This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/DykLjsclXiuyJ1bWVxUABsFAYRc.roa File: DykLjsclXiuyJ1bWVxUABsFAYRc.roa (raw, json) Hash identifier: yDoATYqwDiqCrWNjq1GKRkyue4rLBBFRvCUgX0b/4LI= Subject key identifier: 0F:29:0B:8E:C7:25:5E:2B:B2:27:56:D6:57:15:00:06:C1:40:61:17 Certificate issuer: /CN=01a56c42ed7cb963f285503cec0606d60d0ab387 Certificate serial: 019BEA031A9DA153D94CF32B1A3184014C68 Authority key identifier: 01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/DykLjsclXiuyJ1bWVxUABsFAYRc.roa Signing time: Fri 23 Jan 2026 08:40:30 +0000 ROA not before: Fri 23 Jan 2026 08:40:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20546 IP address blocks: 178.250.164.0/24 maxlen: 24 185.158.156.0/24 maxlen: 24 188.172.112.0/24 maxlen: 24 188.172.113.0/24 maxlen: 24 188.172.114.0/24 maxlen: 24 188.172.121.0/24 maxlen: 24 188.172.125.0/24 maxlen: 24 195.64.132.0/24 maxlen: 24 195.64.133.0/24 maxlen: 24 2a00:1f08:400d::/48 maxlen: 48 2a00:1f08:403c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.mft rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ea:03:1a:9d:a1:53:d9:4c:f3:2b:1a:31:84:01:4c:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01a56c42ed7cb963f285503cec0606d60d0ab387 Validity Not Before: Jan 23 08:40:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0f290b8ec7255e2bb22756d657150006c1406117 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:00:39:1b:a3:f2:24:79:ff:7a:84:6e:50:72: 37:c7:85:5b:21:9f:70:ac:14:62:6c:08:e1:41:38: 28:4e:35:18:01:2c:94:a7:f0:f0:96:a7:68:ee:df: c5:82:48:07:0c:94:b0:6a:d3:b8:a7:b5:01:c9:3c: 81:07:7a:fd:cc:04:0a:d6:30:72:c8:00:c6:fc:95: b6:e2:5f:17:26:03:99:95:b0:0b:93:94:ff:44:59: 54:d3:e8:f8:98:15:3e:12:78:76:71:21:c4:bc:8c: b6:6d:39:38:cd:31:ec:59:24:af:66:86:19:63:2e: 4f:3d:25:70:c5:54:92:81:58:74:4f:a4:0b:0d:79: 7f:72:46:e4:f2:d5:2b:14:4b:70:e6:d2:37:d6:a1: eb:b2:65:42:23:4c:1b:17:3e:02:95:c8:02:9e:25: 32:db:f1:23:a8:7f:35:af:4d:0e:d7:04:ce:c3:aa: 34:8d:45:8a:a5:66:8f:7f:fa:1c:f4:f5:83:55:e8: f6:78:88:d6:16:e1:96:bc:8e:16:38:ef:3a:20:9c: 0b:e2:59:33:38:8d:f7:4f:24:f9:03:48:5d:cb:ff: 71:88:04:ad:02:71:31:ba:94:be:c9:77:53:3e:9b: f9:87:d8:79:9c:dc:a1:03:33:69:8e:c0:3f:e1:22: 24:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:29:0B:8E:C7:25:5E:2B:B2:27:56:D6:57:15:00:06:C1:40:61:17 X509v3 Authority Key Identifier: keyid:01:A5:6C:42:ED:7C:B9:63:F2:85:50:3C:EC:06:06:D6:0D:0A:B3:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AaVsQu18uWPyhVA87AYG1g0Ks4c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/DykLjsclXiuyJ1bWVxUABsFAYRc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/99cfe5-4b35-49c7-9a73-ed07f5cad6d7/1/AaVsQu18uWPyhVA87AYG1g0Ks4c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 