This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yzMl80kUPFPXCVyuhTRWq2l6-PU.roa File: yzMl80kUPFPXCVyuhTRWq2l6-PU.roa (raw, json) Hash identifier: 10HhilhYAwZngg7Yfm2XzCkVn++CZDGvggSHZV4Fd0w= Subject key identifier: CB:33:25:F3:49:14:3C:53:D7:09:5C:AE:85:34:56:AB:69:7A:F8:F5 Certificate issuer: /CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9 Certificate serial: 019B7910C6D92E1CB3A14E66725D2DFDEBA5 Authority key identifier: CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yzMl80kUPFPXCVyuhTRWq2l6-PU.roa Signing time: Thu 01 Jan 2026 10:18:21 +0000 ROA not before: Thu 01 Jan 2026 10:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62077 IP address blocks: 2.57.212.0/24 maxlen: 24 2.57.213.0/24 maxlen: 24 185.33.60.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.crl rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.mft rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:c6:d9:2e:1c:b3:a1:4e:66:72:5d:2d:fd:eb:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ca3b86e65470f994dfa6d6fee8e264db62e24af9 Validity Not Before: Jan 1 10:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb3325f349143c53d7095cae853456ab697af8f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:08:2f:a3:4e:31:3b:0d:c2:f6:86:4d:2b:4c: 1a:65:80:f7:07:5d:e2:a6:77:76:f4:0c:5b:56:fa: f2:2f:24:d9:d2:08:97:43:a2:44:32:61:30:ef:87: 8e:c6:65:aa:4f:81:35:9c:d3:9d:a8:e5:19:f0:e4: 5d:a3:cb:0a:14:68:e2:23:af:34:85:7a:ea:ba:c6: 6b:af:81:79:e2:22:1f:71:86:cc:0e:93:69:3c:39: 19:73:59:81:1f:c9:2a:2d:f2:53:42:fc:ab:56:8a: f4:e4:4d:cc:be:a9:3d:a0:a2:2d:cd:41:3f:eb:82: b3:47:54:e6:fd:5a:1e:31:36:a3:ee:88:c1:eb:10: 2d:ef:be:a0:31:f9:c5:31:f4:ce:5b:8a:ae:1e:0a: 4a:87:9d:5f:56:6c:4d:db:e5:a8:61:eb:f9:cc:c7: bf:a9:dd:e2:3b:fe:7a:6c:85:19:d2:4d:4a:56:a3: 98:9f:2a:a0:af:c7:63:a2:10:d6:25:01:35:cc:99: 28:a9:b9:71:68:ca:cd:ba:d0:19:15:27:22:22:41: f5:1c:35:3f:0b:31:02:84:fb:f6:59:cf:23:c4:1d: 41:80:a3:e3:44:e5:df:9a:71:00:44:89:53:13:94: 61:92:8c:f4:23:3a:69:49:36:17:be:fa:4d:e0:b5: 91:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:33:25:F3:49:14:3C:53:D7:09:5C:AE:85:34:56:AB:69:7A:F8:F5 X509v3 Authority Key Identifier: keyid:CA:3B:86:E6:54:70:F9:94:DF:A6:D6:FE:E8:E2:64:DB:62:E2:4A:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjuG5lRw-ZTfptb-6OJk22LiSvk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yzMl80kUPFPXCVyuhTRWq2l6-PU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/3dae71-1acf-4196-9608-9531d24e0610/1/yjuG5lRw-ZTfptb-6OJk22LiSvk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.57.212.0/23 