This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/y9uehOeQeqw3aXtpz02BRppyIDw.roa File: y9uehOeQeqw3aXtpz02BRppyIDw.roa (raw, json) Hash identifier: DkoCOynUoTvS6BEYZLogyktfjmzSkzrDWMdKSZGF36c= Subject key identifier: CB:DB:9E:84:E7:90:7A:AC:37:69:7B:69:CF:4D:81:46:9A:72:20:3C Certificate issuer: /CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8 Certificate serial: 019BEF74884BE936FA1692219AEEE23282F0 Authority key identifier: 85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/y9uehOeQeqw3aXtpz02BRppyIDw.roa Signing time: Sat 24 Jan 2026 10:02:30 +0000 ROA not before: Sat 24 Jan 2026 10:02:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214418 IP address blocks: 31.171.215.0/24 maxlen: 24 89.40.27.0/24 maxlen: 24 2001:3700::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.mft rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ef:74:88:4b:e9:36:fa:16:92:21:9a:ee:e2:32:82:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85f870119e5921bf12495dc902dcfe3d8d4a37d8 Validity Not Before: Jan 24 10:02:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cbdb9e84e7907aac37697b69cf4d81469a72203c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:5b:ca:00:ba:c2:d5:8f:80:fd:bb:55:bc:67: 45:c0:68:06:2f:65:30:ba:43:3c:12:66:72:96:a5: 69:3b:0d:0a:78:c6:f5:5f:f9:aa:5b:54:50:d9:1e: ee:4b:16:c2:b3:11:b8:be:53:d4:56:e7:ea:42:58: 2f:db:29:9e:e6:d9:19:e2:2c:da:c7:31:e6:15:ca: 2f:6b:6d:08:b1:5f:33:ea:20:8f:77:a9:2e:7c:be: 97:bb:4a:60:e9:20:7e:17:3f:13:a0:76:6e:2b:4e: af:cd:04:7c:14:71:f1:62:c8:6b:9e:b8:d8:73:4c: 68:cb:3e:13:77:42:91:64:61:10:4e:e4:33:85:58: a4:e4:a9:59:e7:4c:17:f4:44:93:cd:ae:26:71:9d: 92:ad:dc:fc:49:f3:82:03:db:30:a7:57:66:87:e5: 58:67:e5:07:72:12:25:29:cd:4e:1d:b3:cd:94:b9: 1e:27:58:72:85:1c:5f:a6:4f:92:ea:6c:30:76:a0: 88:56:0e:c7:e1:9e:3d:f7:74:11:30:a7:69:87:b5: 2c:ce:67:ad:10:54:79:16:0e:3d:47:f7:bd:57:96: 4b:51:1a:bb:ea:50:ab:9a:f9:38:1d:6f:b7:3b:56: 27:48:1b:97:1e:60:98:7e:eb:4c:d7:3a:20:fb:4d: db:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:DB:9E:84:E7:90:7A:AC:37:69:7B:69:CF:4D:81:46:9A:72:20:3C X509v3 Authority Key Identifier: keyid:85:F8:70:11:9E:59:21:BF:12:49:5D:C9:02:DC:FE:3D:8D:4A:37:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/y9uehOeQeqw3aXtpz02BRppyIDw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/bb6f34-347b-4bae-8f92-ea84a51eb3dc/1/hfhwEZ5ZIb8SSV3JAtz-PY1KN9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.171.215.0/24 89.40.27.0/24 IPv6: 