This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/c00c13-791a-4e15-baf7-e03ac589a03f/1/Ygz8nv_cil4CTr3aZUug7yPj4v8.roa File: Ygz8nv_cil4CTr3aZUug7yPj4v8.roa (raw, json) Hash identifier: PHkNGvc8VFiKuUZOzOtLVzJuZVZBuOD5WdBuF+PV+G4= Subject key identifier: 62:0C:FC:9E:FF:DC:8A:5E:02:4E:BD:DA:65:4B:A0:EF:23:E3:E2:FF Certificate issuer: /CN=1eab01293c9dbd1a9d6adc86182b520cd176c007 Certificate serial: 019B79100756C61121302407D5EEED3E7E1C Authority key identifier: 1E:AB:01:29:3C:9D:BD:1A:9D:6A:DC:86:18:2B:52:0C:D1:76:C0:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqsBKTydvRqdatyGGCtSDNF2wAc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/c00c13-791a-4e15-baf7-e03ac589a03f/1/Ygz8nv_cil4CTr3aZUug7yPj4v8.roa Signing time: Thu 01 Jan 2026 10:17:32 +0000 ROA not before: Thu 01 Jan 2026 10:17:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 196945 IP address blocks: 91.217.155.0/24 maxlen: 24 185.106.16.0/22 maxlen: 24 2a06:3ac0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/c00c13-791a-4e15-baf7-e03ac589a03f/1/HqsBKTydvRqdatyGGCtSDNF2wAc.crl rsync://rpki.ripe.net/repository/DEFAULT/11/c00c13-791a-4e15-baf7-e03ac589a03f/1/HqsBKTydvRqdatyGGCtSDNF2wAc.mft rsync://rpki.ripe.net/repository/DEFAULT/HqsBKTydvRqdatyGGCtSDNF2wAc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:07:56:c6:11:21:30:24:07:d5:ee:ed:3e:7e:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1eab01293c9dbd1a9d6adc86182b520cd176c007 Validity Not Before: Jan 1 10:17:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=620cfc9effdc8a5e024ebdda654ba0ef23e3e2ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:aa:2e:cf:25:ca:4b:73:c0:0b:60:55:db:f2: 19:02:17:2a:0a:b4:e8:f8:a7:50:e0:a1:1f:a5:7c: 36:e0:eb:59:88:e6:e0:37:13:6a:84:ae:22:ce:11: ab:ae:10:66:e3:39:68:62:cd:30:3f:ef:ee:86:dd: fa:24:30:e4:7f:e3:02:f7:07:c4:27:32:26:c4:ac: 3f:a3:3b:ae:a3:06:d4:de:11:5c:39:82:5b:0e:12: dd:c7:a1:6d:9a:72:44:78:90:06:77:33:65:10:8c: 9a:d4:79:44:7c:eb:ea:d2:87:78:18:2a:2a:01:5e: 3c:5c:5d:22:a4:35:43:ea:35:1c:ec:5e:4d:e3:ac: 6c:b4:a7:a9:f5:68:0a:8f:33:5b:15:0f:2f:f1:1e: 08:88:7c:46:11:25:dd:57:63:79:44:86:d5:8f:0a: 37:01:d2:f1:96:f9:0b:8d:0d:fc:44:8f:89:53:38: cd:8e:79:9f:f2:e9:be:00:af:9b:e1:2c:5a:3a:20: 81:bf:7d:9e:a8:8a:74:e2:48:d4:ef:a0:a7:d9:3b: 80:b3:7e:83:5d:2b:a2:3a:87:3c:29:a3:b1:29:e0: 49:ff:5d:82:3c:e2:52:23:ce:87:0b:86:84:74:b8: 57:35:68:46:db:04:dd:8c:dd:af:3a:05:99:b5:4d: fa:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:0C:FC:9E:FF:DC:8A:5E:02:4E:BD:DA:65:4B:A0:EF:23:E3:E2:FF X509v3 Authority Key Identifier: keyid:1E:AB:01:29:3C:9D:BD:1A:9D:6A:DC:86:18:2B:52:0C:D1:76:C0:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqsBKTydvRqdatyGGCtSDNF2wAc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/c00c13-791a-4e15-baf7-e03ac589a03f/1/Ygz8nv_cil4CTr3aZUug7yPj4v8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/c00c13-791a-4e15-baf7-e03ac589a03f/1/HqsBKTydvRqdatyGGCtSDNF2wAc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.217.155.0/24 