This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/y2Pk1JESAEjAx9xzsg0kcYS6ZnE.roa File: y2Pk1JESAEjAx9xzsg0kcYS6ZnE.roa (raw, json) Hash identifier: jae+12T+MS9ODSNGqlLiUYOqCmetegdKFULf6+awLks= Subject key identifier: CB:63:E4:D4:91:12:00:48:C0:C7:DC:73:B2:0D:24:71:84:BA:66:71 Certificate issuer: /CN=e47406f4982b61824c8fd44b81ede0a99fc724e0 Certificate serial: 019B7E39300EE15A267FDB341C779F71AE2B Authority key identifier: E4:74:06:F4:98:2B:61:82:4C:8F:D4:4B:81:ED:E0:A9:9F:C7:24:E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HQG9JgrYYJMj9RLge3gqZ_HJOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/y2Pk1JESAEjAx9xzsg0kcYS6ZnE.roa Signing time: Fri 02 Jan 2026 10:20:35 +0000 ROA not before: Fri 02 Jan 2026 10:20:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15404 IP address blocks: 5.11.96.0/20 maxlen: 20 37.32.80.0/21 maxlen: 21 176.62.152.0/21 maxlen: 21 178.249.200.0/21 maxlen: 21 185.8.120.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/5HQG9JgrYYJMj9RLge3gqZ_HJOA.crl rsync://rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/5HQG9JgrYYJMj9RLge3gqZ_HJOA.mft rsync://rpki.ripe.net/repository/DEFAULT/5HQG9JgrYYJMj9RLge3gqZ_HJOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 04:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:30:0e:e1:5a:26:7f:db:34:1c:77:9f:71:ae:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e47406f4982b61824c8fd44b81ede0a99fc724e0 Validity Not Before: Jan 2 10:20:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb63e4d491120048c0c7dc73b20d247184ba6671 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:00:c9:7f:75:87:bb:a4:5f:ce:d6:f1:84:53: 5f:46:19:b3:64:fc:3e:cf:69:c6:6c:6c:3d:b3:73: da:a7:7c:7c:a0:90:76:ec:82:5e:ac:5d:eb:17:dd: 66:6b:75:2d:fe:b1:63:8a:01:4d:44:54:63:6e:4b: a1:2d:e4:5d:80:98:66:45:47:82:7f:ef:f3:af:42: 62:a3:e8:34:62:99:5f:20:94:9b:2f:20:cb:10:31: 90:7e:c6:65:dc:5d:32:72:17:e3:d1:eb:0d:41:62: 47:41:ad:40:24:82:d4:44:04:60:1f:46:fe:2b:cb: c0:ca:81:09:08:63:0d:56:07:2f:8a:6d:fb:ef:ce: da:d4:ca:73:95:29:ab:cf:00:2b:ac:c8:92:cd:4a: 1c:0a:7b:31:8e:55:ee:c8:83:71:2d:97:f4:e1:9e: ef:36:fd:81:c3:f6:dc:b7:0d:da:c2:4c:a7:11:4c: c5:f1:fb:2b:ed:b5:e8:c0:fd:9b:44:0a:8a:f0:e0: cf:53:f6:65:fd:c9:98:25:b1:21:8e:8b:d3:72:eb: e7:59:a5:1b:ae:86:ef:1b:e5:0a:87:d9:78:75:05: 79:30:7f:f0:6e:ac:aa:22:0f:bf:23:d5:ee:fe:40: 44:69:c3:55:89:39:09:67:ac:56:e6:e5:5b:10:41: 3e:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:63:E4:D4:91:12:00:48:C0:C7:DC:73:B2:0D:24:71:84:BA:66:71 X509v3 Authority Key Identifier: keyid:E4:74:06:F4:98:2B:61:82:4C:8F:D4:4B:81:ED:E0:A9:9F:C7:24:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HQG9JgrYYJMj9RLge3gqZ_HJOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/y2Pk1JESAEjAx9xzsg0kcYS6ZnE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/9d64ff-d4da-4dc9-8825-7118f8384c77/1/5HQG9JgrYYJMj9RLge3gqZ_HJOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.11.96.0/20 