This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/Y8fFR3SR2JFo5SN-QHUy1g5AXnQ.roa File: Y8fFR3SR2JFo5SN-QHUy1g5AXnQ.roa (raw, json) Hash identifier: rcBm3Sru1/9gzs1C6m5Kf+QWRSXdM9HmkBd/Rq/ayVk= Subject key identifier: 63:C7:C5:47:74:91:D8:91:68:E5:23:7E:40:75:32:D6:0E:40:5E:74 Certificate issuer: /CN=cd65ee23bff42ccf679d7377fe4da695d341aef0 Certificate serial: 019B7C11CB810A93C2783C3E9FF9B921BE26 Authority key identifier: CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/Y8fFR3SR2JFo5SN-QHUy1g5AXnQ.roa Signing time: Fri 02 Jan 2026 00:18:19 +0000 ROA not before: Fri 02 Jan 2026 00:18:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25234 IP address blocks: 185.71.159.0/24 maxlen: 24 2a02:250:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.mft rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 09:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:cb:81:0a:93:c2:78:3c:3e:9f:f9:b9:21:be:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd65ee23bff42ccf679d7377fe4da695d341aef0 Validity Not Before: Jan 2 00:18:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=63c7c5477491d89168e5237e407532d60e405e74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:c3:79:a7:80:34:ad:c2:46:a9:84:68:ee:f7: ce:b5:d9:1f:ad:c0:53:fa:2b:d7:7f:59:c7:59:86: 84:d0:0e:76:93:c1:9c:6a:cd:07:33:f1:7b:f5:5c: 61:3b:73:92:90:ed:fb:6b:35:47:d7:eb:e3:a6:f3: ad:53:24:ac:64:68:b3:e5:70:bf:12:65:06:c7:9e: d3:1c:c4:33:54:e6:64:7e:2c:d3:07:a6:12:75:59: e7:49:5a:76:92:7e:a1:3e:4f:72:e8:cf:73:1b:6a: 11:5f:80:4c:99:b9:4e:f0:52:28:8d:13:14:db:6c: 3a:69:92:50:02:48:59:38:29:54:11:2e:8f:a1:1d: 89:9a:78:97:58:fe:aa:ee:35:8e:89:6c:7e:03:b7: 69:89:03:46:05:da:02:33:4e:cd:55:5f:63:60:ca: a4:50:a3:70:03:0f:3d:51:40:74:07:7c:ae:4f:e9: 73:9d:b9:ad:20:5e:dd:43:37:b1:35:9d:5f:eb:79: 9b:3d:4e:45:dc:4d:20:0d:85:aa:6b:ee:ca:ac:c3: 8c:f9:8d:38:1d:17:2d:76:27:ec:93:d0:6c:26:80: ed:d9:88:33:61:f3:f6:15:46:28:c0:1a:42:6d:6e: 39:06:32:3a:77:fe:9f:f8:68:3d:cd:6f:e0:dd:50: 37:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:C7:C5:47:74:91:D8:91:68:E5:23:7E:40:75:32:D6:0E:40:5E:74 X509v3 Authority Key Identifier: keyid:CD:65:EE:23:BF:F4:2C:CF:67:9D:73:77:FE:4D:A6:95:D3:41:AE:F0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWXuI7_0LM9nnXN3_k2mldNBrvA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/Y8fFR3SR2JFo5SN-QHUy1g5AXnQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/006d43-3dbf-4cf8-815d-5dc2fa6a3503/1/zWXuI7_0LM9nnXN3_k2mldNBrvA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.71.159.0/24 