF AAOCAQEAOhdSqZy8up/CU26bxgmk/pImQm3COms9g6Uy9RdJKrhK4XUcdv0ZbX7U xtnaGAZxZzFfOD5MlzdI2hAQmQWXG2SgOsregi1uXfvjFRE8f7XSJxUr7LTtwdf3 B0J2KP+dnk9wMuVXu9HRrB28f6PolrkdGlePxeeVTESRbSok4swetBsvs2/yfrLw TYW414OrC37N4L3/G2022wYg+/Jogf+orVxhju7M+D03buAGwEOaUbUKBrARKE1D e/9U/E/FAKXuFL4FOk6S3hI0bCxd8jR6w4WwW78DENAAVjrnoN6w9EGUhPLEMhYI 37CKPGBGU9iwZbrR5eD39F+aWhcT0g== -----END CERTIFICATE-----Generated at Sat Jan 3 18:21:23 2026 by rpki-client