This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/65bf1d-ec1d-40e6-849d-79790d66d7d3/1/ySsKwQ4c8u9hH8dkf5IAovbGU0E.roa File: ySsKwQ4c8u9hH8dkf5IAovbGU0E.roa (raw, json) Hash identifier: Lmp6N3VB+ffMGoy168W3pHuRylAIEPbhaHOo0QIFkSk= Subject key identifier: C9:2B:0A:C1:0E:1C:F2:EF:61:1F:C7:64:7F:92:00:A2:F6:C6:53:41 Certificate issuer: /CN=7f33fc40d2e0333bbc7bdeab2bd859954301c0f1 Certificate serial: 019B7F12C6F94EDA153A4463F125CB081907 Authority key identifier: 7F:33:FC:40:D2:E0:33:3B:BC:7B:DE:AB:2B:D8:59:95:43:01:C0:F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzP8QNLgMzu8e96rK9hZlUMBwPE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/65bf1d-ec1d-40e6-849d-79790d66d7d3/1/ySsKwQ4c8u9hH8dkf5IAovbGU0E.roa Signing time: Fri 02 Jan 2026 14:18:15 +0000 ROA not before: Fri 02 Jan 2026 14:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204030 IP address blocks: 87.101.84.0/22 maxlen: 22 185.116.80.0/22 maxlen: 22 2a06:7c80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/65bf1d-ec1d-40e6-849d-79790d66d7d3/1/fzP8QNLgMzu8e96rK9hZlUMBwPE.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/65bf1d-ec1d-40e6-849d-79790d66d7d3/1/fzP8QNLgMzu8e96rK9hZlUMBwPE.mft rsync://rpki.ripe.net/repository/DEFAULT/fzP8QNLgMzu8e96rK9hZlUMBwPE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:12:c6:f9:4e:da:15:3a:44:63:f1:25:cb:08:19:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f33fc40d2e0333bbc7bdeab2bd859954301c0f1 Validity Not Before: Jan 2 14:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c92b0ac10e1cf2ef611fc7647f9200a2f6c65341 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c6:9d:87:25:cb:3e:38:02:d6:d8:8d:f1:50: ec:47:2e:11:70:77:25:35:1d:3a:a2:b7:ec:7e:78: 0c:dd:48:6c:7e:26:4c:02:23:2d:b4:e0:39:e1:92: 82:df:28:6f:66:ee:8f:ea:24:96:4a:65:34:6b:51: 39:98:c6:de:bb:e8:1d:89:eb:10:a4:1a:08:ed:64: ca:7b:4e:d8:9f:4c:41:e8:37:a5:86:32:14:6d:a8: b5:aa:c9:c4:2a:90:f5:cb:74:e8:b9:1f:2f:3f:ed: db:98:60:4d:86:d1:33:f8:c8:6c:76:0b:b2:fa:40: 5b:da:4b:62:06:97:f7:05:80:f2:9d:53:89:f0:b6: 47:34:87:2c:37:0c:c9:b4:34:f4:e0:e7:22:f0:67: c5:67:b2:12:86:c2:18:b3:9d:31:75:a1:c9:29:0b: c7:ec:43:5e:97:e0:f1:e5:73:04:c2:26:35:46:a0: e3:a0:3d:48:87:88:35:46:4d:b5:e9:18:7d:56:40: 4e:25:66:77:71:f5:9a:46:c9:00:2e:f6:ce:08:53: 84:bb:b2:ad:b3:87:33:78:8f:d3:14:d3:13:6f:35: a9:83:14:79:96:a8:cb:ac:d8:e6:06:ad:69:86:f0: f0:5f:43:1a:86:3c:6e:d4:f4:43:5e:32:fd:51:5d: 5c:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:2B:0A:C1:0E:1C:F2:EF:61:1F:C7:64:7F:92:00:A2:F6:C6:53:41 X509v3 Authority Key Identifier: keyid:7F:33:FC:40:D2:E0:33:3B:BC:7B:DE:AB:2B:D8:59:95:43:01:C0:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzP8QNLgMzu8e96rK9hZlUMBwPE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bf1d-ec1d-40e6-849d-79790d66d7d3/1/ySsKwQ4c8u9hH8dkf5IAovbGU0E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bf1d-ec1d-40e6-849d-79790d66d7d3/1/fzP8QNLgMzu8e96rK9hZlUMBwPE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.101.84.0/22 