178.250.164.0/24 185.158.156.0/24 188.172.112.0-188.172.114.255 188.172.121.0/24 188.172.125.0/24 195.64.132.0/23 IPv6: 2a00:1f08:400d::/48 2a00:1f08:403c::/48 Signature Algorithm: sha256WithRSAEncryption 15:e5:e1:77:88:70:98:84:85:72:51:e5:6f:41:74:45:da:46: 9e:d3:8e:6e:7f:23:af:5d:2f:dd:1f:a9:06:1d:4c:9d:e2:a1: af:86:67:0b:44:09:66:f7:a8:36:6f:9c:c0:8c:aa:e1:7e:f4: af:dd:a4:10:24:96:b8:68:da:b9:87:63:a0:45:1d:d1:17:c2: 7a:e6:d2:7e:e0:1c:b2:dc:ad:a0:f5:d7:6e:81:af:c3:30:10: 95:07:a3:6a:84:34:8d:e4:25:71:4e:1e:7c:4b:39:48:40:68: 24:de:52:de:ed:2b:ec:72:fe:6c:1a:07:a2:57:a2:1c:2a:5d: 9b:ca:8e:35:5c:d8:d7:1a:03:83:f0:f7:fc:8b:b1:b5:26:0e: 1a:58:fa:e4:a5:bd:69:79:2f:e4:0b:6f:d3:00:ca:87:02:57: df:12:53:6c:42:6a:94:b7:80:6a:94:c3:38:38:5f:67:d5:1a: e3:13:5b:e4:ff:2e:23:44:54:0a:f8:ac:c1:22:a7:eb:2a:ca: 60:f5:19:6d:e2:61:36:04:69:6d:2b:e5:36:48:a3:62:8f:fd: 2c:9f:71:c7:3a:14:f0:01:6e:26:b5:83:3c:a4:2a:98:2a:fb: 1c:44:a4:29:23:72:25:2c:21:8e:5b:87:53:4a:bd:b2:06:3e: a4:95:81:35 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgISAZvqAxqdoVPZTPMrGjGEAUxoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxYTU2YzQyZWQ3Y2I5NjNmMjg1NTAzY2VjMDYwNmQ2MGQw YWIzODcwHhcNMjYwMTIzMDg0MDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZjI5MGI4ZWM3MjU1ZTJiYjIyNzU2ZDY1NzE1MDAwNmMxNDA2MTE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAA5G6PyJHn/eoRuUHI3x4VbIZ9w rBRibAjhQTgoTjUYASyUp/Dwlqdo7t/FgkgHDJSwatO4p7UByTyBB3r9zAQK1jBy yADG/JW24l8XJgOZlbALk5T/RFlU0+j4mBU+Enh2cSHEvIy2bTk4zTHsWSSvZoYZ Yy5PPSVwxVSSgVh0T6QLDXl/ckbk8tUrFEtw5tI31qHrsmVCI0wbFz4ClcgCniUy 2/EjqH81r00O1wTOw6o0jUWKpWaPf/oc9PWDVej2eIjWFuGWvI4WOO86IJwL4lkz OI33TyT5A0hdy/9xiAStAnExupS+yXdTPpv5h9h5nNyhAzNpjsA/4SIkVQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFA8pC47HJV4rsidW1lcVAAbBQGEXMB8GA1UdIwQY MBaAFAGlbELtfLlj8oVQPOwGBtYNCrOHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMt ZWQwN2Y1Y2FkNmQ3LzEvRHlrTGpzY2xYaXV5SjFiV1Z4VUFCc0ZBWVJjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC85OWNmZTUtNGIzNS00OWM3LTlhNzMtZWQwN2Y1Y2FkNmQ3 LzEvQWFWc1F1MTh1V1B5aFZBODdBWUcxZzBLczRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjAyBAIAATAsAwQAsvqkAwQA uZ6cMAwDBAS8rHADBAC8rHIDBAC8rHkDBAC8rH0DBAHDQIQwGAQCAAIwEgMHACoA HwhADQMHACoAHwhAPDANBgkqhkiG9w0BAQsFAAOCAQEAFeXhd4hwmISFclHlb0F0 RdpGntOObn8jr10v3R+pBh1MneKhr4ZnC0QJZveoNm+cwIyq4X70r92kECSWuGja uYdjoEUd0RfCeubSfuAcstytoPXXboGvwzAQlQejaoQ0jeQlcU4efEs5SEBoJN5S 3u0r7HL+bBoHoleiHCpdm8qONVzY1xoDg/D3/IuxtSYOGlj65KW9aXkv5Atv0wDK hwJX3xJTbEJqlLeAapTDODhfZ9Ua4xNb5P8uI0RUCviswSKn6yrKYPUZbeJhNgRp bSvlNkijYo/9LJ9xxzoU8AFuJrWDPKQqmCr7HESkKSNyJSwhjluHU0q9sgY+pJWB NQ== -----END CERTIFICATE-----Generated at Sun Jan 25 09:04:51 2026 by rpki-client