This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/57c6ea-1bb5-42a0-8679-d07fa3e6b3d3/1/Yw7NMxdJYOxSPv5-0Sfz5ahXRag.roa File: Yw7NMxdJYOxSPv5-0Sfz5ahXRag.roa (raw, json) Hash identifier: ZnICYKONJJxjDwVZ62F3+nflf0A7dKQxRmtplOM55/A= Subject key identifier: 63:0E:CD:33:17:49:60:EC:52:3E:FE:7E:D1:27:F3:E5:A8:57:45:A8 Certificate issuer: /CN=68c16663692f6c684574f6460aace6257fb792a2 Certificate serial: 019B7CED6F687438527524D3CAB44039B503 Authority key identifier: 68:C1:66:63:69:2F:6C:68:45:74:F6:46:0A:AC:E6:25:7F:B7:92:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMFmY2kvbGhFdPZGCqzmJX-3kqI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/57c6ea-1bb5-42a0-8679-d07fa3e6b3d3/1/Yw7NMxdJYOxSPv5-0Sfz5ahXRag.roa Signing time: Fri 02 Jan 2026 04:18:13 +0000 ROA not before: Fri 02 Jan 2026 04:18:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211445 IP address blocks: 2a14:aa80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/57c6ea-1bb5-42a0-8679-d07fa3e6b3d3/1/aMFmY2kvbGhFdPZGCqzmJX-3kqI.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/57c6ea-1bb5-42a0-8679-d07fa3e6b3d3/1/aMFmY2kvbGhFdPZGCqzmJX-3kqI.mft rsync://rpki.ripe.net/repository/DEFAULT/aMFmY2kvbGhFdPZGCqzmJX-3kqI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:6f:68:74:38:52:75:24:d3:ca:b4:40:39:b5:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68c16663692f6c684574f6460aace6257fb792a2 Validity Not Before: Jan 2 04:18:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=630ecd33174960ec523efe7ed127f3e5a85745a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:74:b8:2c:7b:81:e0:21:52:cf:33:a7:4a:d6: 74:55:d6:ef:d6:53:3c:4c:f1:25:9d:47:ea:34:4f: f0:a8:f4:24:c3:aa:1f:de:82:a9:8a:88:5c:95:31: b4:91:20:7d:39:e8:77:87:69:7d:0c:7b:5c:e3:da: 3e:9a:f0:00:a2:53:65:9e:86:12:2e:60:e3:9b:d4: 0a:d5:4b:f7:53:5c:44:5d:b0:5a:0c:ac:f4:a0:76: 6e:6d:46:e5:35:3e:5b:74:93:ad:c1:10:0c:46:12: 14:35:fe:83:f9:54:c0:a7:80:7a:bb:dc:4d:17:b8: 1a:2d:b8:f4:53:5e:e9:6e:63:cf:2a:59:3e:4c:84: 9f:4d:1d:a6:a2:51:62:b9:20:a1:66:e6:85:2d:e0: 82:58:6f:28:8c:6f:58:0f:40:72:1c:66:17:f2:19: 2c:1e:8e:3c:0f:7e:df:5a:d5:41:3d:99:3b:6a:bc: 64:2b:03:35:0d:d9:41:cb:1e:14:f3:94:3a:26:87: 3d:63:fa:68:32:26:a9:34:06:09:63:5e:e3:f3:91: 3c:e7:54:2f:2c:8f:bc:23:d9:eb:c2:85:e1:a1:f9: 0f:77:ee:f2:f9:67:68:81:96:0d:81:52:0a:d3:c4: 55:af:ab:54:01:dc:dd:5a:1f:6f:3a:54:fa:66:0e: c6:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:0E:CD:33:17:49:60:EC:52:3E:FE:7E:D1:27:F3:E5:A8:57:45:A8 X509v3 Authority Key Identifier: keyid:68:C1:66:63:69:2F:6C:68:45:74:F6:46:0A:AC:E6:25:7F:B7:92:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMFmY2kvbGhFdPZGCqzmJX-3kqI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/57c6ea-1bb5-42a0-8679-d07fa3e6b3d3/1/Yw7NMxdJYOxSPv5-0Sfz5ahXRag.