This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e7ef54-bdb0-450a-8646-ee08146e3713/1/y4Da6sZJ9Zrri-68tCZQ82txVE8.roa File: y4Da6sZJ9Zrri-68tCZQ82txVE8.roa (raw, json) Hash identifier: siiOFYThlEnhOuPTtcgPza0sux7K+s3jYPDLUM6lsRY= Subject key identifier: CB:80:DA:EA:C6:49:F5:9A:EB:8B:EE:BC:B4:26:50:F3:6B:71:54:4F Certificate issuer: /CN=aa31ee512c1a562ab9e9410a831f72fd4318892e Certificate serial: 019B78A2C8A183AFC529A959BD41E8E0BC2B Authority key identifier: AA:31:EE:51:2C:1A:56:2A:B9:E9:41:0A:83:1F:72:FD:43:18:89:2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjHuUSwaViq56UEKgx9y_UMYiS4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/e7ef54-bdb0-450a-8646-ee08146e3713/1/y4Da6sZJ9Zrri-68tCZQ82txVE8.roa Signing time: Thu 01 Jan 2026 08:18:12 +0000 ROA not before: Thu 01 Jan 2026 08:18:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35677 IP address blocks: 185.92.76.0/22 maxlen: 22 2a03:8ae0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/e7ef54-bdb0-450a-8646-ee08146e3713/1/qjHuUSwaViq56UEKgx9y_UMYiS4.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/e7ef54-bdb0-450a-8646-ee08146e3713/1/qjHuUSwaViq56UEKgx9y_UMYiS4.mft rsync://rpki.ripe.net/repository/DEFAULT/qjHuUSwaViq56UEKgx9y_UMYiS4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:c8:a1:83:af:c5:29:a9:59:bd:41:e8:e0:bc:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa31ee512c1a562ab9e9410a831f72fd4318892e Validity Not Before: Jan 1 08:18:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb80daeac649f59aeb8beebcb42650f36b71544f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:18:be:70:46:1a:c6:21:d3:55:df:6c:b1:61: f3:77:a4:e7:1f:29:1c:90:8e:ed:2d:e3:20:b8:16: cb:df:30:81:24:f7:e8:fe:8f:63:25:7f:d8:fa:89: 4c:cf:cb:7c:89:85:3c:ba:5d:05:58:59:5c:b1:fb: 36:aa:b5:c0:70:ce:19:57:a6:2c:5b:49:ac:a2:59: f7:d7:37:31:34:c1:6b:b0:a9:71:5b:4b:78:36:e9: 43:97:1d:8d:4b:1e:c4:3b:76:c1:9a:02:66:42:e7: c0:94:1a:b5:58:69:b5:c5:81:aa:98:2e:b0:30:8c: 2e:e0:e1:a9:99:43:0f:24:e1:f4:4d:84:c9:e7:9d: 21:7f:75:28:84:53:0e:e7:8c:d9:95:3d:a6:8d:95: 9b:2a:1c:d9:50:2f:d8:d1:80:6d:76:92:89:3e:08: 26:40:75:63:29:31:99:75:d8:29:dc:d5:b5:a2:3b: ad:13:6e:aa:a8:dc:e2:a0:43:28:b6:37:76:67:5d: 74:2b:94:31:5a:8a:6c:34:b5:5b:bb:3d:02:66:31: 91:38:ab:6a:4c:6f:e3:f8:3a:bd:74:ed:48:5e:d0: d0:e8:9d:52:da:f2:cb:9b:a6:b9:ef:1c:8d:a3:6e: b8:a5:e9:d4:7e:5e:c1:64:ae:ef:8c:cd:44:39:55: c4:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:80:DA:EA:C6:49:F5:9A:EB:8B:EE:BC:B4:26:50:F3:6B:71:54:4F X509v3 Authority Key Identifier: keyid:AA:31:EE:51:2C:1A:56:2A:B9:E9:41:0A:83:1F:72:FD:43:18:89:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjHuUSwaViq56UEKgx9y_UMYiS4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e7ef54-bdb0-450a-8646-ee08146e3713/1/y4Da6sZJ9Zrri-68tCZQ82txVE8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e7ef54-bdb0-450a-8646-ee08146e3713/1/qjHuUSwaViq56UEKgx9y_UMYiS4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.92.76.0/22 