This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/42c1bf-89ff-482f-9f14-498dd1d307d0/1/gIm5Ttt-kadA-HHnl7K2QS3zq4w.roa File: gIm5Ttt-kadA-HHnl7K2QS3zq4w.roa (raw, json) Hash identifier: k0VLghPFfRvkCor9JH91D2V2IGF1FkPmkcYrg5K87ZU= Subject key identifier: 80:89:B9:4E:DB:7E:91:A7:40:F8:71:E7:97:B2:B6:41:2D:F3:AB:8C Certificate issuer: /CN=61ea673be28b493dba441870fb50e59a0d1c17c5 Certificate serial: 019B7E38C45CF3D91820EAC6013303ACB886 Authority key identifier: 61:EA:67:3B:E2:8B:49:3D:BA:44:18:70:FB:50:E5:9A:0D:1C:17:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YepnO-KLST26RBhw-1Dlmg0cF8U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/42c1bf-89ff-482f-9f14-498dd1d307d0/1/gIm5Ttt-kadA-HHnl7K2QS3zq4w.roa Signing time: Fri 02 Jan 2026 10:20:08 +0000 ROA not before: Fri 02 Jan 2026 10:20:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39702 IP address blocks: 185.214.232.0/22 maxlen: 22 2a0e:a2c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/42c1bf-89ff-482f-9f14-498dd1d307d0/1/YepnO-KLST26RBhw-1Dlmg0cF8U.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/42c1bf-89ff-482f-9f14-498dd1d307d0/1/YepnO-KLST26RBhw-1Dlmg0cF8U.mft rsync://rpki.ripe.net/repository/DEFAULT/YepnO-KLST26RBhw-1Dlmg0cF8U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 04:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:c4:5c:f3:d9:18:20:ea:c6:01:33:03:ac:b8:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61ea673be28b493dba441870fb50e59a0d1c17c5 Validity Not Before: Jan 2 10:20:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8089b94edb7e91a740f871e797b2b6412df3ab8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:fc:5a:76:33:3d:2f:bb:62:93:27:02:ef:cc: 4d:70:4b:6c:a3:bf:a1:f6:af:4d:1b:20:fa:3f:7d: e4:98:fc:14:f0:e9:5c:d6:7a:1b:65:ab:d6:90:1c: 97:ed:0a:e3:a0:67:74:d4:d1:9c:c2:7d:40:b1:5a: 60:42:b9:cb:80:54:d6:fc:48:9f:d3:c1:55:ca:87: 60:4b:1f:ea:63:43:31:d9:6a:69:44:07:5d:cf:29: 23:1a:77:b3:d9:2a:8d:37:30:78:a4:38:31:08:0f: 8f:1b:03:12:62:60:70:d3:07:62:1c:8e:c2:ab:88: 5f:97:3f:70:11:52:e2:10:7f:30:33:ae:3a:95:f7: 19:cc:d6:cd:8d:72:98:48:c7:47:2f:98:2e:5f:8c: ed:6f:a0:4f:eb:29:4a:26:c8:3a:dd:0e:16:2a:9c: cf:7e:2e:1e:e5:e5:59:60:0f:53:0e:63:a3:27:e8: 69:12:4a:22:72:2d:8b:a1:a4:2b:e5:5a:a6:dc:aa: da:ac:e5:f8:f4:a6:5b:3b:7f:ef:0e:62:ba:2d:4c: ec:c7:40:e5:79:20:21:d2:cd:d1:d1:d8:f9:57:b4: ad:8a:3c:25:58:7c:39:32:17:ad:59:02:93:1c:74: ea:76:94:77:bf:0d:8e:2c:fb:71:0f:31:f1:b3:26: 2b:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:89:B9:4E:DB:7E:91:A7:40:F8:71:E7:97:B2:B6:41:2D:F3:AB:8C X509v3 Authority Key Identifier: