This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/337e3d-536c-4d50-8657-2b11ad693815/1/yZwwxHdq2mwMvEKhuZrOFRDdPXg.roa File: yZwwxHdq2mwMvEKhuZrOFRDdPXg.roa (raw, json) Hash identifier: 0MUPEijqaOiMb0pbzOVVpFzyA1GqgLhChQvRIq7H260= Subject key identifier: C9:9C:30:C4:77:6A:DA:6C:0C:BC:42:A1:B9:9A:CE:15:10:DD:3D:78 Certificate issuer: /CN=772fb94a459d3b75ce8bfb8f12b4cf71982c6343 Certificate serial: 019B7F852C6221A2791AB3C6A6773C2C7503 Authority key identifier: 77:2F:B9:4A:45:9D:3B:75:CE:8B:FB:8F:12:B4:CF:71:98:2C:63:43 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dy-5SkWdO3XOi_uPErTPcZgsY0M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/337e3d-536c-4d50-8657-2b11ad693815/1/yZwwxHdq2mwMvEKhuZrOFRDdPXg.roa Signing time: Fri 02 Jan 2026 16:23:12 +0000 ROA not before: Fri 02 Jan 2026 16:23:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212084 IP address blocks: 2001:678:28c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/337e3d-536c-4d50-8657-2b11ad693815/1/dy-5SkWdO3XOi_uPErTPcZgsY0M.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/337e3d-536c-4d50-8657-2b11ad693815/1/dy-5SkWdO3XOi_uPErTPcZgsY0M.mft rsync://rpki.ripe.net/repository/DEFAULT/dy-5SkWdO3XOi_uPErTPcZgsY0M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:2c:62:21:a2:79:1a:b3:c6:a6:77:3c:2c:75:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=772fb94a459d3b75ce8bfb8f12b4cf71982c6343 Validity Not Before: Jan 2 16:23:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c99c30c4776ada6c0cbc42a1b99ace1510dd3d78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:86:4e:f6:f3:58:99:e4:ba:8d:a3:d0:be:ef: 8c:30:68:23:c5:b8:ca:92:1d:c1:1c:af:19:e6:88: 3e:81:2c:af:84:ac:c5:c8:f0:d4:8a:be:98:c8:52: a0:a5:e3:06:97:bc:4e:52:6c:82:06:83:8d:2d:9f: 9e:7a:b6:de:f3:d9:5d:e0:b0:01:33:9f:67:f4:74: 73:b5:2e:bf:5d:ae:04:0b:88:1f:5f:21:1c:fc:c5: f0:d5:81:9a:ff:0a:77:03:22:ad:f6:a1:3a:2b:54: cf:3c:a5:9f:4d:3b:53:02:85:93:41:27:8e:01:cf: 0a:2e:76:4e:30:f8:23:66:14:35:b8:6d:0d:fa:20: 7e:49:da:1e:c7:98:48:50:ac:83:d8:8e:4c:aa:9b: 50:42:2a:73:58:5a:07:11:ba:83:d5:ea:75:0a:18: af:ac:fd:06:ee:60:0c:5d:8a:ac:91:e3:b4:d6:be: 71:07:1c:85:14:67:0d:ca:41:27:39:64:86:c8:f9: aa:ac:79:02:af:f5:7e:4a:76:9d:ba:d8:f4:24:04: b0:1e:85:b4:2b:fa:9d:28:7d:fe:f1:d0:df:c4:77: 7f:e8:53:57:0b:d8:58:e5:6e:bc:1e:a4:b3:0a:b3: ca:21:82:a7:2c:13:d8:ea:a8:d9:6f:44:25:e4:a4: 8b:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:9C:30:C4:77:6A:DA:6C:0C:BC:42:A1:B9:9A:CE:15:10:DD:3D:78 X509v3 Authority Key Identifier: keyid:77:2F:B9:4A:45:9D:3B:75:CE:8B:FB:8F:12:B4:CF:71:98:2C:63:43 