This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/8y14F0niaDLVL7hP8HOPOIkGBE0.roa File: 8y14F0niaDLVL7hP8HOPOIkGBE0.roa (raw, json) Hash identifier: iAEQXisqtNhusS787DBQONGHAa0NvsETVhbhodQ0298= Subject key identifier: F3:2D:78:17:49:E2:68:32:D5:2F:B8:4F:F0:73:8F:38:89:06:04:4D Certificate issuer: /CN=c9b232958097b5863eafd047bb315171eaa01fb7 Certificate serial: 019B7DCACB85FA0878A321702931013E9278 Authority key identifier: C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/8y14F0niaDLVL7hP8HOPOIkGBE0.roa Signing time: Fri 02 Jan 2026 08:20:00 +0000 ROA not before: Fri 02 Jan 2026 08:20:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12672 IP address blocks: 2a00:ff0:8888::/48 maxlen: 48 2a00:ff0:9999::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/ybIylYCXtYY-r9BHuzFRceqgH7c.crl rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/ybIylYCXtYY-r9BHuzFRceqgH7c.mft rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:cb:85:fa:08:78:a3:21:70:29:31:01:3e:92:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c9b232958097b5863eafd047bb315171eaa01fb7 Validity Not Before: Jan 2 08:20:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f32d781749e26832d52fb84ff0738f388906044d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:cd:32:b7:70:9e:04:ee:5d:fd:e1:dd:f7:c2: ea:80:6e:0c:a3:4f:52:18:03:ca:00:39:ff:17:ed: 1c:15:e4:f1:f2:99:92:53:33:6e:3d:63:7a:be:d5: d1:c0:f6:6f:b4:9c:06:07:9b:eb:6a:f9:04:97:5a: ef:5a:cd:ec:f2:50:69:19:21:dc:07:2e:4c:78:b0: 01:e6:de:2a:76:9d:f3:ef:de:93:ca:af:a6:96:29: a8:25:88:98:90:35:cf:a9:62:6d:50:51:7b:bc:d9: 17:b2:aa:98:50:01:c6:f1:72:74:35:5d:34:c7:39: 98:4a:62:ef:d6:4d:d1:da:24:35:56:04:e6:d0:54: eb:b3:d4:1b:23:07:3f:77:d3:d4:fb:8d:78:f7:51: 8b:5c:79:ab:50:80:6e:7a:49:62:59:43:94:26:04: 29:d6:49:ab:0f:7c:03:f6:21:2a:3d:27:65:e3:ff: f1:d1:6e:20:79:8a:68:ed:c8:a8:d2:fa:71:5a:ca: 07:aa:6c:63:24:0a:f9:89:79:81:63:2c:b9:d7:11: da:c4:d7:18:90:ca:e7:4d:c2:3a:9c:45:29:d1:91: b2:cc:3c:8a:3b:50:81:4d:a1:1c:62:ad:75:22:d9: bc:f6:7a:34:b5:1c:0f:54:5d:82:2e:44:b3:de:f5: 0b:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:2D:78:17:49:E2:68:32:D5:2F:B8:4F:F0:73:8F:38:89:06:04:4D X509v3 Authority Key Identifier: keyid:C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/8y14F0niaDLVL7hP8HOPOIkGBE0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/ybIylYCXtYY-r9BHuzFRceqgH7c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:ff0:8888::/48 2a00:ff0:9999::/48 Signature Algorithm: sha256WithRSAEncryption