This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/yrWxpBzKxRScDYePiOpxdj3dkio.roa File: yrWxpBzKxRScDYePiOpxdj3dkio.roa (raw, json) Hash identifier: r3hoxSF07m6IvBnRvDQ9QwosuUzrrCxMbtV2SLeyuvs= Subject key identifier: CA:B5:B1:A4:1C:CA:C5:14:9C:0D:87:8F:88:EA:71:76:3D:DD:92:2A Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8 Certificate serial: 019B7DC8835E40BD80A3D7EDF8857F73CDB6 Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/yrWxpBzKxRScDYePiOpxdj3dkio.roa Signing time: Fri 02 Jan 2026 08:17:31 +0000 ROA not before: Fri 02 Jan 2026 08:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50952 IP address blocks: 95.161.252.0/24 maxlen: 24 178.18.224.0/22 maxlen: 22 178.18.235.0/24 maxlen: 24 178.18.236.0/22 maxlen: 22 2a03:5f80:9::/48 maxlen: 48 2a03:5f80:b::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.mft rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c8:83:5e:40:bd:80:a3:d7:ed:f8:85:7f:73:cd:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8 Validity Not Before: Jan 2 08:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cab5b1a41ccac5149c0d878f88ea71763ddd922a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b7:9a:ea:8c:ec:21:bb:d3:12:cf:8a:70:46: c2:2c:b7:65:68:89:d1:ff:13:0b:a8:8b:a5:29:d0: 6f:ff:f6:18:c6:f4:71:8b:3d:56:6e:18:8c:d3:87: 2a:d8:bb:c0:36:98:0a:89:9f:05:a2:6a:d6:4b:b9: ca:76:28:9e:a8:ae:70:b5:f1:dd:d3:8d:72:1e:3d: 3f:69:1c:ea:8e:57:09:e0:10:80:59:95:5d:41:fe: 5c:62:74:a2:2e:10:37:ae:44:ba:a5:cd:e6:b2:39: 1c:11:45:c4:af:4b:28:2f:68:33:38:41:d4:9f:e6: 0a:4d:44:6d:9a:bb:46:81:b7:91:5e:01:f4:31:2d: 12:20:b9:f4:a4:28:3e:9a:35:1e:5d:2a:36:e8:c1: a9:7b:fa:a4:d5:4c:f6:ab:84:b9:7a:cb:39:1b:d0: f2:24:f0:ad:74:58:99:a0:9e:2a:a7:5d:a0:30:26: 7c:be:d7:9d:0e:2b:3a:79:10:78:4b:aa:a7:2b:a8: 0f:9b:10:63:ef:4e:46:c0:06:90:cb:e1:d6:f0:a6: b6:5c:76:4c:c3:70:7e:9b:30:61:5f:9d:56:fa:24: 08:74:f0:6f:3b:8e:1c:e7:4f:4f:2f:b9:ef:d1:00: 77:d1:fe:8c:e2:a5:5e:ce:c0:6a:35:d9:97:0e:14: 50:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:B5:B1:A4:1C:CA:C5:14:9C:0D:87:8F:88:EA:71:76:3D:DD:92:2A X509v3 Authority Key Identifier: keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/yrWxpBzKxRScDYePiOpxdj3dkio.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.161.252.0/24 178.18.224.0/22 178.18.235.0-178.18.239.255 IPv6: 2a03:5f80:9::/48 2a03:5f80:b::/48 Signature Algorithm: sha256WithRSAEncryption 63:a0:14:3c:d9:5e:39:29:20:e5:42:98:d4:66:83:ed:f8:2f: d0:1c:2c:e8:fa:60:83:76:6a:2f:f0:38:69:f2:f4:b0:dc:38: db:66:7b:96:1e:6d:4d:5e:f2:ae:67:fb:4e:1d:93:e1:32:36: 45:55:f1:24:a6:4b:a6:53:9f:b4:de:19:ce:f6:93:94:fb:d7: ea:bc:a6:a3:29:47:87:c7:f4:c5:35:81:a6:1a:c0:bb:4c:af: 76:c4:7a:43:81:ad:fa:33:92:a8:e7:68:d0:1e:6f:d7:7c:8c: 33:74:2e:37:db:0a:e7:4a:73:59:35:31:de:28:20:f1:ad:98: 75:3b:a2:20:80:b8:81:73:41:cd:04:89:8c:66:a9:8c:6e:fb: fa:2b:03:d9:3c:43:a4:3a:eb:d7:73:8e:ff:a6:2a:70:bd:98: 74:bd:79:7b:c0:c6:55:a7:00:55:32:c1:35:cd:1f:25:62:fb: e2:ff:0e:f7:dc:7c:9f:2a:e1:32:46:f9:09:28:f7:58:64:ce: 7c:05:1f:4d:75:d6:0e:e0:82:57:5c:ae:bb:c7:3a:02:7a:c1: f9:a5:e3:61:94:8c:4e:ab:14:62:85:59:cf:db:6c:00:dc:86: b0:82:a7:51:ce:5d:16:55:67:27:d3:68:b0:2c:84:cd:5f:25: 29:57:f3:70 -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgISAZt9yINeQL2Ao9ft+IV/c822MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx YTUxYjgwHhcNMjYwMTAyMDgxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYWI1YjFhNDFjY2FjNTE0OWMwZDg3OGY4OGVhNzE3NjNkZGQ5MjJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrea6ozsIbvTEs+KcEbCLLdlaInR /xMLqIulKdBv//YYxvRxiz1WbhiM04cq2LvANpgKiZ8FomrWS7nKdiieqK5wtfHd 041yHj0/aRzqjlcJ4BCAWZVdQf5cYnSiLhA3rkS6pc3msjkcEUXEr0soL2gzOEHU n+YKTURtmrtGgbeRXgH0MS0SILn0pCg+mjUeXSo26MGpe/qk1Uz2q4S5ess5G9Dy JPCtdFiZoJ4qp12gMCZ8vtedDis6eRB4S6qnK6gPmxBj705GwAaQy+HW8Ka2XHZM w3B+mzBhX51W+iQIdPBvO44c509PL7nv0QB30f6M4qVezsBqNdmXDhRQ0wIDAQAB o4ICNzCCAjMwHQYDVR0OBBYEFMq1saQcysUUnA2Hj4jqcXY93ZIqMB8GA1UdIwQY MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt NzY3NDE2NTI1MTBkLzEveXJXeHBCekt4UlNjRFllUGlPcHhkajNka2lvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAgBAIAATAaAwQAX6H8AwQC shLgMAwDBACyEusDBASyEuAwGAQCAAIwEgMHACoDX4AACQMHACoDX4AACzANBgkq hkiG9w0BAQsFAAOCAQEAY6AUPNleOSkg5UKY1GaD7fgv0Bws6Ppgg3ZqL/A4afL0 sNw422Z7lh5tTV7yrmf7Th2T4TI2RVXxJKZLplOftN4ZzvaTlPvX6rymoylHh8f0 xTWBphrAu0yvdsR6Q4Gt+jOSqOdo0B5v13yMM3QuN9sK50pzWTUx3igg8a2YdTui IIC4gXNBzQSJjGapjG77+isD2TxDpDrr13OO/6YqcL2YdL15e8DGVacAVTLBNc0f JWL74v8O99x8nyrhMkb5CSj3WGTOfAUfTXXWDuCCV1yuu8c6AnrB+aXjYZSMTqsU YoVZz9tsANyGsIKnUc5dFlVnJ9NosCyEzV8lKVfzcA== -----END CERTIFICATE-----Generated at Sun Jan 25 17:40:06 2026 by rpki-client