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dy-5SkWdO3XOi_uPErTPcZgsY0M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/337e3d-536c-4d50-8657-2b11ad693815/1/yZwwxHdq2mwMvEKhuZrOFRDdPXg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/337e3d-536c-4d50-8657-2b11ad693815/1/dy-5SkWdO3XOi_uPErTPcZgsY0M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:28c::/48 Signature Algorithm: sha256WithRSAEncryption bb:06:b1:2a:b6:39:08:2f:d0:ea:18:d3:63:b8:f5:b4:c4:a1: f3:7e:1d:7e:7f:76:cc:2d:40:5e:eb:dc:af:a9:66:a0:8f:78: 59:0a:fb:1b:f8:89:6e:22:ce:9f:81:05:52:ce:7c:c0:36:3b: dd:ad:05:d0:07:c9:b8:d4:eb:13:bf:a1:b9:8b:de:4a:9a:cc: f9:d7:b8:fe:51:ff:d7:2c:36:5c:11:da:3d:ff:9a:54:56:b1: c1:86:28:59:aa:64:ad:ae:fb:2f:f2:75:52:4f:0c:1a:68:30: 81:e5:90:9c:c9:c6:29:88:4a:ff:99:71:8d:5a:75:fe:7b:44: fd:c7:d7:2f:92:fb:4f:23:6b:12:ad:71:9c:6f:98:d8:5e:5b: 97:9d:0a:db:b3:39:ff:50:14:52:dd:55:28:d7:8f:59:58:d9: f1:64:5e:e8:47:52:30:66:71:fd:24:75:6c:7e:08:e1:68:8e: be:c8:db:c9:9f:57:a8:51:89:b8:4f:42:27:75:94:f6:7f:6f: ca:62:92:fe:d8:ee:1d:62:34:06:a1:77:e5:6a:cf:a8:3a:37: 4c:64:d5:56:df:6c:6e:2b:ba:50:64:b7:c4:d1:f1:53:a4:3e: 27:c2:6f:7e:35:ca:96:38:6a:db:f3:10:cd:3c:2e:01:61:07: c4:69:7d:04 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/hSxiIaJ5GrPGpnc8LHUDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3MmZiOTRhNDU5ZDNiNzVjZThiZmI4ZjEyYjRjZjcxOTgy YzYzNDMwHhcNMjYwMTAyMTYyMzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOTljMzBjNDc3NmFkYTZjMGNiYzQyYTFiOTlhY2UxNTEwZGQzZDc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYZO9vNYmeS6jaPQvu+MMGgjxbjK kh3BHK8Z5og+gSyvhKzFyPDUir6YyFKgpeMGl7xOUmyCBoONLZ+eerbe89ld4LAB M59n9HRztS6/Xa4EC4gfXyEc/MXw1YGa/wp3AyKt9qE6K1TPPKWfTTtTAoWTQSeO Ac8KLnZOMPgjZhQ1uG0N+iB+Sdoex5hIUKyD2I5MqptQQipzWFoHEbqD1ep1Chiv rP0G7mAMXYqskeO01r5xBxyFFGcNykEnOWSGyPmqrHkCr/V+Snadutj0JASwHoW0 K/qdKH3+8dDfxHd/6FNXC9hY5W68HqSzCrPKIYKnLBPY6qjZb0Ql5KSL1QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFMmcMMR3atpsDLxCobmazhUQ3T14MB8GA1UdIwQY MBaAFHcvuUpFnTt1zov7jxK0z3GYLGNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHktNVNrV2RPM1hPaV91UEVyVFBjWmdzWTBNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zMzdlM2QtNTM2Yy00ZDUwLTg2NTct MmIxMWFkNjkzODE1LzEveVp3d3hIZHEybXdNdkVLaHVack9GUkRkUFhnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi8zMzdlM2QtNTM2Yy00ZDUwLTg2NTctMmIxMWFkNjkzODE1 LzEvZHktNVNrV2RPM1hPaV91UEVyVFBjWmdzWTBNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAKM MA0GCSqGSIb3DQEBCwUAA4IBAQC7BrEqtjkIL9DqGNNjuPW0xKHzfh1+f3bMLUBe 69yvqWagj3hZCvsb+IluIs6fgQVSznzANjvdrQXQB8m41OsTv6G5i95Kmsz517j+ Uf/XLDZcEdo9/5pUVrHBhihZqmStrvsv8nVSTwwaaDCB5ZCcycYpiEr/mXGNWnX+ e0T9x9cvkvtPI2sSrXGcb5jYXluXnQrbszn/UBRS3VUo149ZWNnxZF7oR1IwZnH9 JHVsfgjhaI6+yNvJn1eoUYm4T0IndZT2f2/KYpL+2O4dYjQGoXflas+oOjdMZNVW 32xuK7pQZLfE0fFTpD4nwm9+NcqWOGrb8xDNPC4BYQfEaX0E -----END CERTIFICATE-----Generated at Tue Feb 10 01:24:46 2026 by rpki-client