ce:ce:1d:7e:87:08:1e:d7:a7:09:2b:35:ee:fe:12:91:2c:97: 27:93:d2:00:a1:60:8e:d3:fa:8b:c6:78:58:61:30:21:d4:9d: 5a:5d:dc:28:0e:51:bb:47:ef:ed:c9:6d:0d:db:b8:c9:65:82: 07:34:02:31:3a:fa:e5:b4:cd:da:17:d9:57:73:5b:31:28:56: 04:50:89:a0:58:6b:73:cf:8e:6b:4e:10:69:40:cb:f9:fc:3d: 9f:d6:bf:2f:25:76:0c:22:77:1a:a6:35:5e:3f:de:2a:a4:c3: 68:d2:89:03:5c:51:63:15:59:63:e3:db:67:c6:6a:c0:35:08: a3:5e:96:78:4b:17:35:d7:75:5f:02:49:5d:66:46:fb:9d:60: 07:ad:36:80:79:41:cb:3a:fd:9e:63:e3:65:fc:5b:bc:0e:d5: 5a:df:bd:89:8c:9b:2e:27:e4:88:df:ae:05:8a:8a:da:c5:ee: 8d:9d:61:ab:21:6e:86:7d:02:da:1b:27:18:95:7a:f1:d6:81: c1:0c:57:96:75:b7:0a:21:4f:00:f2:38:aa:6e:d7:85:87:b3: 61:c0:a1:c3:b4:5e:77:00:6a:97:71:f2:30:d1:6f:a2:c7:78: 2f:79:24:10:bc:2b:4a:cd:e1:cf:ee:30:40:98:c7:03:4b:c9: f6:e7:97:16 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9ysuF+gh4oyFwKTEBPpJ4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM5YjIzMjk1ODA5N2I1ODYzZWFmZDA0N2JiMzE1MTcxZWFh MDFmYjcwHhcNMjYwMTAyMDgyMDAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMzJkNzgxNzQ5ZTI2ODMyZDUyZmI4NGZmMDczOGYzODg5MDYwNDRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArs0yt3CeBO5d/eHd98LqgG4Mo09S GAPKADn/F+0cFeTx8pmSUzNuPWN6vtXRwPZvtJwGB5vravkEl1rvWs3s8lBpGSHc By5MeLAB5t4qdp3z796Tyq+mlimoJYiYkDXPqWJtUFF7vNkXsqqYUAHG8XJ0NV00 xzmYSmLv1k3R2iQ1VgTm0FTrs9QbIwc/d9PU+41491GLXHmrUIBuekliWUOUJgQp 1kmrD3wD9iEqPSdl4//x0W4geYpo7cio0vpxWsoHqmxjJAr5iXmBYyy51xHaxNcY kMrnTcI6nEUp0ZGyzDyKO1CBTaEcYq11Itm89no0tRwPVF2CLkSz3vULcQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFPMteBdJ4mgy1S+4T/BzjziJBgRNMB8GA1UdIwQY MBaAFMmyMpWAl7WGPq/QR7sxUXHqoB+3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWJJeWxZQ1h0WVktcjlCSHV6RlJjZXFnSDdjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMzU0MzItY2Y5OS00ZjE5LWE3NmUt MDdiN2ZlZjA4NThmLzEvOHkxNEYwbmlhRExWTDdoUDhIT1BPSWtHQkUwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZS9mMzU0MzItY2Y5OS00ZjE5LWE3NmUtMDdiN2ZlZjA4NThm LzEveWJJeWxZQ1h0WVktcjlCSHV6RlJjZXFnSDdjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgAP8IiI AwcAKgAP8JmZMA0GCSqGSIb3DQEBCwUAA4IBAQDOzh1+hwge16cJKzXu/hKRLJcn k9IAoWCO0/qLxnhYYTAh1J1aXdwoDlG7R+/tyW0N27jJZYIHNAIxOvrltM3aF9lX c1sxKFYEUImgWGtzz45rThBpQMv5/D2f1r8vJXYMIncapjVeP94qpMNo0okDXFFj FVlj49tnxmrANQijXpZ4Sxc113VfAkldZkb7nWAHrTaAeUHLOv2eY+Nl/Fu8DtVa 372JjJsuJ+SI364Fioraxe6NnWGrIW6GfQLaGycYlXrx1oHBDFeWdbcKIU8A8jiq bteFh7NhwKHDtF53AGqXcfIw0W+ix3gveSQQvCtKzeHP7jBAmMcDS8n255cW -----END CERTIFICATE-----Generated at Mon Feb 9 20:10:13 2026 by rpki-client