IPv6: 2a02:250:3::/48 Signature Algorithm: sha256WithRSAEncryption 49:1c:58:f5:27:f1:d7:13:87:b4:6b:91:68:9a:75:d1:d6:91: 15:58:3c:71:0c:51:a2:99:44:4b:72:e8:ae:4c:e3:2e:45:15: b2:31:e8:98:7b:72:8f:84:9e:be:24:89:ac:d5:79:80:99:7f: 9a:1f:77:65:6b:8e:dc:ff:52:91:89:54:9d:d9:26:88:f9:da: 2c:78:e7:6a:30:2f:72:0d:a8:99:54:eb:d9:80:8e:77:9f:64: 32:84:55:73:c1:28:2b:f9:f7:fc:75:67:2b:c7:03:d7:57:64: 87:8c:6c:92:1e:23:bc:e6:83:e3:69:f2:f6:e5:93:67:39:00: db:68:0a:d8:bc:e7:65:31:ab:3e:7b:e1:2e:96:73:9b:41:37: 7c:ef:1b:19:82:27:b9:af:1f:ae:cc:7e:20:79:6e:14:0a:72: 9b:36:c1:ca:c5:fd:3d:2d:a5:2a:35:0f:38:4e:39:ee:9f:c4: ae:a0:ec:cc:f3:db:80:ac:f5:e7:d6:27:97:e9:9e:be:33:25: f4:e3:28:c0:3f:ef:00:c9:1d:f8:71:c9:1d:1d:0b:89:bb:ba: fd:b5:1e:2f:a9:eb:32:14:fd:59:bf:b3:4a:1a:e4:53:40:b7: fd:1d:4a:63:77:87:85:9c:8d:80:7a:20:35:3a:f3:f5:f5:d4: 5d:95:2f:bd -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt8EcuBCpPCeDw+n/m5Ib4mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkNjVlZTIzYmZmNDJjY2Y2NzlkNzM3N2ZlNGRhNjk1ZDM0 MWFlZjAwHhcNMjYwMTAyMDAxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2M2M3YzU0Nzc0OTFkODkxNjhlNTIzN2U0MDc1MzJkNjBlNDA1ZTc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsN5p4A0rcJGqYRo7vfOtdkfrcBT +ivXf1nHWYaE0A52k8Gcas0HM/F79VxhO3OSkO37azVH1+vjpvOtUySsZGiz5XC/ EmUGx57THMQzVOZkfizTB6YSdVnnSVp2kn6hPk9y6M9zG2oRX4BMmblO8FIojRMU 22w6aZJQAkhZOClUES6PoR2JmniXWP6q7jWOiWx+A7dpiQNGBdoCM07NVV9jYMqk UKNwAw89UUB0B3yuT+lznbmtIF7dQzexNZ1f63mbPU5F3E0gDYWqa+7KrMOM+Y04 HRctdifsk9BsJoDt2YgzYfP2FUYowBpCbW45BjI6d/6f+Gg9zW/g3VA3jwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFGPHxUd0kdiRaOUjfkB1MtYOQF50MB8GA1UdIwQY MBaAFM1l7iO/9CzPZ51zd/5NppXTQa7wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQt NWRjMmZhNmEzNTAzLzEvWThmRlIzU1IySkZvNVNOLVFIVXkxZzVBWG5RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS8wMDZkNDMtM2RiZi00Y2Y4LTgxNWQtNWRjMmZhNmEzNTAz LzEveldYdUk3XzBMTTlublhOM19rMm1sZE5CcnZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuUefMA8E AgACMAkDBwAqAgJQAAMwDQYJKoZIhvcNAQELBQADggEBAEkcWPUn8dcTh7RrkWia ddHWkRVYPHEMUaKZREty6K5M4y5FFbIx6Jh7co+Enr4kiazVeYCZf5ofd2Vrjtz/ UpGJVJ3ZJoj52ix452owL3INqJlU69mAjnefZDKEVXPBKCv59/x1ZyvHA9dXZIeM bJIeI7zmg+Np8vblk2c5ANtoCti852Uxqz574S6Wc5tBN3zvGxmCJ7mvH67MfiB5 bhQKcps2wcrF/T0tpSo1DzhOOe6fxK6g7Mzz24Cs9efWJ5fpnr4zJfTjKMA/7wDJ HfhxyR0dC4m7uv21Hi+p6zIU/Vm/s0oa5FNAt/0dSmN3h4WcjYB6IDU68/X11F2V L70= -----END CERTIFICATE-----Generated at Mon Jan 26 14:11:50 2026 by rpki-client