37.32.80.0/21 176.62.152.0/21 178.249.200.0/21 185.8.120.0/22 Signature Algorithm: sha256WithRSAEncryption 79:5a:ca:10:93:30:9a:02:2b:c3:5d:02:7d:ee:c4:0a:63:fd: 8a:7c:76:ad:0e:f9:14:2a:38:b7:fb:a8:0f:a7:b1:fb:99:d1: 9b:2a:37:b8:31:96:44:f3:03:01:45:3a:8a:ac:c2:81:5b:2f: 5b:b1:33:a3:ae:10:f5:eb:37:1a:0f:17:d7:73:92:33:0b:66: 48:a1:13:55:98:70:e7:b0:78:bc:60:9d:fd:75:78:cc:87:b1: 80:f7:08:cc:e2:5c:45:5a:70:f2:5d:d3:e4:49:6d:dd:3b:3b: c2:0a:23:83:c8:bf:90:25:2a:60:8b:f2:e9:2a:3c:0a:a9:f5: f2:0d:c7:fe:ff:05:10:c2:82:ef:e8:28:b6:d1:71:dd:62:46: 60:ea:b8:e4:5b:9e:dd:6e:a6:9c:79:f4:dd:7e:51:ad:c0:d8: 82:a8:cc:5d:4f:3c:d4:96:16:e4:bd:5f:9a:0a:c5:94:32:06: 2a:5a:03:6f:91:ba:df:c7:35:5f:66:94:62:c5:dc:9e:8a:57: 79:53:d2:48:89:14:b4:8c:5e:ff:22:be:15:af:65:8a:2a:66: e2:22:cf:bf:63:5a:fd:fd:62:22:51:8d:61:a8:da:01:6a:a1: a5:ca:1f:f3:cc:4d:65:30:cc:f7:f5:ab:50:de:61:01:02:cf: 6b:91:b8:a9 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt+OTAO4Vomf9s0HHefca4rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU0NzQwNmY0OTgyYjYxODI0YzhmZDQ0YjgxZWRlMGE5OWZj NzI0ZTAwHhcNMjYwMTAyMTAyMDM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjYzZTRkNDkxMTIwMDQ4YzBjN2RjNzNiMjBkMjQ3MTg0YmE2NjcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QDJf3WHu6RfztbxhFNfRhmzZPw+ z2nGbGw9s3Pap3x8oJB27IJerF3rF91ma3Ut/rFjigFNRFRjbkuhLeRdgJhmRUeC f+/zr0Jio+g0YplfIJSbLyDLEDGQfsZl3F0ychfj0esNQWJHQa1AJILURARgH0b+ K8vAyoEJCGMNVgcvim37787a1MpzlSmrzwArrMiSzUocCnsxjlXuyINxLZf04Z7v Nv2Bw/bctw3awkynEUzF8fsr7bXowP2bRAqK8ODPU/Zl/cmYJbEhjovTcuvnWaUb robvG+UKh9l4dQV5MH/wbqyqIg+/I9Xu/kBEacNViTkJZ6xW5uVbEEE+HQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFMtj5NSREgBIwMfcc7INJHGEumZxMB8GA1UdIwQY MBaAFOR0BvSYK2GCTI/US4Ht4KmfxyTgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNUhRRzlKZ3JZWUpNajlSTGdlM2dxWl9ISk9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85ZDY0ZmYtZDRkYS00ZGM5LTg4MjUt NzExOGY4Mzg0Yzc3LzEveTJQazFKRVNBRWpBeDl4enNnMGtjWVM2Wm5FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS85ZDY0ZmYtZDRkYS00ZGM5LTg4MjUtNzExOGY4Mzg0Yzc3 LzEvNUhRRzlKZ3JZWUpNajlSTGdlM2dxWl9ISk9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEBQtgAwQD JSBQAwQDsD6YAwQDsvnIAwQCuQh4MA0GCSqGSIb3DQEBCwUAA4IBAQB5WsoQkzCa AivDXQJ97sQKY/2KfHatDvkUKji3+6gPp7H7mdGbKje4MZZE8wMBRTqKrMKBWy9b sTOjrhD16zcaDxfXc5IzC2ZIoRNVmHDnsHi8YJ39dXjMh7GA9wjM4lxFWnDyXdPk SW3dOzvCCiODyL+QJSpgi/LpKjwKqfXyDcf+/wUQwoLv6Ci20XHdYkZg6rjkW57d bqacefTdflGtwNiCqMxdTzzUlhbkvV+aCsWUMgYqWgNvkbrfxzVfZpRixdyeild5 U9JIiRS0jF7/Ir4Vr2WKKmbiIs+/Y1r9/WIiUY1hqNoBaqGlyh/zzE1lMMz39atQ 3mEBAs9rkbip -----END CERTIFICATE-----Generated at Wed Jan 21 13:17:57 2026 by rpki-client