This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/yzMoDxEJ3QeJWdE8R-bAoTDWCn0.roa File: yzMoDxEJ3QeJWdE8R-bAoTDWCn0.roa (raw, json) Hash identifier: 7ySOiEN+rsl73J6hKm0hx2DeTB7Y+zglcV1vKztJX34= Subject key identifier: CB:33:28:0F:11:09:DD:07:89:59:D1:3C:47:E6:C0:A1:30:D6:0A:7D Certificate issuer: /CN=bbba8eccd97e96189ff6e33cf110a6c9a477459c Certificate serial: 019B7B3642EEABE5776CE6236A2D12CA3B09 Authority key identifier: BB:BA:8E:CC:D9:7E:96:18:9F:F6:E3:3C:F1:10:A6:C9:A4:77:45:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7qOzNl-lhif9uM88RCmyaR3RZw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/yzMoDxEJ3QeJWdE8R-bAoTDWCn0.roa Signing time: Thu 01 Jan 2026 20:18:32 +0000 ROA not before: Thu 01 Jan 2026 20:18:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9121 IP address blocks: 77.72.184.0/24 maxlen: 24 77.72.185.0/24 maxlen: 24 77.72.186.0/24 maxlen: 24 77.72.187.0/24 maxlen: 24 77.72.188.0/24 maxlen: 24 77.72.189.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/u7qOzNl-lhif9uM88RCmyaR3RZw.crl rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/u7qOzNl-lhif9uM88RCmyaR3RZw.mft rsync://rpki.ripe.net/repository/DEFAULT/u7qOzNl-lhif9uM88RCmyaR3RZw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 08:02:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:42:ee:ab:e5:77:6c:e6:23:6a:2d:12:ca:3b:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bbba8eccd97e96189ff6e33cf110a6c9a477459c Validity Not Before: Jan 1 20:18:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb33280f1109dd078959d13c47e6c0a130d60a7d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:85:3c:ad:99:d9:ca:74:af:27:bf:7b:d5:7e: f3:fc:30:bc:f9:c1:06:5d:c5:bf:90:c3:0a:be:9a: b8:bf:d5:8d:9e:cd:06:aa:f5:46:37:42:8c:a8:e3: ac:59:d0:e3:e8:15:14:7f:7d:df:ce:dc:c8:c4:45: f1:a9:4d:71:fc:1c:74:4d:c3:e4:51:96:cf:89:c5: 98:75:31:63:c9:9f:7a:52:d0:86:9a:ec:80:79:fb: 46:d5:40:1b:b8:52:f2:4a:67:77:d7:c3:57:b9:c7: ad:e5:71:45:45:c8:4e:c0:e9:d3:a0:1e:f9:39:56: e1:44:d2:de:66:4f:0c:04:dc:4e:9b:9e:96:a2:41: 0f:51:63:6c:9b:18:4b:6f:85:37:4b:de:bd:86:4c: 0b:c8:79:43:d8:4d:58:9b:08:ae:5d:a0:d4:7a:9a: ab:3b:a7:0f:6e:c2:08:67:fa:69:58:ad:f6:fc:a0: 8f:d1:52:8c:43:80:af:e3:f6:44:c9:87:7b:ea:14: 35:81:cd:63:33:20:b0:92:16:ee:a0:7a:10:7c:09: b8:49:2b:d3:06:48:32:64:6d:2c:63:3c:03:38:76: 54:f2:31:c5:df:64:05:45:56:57:14:2c:fa:51:c7: 3a:55:ed:dd:ce:89:89:61:a3:94:b7:96:fb:5c:ae: 18:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:33:28:0F:11:09:DD:07:89:59:D1:3C:47:E6:C0:A1:30:D6:0A:7D X509v3 Authority Key Identifier: keyid:BB:BA:8E:CC:D9:7E:96:18:9F:F6:E3:3C:F1:10:A6:C9:A4:77:45:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7qOzNl-lhif9uM88RCmyaR3RZw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/yzMoDxEJ3QeJWdE8R-bAoTDWCn0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/b9dab8-d084-4b73-99b2-ee5b5168bf2f/1/u7qOzNl-lhif9uM88RCmyaR3RZw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 