This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/PYTkfp5G2Kz2IInol35ecxg8ufY.roa File: PYTkfp5G2Kz2IInol35ecxg8ufY.roa (raw, json) Hash identifier: N8oGsoKq3FE4zl5dgxbPITuMJrhv98C47b11t2Ldcdk= Subject key identifier: 3D:84:E4:7E:9E:46:D8:AC:F6:20:89:E8:97:7E:5E:73:18:3C:B9:F6 Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5 Certificate serial: 019B7C802F09CCA711F4DEA6BDC13A63D758 Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/PYTkfp5G2Kz2IInol35ecxg8ufY.roa Signing time: Fri 02 Jan 2026 02:18:53 +0000 ROA not before: Fri 02 Jan 2026 02:18:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214716 IP address blocks: 2a0f:7803:fa70::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.mft rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 14:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:2f:09:cc:a7:11:f4:de:a6:bd:c1:3a:63:d7:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfcead390625edba1408108df57cea47160d70e5 Validity Not Before: Jan 2 02:18:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3d84e47e9e46d8acf62089e8977e5e73183cb9f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:a5:e0:40:d5:be:ec:25:4a:c2:5b:1c:a3:0c: 3b:9b:1a:84:a0:c3:6b:f4:6f:6d:03:8f:24:92:8f: f7:99:86:96:55:b5:b8:19:03:89:71:a9:0c:f6:f2: 5d:e7:18:74:81:e4:de:6b:f5:a6:e7:d8:f0:cf:70: 62:45:3e:ed:f8:23:b4:41:87:1f:e0:3a:c3:b4:ac: 85:af:5c:9d:e5:21:a6:34:66:13:5a:43:81:d8:82: f1:6d:59:96:ee:ca:97:03:c5:32:89:12:39:68:84: 70:35:5c:30:b2:6c:70:ad:b9:07:01:19:87:9e:2d: 5b:a1:09:b3:d2:e1:16:6e:f3:de:90:04:c1:b8:bf: 10:33:e3:64:92:4b:d1:87:c2:12:1c:c4:2d:57:2c: 3f:1d:30:74:d0:33:cb:92:96:ea:b4:47:58:f2:43: 1f:4d:f4:e5:77:f8:96:d9:40:6b:87:d3:58:e7:e1: 64:ee:31:96:b6:ae:0e:9d:2e:92:04:0c:06:65:6c: c8:7c:d5:81:e5:cd:17:a0:97:c4:07:5f:b1:f7:0d: f4:27:63:6c:07:d6:2b:f9:e7:7f:36:1f:9c:ee:fd: a4:51:7a:b8:7f:08:96:43:92:cb:bf:b2:0c:83:80: 15:70:a3:f6:1d:eb:12:7c:1d:10:9c:f6:08:46:36: 61:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:84:E4:7E:9E:46:D8:AC:F6:20:89:E8:97:7E:5E:73:18:3C:B9:F6 X509v3 Authority Key Identifier: keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/PYTkfp5G2Kz2IInol35ecxg8ufY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:7803:fa70::/44 Signature Algorithm: sha256WithRSAEncryption 7b:cd:8f:34:8b:21:50:54:8a:d6:04:e2:95:c9:5a:b6:f3:76: 96:4c:35:9b:d5:fe:b3:82:54:54:4a:b1:17:10:ce:00:93:f8: f7:52:b6:6d:49:81:b4:5d:7a:9c:49:a1:9a:e2:51:4e:05:84: d7:c0:23:a1:38:0d:40:64:43:65:eb:00:d2:d0:a7:f6:75:f5: d5:74:94:17:02:d8:bd:65:44:bd:62:8b:fa:46:21:5b:91:5b: 07:b0:8b:38:41:30:74:77:48:45:a1:6a:58:83:6d:6c:db:fa: 3c:38:c8:fc:89:2a:1f:13:65:cb:6e:99:5d:fd:a5:29:f0:ac: 79:db:11:1f:92:bb:9d:f7:ed:c5:ac:00:9d:ab:64:93:a5:43: ea:92:79:b2:75:2a:65:6e:68:f5:d0:83:53:5c:5a:19:dd:4d: 77:ee:39:87:6e:b3:7b:88:a8:b2:10:65:ca:3b:0f:80:7d:86: bb:e5:12:e3:bb:be:85:e8:97:39:d6:03:79:b0:4a:d5:1a:96: c2:ba:6c:e8:ed:c2:b4:52:d7:30:e8:dc:a4:1b:ea:c5:bd:dd: ca:73:63:7e:85:1a:fa:d8:eb:9e:5a:6d:17:39:67:6c:7b:7a: cf:ae:97:cd:dc:72:3a:23:39:52:0c:ed:4c:f3:4c:a2:8d:a3: d2:7d:29:01 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt8gC8JzKcR9N6mvcE6Y9dYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw ZDcwZTUwHhcNMjYwMTAyMDIxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZDg0ZTQ3ZTllNDZkOGFjZjYyMDg5ZTg5NzdlNWU3MzE4M2NiOWY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKXgQNW+7CVKwlscoww7mxqEoMNr 9G9tA48kko/3mYaWVbW4GQOJcakM9vJd5xh0geTea/Wm59jwz3BiRT7t+CO0QYcf 4DrDtKyFr1yd5SGmNGYTWkOB2ILxbVmW7sqXA8UyiRI5aIRwNVwwsmxwrbkHARmH ni1boQmz0uEWbvPekATBuL8QM+NkkkvRh8ISHMQtVyw/HTB00DPLkpbqtEdY8kMf TfTld/iW2UBrh9NY5+Fk7jGWtq4OnS6SBAwGZWzIfNWB5c0XoJfEB1+x9w30J2Ns B9Yr+ed/Nh+c7v2kUXq4fwiWQ5LLv7IMg4AVcKP2HesSfB0QnPYIRjZhwwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFD2E5H6eRtis9iCJ6Jd+XnMYPLn2MB8GA1UdIwQY MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt ZjViNmE3MThmNGI1LzEvUFlUa2ZwNUcyS3oySUlub2wzNWVjeGc4dWZZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1 LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg94A/pw MA0GCSqGSIb3DQEBCwUAA4IBAQB7zY80iyFQVIrWBOKVyVq283aWTDWb1f6zglRU SrEXEM4Ak/j3UrZtSYG0XXqcSaGa4lFOBYTXwCOhOA1AZENl6wDS0Kf2dfXVdJQX Ati9ZUS9Yov6RiFbkVsHsIs4QTB0d0hFoWpYg21s2/o8OMj8iSofE2XLbpld/aUp 8Kx52xEfkrud9+3FrACdq2STpUPqknmydSplbmj10INTXFoZ3U137jmHbrN7iKiy EGXKOw+AfYa75RLju76F6Jc51gN5sErVGpbCumzo7cK0Utcw6NykG+rFvd3Kc2N+ hRr62OueWm0XOWdse3rPrpfN3HI6IzlSDO1M80yijaPSfSkB -----END CERTIFICATE-----Generated at Wed Jan 21 16:58:22 2026 by rpki-client