This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/ya5aPAqe4Hx1IhhFtjdZDoOseBY.roa File: ya5aPAqe4Hx1IhhFtjdZDoOseBY.roa (raw, json) Hash identifier: tpR2+mpp5l1TAReoEhj+zsYR4YGVmOGfhRS14jaZ8fI= Subject key identifier: C9:AE:5A:3C:0A:9E:E0:7C:75:22:18:45:B6:37:59:0E:83:AC:78:16 Certificate issuer: /CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1 Certificate serial: 019B7D5BD7C196B35BCBD970AB458E9CA420 Authority key identifier: 5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/ya5aPAqe4Hx1IhhFtjdZDoOseBY.roa Signing time: Fri 02 Jan 2026 06:18:49 +0000 ROA not before: Fri 02 Jan 2026 06:18:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207110 IP address blocks: 185.39.110.0/23 maxlen: 24 212.7.177.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.mft rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:d7:c1:96:b3:5b:cb:d9:70:ab:45:8e:9c:a4:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1 Validity Not Before: Jan 2 06:18:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9ae5a3c0a9ee07c75221845b637590e83ac7816 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:32:7c:c3:6b:e4:d7:3c:e4:4a:17:38:8e:95: f6:9f:6f:64:95:47:32:ba:bf:99:11:39:d7:33:87: 67:f4:c6:b4:0c:1b:a8:55:63:3e:ee:d7:cc:20:ca: 7d:82:d7:fd:b8:6d:1c:f9:84:07:ad:0b:85:a5:23: 57:35:36:8f:3e:13:1e:be:dc:87:9d:35:7e:dd:f6: ca:bc:f4:d7:3e:b4:35:cc:cd:ad:47:0c:b3:3f:55: 10:b6:f7:cd:12:98:1e:35:f8:cb:34:d5:42:cb:a4: 0e:2b:2c:a9:1a:a7:7d:60:e0:46:64:49:59:8b:96: b2:ea:f9:ca:2f:17:12:01:5b:3b:72:57:1d:af:65: 27:7f:2f:ff:b6:1f:64:dc:54:71:86:18:98:7c:2d: 1f:e3:c5:07:5d:8e:a4:a8:0e:38:2c:ec:4a:d0:ae: 81:54:fe:f7:58:08:48:70:74:27:6f:e5:bb:91:d1: fd:46:26:a8:99:34:92:2a:fd:67:6e:3f:4d:98:bb: 78:c7:5e:14:8c:af:78:9f:96:20:c3:f0:31:58:02: dd:87:59:d9:65:26:f4:77:81:98:40:ca:bd:58:2c: 0d:40:21:1c:71:33:56:e7:63:0e:04:b0:4f:89:7f: 9b:fd:ea:9e:ae:49:73:95:6b:62:4e:63:42:e2:c7: ce:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:AE:5A:3C:0A:9E:E0:7C:75:22:18:45:B6:37:59:0E:83:AC:78:16 X509v3 Authority Key Identifier: keyid:5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/ya5aPAqe4Hx1IhhFtjdZDoOseBY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.39.110.0/23 212.7.177.0/24 Signature Algorithm: sha256WithRSAEncryption 28:2e:cb:4e:fb:a4:03:69:e8:a5:29:f9:d2:b1:6a:f5:34:5d: e5:b6:ac:18:27:ff:f4:0f:a6:34:c7:a5:16:e7:97:0a:7f:3b: 3d:67:cf:94:4f:89:76:3a:20:a8:bc:e9:42:61:d7:73:03:1d: 5e:cf:0e:cd:cf:91:61:9e:16:20:61:13:2f:cc:b8:73:59:65: 42:0c:93:69:18:4c:f7:45:b7:af:84:69:10:d0:37:85:41:f2: cb:46:d7:72:1f:b8:5c:33:24:68:31:6c:d8:84:1a:9f:73:79: 21:c2:a0:ee:77:19:ea:fd:2d:cc:bc:16:0e:59:60:93:0b:ca: 0b:18:f7:f7:34:2b:e4:d2:0f:17:f4:6c:b8:e6:d6:d9:56:6e: de:ed:61:fc:dd:c1:0f:f7:3e:6e:70:70:e9:25:59:21:93:9c: 57:3e:15:87:af:69:bc:e6:8d:82:ae:9e:2b:3b:b2:64:68:2b: 0e:53:f4:42:89:e2:5f:85:90:ee:31:fa:32:f7:6d:5a:a8:f0: 8c:e8:55:8e:29:83:8e:a0:96:9f:71:73:b1:05:cf:13:8c:91: ec:8b:b7:b5:af:09:a6:1e:0f:aa:b4:ef:93:6a:ba:97:8c:e8: 07:b3:ce:e8:24:8d:c9:15:10:2b:4d:1f:37:ba:5e:68:c4:b5: 33:4a:43:8d -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9W9fBlrNby9lwq0WOnKQgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhNzU2OTk0YmIyOTJlNDllY2M2MzM3YjdmOTVkNjllZTJh ZjYxZTEwHhcNMjYwMTAyMDYxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOWFlNWEzYzBhOWVlMDdjNzUyMjE4NDViNjM3NTkwZTgzYWM3ODE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTJ8w2vk1zzkShc4jpX2n29klUcy ur+ZETnXM4dn9Ma0DBuoVWM+7tfMIMp9gtf9uG0c+YQHrQuFpSNXNTaPPhMevtyH nTV+3fbKvPTXPrQ1zM2tRwyzP1UQtvfNEpgeNfjLNNVCy6QOKyypGqd9YOBGZElZ i5ay6vnKLxcSAVs7clcdr2Unfy//th9k3FRxhhiYfC0f48UHXY6kqA44LOxK0K6B VP73WAhIcHQnb+W7kdH9RiaomTSSKv1nbj9NmLt4x14UjK94n5Ygw/AxWALdh1nZ ZSb0d4GYQMq9WCwNQCEccTNW52MOBLBPiX+b/eqerklzlWtiTmNC4sfONwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMmuWjwKnuB8dSIYRbY3WQ6DrHgWMB8GA1UdIwQY MBaAFFp1aZS7KS5J7MYze3+V1p7ir2HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUt NGUwYWE0MmExNWE4LzEveWE1YVBBcWU0SHgxSWhoRnRqZFpEb09zZUJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUtNGUwYWE0MmExNWE4 LzEvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuSduAwQA 1AexMA0GCSqGSIb3DQEBCwUAA4IBAQAoLstO+6QDaeilKfnSsWr1NF3ltqwYJ//0 D6Y0x6UW55cKfzs9Z8+UT4l2OiCovOlCYddzAx1ezw7Nz5FhnhYgYRMvzLhzWWVC DJNpGEz3RbevhGkQ0DeFQfLLRtdyH7hcMyRoMWzYhBqfc3khwqDudxnq/S3MvBYO WWCTC8oLGPf3NCvk0g8X9Gy45tbZVm7e7WH83cEP9z5ucHDpJVkhk5xXPhWHr2m8 5o2Crp4rO7JkaCsOU/RCieJfhZDuMfoy921aqPCM6FWOKYOOoJafcXOxBc8TjJHs i7e1rwmmHg+qtO+TarqXjOgHs87oJI3JFRArTR83ul5oxLUzSkON -----END CERTIFICATE-----Generated at Tue Feb 10 03:09:18 2026 by rpki-client