185.33.60.0/24 Signature Algorithm: sha256WithRSAEncryption 50:5d:2d:63:11:12:d6:b2:b4:d5:43:dd:10:8e:bb:5c:5e:ad: 58:94:65:a4:95:13:e1:24:8c:ab:a0:ce:f2:ce:5c:17:6a:7e: 3a:83:fb:74:f0:c9:a2:db:83:1e:64:ca:3c:a4:4f:92:46:be: bb:b1:84:e5:e0:67:b4:10:b2:d0:7f:26:ce:be:bb:93:22:ba: 31:d8:e4:ef:bf:62:7e:88:3f:2b:7a:72:04:25:35:bf:2a:63: 97:19:fa:63:a1:3c:88:5d:87:db:5d:0d:da:0e:c4:fd:14:01: 9e:06:fa:a6:90:0e:e9:ff:7a:8c:9a:20:98:d6:b9:6a:90:98: 2f:98:26:50:cd:22:18:35:2c:51:0f:92:e9:8e:f6:ed:2d:d1: 10:3f:e6:33:71:0c:64:5d:24:7f:ed:c4:22:65:c9:c3:f9:68: 97:22:a5:57:99:15:f9:6e:3b:ff:63:23:3a:04:b6:1e:46:10: da:c5:b7:12:6c:58:8c:5d:1d:e5:bc:bf:52:6c:a8:62:88:49: f1:74:99:11:8b:68:27:02:d2:1d:e2:9f:f3:5b:06:8e:f6:6d: 80:f3:71:46:62:d9:54:6b:28:8c:a6:7c:10:c1:5d:6a:a9:65: 47:f7:fe:46:08:5c:d9:62:ca:70:5f:6b:7e:58:1f:77:8b:82: 34:15:41:af -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5EMbZLhyzoU5mcl0t/eulMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNhM2I4NmU2NTQ3MGY5OTRkZmE2ZDZmZWU4ZTI2NGRiNjJl MjRhZjkwHhcNMjYwMTAxMTAxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjMzMjVmMzQ5MTQzYzUzZDcwOTVjYWU4NTM0NTZhYjY5N2FmOGY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ggvo04xOw3C9oZNK0waZYD3B13i pnd29AxbVvryLyTZ0giXQ6JEMmEw74eOxmWqT4E1nNOdqOUZ8ORdo8sKFGjiI680 hXrqusZrr4F54iIfcYbMDpNpPDkZc1mBH8kqLfJTQvyrVor05E3Mvqk9oKItzUE/ 64KzR1Tm/VoeMTaj7ojB6xAt776gMfnFMfTOW4quHgpKh51fVmxN2+WoYev5zMe/ qd3iO/56bIUZ0k1KVqOYnyqgr8djohDWJQE1zJkoqblxaMrNutAZFSciIkH1HDU/ CzEChPv2Wc8jxB1BgKPjROXfmnEARIlTE5Rhkoz0IzppSTYXvvpN4LWRSwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMszJfNJFDxT1wlcroU0Vqtpevj1MB8GA1UdIwQY MBaAFMo7huZUcPmU36bW/ujiZNti4kr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgt OTUzMWQyNGUwNjEwLzEveXpNbDgwa1VQRlBYQ1Z5dWhUUldxMmw2LVBVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni8zZGFlNzEtMWFjZi00MTk2LTk2MDgtOTUzMWQyNGUwNjEw LzEveWp1RzVsUnctWlRmcHRiLTZPSmsyMkxpU3ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBAjnUAwQA uSE8MA0GCSqGSIb3DQEBCwUAA4IBAQBQXS1jERLWsrTVQ90QjrtcXq1YlGWklRPh JIyroM7yzlwXan46g/t08Mmi24MeZMo8pE+SRr67sYTl4Ge0ELLQfybOvruTIrox 2OTvv2J+iD8renIEJTW/KmOXGfpjoTyIXYfbXQ3aDsT9FAGeBvqmkA7p/3qMmiCY 1rlqkJgvmCZQzSIYNSxRD5LpjvbtLdEQP+YzcQxkXSR/7cQiZcnD+WiXIqVXmRX5 bjv/YyM6BLYeRhDaxbcSbFiMXR3lvL9SbKhiiEnxdJkRi2gnAtId4p/zWwaO9m2A 83FGYtlUayiMpnwQwV1qqWVH9/5GCFzZYspwX2t+WB93i4I0FUGv -----END CERTIFICATE-----Generated at Mon Jan 26 16:58:30 2026 by rpki-client