This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6256b6-36a1-4f2f-a0b9-411f5837fefa/1/lyOH-P2_hH5Ugem7r8kpnkt99SI.roa File: lyOH-P2_hH5Ugem7r8kpnkt99SI.roa (raw, json) Hash identifier: GiPFjQfoJkQaMedHXbS4M3+BR9UAmP0J6PtJlsbWkGg= Subject key identifier: 97:23:87:F8:FD:BF:84:7E:54:81:E9:BB:AF:C9:29:9E:4B:7D:F5:22 Certificate issuer: /CN=a8e75802e7efb8653e3af59cbf1bc06538bca671 Certificate serial: 019B7911378485DAFC9B94DCE46BC5B6C030 Authority key identifier: A8:E7:58:02:E7:EF:B8:65:3E:3A:F5:9C:BF:1B:C0:65:38:BC:A6:71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qOdYAufvuGU-OvWcvxvAZTi8pnE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6256b6-36a1-4f2f-a0b9-411f5837fefa/1/lyOH-P2_hH5Ugem7r8kpnkt99SI.roa Signing time: Thu 01 Jan 2026 10:18:50 +0000 ROA not before: Thu 01 Jan 2026 10:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15704 IP address blocks: 185.111.252.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/6256b6-36a1-4f2f-a0b9-411f5837fefa/1/qOdYAufvuGU-OvWcvxvAZTi8pnE.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/6256b6-36a1-4f2f-a0b9-411f5837fefa/1/qOdYAufvuGU-OvWcvxvAZTi8pnE.mft rsync://rpki.ripe.net/repository/DEFAULT/qOdYAufvuGU-OvWcvxvAZTi8pnE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:37:84:85:da:fc:9b:94:dc:e4:6b:c5:b6:c0:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a8e75802e7efb8653e3af59cbf1bc06538bca671 Validity Not Before: Jan 1 10:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=972387f8fdbf847e5481e9bbafc9299e4b7df522 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:99:2b:44:a5:61:a5:39:71:60:aa:49:03:c8: c2:4f:25:a5:95:06:44:75:a4:65:85:3c:90:85:e8: 23:41:b7:f1:f4:b0:94:58:78:cb:56:6b:ee:82:43: de:08:32:0f:37:cc:76:29:3f:13:e9:48:f3:0c:61: d1:0b:41:f7:02:7c:25:87:72:20:06:f0:d4:10:30: e2:10:4d:bd:a6:e7:98:70:5f:ea:f3:b1:7c:c8:b2: d2:6d:ff:84:c3:57:82:06:54:ab:5c:d7:ce:1c:59: bd:09:cf:85:29:d0:30:e7:99:d7:5e:21:cf:fe:d0: e8:b2:1c:26:47:98:87:01:96:c7:fe:0f:70:75:16: 3c:e3:94:3f:a9:41:34:c7:bd:52:3d:15:5f:db:55: 9a:61:d6:f3:6c:21:37:a9:55:00:b7:db:90:7d:18: 65:a7:ea:01:c2:63:a2:66:c3:ad:26:80:12:f2:00: 42:42:d4:e9:62:f3:18:ed:de:ed:e3:14:89:4d:3c: f0:85:a2:a8:9d:b9:e2:1d:e3:97:2a:00:00:c4:ca: 81:d2:63:4a:4d:ce:c9:64:a3:01:36:77:c8:39:8f: 63:7e:f6:ee:38:da:bf:4c:87:76:7d:4a:05:3a:42: 9a:12:bb:a1:4c:cb:2b:0f:a1:e3:7c:ef:a9:96:55: 48:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:23:87:F8:FD:BF:84:7E:54:81:E9:BB:AF:C9:29:9E:4B:7D:F5:22 X509v3 Authority Key Identifier: keyid:A8:E7:58:02:E7:EF:B8:65:3E:3A:F5:9C:BF:1B:C0:65:38:BC:A6:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qOdYAufvuGU-OvWcvxvAZTi8pnE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6256b6-36a1-4f2f-a0b9-411f5837fefa/1/lyOH-P2_hH5Ugem7r8kpnkt99SI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6256b6-36a1-4f2f-a0b9-411f5837fefa/1/qOdYAufvuGU-OvWcvxvAZTi8pnE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.111.252.0/22 