This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/YfIHk0vhXMsawbQpQSUx4NkqARo.roa File: YfIHk0vhXMsawbQpQSUx4NkqARo.roa (raw, json) Hash identifier: jyjsv+8CT/zFqpfSyQvWtrC5fl6L+Qm0Q0VVf1vxxCM= Subject key identifier: 61:F2:07:93:4B:E1:5C:CB:1A:C1:B4:29:41:25:31:E0:D9:2A:01:1A Certificate issuer: /CN=488c65dc359b58ca6ba5d3daeb874f058684e8c6 Certificate serial: 019B7F80D641AF03229921370297632A45D2 Authority key identifier: 48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/YfIHk0vhXMsawbQpQSUx4NkqARo.roa Signing time: Fri 02 Jan 2026 16:18:28 +0000 ROA not before: Fri 02 Jan 2026 16:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60781 IP address blocks: 31.186.168.0/23 maxlen: 23 2a02:40c0::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.crl rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.mft rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:80:d6:41:af:03:22:99:21:37:02:97:63:2a:45:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=488c65dc359b58ca6ba5d3daeb874f058684e8c6 Validity Not Before: Jan 2 16:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=61f207934be15ccb1ac1b429412531e0d92a011a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:c5:2f:b8:a9:19:ce:fa:2a:b1:28:43:34:bf: 9f:11:d7:8d:aa:46:c5:42:d2:a1:99:70:d9:11:f2: 3c:29:d9:2d:cd:e1:15:01:c1:c0:8a:b7:a1:e8:9d: e3:68:e9:52:52:3a:48:b7:88:25:49:ab:5d:9b:e2: 4f:d7:dd:58:25:7e:a3:99:ea:f7:5b:b9:38:3a:4a: 78:ef:94:d8:d7:fe:97:69:3c:8f:3d:9f:2a:86:70: 93:bb:df:3b:94:11:c1:e9:39:25:92:e9:cc:33:77: 24:70:0e:8e:3e:c6:6d:ab:fe:7c:37:72:08:ac:a3: 4a:bd:dc:f5:db:89:28:01:19:f6:98:c7:46:83:7a: 4e:e0:c4:b8:ae:9e:f8:60:78:36:31:a4:7a:d5:df: f8:1e:b1:2e:f6:e3:65:97:22:55:15:b4:29:08:fb: 88:23:97:af:4d:af:64:f9:17:71:86:b2:43:a5:e9: 83:cf:d0:41:89:d2:69:5d:35:f3:f5:b4:4d:cb:b1: b7:85:b1:09:19:ba:95:f2:cd:2e:b4:2c:52:96:fa: 20:5c:41:7c:ac:ea:f1:a6:c5:78:3b:6e:38:dd:23: 35:0e:ec:4f:bc:c5:a9:eb:86:e4:bb:fd:98:87:2d: 48:74:90:40:e9:6b:5b:6d:41:9f:3f:70:73:d2:9f: da:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:F2:07:93:4B:E1:5C:CB:1A:C1:B4:29:41:25:31:E0:D9:2A:01:1A X509v3 Authority Key Identifier: keyid:48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/YfIHk0vhXMsawbQpQSUx4NkqARo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.186.168.0/23 IPv6: 2a02:40c0::/36 Signature Algorithm: sha256WithRSAEncryption 07:79:25:f3:29:dd:6f:17:12:c1:f9:58:f7:33:83:84:a9:96: 