This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/f834ad-df0f-4505-9613-2a04d3923d22/1/ywg7v4iBU0yIbUtglY4SRtwYiqQ.roa File: ywg7v4iBU0yIbUtglY4SRtwYiqQ.roa (raw, json) Hash identifier: TUFNnELLTk5SmjwLZeWsU1OrlDE0M2b/yRf/bTeimQo= Subject key identifier: CB:08:3B:BF:88:81:53:4C:88:6D:4B:60:95:8E:12:46:DC:18:8A:A4 Certificate issuer: /CN=1e30a62262dccb21a0104b34edb82b9515cacdfb Certificate serial: 019B7F8298E28C1620B2F4BB31185ED0193B Authority key identifier: 1E:30:A6:22:62:DC:CB:21:A0:10:4B:34:ED:B8:2B:95:15:CA:CD:FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjCmImLcyyGgEEs07bgrlRXKzfs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/f834ad-df0f-4505-9613-2a04d3923d22/1/ywg7v4iBU0yIbUtglY4SRtwYiqQ.roa Signing time: Fri 02 Jan 2026 16:20:23 +0000 ROA not before: Fri 02 Jan 2026 16:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208613 IP address blocks: 45.87.72.0/22 maxlen: 24 2a0e:f680::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/f834ad-df0f-4505-9613-2a04d3923d22/1/HjCmImLcyyGgEEs07bgrlRXKzfs.crl rsync://rpki.ripe.net/repository/DEFAULT/e0/f834ad-df0f-4505-9613-2a04d3923d22/1/HjCmImLcyyGgEEs07bgrlRXKzfs.mft rsync://rpki.ripe.net/repository/DEFAULT/HjCmImLcyyGgEEs07bgrlRXKzfs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:98:e2:8c:16:20:b2:f4:bb:31:18:5e:d0:19:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e30a62262dccb21a0104b34edb82b9515cacdfb Validity Not Before: Jan 2 16:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb083bbf8881534c886d4b60958e1246dc188aa4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:04:c6:f8:a6:a1:b8:bd:97:00:cb:43:dc:82: 65:84:12:2d:85:c2:22:82:73:5d:cf:fe:3f:ef:1b: ba:82:52:dc:3d:1a:ae:af:85:96:a4:c4:7f:ff:d8: 39:92:1a:f9:b4:9c:c0:6b:2f:14:33:c8:d9:56:8e: 86:df:d4:60:e4:c2:56:18:64:5b:10:3c:e6:63:a1: f6:68:ab:f9:65:f0:3c:d2:35:36:8e:47:cb:53:c1: 7b:10:80:16:1a:94:1f:6b:82:8a:d8:37:a3:ef:f8: 07:19:dc:5b:70:79:12:0d:08:25:8a:3a:5a:86:53: c2:e6:5b:a4:9d:27:a3:a9:0c:2f:5d:e7:3e:be:85: 35:2e:73:e9:36:f2:00:b8:af:f3:3d:e7:1e:2c:c4: 44:4f:8f:58:ac:13:68:a7:40:00:14:1a:ef:8b:dc: 56:31:69:a0:87:ff:e9:68:ee:91:6c:0f:d0:f0:1b: 36:43:96:d3:e4:83:58:af:da:88:c4:6a:c3:83:df: 09:2d:57:7d:79:11:43:15:59:a4:45:6a:5f:d8:eb: 3a:61:3f:5b:28:5d:9b:2e:1f:30:77:4e:19:f1:7c: ec:10:5d:6f:96:fb:3e:cf:56:e5:6b:44:5c:9b:fd: 88:d3:b7:09:7b:93:ce:9f:f4:2c:7b:66:cd:7f:e1: 79:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:08:3B:BF:88:81:53:4C:88:6D:4B:60:95:8E:12:46:DC:18:8A:A4 X509v3 Authority Key Identifier: keyid:1E:30:A6:22:62:DC:CB:21:A0:10:4B:34:ED:B8:2B:95:15:CA:CD:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjCmImLcyyGgEEs07bgrlRXKzfs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/f834ad-df0f-4505-9613-2a04d3923d22/1/ywg7v4iBU0yIbUtglY4SRtwYiqQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/f834ad-df0f-4505-9613-2a04d3923d22/1/HjCmImLcyyGgEEs07bgrlRXKzfs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.87.72.0/22 