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/57c6ea-1bb5-42a0-8679-d07fa3e6b3d3/1/aMFmY2kvbGhFdPZGCqzmJX-3kqI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:aa80::/32 Signature Algorithm: sha256WithRSAEncryption 1f:47:6e:bd:8f:60:3c:a2:cd:93:b4:4e:0e:81:8b:eb:90:ed: 76:d8:ff:f1:da:39:1c:0f:bc:c9:48:71:ce:21:ee:84:43:aa: 1b:59:4f:9d:a3:d9:fc:d5:4d:b5:d7:90:1e:0d:c9:0f:55:ab: fe:89:1e:73:c9:d6:b2:c7:1c:e1:21:78:9d:0d:b0:90:c4:83: 37:39:4b:6e:bd:09:0c:e4:d2:47:3e:6f:b0:35:c8:79:88:ed: 00:bb:90:5e:84:21:89:05:93:a6:a1:ae:26:5f:4a:a9:8d:99: 08:e8:a9:5d:7c:53:e1:72:0e:95:a0:a1:3b:8f:8d:87:e2:17: ae:a1:58:ee:2e:db:2c:e0:60:48:3c:6e:61:1f:a4:8b:48:30: 12:0b:03:03:cd:35:54:3b:c3:83:94:cd:e4:72:39:35:d0:52: 02:a8:35:f1:36:7e:cd:52:06:f5:c3:28:ab:b4:9c:61:d9:ad: 44:f6:47:28:50:9b:9c:c5:70:de:f6:8d:09:21:70:c0:45:71: b5:d2:e3:be:69:44:6b:f4:79:c0:32:3b:d5:18:9d:6d:2e:99: 3b:ca:fe:6e:f9:fa:c5:3f:40:50:f8:b6:c1:25:a5:0c:e2:e8: 27:95:3e:86:65:e7:0a:07:da:e9:4d:95:e3:9c:53:6c:06:2f: fa:d9:10:1c -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt87W9odDhSdSTTyrRAObUDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4YzE2NjYzNjkyZjZjNjg0NTc0ZjY0NjBhYWNlNjI1N2Zi NzkyYTIwHhcNMjYwMTAyMDQxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MzBlY2QzMzE3NDk2MGVjNTIzZWZlN2VkMTI3ZjNlNWE4NTc0NWE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnS4LHuB4CFSzzOnStZ0Vdbv1lM8 TPElnUfqNE/wqPQkw6of3oKpiohclTG0kSB9Oeh3h2l9DHtc49o+mvAAolNlnoYS LmDjm9QK1Uv3U1xEXbBaDKz0oHZubUblNT5bdJOtwRAMRhIUNf6D+VTAp4B6u9xN F7gaLbj0U17pbmPPKlk+TISfTR2molFiuSChZuaFLeCCWG8ojG9YD0ByHGYX8hks Ho48D37fWtVBPZk7arxkKwM1DdlByx4U85Q6Joc9Y/poMiapNAYJY17j85E851Qv LI+8I9nrwoXhofkPd+7y+WdogZYNgVIK08RVr6tUAdzdWh9vOlT6Zg7GAQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFGMOzTMXSWDsUj7+ftEn8+WoV0WoMB8GA1UdIwQY MBaAFGjBZmNpL2xoRXT2Rgqs5iV/t5KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYU1GbVkya3ZiR2hGZFBaR0Nxem1KWC0za3FJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81N2M2ZWEtMWJiNS00MmEwLTg2Nzkt ZDA3ZmEzZTZiM2QzLzEvWXc3Tk14ZEpZT3hTUHY1LTBTZno1YWhYUmFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi81N2M2ZWEtMWJiNS00MmEwLTg2NzktZDA3ZmEzZTZiM2Qz LzEvYU1GbVkya3ZiR2hGZFBaR0Nxem1KWC0za3FJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhSqgDAN BgkqhkiG9w0BAQsFAAOCAQEAH0duvY9gPKLNk7RODoGL65Dtdtj/8do5HA+8yUhx ziHuhEOqG1lPnaPZ/NVNtdeQHg3JD1Wr/okec8nWsscc4SF4nQ2wkMSDNzlLbr0J DOTSRz5vsDXIeYjtALuQXoQhiQWTpqGuJl9KqY2ZCOipXXxT4XIOlaChO4+Nh+IX rqFY7i7bLOBgSDxuYR+ki0gwEgsDA801VDvDg5TN5HI5NdBSAqg18TZ+zVIG9cMo q7ScYdmtRPZHKFCbnMVw3vaNCSFwwEVxtdLjvmlEa/R5wDI71RidbS6ZO8r+bvn6 xT9AUPi2wSWlDOLoJ5U+hmXnCgfa6U2V45xTbAYv+tkQHA== -----END CERTIFICATE-----Generated at Mon Feb 9 22:31:40 2026 by rpki-client