This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/Y7bdVsOqZQqj1I_OKBkoS9oMFd0.roa File: Y7bdVsOqZQqj1I_OKBkoS9oMFd0.roa (raw, json) Hash identifier: uxAajtv2PDYgeD7fkffrgQE1gHL9LPe5ZmBXFSGnqgI= Subject key identifier: 63:B6:DD:56:C3:AA:65:0A:A3:D4:8F:CE:28:19:28:4B:DA:0C:15:DD Certificate issuer: /CN=c85f510c72ce0b79c2899b35845ffe3670693f05 Certificate serial: 019B797EEDCE48276734974873F879ED54DB Authority key identifier: C8:5F:51:0C:72:CE:0B:79:C2:89:9B:35:84:5F:FE:36:70:69:3F:05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/Y7bdVsOqZQqj1I_OKBkoS9oMFd0.roa Signing time: Thu 01 Jan 2026 12:18:40 +0000 ROA not before: Thu 01 Jan 2026 12:18:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35681 IP address blocks: 185.160.68.0/22 maxlen: 22 185.160.68.0/24 maxlen: 24 185.160.69.0/24 maxlen: 24 185.160.70.0/24 maxlen: 24 185.160.71.0/24 maxlen: 24 2a09:2640::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.mft rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:ed:ce:48:27:67:34:97:48:73:f8:79:ed:54:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c85f510c72ce0b79c2899b35845ffe3670693f05 Validity Not Before: Jan 1 12:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=63b6dd56c3aa650aa3d48fce2819284bda0c15dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:59:6c:34:ae:b0:7f:f5:f8:f4:3d:45:19:e0: 24:f2:28:9e:aa:2e:12:3c:35:59:9e:7f:be:e8:69: bd:61:33:59:c2:2d:0c:c8:c5:86:22:95:fa:fc:02: 6c:f1:5f:2f:07:a2:99:89:8c:69:09:5a:45:7e:41: c0:65:57:04:00:bf:e6:6c:94:d4:97:f2:89:47:1f: 04:94:69:5c:7d:e0:4c:4c:96:96:0a:73:9f:47:b6: 70:b6:ee:43:44:88:23:63:72:cf:ee:30:2b:9a:5c: 01:a8:d0:56:0c:64:41:66:b6:17:41:e1:c9:b7:f7: 80:97:32:f3:cc:28:fd:ff:b6:f0:a6:0d:c3:8b:8b: 5e:2e:56:1d:24:db:05:99:9d:1e:2d:2a:22:ab:47: 7f:d9:97:83:e2:f2:0c:4d:87:4e:dd:e6:3a:c5:be: fe:3b:81:69:74:e3:6e:79:bb:86:fd:89:12:0b:a4: c7:5a:c7:15:2e:97:04:bd:5d:5a:f9:b6:31:f8:c9: 6c:11:97:c4:0f:85:c8:98:5d:50:41:6c:70:08:d4: 99:7f:88:70:57:40:e2:85:b0:4b:af:21:83:2d:8e: 3f:9e:8b:a2:2b:39:4d:ea:fb:28:99:4b:c8:ce:92: d3:3b:aa:25:e0:46:de:fa:f1:af:fe:71:6f:cd:6f: 9b:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:B6:DD:56:C3:AA:65:0A:A3:D4:8F:CE:28:19:28:4B:DA:0C:15:DD X509v3 Authority Key Identifier: keyid:C8:5F:51:0C:72:CE:0B:79:C2:89:9B:35:84:5F:FE:36:70:69:3F:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yF9RDHLOC3nCiZs1hF_-NnBpPwU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/Y7bdVsOqZQqj1I_OKBkoS9oMFd0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a2cfb0-0e68-4e47-8881-b8c9a2a9da46/1/yF9RDHLOC3nCiZs1hF_-NnBpPwU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.160.68.0/22 