77.72.184.0-77.72.189.255 Signature Algorithm: sha256WithRSAEncryption 87:4d:96:f4:43:52:52:51:2d:3b:cb:70:6c:2e:c8:e4:dd:b6: a6:a6:96:2e:d7:ca:e0:20:c7:cd:9f:f7:6b:f7:6c:af:8d:88: 6f:6a:15:a3:4d:27:cd:63:f8:6a:23:9a:a7:a8:4c:d0:21:1d: d2:be:48:fc:49:6e:f6:1b:bc:fc:a6:8c:cb:d8:23:0e:b5:2c: 04:59:79:06:29:5e:90:ed:47:f9:ce:d8:65:1a:63:f6:50:df: 15:ae:fc:ee:c2:a4:a6:a7:d4:6e:b6:d3:62:3f:74:83:8c:b3: d5:0d:d8:8d:ec:ed:ad:7d:de:9a:81:ae:ef:72:5d:ba:db:b6: 88:5d:10:b0:d8:65:8f:3b:61:34:b7:76:b0:11:d6:11:2d:97: d2:d9:a2:73:86:ed:fd:db:e4:1c:21:43:df:b6:64:13:b9:69: c8:88:f2:4d:fa:d8:8f:3c:0c:e1:c6:06:39:6f:ea:e4:f8:e2: 40:06:6c:e0:f5:20:bf:d2:1f:9d:2c:bb:23:cb:c3:5f:22:69: fa:0b:d1:f6:83:88:3c:c4:1e:3d:81:b6:31:ea:7e:c5:1b:4a: f1:57:52:08:46:87:de:c9:1d:fd:fb:c4:cc:7c:1e:5e:f5:33: c8:13:40:3b:8d:7a:54:3b:43:e6:df:17:16:03:54:2c:ca:06: 13:01:46:85 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt7NkLuq+V3bOYjai0SyjsJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJiYmE4ZWNjZDk3ZTk2MTg5ZmY2ZTMzY2YxMTBhNmM5YTQ3 NzQ1OWMwHhcNMjYwMTAxMjAxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjMzMjgwZjExMDlkZDA3ODk1OWQxM2M0N2U2YzBhMTMwZDYwYTdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YU8rZnZynSvJ7971X7z/DC8+cEG XcW/kMMKvpq4v9WNns0GqvVGN0KMqOOsWdDj6BUUf33fztzIxEXxqU1x/Bx0TcPk UZbPicWYdTFjyZ96UtCGmuyAeftG1UAbuFLySmd318NXucet5XFFRchOwOnToB75 OVbhRNLeZk8MBNxOm56WokEPUWNsmxhLb4U3S969hkwLyHlD2E1YmwiuXaDUepqr O6cPbsIIZ/ppWK32/KCP0VKMQ4Cv4/ZEyYd76hQ1gc1jMyCwkhbuoHoQfAm4SSvT BkgyZG0sYzwDOHZU8jHF32QFRVZXFCz6Ucc6Ve3dzomJYaOUt5b7XK4YSQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFMszKA8RCd0HiVnRPEfmwKEw1gp9MB8GA1UdIwQY MBaAFLu6jszZfpYYn/bjPPEQpsmkd0WcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdTdxT3pObC1saGlmOXVNODhSQ215YVIzUlp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iOWRhYjgtZDA4NC00YjczLTk5YjIt ZWU1YjUxNjhiZjJmLzEveXpNb0R4RUozUWVKV2RFOFItYkFvVERXQ24wLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi9iOWRhYjgtZDA4NC00YjczLTk5YjItZWU1YjUxNjhiZjJm LzEvdTdxT3pObC1saGlmOXVNODhSQ215YVIzUlp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANNSLgD BAFNSLwwDQYJKoZIhvcNAQELBQADggEBAIdNlvRDUlJRLTvLcGwuyOTdtqamli7X yuAgx82f92v3bK+NiG9qFaNNJ81j+GojmqeoTNAhHdK+SPxJbvYbvPymjMvYIw61 LARZeQYpXpDtR/nO2GUaY/ZQ3xWu/O7CpKan1G6202I/dIOMs9UN2I3s7a193pqB ru9yXbrbtohdELDYZY87YTS3drAR1hEtl9LZonOG7f3b5BwhQ9+2ZBO5aciI8k36 2I88DOHGBjlv6uT44kAGbOD1IL/SH50suyPLw18iafoL0faDiDzEHj2BtjHqfsUb SvFXUghGh97JHf37xMx8Hl71M8gTQDuNelQ7Q+bfFxYDVCzKBhMBRoU= -----END CERTIFICATE-----Generated at Wed Jan 21 13:17:09 2026 by rpki-client