This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/yQDR4RXyJipBGIGaXf0hpmvg9MI.roa File: yQDR4RXyJipBGIGaXf0hpmvg9MI.roa (raw, json) Hash identifier: Gz9z3oldgWaZnVSRtfCqMKiqcH9Ia6S6jLOD4nomWR4= Subject key identifier: C9:00:D1:E1:15:F2:26:2A:41:18:81:9A:5D:FD:21:A6:6B:E0:F4:C2 Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120 Certificate serial: 019B7DCAD01EB4F967788F0333862A33BD5E Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/yQDR4RXyJipBGIGaXf0hpmvg9MI.roa Signing time: Fri 02 Jan 2026 08:20:01 +0000 ROA not before: Fri 02 Jan 2026 08:20:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209898 IP address blocks: 91.194.139.0/24 maxlen: 24 147.78.194.0/23 maxlen: 24 185.203.114.0/23 maxlen: 23 2a09:2940::/29 maxlen: 48 2a0a:e5c0::/29 maxlen: 48 2a0a:e5c0:1::/48 maxlen: 48 2a0a:e5c0:2::/48 maxlen: 48 2a0a:e5c1:100::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.mft rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:d0:1e:b4:f9:67:78:8f:03:33:86:2a:33:bd:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120 Validity Not Before: Jan 2 08:20:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c900d1e115f2262a4118819a5dfd21a66be0f4c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:8d:00:33:19:0c:ca:9d:9f:d1:bb:7d:fb:43: bf:0f:74:3c:52:93:ac:e0:a7:50:42:ff:7b:8e:b7: 3a:29:ff:3d:5b:54:6a:cb:3d:a9:25:06:76:94:db: f8:ef:58:62:a7:cc:b4:1a:2c:30:42:85:9f:e0:b7: 85:e1:62:c0:0e:c9:9e:46:72:02:d5:27:70:e2:4b: ea:d1:96:b9:ea:a9:f1:e2:a8:00:b1:67:c6:44:0b: 1c:23:2a:6e:a6:03:c5:3a:29:eb:85:16:00:ee:d4: 6b:61:57:f1:08:58:44:23:64:df:16:a4:c1:90:05: 46:f1:21:67:dc:82:61:2a:c6:f7:67:64:08:a1:76: 82:f6:05:07:b6:14:54:03:c1:b1:47:68:69:fa:02: 71:31:8d:8e:f1:18:eb:26:d9:4f:14:c2:41:ca:a3: 30:72:b7:2c:93:31:ff:dd:f2:01:11:87:4f:7d:5a: 35:4b:39:9e:9c:ae:c6:bc:94:aa:c1:ea:15:e6:d4: e5:83:99:28:23:a6:8d:9f:a6:f6:9a:48:31:64:a1: 60:d0:26:21:10:66:7d:ba:3c:5a:0c:95:53:14:84: 02:cc:18:be:03:5e:46:51:8d:4b:dc:2c:08:ff:83: 0b:d6:1a:9e:c1:ed:58:74:49:20:02:02:7c:0f:20: 77:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:00:D1:E1:15:F2:26:2A:41:18:81:9A:5D:FD:21:A6:6B:E0:F4:C2 X509v3 Authority Key Identifier: keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/yQDR4RXyJipBGIGaXf0hpmvg9MI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.194.139.0/24 147.78.194.0/23 185.203.114.0/23 IPv6: 2a09:2940::/29 2a0a:e5c0::/29 