This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/yjjbe9KP85kt8Ob2oDHDR9MXIMg.roa File: yjjbe9KP85kt8Ob2oDHDR9MXIMg.roa (raw, json) Hash identifier: wJzFwpkYh/4OlhPxLRY+Af3Zi8uNHB0MPLWQeMahMl4= Subject key identifier: CA:38:DB:7B:D2:8F:F3:99:2D:F0:E6:F6:A0:31:C3:47:D3:17:20:C8 Certificate issuer: /CN=28fd66e43a104633b27bac539b98bdf8ebfac9ae Certificate serial: 019B7AC92E7B759F1E414404F888CC0AA96A Authority key identifier: 28:FD:66:E4:3A:10:46:33:B2:7B:AC:53:9B:98:BD:F8:EB:FA:C9:AE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KP1m5DoQRjOye6xTm5i9-Ov6ya4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/yjjbe9KP85kt8Ob2oDHDR9MXIMg.roa Signing time: Thu 01 Jan 2026 18:19:23 +0000 ROA not before: Thu 01 Jan 2026 18:19:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203377 IP address blocks: 185.136.205.0/24 maxlen: 24 185.207.39.0/24 maxlen: 24 194.147.216.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/KP1m5DoQRjOye6xTm5i9-Ov6ya4.crl rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/KP1m5DoQRjOye6xTm5i9-Ov6ya4.mft rsync://rpki.ripe.net/repository/DEFAULT/KP1m5DoQRjOye6xTm5i9-Ov6ya4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c9:2e:7b:75:9f:1e:41:44:04:f8:88:cc:0a:a9:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28fd66e43a104633b27bac539b98bdf8ebfac9ae Validity Not Before: Jan 1 18:19:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ca38db7bd28ff3992df0e6f6a031c347d31720c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:86:bb:16:c4:3b:38:5f:64:e2:49:c7:9a:1f: 14:04:cc:60:ad:4c:86:85:a9:ab:79:41:e8:43:f2: 55:c3:07:d6:7d:92:60:ac:51:f3:7f:63:fe:93:7f: cc:dc:6c:0f:f4:7f:b2:84:e2:ef:52:65:12:38:fc: 21:26:29:d9:4d:e1:64:04:c3:4e:e4:32:e9:b2:17: 09:33:84:fb:55:61:4d:38:a3:66:55:b3:d0:36:2f: f6:1e:48:12:9c:59:ae:00:e8:1b:c1:4e:34:60:33: 22:a4:dc:4f:0b:8c:b8:35:d5:5d:0c:a4:7e:57:c3: ca:d4:90:d5:2d:b8:00:e5:5a:47:57:d1:48:49:38: b0:20:20:23:23:6a:87:c8:b1:97:d7:8e:de:26:c3: bd:d3:95:c2:76:3c:b4:15:37:0c:b3:9b:e1:4e:52: 03:01:d9:9e:f8:44:cc:16:ab:4c:d9:23:97:2e:5e: f6:5a:ab:91:ec:c3:c2:c1:b5:3b:f2:64:ec:6d:c6: 9d:bf:dd:33:c2:80:4f:ba:23:f6:92:be:65:fb:4d: 65:49:dd:5e:41:ad:ce:07:23:2b:a6:8d:d0:65:ba: 5f:66:02:98:3a:dd:08:96:92:2d:03:6b:05:eb:b5: 5e:55:fd:86:bf:81:87:62:3f:5e:d8:2d:a8:2e:00: 3c:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:38:DB:7B:D2:8F:F3:99:2D:F0:E6:F6:A0:31:C3:47:D3:17:20:C8 X509v3 Authority Key Identifier: keyid:28:FD:66:E4:3A:10:46:33:B2:7B:AC:53:9B:98:BD:F8:EB:FA:C9:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KP1m5DoQRjOye6xTm5i9-Ov6ya4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/yjjbe9KP85kt8Ob2oDHDR9MXIMg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/KP1m5DoQRjOye6xTm5i9-Ov6ya4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.136.205.0/24 