185.116.80.0/22 IPv6: 2a06:7c80::/29 Signature Algorithm: sha256WithRSAEncryption 27:85:4f:54:a7:8d:04:bb:99:e7:66:72:01:4d:af:30:de:43: 3a:b6:4e:e0:dd:fe:14:01:e7:44:98:e3:cf:81:8d:23:9e:e4: b8:93:9c:ea:1f:76:5e:61:98:b3:74:92:0b:2d:13:0b:35:1c: f1:21:d5:dc:5d:fd:66:af:35:fe:90:0b:07:2d:cb:52:51:a5: 9d:c4:c3:98:31:b7:73:ef:57:2f:ec:89:df:d1:a9:ca:3f:82: 8a:9d:bc:e7:ca:93:ce:f7:e3:7c:cd:68:98:0e:07:a8:cd:94: 1e:2a:ab:d1:a1:6d:07:a7:f0:07:f2:46:b0:28:c5:e7:64:90: b0:e2:25:a9:eb:5b:b3:6e:74:d2:95:dc:67:a2:30:a1:8a:ac: 82:b1:70:d2:15:65:ae:9a:46:f2:09:42:f1:4f:b1:6d:d4:a7: 8a:bc:85:a4:e3:4c:b0:f7:08:b2:dc:40:9d:26:3f:58:6a:98: 5f:ea:9b:52:24:6d:23:73:9e:38:f0:75:98:fc:bb:fa:b5:3d: 1a:36:40:85:a1:ee:81:14:52:a5:81:c7:42:99:c2:6b:31:3a: a2:fb:37:04:d5:6d:75:03:79:33:b2:ed:da:97:b3:3b:ae:df: e9:ea:dd:4d:00:c9:10:d0:65:e4:9b:94:75:41:90:19:83:30: cc:3c:2f:b0 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/Esb5TtoVOkRj8SXLCBkHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdmMzNmYzQwZDJlMDMzM2JiYzdiZGVhYjJiZDg1OTk1NDMw MWMwZjEwHhcNMjYwMTAyMTQxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOTJiMGFjMTBlMWNmMmVmNjExZmM3NjQ3ZjkyMDBhMmY2YzY1MzQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssadhyXLPjgC1tiN8VDsRy4RcHcl NR06orfsfngM3UhsfiZMAiMttOA54ZKC3yhvZu6P6iSWSmU0a1E5mMbeu+gdiesQ pBoI7WTKe07Yn0xB6DelhjIUbai1qsnEKpD1y3TouR8vP+3bmGBNhtEz+Mhsdguy +kBb2ktiBpf3BYDynVOJ8LZHNIcsNwzJtDT04Oci8GfFZ7IShsIYs50xdaHJKQvH 7ENel+Dx5XMEwiY1RqDjoD1Ih4g1Rk216Rh9VkBOJWZ3cfWaRskALvbOCFOEu7Kt s4czeI/TFNMTbzWpgxR5lqjLrNjmBq1phvDwX0Mahjxu1PRDXjL9UV1c5QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFMkrCsEOHPLvYR/HZH+SAKL2xlNBMB8GA1UdIwQY MBaAFH8z/EDS4DM7vHveqyvYWZVDAcDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZnpQOFFOTGdNenU4ZTk2cks5aFpsVU1Cd1BFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82NWJmMWQtZWMxZC00MGU2LTg0OWQt Nzk3OTBkNjZkN2QzLzEveVNzS3dRNGM4dTloSDhka2Y1SUFvdmJHVTBFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC82NWJmMWQtZWMxZC00MGU2LTg0OWQtNzk3OTBkNjZkN2Qz LzEvZnpQOFFOTGdNenU4ZTk2cks5aFpsVU1Cd1BFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCV2VUAwQC uXRQMA0EAgACMAcDBQMqBnyAMA0GCSqGSIb3DQEBCwUAA4IBAQAnhU9Up40Eu5nn ZnIBTa8w3kM6tk7g3f4UAedEmOPPgY0jnuS4k5zqH3ZeYZizdJILLRMLNRzxIdXc Xf1mrzX+kAsHLctSUaWdxMOYMbdz71cv7Inf0anKP4KKnbznypPO9+N8zWiYDgeo zZQeKqvRoW0Hp/AH8kawKMXnZJCw4iWp61uzbnTSldxnojChiqyCsXDSFWWumkby CULxT7Ft1KeKvIWk40yw9wiy3ECdJj9Yaphf6ptSJG0jc5448HWY/Lv6tT0aNkCF oe6BFFKlgcdCmcJrMTqi+zcE1W11A3kzsu3al7M7rt/p6t1NAMkQ0GXkm5R1QZAZ gzDMPC+w -----END CERTIFICATE-----Generated at Mon Feb 9 20:05:15 2026 by rpki-client