185.106.16.0/22 IPv6: 2a06:3ac0::/29 Signature Algorithm: sha256WithRSAEncryption 73:2c:37:91:71:98:6a:cc:69:7f:93:e0:28:c1:26:16:30:10: 85:77:a3:f9:16:20:17:3e:f8:5c:37:0e:e9:93:1c:a0:fa:ea: 2c:0d:13:65:95:00:aa:b4:fa:9e:3a:cb:02:a0:e3:32:a8:57: 97:e7:7a:61:5d:79:d1:32:ba:32:27:40:65:fa:0e:d5:58:8c: 2f:da:6a:ed:08:a4:21:77:f9:13:88:c3:02:9c:2d:cf:18:8f: 56:63:c3:b3:40:f7:ef:98:b5:f3:1f:38:b1:1c:df:b3:59:c4: ee:cf:71:fe:f0:bf:f1:f0:67:9d:0a:aa:65:27:8b:38:62:48: 38:fe:2d:40:ab:9e:c2:b1:e4:41:c6:13:c0:99:ec:d3:9e:6c: e5:81:88:46:76:a7:9e:64:10:c0:5d:9a:a2:85:ac:a8:88:17: 52:30:2c:9f:dc:39:59:de:aa:6b:b0:e4:46:67:38:4f:54:9d: 2b:30:b4:24:2e:8c:0e:9f:1c:d8:8e:3e:de:7d:60:2c:b6:16: 1e:71:e1:be:d9:2b:2c:1b:33:66:dd:c2:e2:4a:fb:4f:9e:3e: f0:12:6b:fb:75:7f:c1:3a:c9:23:28:e4:9e:6a:6e:5e:f6:0b: b1:e8:b0:40:e6:90:21:cf:a0:32:94:3d:1c:a2:ae:b1:03:f8: 12:a5:60:ad -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5EAdWxhEhMCQH1e7tPn4cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlYWIwMTI5M2M5ZGJkMWE5ZDZhZGM4NjE4MmI1MjBjZDE3 NmMwMDcwHhcNMjYwMTAxMTAxNzMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MjBjZmM5ZWZmZGM4YTVlMDI0ZWJkZGE2NTRiYTBlZjIzZTNlMmZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKouzyXKS3PAC2BV2/IZAhcqCrTo +KdQ4KEfpXw24OtZiObgNxNqhK4izhGrrhBm4zloYs0wP+/uht36JDDkf+MC9wfE JzImxKw/ozuuowbU3hFcOYJbDhLdx6FtmnJEeJAGdzNlEIya1HlEfOvq0od4GCoq AV48XF0ipDVD6jUc7F5N46xstKep9WgKjzNbFQ8v8R4IiHxGESXdV2N5RIbVjwo3 AdLxlvkLjQ38RI+JUzjNjnmf8um+AK+b4SxaOiCBv32eqIp04kjU76Cn2TuAs36D XSuiOoc8KaOxKeBJ/12CPOJSI86HC4aEdLhXNWhG2wTdjN2vOgWZtU36XQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFGIM/J7/3IpeAk692mVLoO8j4+L/MB8GA1UdIwQY MBaAFB6rASk8nb0anWrchhgrUgzRdsAHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSHFzQktUeWR2UnFkYXR5R0dDdFNETkYyd0FjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9jMDBjMTMtNzkxYS00ZTE1LWJhZjct ZTAzYWM1ODlhMDNmLzEvWWd6OG52X2NpbDRDVHIzYVpVdWc3eVBqNHY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS9jMDBjMTMtNzkxYS00ZTE1LWJhZjctZTAzYWM1ODlhMDNm LzEvSHFzQktUeWR2UnFkYXR5R0dDdFNETkYyd0FjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9mbAwQC uWoQMA0EAgACMAcDBQMqBjrAMA0GCSqGSIb3DQEBCwUAA4IBAQBzLDeRcZhqzGl/ k+AowSYWMBCFd6P5FiAXPvhcNw7pkxyg+uosDRNllQCqtPqeOssCoOMyqFeX53ph XXnRMroyJ0Bl+g7VWIwv2mrtCKQhd/kTiMMCnC3PGI9WY8OzQPfvmLXzHzixHN+z WcTuz3H+8L/x8GedCqplJ4s4Ykg4/i1Aq57CseRBxhPAmezTnmzlgYhGdqeeZBDA XZqihayoiBdSMCyf3DlZ3qprsORGZzhPVJ0rMLQkLowOnxzYjj7efWAsthYeceG+ 2SssGzNm3cLiSvtPnj7wEmv7dX/BOskjKOSeam5e9gux6LBA5pAhz6AylD0coq6x A/gSpWCt -----END CERTIFICATE-----Generated at Mon Jan 26 00:37:33 2026 by rpki-client