IPv6: 2a09:2640::/32 Signature Algorithm: sha256WithRSAEncryption 96:4c:27:a2:0b:95:30:cf:ab:05:32:65:48:70:a0:53:1f:7f: f7:7b:eb:4d:87:fb:1d:28:dd:38:10:d9:5c:8b:ac:a9:c6:0a: 90:c7:67:fd:4d:8a:e9:41:8f:7f:e0:5f:70:6b:c1:19:96:c7: ef:2a:8f:d0:31:dc:eb:4b:7a:4c:63:25:a5:62:73:d9:9f:23: 98:9b:02:10:db:87:5d:82:e2:0f:d0:7f:49:ff:ff:9d:5b:5f: 06:17:f8:7c:f7:c2:85:79:3f:56:b7:ce:2e:d3:d4:c3:89:cf: 46:e9:4d:3e:96:d0:59:a1:1c:3c:ff:c2:3f:ed:15:9e:5d:97: 0d:42:10:9f:7d:9c:c6:bb:00:2c:1b:8f:21:67:61:ae:22:6e: eb:3b:49:ad:db:76:81:72:e5:15:d2:11:2e:61:c1:4e:99:e4: 76:36:28:68:94:80:7a:db:1d:33:cb:16:9d:0b:b6:47:b1:34: 59:aa:9b:09:2e:c0:e4:85:c4:92:38:a9:e6:33:f4:fa:38:43: 57:35:c2:68:ba:33:12:52:39:7d:d9:7d:f3:a1:9e:7a:74:2a: 2a:bc:5e:e3:ed:e8:3c:5d:95:9c:2c:5e:fa:16:fd:0f:7b:fc: 7f:e7:c2:9a:ef:a3:de:a3:e8:97:28:77:bb:23:79:dd:e7:6b: 81:87:9a:80 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5fu3OSCdnNJdIc/h57VTbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4NWY1MTBjNzJjZTBiNzljMjg5OWIzNTg0NWZmZTM2NzA2 OTNmMDUwHhcNMjYwMTAxMTIxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2M2I2ZGQ1NmMzYWE2NTBhYTNkNDhmY2UyODE5Mjg0YmRhMGMxNWRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFlsNK6wf/X49D1FGeAk8iieqi4S PDVZnn++6Gm9YTNZwi0MyMWGIpX6/AJs8V8vB6KZiYxpCVpFfkHAZVcEAL/mbJTU l/KJRx8ElGlcfeBMTJaWCnOfR7Zwtu5DRIgjY3LP7jArmlwBqNBWDGRBZrYXQeHJ t/eAlzLzzCj9/7bwpg3Di4teLlYdJNsFmZ0eLSoiq0d/2ZeD4vIMTYdO3eY6xb7+ O4FpdONuebuG/YkSC6THWscVLpcEvV1a+bYx+MlsEZfED4XImF1QQWxwCNSZf4hw V0DihbBLryGDLY4/nouiKzlN6vsomUvIzpLTO6ol4Ebe+vGv/nFvzW+bjQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFGO23VbDqmUKo9SPzigZKEvaDBXdMB8GA1UdIwQY MBaAFMhfUQxyzgt5wombNYRf/jZwaT8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUY5UkRITE9DM25DaVpzMWhGXy1ObkJwUHdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hMmNmYjAtMGU2OC00ZTQ3LTg4ODEt YjhjOWEyYTlkYTQ2LzEvWTdiZFZzT3FaUXFqMUlfT0tCa29TOW9NRmQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9hMmNmYjAtMGU2OC00ZTQ3LTg4ODEtYjhjOWEyYTlkYTQ2 LzEveUY5UkRITE9DM25DaVpzMWhGXy1ObkJwUHdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaBEMA0E AgACMAcDBQAqCSZAMA0GCSqGSIb3DQEBCwUAA4IBAQCWTCeiC5Uwz6sFMmVIcKBT H3/3e+tNh/sdKN04ENlci6ypxgqQx2f9TYrpQY9/4F9wa8EZlsfvKo/QMdzrS3pM YyWlYnPZnyOYmwIQ24ddguIP0H9J//+dW18GF/h898KFeT9Wt84u09TDic9G6U0+ ltBZoRw8/8I/7RWeXZcNQhCffZzGuwAsG48hZ2GuIm7rO0mt23aBcuUV0hEuYcFO meR2NiholIB62x0zyxadC7ZHsTRZqpsJLsDkhcSSOKnmM/T6OENXNcJoujMSUjl9 2X3zoZ56dCoqvF7j7eg8XZWcLF76Fv0Pe/x/58Ka76Peo+iXKHe7I3nd52uBh5qA -----END CERTIFICATE-----Generated at Mon Feb 9 18:42:29 2026 by rpki-client