Signature Algorithm: sha256WithRSAEncryption 55:38:27:32:08:bc:b9:42:64:6c:c6:69:8a:85:d7:52:a9:c5: 62:25:72:01:a6:1d:5b:6a:40:5f:97:e4:d6:c0:29:56:7a:5b: ef:e8:2b:77:4f:87:28:1b:f1:d6:ae:3a:9d:c1:c5:23:a2:2a: 32:fa:1a:f4:4c:4d:5a:59:ee:52:3a:67:a3:c6:81:45:e9:a6: d2:c4:6d:2b:f2:e6:47:11:1e:71:80:af:b0:83:a4:e2:3b:b5: 48:ea:ab:76:cb:e0:c7:13:a8:90:8b:0a:31:e5:19:66:f4:d1: a5:16:82:32:7e:fe:fd:aa:5c:00:75:6f:39:70:1c:e5:64:a1: 49:a6:d8:39:96:42:98:b7:df:ce:b6:17:55:d5:0e:ea:fc:10: 10:01:48:33:53:1d:4c:01:17:e3:86:09:8b:00:d1:0e:90:a8: 93:7c:c8:6c:52:5f:97:22:fd:cf:3d:71:54:45:c9:ae:35:09: 53:cd:7b:1f:91:6a:14:20:39:95:2f:6e:62:02:d5:49:f3:f1: 15:4c:0a:22:20:42:03:5c:c1:d7:92:cb:b5:55:e2:3f:75:e6: 9b:69:92:a3:ed:0c:31:d3:aa:a4:d8:0d:87:b8:85:9d:0b:54: b3:ff:d8:89:d7:95:c6:af:9e:8d:c1:ca:49:c1:04:96:7d:c1: a2:48:1a:3c -----BEGIN CERTIFICATE----- MIIFHzCCBAegAwIBAgISAZt9ytAetPlneI8DM4YqM71eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk2YmZjNWExNzI2NTRkZDYwMDlkYjFkODJkOTJmZmFmNzEy MzQxMjAwHhcNMjYwMTAyMDgyMDAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOTAwZDFlMTE1ZjIyNjJhNDExODgxOWE1ZGZkMjFhNjZiZTBmNGMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA340AMxkMyp2f0bt9+0O/D3Q8UpOs 4KdQQv97jrc6Kf89W1Rqyz2pJQZ2lNv471hip8y0GiwwQoWf4LeF4WLADsmeRnIC 1Sdw4kvq0Za56qnx4qgAsWfGRAscIypupgPFOinrhRYA7tRrYVfxCFhEI2TfFqTB kAVG8SFn3IJhKsb3Z2QIoXaC9gUHthRUA8GxR2hp+gJxMY2O8RjrJtlPFMJByqMw crcskzH/3fIBEYdPfVo1SzmenK7GvJSqweoV5tTlg5koI6aNn6b2mkgxZKFg0CYh EGZ9ujxaDJVTFIQCzBi+A15GUY1L3CwI/4ML1hqewe1YdEkgAgJ8DyB3VQIDAQAB o4ICKzCCAicwHQYDVR0OBBYEFMkA0eEV8iYqQRiBml39IaZr4PTCMB8GA1UdIwQY MBaAFJa/xaFyZU3WAJ2x2C2S/69xI0EgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmIt YmZmYjc1N2MzMTM0LzEveVFEUjRSWHlKaXBCR0lHYVhmMGhwbXZnOU1JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmItYmZmYjc1N2MzMTM0 LzEvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAW8KLAwQB k07CAwQBuctyMBQEAgACMA4DBQMqCSlAAwUDKgrlwDANBgkqhkiG9w0BAQsFAAOC AQEAVTgnMgi8uUJkbMZpioXXUqnFYiVyAaYdW2pAX5fk1sApVnpb7+grd0+HKBvx 1q46ncHFI6IqMvoa9ExNWlnuUjpno8aBRemm0sRtK/LmRxEecYCvsIOk4ju1SOqr dsvgxxOokIsKMeUZZvTRpRaCMn7+/apcAHVvOXAc5WShSabYOZZCmLffzrYXVdUO 6vwQEAFIM1MdTAEX44YJiwDRDpCok3zIbFJflyL9zz1xVEXJrjUJU817H5FqFCA5 lS9uYgLVSfPxFUwKIiBCA1zB15LLtVXiP3Xmm2mSo+0MMdOqpNgNh7iFnQtUs//Y ideVxq+ejcHKScEEln3BokgaPA== -----END CERTIFICATE-----Generated at Tue Feb 10 00:13:09 2026 by rpki-client