IPv6: 2a0e:f680::/29 Signature Algorithm: sha256WithRSAEncryption 5b:1f:f4:bc:c7:07:de:0f:ca:d9:07:90:d1:12:5b:df:66:cb: 70:34:37:b5:57:b1:f3:e3:03:60:42:ae:61:2f:25:36:9f:62: 9d:23:08:7b:7d:37:0b:b5:1c:6d:41:62:c2:b3:51:03:47:56: c4:67:b4:87:ff:a9:06:4b:5e:f1:1b:51:d7:e0:e4:6d:80:51: 86:04:7b:18:86:5a:91:c9:f6:4e:6b:ce:ca:37:ac:13:79:df: d2:90:b5:b0:7f:02:af:ba:f0:da:c7:d6:9d:8c:0e:2f:f5:bb: 03:b1:59:63:c0:c5:bb:e5:50:6a:13:4a:5a:2c:d0:a3:46:aa: cd:4f:87:4d:76:75:20:b7:b6:ce:35:39:dd:33:0e:e2:50:31: 3d:c4:a4:a0:02:1d:b2:fb:90:12:93:91:e5:6c:06:95:d3:9a: d9:9c:3a:09:a2:b3:40:d0:b7:c5:78:2b:35:b1:de:c9:81:05: ad:1e:03:65:1f:97:b7:b5:5c:9b:a9:da:fa:b1:0a:f1:20:7c: d4:d1:e1:a2:a5:9b:ad:78:fd:07:66:8d:1f:33:fd:0f:64:7f: ae:ba:bd:dc:65:81:79:2d:eb:e9:73:a5:e7:f8:5d:7b:fb:ae: f7:65:d0:c0:24:9d:0e:cf:d3:39:d5:38:1c:2b:e6:8b:d0:7c: 67:c9:0e:d5 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/gpjijBYgsvS7MRhe0Bk7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlMzBhNjIyNjJkY2NiMjFhMDEwNGIzNGVkYjgyYjk1MTVj YWNkZmIwHhcNMjYwMTAyMTYyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjA4M2JiZjg4ODE1MzRjODg2ZDRiNjA5NThlMTI0NmRjMTg4YWE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQTG+KahuL2XAMtD3IJlhBIthcIi gnNdz/4/7xu6glLcPRqur4WWpMR//9g5khr5tJzAay8UM8jZVo6G39Rg5MJWGGRb EDzmY6H2aKv5ZfA80jU2jkfLU8F7EIAWGpQfa4KK2Dej7/gHGdxbcHkSDQglijpa hlPC5luknSejqQwvXec+voU1LnPpNvIAuK/zPeceLMRET49YrBNop0AAFBrvi9xW MWmgh//paO6RbA/Q8Bs2Q5bT5INYr9qIxGrDg98JLVd9eRFDFVmkRWpf2Os6YT9b KF2bLh8wd04Z8XzsEF1vlvs+z1bla0Rcm/2I07cJe5POn/Qse2bNf+F5lQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMsIO7+IgVNMiG1LYJWOEkbcGIqkMB8GA1UdIwQY MBaAFB4wpiJi3MshoBBLNO24K5UVys37MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGpDbUltTGN5eUdnRUVzMDdiZ3JsUlhLemZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC9mODM0YWQtZGYwZi00NTA1LTk2MTMt MmEwNGQzOTIzZDIyLzEveXdnN3Y0aUJVMHlJYlV0Z2xZNFNSdHdZaXFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMC9mODM0YWQtZGYwZi00NTA1LTk2MTMtMmEwNGQzOTIzZDIy LzEvSGpDbUltTGN5eUdnRUVzMDdiZ3JsUlhLemZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVdIMA0E AgACMAcDBQMqDvaAMA0GCSqGSIb3DQEBCwUAA4IBAQBbH/S8xwfeD8rZB5DRElvf ZstwNDe1V7Hz4wNgQq5hLyU2n2KdIwh7fTcLtRxtQWLCs1EDR1bEZ7SH/6kGS17x G1HX4ORtgFGGBHsYhlqRyfZOa87KN6wTed/SkLWwfwKvuvDax9adjA4v9bsDsVlj wMW75VBqE0paLNCjRqrNT4dNdnUgt7bONTndMw7iUDE9xKSgAh2y+5ASk5HlbAaV 05rZnDoJorNA0LfFeCs1sd7JgQWtHgNlH5e3tVybqdr6sQrxIHzU0eGipZuteP0H Zo0fM/0PZH+uur3cZYF5Levpc6Xn+F17+673ZdDAJJ0Oz9M51TgcK+aL0HxnyQ7V -----END CERTIFICATE-----Generated at Mon Feb 9 22:26:48 2026 by rpki-client