Signature Algorithm: sha256WithRSAEncryption 9c:f5:06:68:f4:11:55:a0:25:29:fe:6f:77:c9:d4:b6:ca:c4: 88:19:b0:53:00:99:41:77:db:9e:67:cc:ed:bc:a8:25:07:db: dc:ff:48:42:72:58:8b:ab:e1:46:60:87:1e:07:93:2a:41:0b: 50:b5:c3:ee:58:f6:f0:39:af:2e:41:5f:3b:d8:c7:57:64:44: 67:8a:a5:30:e4:54:7b:f6:71:59:66:98:a5:61:7d:06:ca:df: 90:3b:81:a0:35:db:c3:27:39:68:cf:bb:00:bf:81:32:18:9c: 1c:05:b7:c2:7f:6d:7e:d3:d0:4a:17:53:ae:94:62:a4:82:5d: 99:5f:d1:a5:ea:d0:65:e6:7c:9f:43:e0:9f:04:d2:26:e8:2c: 9f:c3:1b:8e:79:43:7d:f9:a5:f5:ae:6f:c9:f6:da:8b:b7:41: 68:7c:92:1a:fc:1c:a9:6f:15:8c:01:94:27:b8:1a:89:ef:8c: 7c:f9:21:6b:77:95:ca:52:96:aa:43:5b:34:ad:20:7c:6a:e9: bf:d9:91:a9:76:20:80:a1:53:da:a5:4d:f8:04:e1:1b:48:b2: 2b:24:a6:0e:db:84:b4:9a:eb:a1:88:76:ee:a8:d0:14:97:37: 16:58:b7:68:6a:b8:04:34:27:2e:60:ee:71:26:a9:e3:cc:9e: 0c:c2:b6:ff -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5ETeEhdr8m5Tc5GvFtsAwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE4ZTc1ODAyZTdlZmI4NjUzZTNhZjU5Y2JmMWJjMDY1Mzhi Y2E2NzEwHhcNMjYwMTAxMTAxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5NzIzODdmOGZkYmY4NDdlNTQ4MWU5YmJhZmM5Mjk5ZTRiN2RmNTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZkrRKVhpTlxYKpJA8jCTyWllQZE daRlhTyQhegjQbfx9LCUWHjLVmvugkPeCDIPN8x2KT8T6UjzDGHRC0H3Anwlh3Ig BvDUEDDiEE29pueYcF/q87F8yLLSbf+Ew1eCBlSrXNfOHFm9Cc+FKdAw55nXXiHP /tDoshwmR5iHAZbH/g9wdRY845Q/qUE0x71SPRVf21WaYdbzbCE3qVUAt9uQfRhl p+oBwmOiZsOtJoAS8gBCQtTpYvMY7d7t4xSJTTzwhaKonbniHeOXKgAAxMqB0mNK Tc7JZKMBNnfIOY9jfvbuONq/TId2fUoFOkKaEruhTMsrD6HjfO+pllVIzQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFJcjh/j9v4R+VIHpu6/JKZ5LffUiMB8GA1UdIwQY MBaAFKjnWALn77hlPjr1nL8bwGU4vKZxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcU9kWUF1ZnZ1R1UtT3ZXY3Z4dkFaVGk4cG5FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82MjU2YjYtMzZhMS00ZjJmLWEwYjkt NDExZjU4MzdmZWZhLzEvbHlPSC1QMl9oSDVVZ2VtN3I4a3Bua3Q5OVNJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi82MjU2YjYtMzZhMS00ZjJmLWEwYjktNDExZjU4MzdmZWZh LzEvcU9kWUF1ZnZ1R1UtT3ZXY3Z4dkFaVGk4cG5FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW/8MA0G CSqGSIb3DQEBCwUAA4IBAQCc9QZo9BFVoCUp/m93ydS2ysSIGbBTAJlBd9ueZ8zt vKglB9vc/0hCcliLq+FGYIceB5MqQQtQtcPuWPbwOa8uQV872MdXZERniqUw5FR7 9nFZZpilYX0Gyt+QO4GgNdvDJzloz7sAv4EyGJwcBbfCf21+09BKF1OulGKkgl2Z X9Gl6tBl5nyfQ+CfBNIm6CyfwxuOeUN9+aX1rm/J9tqLt0FofJIa/BypbxWMAZQn uBqJ74x8+SFrd5XKUpaqQ1s0rSB8aum/2ZGpdiCAoVPapU34BOEbSLIrJKYO24S0 muuhiHbuqNAUlzcWWLdoargENCcuYO5xJqnjzJ4Mwrb/ -----END CERTIFICATE-----Generated at Mon Jan 26 23:44:13 2026 by rpki-client