This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/YMwIWblxxdgG2PErs0i8hdeLN_I.roa File: YMwIWblxxdgG2PErs0i8hdeLN_I.roa (raw, json) Hash identifier: MLrLMjAo1D27u4EH1t9gBEoOSZR3KZexjLZQqipMzrU= Subject key identifier: 60:CC:08:59:B9:71:C5:D8:06:D8:F1:2B:B3:48:BC:85:D7:8B:37:F2 Certificate issuer: /CN=3a84dfef3d5107b84fc77c56dcf79e05fe9c7351 Certificate serial: 019B7758F93B7EDC5ABD0D7087DEC9FFE635 Authority key identifier: 3A:84:DF:EF:3D:51:07:B8:4F:C7:7C:56:DC:F7:9E:05:FE:9C:73:51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OoTf7z1RB7hPx3xW3PeeBf6cc1E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/YMwIWblxxdgG2PErs0i8hdeLN_I.roa Signing time: Thu 01 Jan 2026 02:17:58 +0000 ROA not before: Thu 01 Jan 2026 02:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211657 IP address blocks: 185.116.220.0/22 maxlen: 23 2a0d:fe80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.mft rsync://rpki.ripe.net/repository/DEFAULT/OoTf7z1RB7hPx3xW3PeeBf6cc1E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:f9:3b:7e:dc:5a:bd:0d:70:87:de:c9:ff:e6:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a84dfef3d5107b84fc77c56dcf79e05fe9c7351 Validity Not Before: Jan 1 02:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=60cc0859b971c5d806d8f12bb348bc85d78b37f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:61:c6:c1:bc:ed:8b:98:ac:d2:40:4a:4b:69: de:6d:71:87:34:86:44:ea:53:24:e8:8d:8c:0f:b6: 4e:44:a0:6b:f1:31:df:aa:09:09:fc:5f:09:b6:c3: 8b:9d:c9:a9:4a:7b:19:33:a2:59:6f:42:fc:55:41: 11:c2:58:8c:05:59:6a:15:a1:3d:b1:80:73:e2:e3: 5a:28:bd:25:c3:2f:79:5c:7b:b2:95:c2:e7:32:63: e8:6f:19:cd:b3:a1:20:10:f9:4f:53:eb:49:52:85: 31:37:33:59:c3:e1:bd:bc:e7:fb:87:94:f7:33:93: 77:bf:91:a9:52:8c:a3:12:91:09:22:f3:b5:7b:e2: 4e:af:ab:6b:af:18:12:eb:b3:ab:03:4b:e1:82:dc: 5a:83:9b:c2:f8:8e:c4:32:b5:62:48:32:f3:c8:b2: 61:37:57:4c:2d:e4:72:d2:ed:b3:3e:e6:90:2b:37: c7:73:e0:dc:4e:92:e3:83:8f:6d:7c:73:51:70:01: f8:83:17:ea:49:fc:33:e8:7f:58:4b:c2:9b:64:c0: 2f:ad:57:d3:db:3a:1b:95:0d:5b:73:1e:02:dd:c9: 44:a6:a1:87:aa:4e:87:05:b5:43:67:b5:f2:c9:89: 74:9f:08:84:7b:38:e8:81:52:15:0e:03:0b:7d:61: 2a:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:CC:08:59:B9:71:C5:D8:06:D8:F1:2B:B3:48:BC:85:D7:8B:37:F2 X509v3 Authority Key Identifier: keyid:3A:84:DF:EF:3D:51:07:B8:4F:C7:7C:56:DC:F7:9E:05:FE:9C:73:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OoTf7z1RB7hPx3xW3PeeBf6cc1E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/YMwIWblxxdgG2PErs0i8hdeLN_I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d4b7f3-40ce-42ed-a93b-5e8dedac9cb7/1/OoTf7z1RB7hPx3xW3PeeBf6cc1E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.116.220.0/22 