2001:3700::/29 Signature Algorithm: sha256WithRSAEncryption 74:e5:07:2c:ca:93:6d:ae:f0:b5:44:c8:20:12:2a:23:ca:f8: 03:3c:6b:b0:87:21:ec:ad:53:89:57:91:3e:f1:a4:4d:fc:c9: 44:3d:9b:14:9e:99:58:45:86:97:35:c8:fa:f0:57:cd:d3:96: 56:e6:51:62:b4:67:3a:6d:6a:9b:1e:85:65:00:26:c8:b5:92: 5f:7b:51:f7:55:50:6d:0a:27:fd:b1:9d:90:af:5a:12:d5:ed: 08:3a:bc:32:34:2b:95:df:7c:1e:98:95:76:7e:3b:a8:48:83: c4:f4:6d:65:63:1d:14:ca:2d:0a:32:90:cb:57:56:b7:d7:90: 65:5e:13:df:b4:1b:9f:40:88:0c:2d:39:1f:cd:5a:d6:7e:32: 2d:13:a1:60:b9:9d:a9:33:d4:59:3a:d3:8f:6d:5f:7f:7a:06: 68:b3:a7:21:7b:ad:69:1e:3a:c0:52:cd:4c:f6:3b:00:37:a5: d6:b7:c1:b9:d2:79:dc:c4:ae:82:e8:69:d9:96:a6:e0:5b:4d: b0:92:f7:db:1a:81:52:b8:3c:0d:24:23:70:72:8d:2e:af:cc: d6:2c:ce:ea:5a:d5:4d:eb:d5:5f:ef:16:b9:a6:b4:ad:7d:f8: 42:4b:51:fb:ba:d6:c1:7d:ef:7a:d1:d1:99:00:88:82:b7:ab: 14:03:e9:8c -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZvvdIhL6Tb6FpIhmu7iMoLwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1Zjg3MDExOWU1OTIxYmYxMjQ5NWRjOTAyZGNmZTNkOGQ0 YTM3ZDgwHhcNMjYwMTI0MTAwMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYmRiOWU4NGU3OTA3YWFjMzc2OTdiNjljZjRkODE0NjlhNzIyMDNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnlvKALrC1Y+A/btVvGdFwGgGL2Uw ukM8EmZylqVpOw0KeMb1X/mqW1RQ2R7uSxbCsxG4vlPUVufqQlgv2yme5tkZ4iza xzHmFcova20IsV8z6iCPd6kufL6Xu0pg6SB+Fz8ToHZuK06vzQR8FHHxYshrnrjY c0xoyz4Td0KRZGEQTuQzhVik5KlZ50wX9ESTza4mcZ2Srdz8SfOCA9swp1dmh+VY Z+UHchIlKc1OHbPNlLkeJ1hyhRxfpk+S6mwwdqCIVg7H4Z4993QRMKdph7Uszmet EFR5Fg49R/e9V5ZLURq76lCrmvk4HW+3O1YnSBuXHmCYfutM1zog+03bDQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFMvbnoTnkHqsN2l7ac9NgUaaciA8MB8GA1UdIwQY MBaAFIX4cBGeWSG/EkldyQLc/j2NSjfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTIt ZWE4NGE1MWViM2RjLzEveTl1ZWhPZVFlcXczYVh0cHowMkJScHB5SUR3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS9iYjZmMzQtMzQ3Yi00YmFlLThmOTItZWE4NGE1MWViM2Rj LzEvaGZod0VaNVpJYjhTU1YzSkF0ei1QWTFLTjlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAH6vXAwQA WSgbMA0EAgACMAcDBQMgATcAMA0GCSqGSIb3DQEBCwUAA4IBAQB05QcsypNtrvC1 RMggEiojyvgDPGuwhyHsrVOJV5E+8aRN/MlEPZsUnplYRYaXNcj68FfN05ZW5lFi tGc6bWqbHoVlACbItZJfe1H3VVBtCif9sZ2Qr1oS1e0IOrwyNCuV33wemJV2fjuo SIPE9G1lYx0Uyi0KMpDLV1a315BlXhPftBufQIgMLTkfzVrWfjItE6FguZ2pM9RZ OtOPbV9/egZos6che61pHjrAUs1M9jsAN6XWt8G50nncxK6C6GnZlqbgW02wkvfb GoFSuDwNJCNwco0ur8zWLM7qWtVN69Vf7xa5prStffhCS1H7utbBfe960dGZAIiC t6sUA+mM -----END CERTIFICATE-----Generated at Tue Feb 10 04:31:22 2026 by rpki-client