66:6f:14:ad:d5:b7:47:40:db:8e:e3:7f:d1:7b:dc:c2:3f:b7: 6d:ff:ec:80:30:a2:60:bf:a2:80:e7:f7:4b:0e:c9:33:fe:40: 81:12:23:ac:e3:f2:f4:12:d5:a4:5a:f9:37:be:18:73:62:59: 7b:ca:d3:f9:c4:50:da:4d:63:b9:54:2b:06:7e:ce:a4:e8:b3: 6e:99:e8:76:bd:9e:f3:2c:2f:90:7d:25:8b:93:a1:e2:55:7c: ca:b1:9a:51:ef:f5:74:0f:9f:47:7f:bc:96:62:9e:dc:da:f5: 79:8d:c7:f1:99:02:73:9e:98:13:56:30:df:47:8c:fd:1d:cf: 9c:05:23:e1:fe:f1:81:37:03:8b:4f:56:39:0c:cd:c9:d2:7c: 53:50:e4:55:5c:69:8c:cc:cf:0e:cd:aa:59:50:5e:58:ee:51: 49:33:e6:90:e3:68:30:f9:ee:80:04:98:a9:65:63:09:3d:fb: 30:de:ec:81:98:80:36:7f:3b:d2:40:06:77:90:e1:b6:ba:61: e9:87:8d:37:be:fd:2b:50:fa:e3:94:a0:62:17:2c:20:f3:c4: 47:a9:88:d1:f6:b9:94:f4:7f:f2:54:36:c3:69:d9:0c:8f:f3: 72:a6:be:31 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt/gNZBrwMimSE3ApdjKkXSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ4OGM2NWRjMzU5YjU4Y2E2YmE1ZDNkYWViODc0ZjA1ODY4 NGU4YzYwHhcNMjYwMTAyMTYxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MWYyMDc5MzRiZTE1Y2NiMWFjMWI0Mjk0MTI1MzFlMGQ5MmEwMTFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucUvuKkZzvoqsShDNL+fEdeNqkbF QtKhmXDZEfI8KdktzeEVAcHAireh6J3jaOlSUjpIt4glSatdm+JP191YJX6jmer3 W7k4Okp475TY1/6XaTyPPZ8qhnCTu987lBHB6TklkunMM3ckcA6OPsZtq/58N3II rKNKvdz124koARn2mMdGg3pO4MS4rp74YHg2MaR61d/4HrEu9uNllyJVFbQpCPuI I5evTa9k+RdxhrJDpemDz9BBidJpXTXz9bRNy7G3hbEJGbqV8s0utCxSlvogXEF8 rOrxpsV4O2443SM1DuxPvMWp64bku/2Yhy1IdJBA6WtbbUGfP3Bz0p/ahwIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFGHyB5NL4VzLGsG0KUElMeDZKgEaMB8GA1UdIwQY MBaAFEiMZdw1m1jKa6XT2uuHTwWGhOjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU0l4bDNEV2JXTXBycGRQYTY0ZFBCWWFFNk1ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNDgyNzEtZGVlNS00ODQxLWE3ZGQt YjBkNzJlOTEwZWZlLzEvWWZJSGswdmhYTXNhd2JRcFFTVXg0TmtxQVJvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC9jNDgyNzEtZGVlNS00ODQxLWE3ZGQtYjBkNzJlOTEwZWZl LzEvU0l4bDNEV2JXTXBycGRQYTY0ZFBCWWFFNk1ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBH7qoMA4E AgACMAgDBgQqAkDAADANBgkqhkiG9w0BAQsFAAOCAQEAB3kl8yndbxcSwflY9zOD hKmWZm8UrdW3R0DbjuN/0Xvcwj+3bf/sgDCiYL+igOf3Sw7JM/5AgRIjrOPy9BLV pFr5N74Yc2JZe8rT+cRQ2k1juVQrBn7OpOizbpnodr2e8ywvkH0li5Oh4lV8yrGa Ue/1dA+fR3+8lmKe3Nr1eY3H8ZkCc56YE1Yw30eM/R3PnAUj4f7xgTcDi09WOQzN ydJ8U1DkVVxpjMzPDs2qWVBeWO5RSTPmkONoMPnugASYqWVjCT37MN7sgZiANn87 0kAGd5Dhtrph6YeNN779K1D645SgYhcsIPPER6mI0fa5lPR/8lQ2w2nZDI/zcqa+ MQ== -----END CERTIFICATE-----Generated at Mon Jan 19 16:53:17 2026 by rpki-client