IPv6: 2a0d:fe80::/32 Signature Algorithm: sha256WithRSAEncryption 1b:fd:1f:1e:5d:79:d6:69:0b:9b:90:7c:c2:06:d8:0e:31:bd: 98:91:51:88:fb:84:b3:36:0e:74:7d:61:17:76:15:ac:50:a7: c3:ee:d4:a9:d1:7a:f3:4a:37:8d:86:3e:dd:80:ce:e1:ca:58: 57:04:af:78:ff:52:5f:90:d9:b0:60:92:d5:9e:39:b8:b0:62: 7c:ca:e2:90:b9:14:53:63:be:32:6f:c6:74:b9:5f:48:bb:b5: 00:5b:d5:b3:d0:36:fb:9d:f2:c8:39:18:3b:71:ff:ba:0b:98: d6:bf:dd:e9:e2:6a:ae:9f:f2:86:a4:8d:1a:08:62:60:ae:8f: a8:60:73:13:6c:7f:d4:75:c4:a3:0f:19:bf:ef:62:9b:a3:86: 9f:6b:0c:ef:9e:e8:7e:ff:3c:ed:f2:03:4c:e8:7b:70:3d:d9: 0c:bc:16:71:05:79:61:2d:0d:b7:a3:fe:c4:57:b5:b3:8e:2e: c8:ca:fe:89:ad:1b:a5:3d:91:67:d4:22:14:a7:b6:9d:31:b9: 7d:85:30:38:24:7d:fc:a8:13:9e:18:e2:78:6d:1e:54:b0:2b: d0:3a:fd:4a:0b:3d:41:61:9c:19:b4:6c:4d:e8:14:7c:40:dd: bd:c7:78:b6:45:73:c9:92:2c:e3:4c:d1:df:81:7a:51:a5:9b: 7b:c3:22:2c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3WPk7ftxavQ1wh97J/+Y1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhODRkZmVmM2Q1MTA3Yjg0ZmM3N2M1NmRjZjc5ZTA1ZmU5 YzczNTEwHhcNMjYwMTAxMDIxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MGNjMDg1OWI5NzFjNWQ4MDZkOGYxMmJiMzQ4YmM4NWQ3OGIzN2YyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2HGwbzti5is0kBKS2nebXGHNIZE 6lMk6I2MD7ZORKBr8THfqgkJ/F8JtsOLncmpSnsZM6JZb0L8VUERwliMBVlqFaE9 sYBz4uNaKL0lwy95XHuylcLnMmPobxnNs6EgEPlPU+tJUoUxNzNZw+G9vOf7h5T3 M5N3v5GpUoyjEpEJIvO1e+JOr6trrxgS67OrA0vhgtxag5vC+I7EMrViSDLzyLJh N1dMLeRy0u2zPuaQKzfHc+DcTpLjg49tfHNRcAH4gxfqSfwz6H9YS8KbZMAvrVfT 2zoblQ1bcx4C3clEpqGHqk6HBbVDZ7XyyYl0nwiEezjogVIVDgMLfWEqGwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFGDMCFm5ccXYBtjxK7NIvIXXizfyMB8GA1UdIwQY MBaAFDqE3+89UQe4T8d8Vtz3ngX+nHNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT29UZjd6MVJCN2hQeDN4VzNQZWVCZjZjYzFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNGI3ZjMtNDBjZS00MmVkLWE5M2It NWU4ZGVkYWM5Y2I3LzEvWU13SVdibHh4ZGdHMlBFcnMwaThoZGVMTl9JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC9kNGI3ZjMtNDBjZS00MmVkLWE5M2ItNWU4ZGVkYWM5Y2I3 LzEvT29UZjd6MVJCN2hQeDN4VzNQZWVCZjZjYzFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXTcMA0E AgACMAcDBQAqDf6AMA0GCSqGSIb3DQEBCwUAA4IBAQAb/R8eXXnWaQubkHzCBtgO Mb2YkVGI+4SzNg50fWEXdhWsUKfD7tSp0XrzSjeNhj7dgM7hylhXBK94/1JfkNmw YJLVnjm4sGJ8yuKQuRRTY74yb8Z0uV9Iu7UAW9Wz0Db7nfLIORg7cf+6C5jWv93p 4mqun/KGpI0aCGJgro+oYHMTbH/UdcSjDxm/72Kbo4afawzvnuh+/zzt8gNM6Htw PdkMvBZxBXlhLQ23o/7EV7Wzji7Iyv6JrRulPZFn1CIUp7adMbl9hTA4JH38qBOe GOJ4bR5UsCvQOv1KCz1BYZwZtGxN6BR8QN29x3i2RXPJkizjTNHfgXpRpZt7wyIs -----END CERTIFICATE-----Generated at Mon Feb 9 22:16:08 2026 by rpki-client