keyid:61:EA:67:3B:E2:8B:49:3D:BA:44:18:70:FB:50:E5:9A:0D:1C:17:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YepnO-KLST26RBhw-1Dlmg0cF8U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/42c1bf-89ff-482f-9f14-498dd1d307d0/1/gIm5Ttt-kadA-HHnl7K2QS3zq4w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/42c1bf-89ff-482f-9f14-498dd1d307d0/1/YepnO-KLST26RBhw-1Dlmg0cF8U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.214.232.0/22 IPv6: 2a0e:a2c0::/32 Signature Algorithm: sha256WithRSAEncryption 1d:a1:78:05:bd:6b:af:e9:aa:75:d2:c3:47:84:be:cc:14:f8: dc:09:0d:fe:70:e1:77:e4:15:6e:3f:73:e6:24:81:d0:e8:58: 87:52:f8:ba:f1:e0:11:62:15:f2:1a:b2:f6:fc:92:92:f0:d2: f2:ab:f2:3e:44:76:18:e8:da:c5:2a:e1:cc:08:45:bd:60:3f: 7c:7b:d3:8f:92:07:de:65:8c:e3:83:c5:28:4e:92:7f:28:9a: 80:d0:ca:0c:68:9e:d7:21:b0:7c:bf:2a:49:a1:7f:31:da:e9: a1:c8:13:82:cd:e9:ed:61:ff:09:fd:99:aa:9c:86:b4:9e:a5: b0:5b:3e:7c:b9:dc:ab:99:6e:c9:7d:65:75:ee:70:82:be:38: e5:11:08:1d:9a:7e:72:0a:9e:10:2f:04:c0:06:23:92:43:d8: 42:c1:1b:a7:54:5c:09:2b:29:86:a0:fd:1b:e0:0c:6f:d1:dc: a3:46:23:c8:d6:ef:91:aa:be:f2:1b:c3:c7:60:38:e0:4b:7b: 6d:f2:0b:1f:ed:c2:c7:a0:59:ed:c9:63:d4:dd:56:4d:d3:81: c1:23:d0:38:d0:bb:a2:f4:2c:55:4e:13:85:21:81:40:91:96: 66:d3:6d:01:c0:87:94:48:a8:60:36:f5:63:e9:49:6f:fe:1f: bd:2a:7e:e8 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+OMRc89kYIOrGATMDrLiGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxZWE2NzNiZTI4YjQ5M2RiYTQ0MTg3MGZiNTBlNTlhMGQx YzE3YzUwHhcNMjYwMTAyMTAyMDA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4MDg5Yjk0ZWRiN2U5MWE3NDBmODcxZTc5N2IyYjY0MTJkZjNhYjhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfxadjM9L7tikycC78xNcEtso7+h 9q9NGyD6P33kmPwU8Olc1nobZavWkByX7QrjoGd01NGcwn1AsVpgQrnLgFTW/Eif 08FVyodgSx/qY0Mx2WppRAddzykjGnez2SqNNzB4pDgxCA+PGwMSYmBw0wdiHI7C q4hflz9wEVLiEH8wM646lfcZzNbNjXKYSMdHL5guX4ztb6BP6ylKJsg63Q4WKpzP fi4e5eVZYA9TDmOjJ+hpEkoici2LoaQr5Vqm3KrarOX49KZbO3/vDmK6LUzsx0Dl eSAh0s3R0dj5V7StijwlWHw5MhetWQKTHHTqdpR3vw2OLPtxDzHxsyYrtQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFICJuU7bfpGnQPhx55eytkEt86uMMB8GA1UdIwQY MBaAFGHqZzvii0k9ukQYcPtQ5ZoNHBfFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWVwbk8tS0xTVDI2UkJody0xRGxtZzBjRjhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80MmMxYmYtODlmZi00ODJmLTlmMTQt NDk4ZGQxZDMwN2QwLzEvZ0ltNVR0dC1rYWRBLUhIbmw3SzJRUzN6cTR3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80MmMxYmYtODlmZi00ODJmLTlmMTQtNDk4ZGQxZDMwN2Qw LzEvWWVwbk8tS0xTVDI2UkJody0xRGxtZzBjRjhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudboMA0E AgACMAcDBQAqDqLAMA0GCSqGSIb3DQEBCwUAA4IBAQAdoXgFvWuv6ap10sNHhL7M FPjcCQ3+cOF35BVuP3PmJIHQ6FiHUvi68eARYhXyGrL2/JKS8NLyq/I+RHYY6NrF KuHMCEW9YD98e9OPkgfeZYzjg8UoTpJ/KJqA0MoMaJ7XIbB8vypJoX8x2umhyBOC zentYf8J/ZmqnIa0nqWwWz58udyrmW7JfWV17nCCvjjlEQgdmn5yCp4QLwTABiOS Q9hCwRunVFwJKymGoP0b4Axv0dyjRiPI1u+Rqr7yG8PHYDjgS3tt8gsf7cLHoFnt yWPU3VZN04HBI9A40Lui9CxVThOFIYFAkZZm020BwIeUSKhgNvVj6Ulv/h+9Kn7o -----END CERTIFICATE-----Generated at Tue Jan 27 12:41:13 2026 by rpki-client