185.207.39.0/24 194.147.216.0/24 Signature Algorithm: sha256WithRSAEncryption 8f:d7:52:f0:3a:c0:c5:5f:e1:96:0b:aa:f0:8a:e0:37:d0:be: 02:be:01:0e:61:b8:85:5e:07:53:07:c7:52:3c:5f:4a:8d:ad: 08:fd:9a:dc:67:48:cb:20:df:0d:fa:76:89:39:ed:00:eb:fb: b1:ef:58:b5:ae:c8:94:bb:b2:1f:f1:3c:37:b4:8a:fe:28:38: e1:70:f9:57:5e:dd:2c:d8:01:2d:cd:85:23:74:a9:63:2c:5a: 52:0d:06:b7:f6:19:0d:8e:60:af:96:1e:ae:46:a9:e1:a5:ae: 21:27:43:f8:39:02:31:f0:fb:fe:50:bd:9a:2b:7c:15:d9:94: 75:80:bc:11:50:09:e2:28:fc:54:64:ad:f7:70:88:0f:8d:42: 07:f7:f8:d0:bf:8a:48:ed:18:ef:ac:8b:f6:69:36:65:b5:e1: 33:0e:8b:a4:76:b1:2e:f4:24:ab:d6:96:58:1f:6e:0b:86:78: 32:44:42:34:9e:01:6a:a7:20:84:51:68:ad:1a:02:4c:e0:e7: 46:7d:d9:a6:8c:28:80:d9:d0:6e:12:80:e9:ef:12:67:86:66: 2c:ff:17:fa:c9:f1:12:d0:f3:77:40:f7:9a:30:99:12:34:86: 49:61:0b:43:06:2a:c5:55:e8:da:0d:04:9d:89:56:2a:18:c7: 44:f6:5a:8a -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt6yS57dZ8eQUQE+IjMCqlqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4ZmQ2NmU0M2ExMDQ2MzNiMjdiYWM1MzliOThiZGY4ZWJm YWM5YWUwHhcNMjYwMTAxMTgxOTIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYTM4ZGI3YmQyOGZmMzk5MmRmMGU2ZjZhMDMxYzM0N2QzMTcyMGM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIa7FsQ7OF9k4knHmh8UBMxgrUyG hamreUHoQ/JVwwfWfZJgrFHzf2P+k3/M3GwP9H+yhOLvUmUSOPwhJinZTeFkBMNO 5DLpshcJM4T7VWFNOKNmVbPQNi/2HkgSnFmuAOgbwU40YDMipNxPC4y4NdVdDKR+ V8PK1JDVLbgA5VpHV9FISTiwICAjI2qHyLGX147eJsO905XCdjy0FTcMs5vhTlID Adme+ETMFqtM2SOXLl72WquR7MPCwbU78mTsbcadv90zwoBPuiP2kr5l+01lSd1e Qa3OByMrpo3QZbpfZgKYOt0IlpItA2sF67VeVf2Gv4GHYj9e2C2oLgA8QwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFMo423vSj/OZLfDm9qAxw0fTFyDIMB8GA1UdIwQY MBaAFCj9ZuQ6EEYzsnusU5uYvfjr+smuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1AxbTVEb1FSak95ZTZ4VG01aTktT3Y2eWE0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84ZWQzYjctYmIyZC00ZjRkLTlkYjYt MjY3NjY5ZjM1NjQ4LzEveWpqYmU5S1A4NWt0OE9iMm9ESERSOU1YSU1nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi84ZWQzYjctYmIyZC00ZjRkLTlkYjYtMjY3NjY5ZjM1NjQ4 LzEvS1AxbTVEb1FSak95ZTZ4VG01aTktT3Y2eWE0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuYjNAwQA uc8nAwQAwpPYMA0GCSqGSIb3DQEBCwUAA4IBAQCP11LwOsDFX+GWC6rwiuA30L4C vgEOYbiFXgdTB8dSPF9Kja0I/ZrcZ0jLIN8N+naJOe0A6/ux71i1rsiUu7If8Tw3 tIr+KDjhcPlXXt0s2AEtzYUjdKljLFpSDQa39hkNjmCvlh6uRqnhpa4hJ0P4OQIx 8Pv+UL2aK3wV2ZR1gLwRUAniKPxUZK33cIgPjUIH9/jQv4pI7RjvrIv2aTZlteEz DoukdrEu9CSr1pZYH24LhngyREI0ngFqpyCEUWitGgJM4OdGfdmmjCiA2dBuEoDp 7xJnhmYs/xf6yfES0PN3QPeaMJkSNIZJYQtDBirFVejaDQSdiVYqGMdE9lqK -----END CERTIFICATE-----Generated at Sun Jan 25 19:17:31 2026 by rpki-client