IPv6: 2a03:8ae0::/32 Signature Algorithm: sha256WithRSAEncryption c1:68:80:96:9f:f6:90:ad:d5:c5:30:b0:76:fd:bf:18:75:49: 56:94:cc:43:b4:d8:ac:8e:74:bd:2b:e9:c4:c8:d0:b4:2a:ba: b7:0b:53:30:15:d8:cb:9c:31:e7:a3:e9:b5:08:3e:94:3b:75: 75:6a:56:8e:98:c6:f3:d3:78:b2:43:79:42:25:b1:bb:48:b3: 90:6f:64:88:8d:04:8c:52:9e:31:db:46:2a:e4:a1:3e:54:d4: 02:f6:12:ea:57:fb:79:33:d7:84:33:a8:3b:72:a0:ef:cd:71: 18:66:48:e9:43:9f:6d:f6:b4:ea:ce:18:97:71:34:b2:7a:d8: bc:bd:04:93:4e:b4:36:49:ef:f1:16:10:ae:72:db:b5:dd:7f: 26:ab:0e:5f:17:32:5c:a4:be:78:eb:3a:af:6b:40:8a:0b:fa: 2b:49:13:2e:70:cd:aa:19:61:80:e6:c6:51:8d:91:6c:5b:f3: 3c:86:80:3f:c4:83:60:1f:fb:ab:fc:c9:99:e9:eb:8b:60:6b: 2b:26:eb:3a:84:41:3f:cd:ce:99:6a:32:07:ea:5b:f6:a1:c8: 29:03:77:a6:8e:9c:37:62:37:ef:b5:ef:42:02:19:51:38:60: e6:ea:34:91:d7:57:f5:8d:53:87:40:30:a2:4c:90:8a:76:d8: 96:51:54:6c -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4osihg6/FKalZvUHo4LwrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhMzFlZTUxMmMxYTU2MmFiOWU5NDEwYTgzMWY3MmZkNDMx ODg5MmUwHhcNMjYwMTAxMDgxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjgwZGFlYWM2NDlmNTlhZWI4YmVlYmNiNDI2NTBmMzZiNzE1NDRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihi+cEYaxiHTVd9ssWHzd6TnHykc kI7tLeMguBbL3zCBJPfo/o9jJX/Y+olMz8t8iYU8ul0FWFlcsfs2qrXAcM4ZV6Ys W0msoln31zcxNMFrsKlxW0t4NulDlx2NSx7EO3bBmgJmQufAlBq1WGm1xYGqmC6w MIwu4OGpmUMPJOH0TYTJ550hf3UohFMO54zZlT2mjZWbKhzZUC/Y0YBtdpKJPggm QHVjKTGZddgp3NW1ojutE26qqNzioEMotjd2Z110K5QxWopsNLVbuz0CZjGROKtq TG/j+Dq9dO1IXtDQ6J1S2vLLm6a57xyNo264penUfl7BZK7vjM1EOVXEEQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMuA2urGSfWa64vuvLQmUPNrcVRPMB8GA1UdIwQY MBaAFKox7lEsGlYquelBCoMfcv1DGIkuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWpIdVVTd2FWaXE1NlVFS2d4OXlfVU1ZaVM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lN2VmNTQtYmRiMC00NTBhLTg2NDYt ZWUwODE0NmUzNzEzLzEveTREYTZzWko5WnJyaS02OHRDWlE4MnR4VkU4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi9lN2VmNTQtYmRiMC00NTBhLTg2NDYtZWUwODE0NmUzNzEz LzEvcWpIdVVTd2FWaXE1NlVFS2d4OXlfVU1ZaVM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVxMMA0E AgACMAcDBQAqA4rgMA0GCSqGSIb3DQEBCwUAA4IBAQDBaICWn/aQrdXFMLB2/b8Y dUlWlMxDtNisjnS9K+nEyNC0Krq3C1MwFdjLnDHno+m1CD6UO3V1alaOmMbz03iy Q3lCJbG7SLOQb2SIjQSMUp4x20Yq5KE+VNQC9hLqV/t5M9eEM6g7cqDvzXEYZkjp Q59t9rTqzhiXcTSyeti8vQSTTrQ2Se/xFhCuctu13X8mqw5fFzJcpL546zqva0CK C/orSRMucM2qGWGA5sZRjZFsW/M8hoA/xINgH/ur/MmZ6euLYGsrJus6hEE/zc6Z ajIH6lv2ocgpA3emjpw3Yjfvte9CAhlROGDm6jSR11f1jVOHQDCiTJCKdtiWUVRs -----END CERTIFICATE-----Generated at Mon Feb 9 18:43:56 2026 by rpki-client