This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/YMR3GJbdXql7Jsh3dxWjcUeP48Y.roa File: YMR3GJbdXql7Jsh3dxWjcUeP48Y.roa (raw, json) Hash identifier: gHL07vUFK2CcIqukSRDsmHNwBcuxDAA0OST3BzCeGt0= Subject key identifier: 60:C4:77:18:96:DD:5E:A9:7B:26:C8:77:77:15:A3:71:47:8F:E3:C6 Certificate issuer: /CN=6a4623f76bd5bb2df0af66f360ff74ff1c00db02 Certificate serial: 019B7834BF86A74991EBAF86516D40FC022F Authority key identifier: 6A:46:23:F7:6B:D5:BB:2D:F0:AF:66:F3:60:FF:74:FF:1C:00:DB:02 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/YMR3GJbdXql7Jsh3dxWjcUeP48Y.roa Signing time: Thu 01 Jan 2026 06:18:01 +0000 ROA not before: Thu 01 Jan 2026 06:18:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199246 IP address blocks: 185.4.132.0/22 maxlen: 24 185.138.40.0/22 maxlen: 24 2a02:c500::/29 maxlen: 48 2a07:8c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/akYj92vVuy3wr2bzYP90_xwA2wI.crl rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/akYj92vVuy3wr2bzYP90_xwA2wI.mft rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 00:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:bf:86:a7:49:91:eb:af:86:51:6d:40:fc:02:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6a4623f76bd5bb2df0af66f360ff74ff1c00db02 Validity Not Before: Jan 1 06:18:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=60c4771896dd5ea97b26c8777715a371478fe3c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:62:fd:49:e5:07:dd:90:d8:bf:24:0d:0b:c7: 86:3d:e5:84:31:08:f8:3f:1f:94:c4:4a:48:c9:69: 78:ae:1b:d7:0a:f4:7d:37:2d:de:26:b9:66:97:06: 6b:71:ef:d5:6a:61:e1:ad:61:14:d5:44:07:4e:46: f6:ea:09:2d:ec:a7:3a:f5:e3:c8:7a:21:96:6e:fd: ef:63:28:ab:e5:2c:dc:9c:b2:a0:fd:3e:64:a0:9e: a2:e9:ef:87:83:68:82:19:2e:3f:dc:a6:9f:3b:95: 00:4c:42:e9:99:6b:ac:12:7b:1a:7d:2f:9c:cc:69: f5:59:a1:51:40:8a:8e:dd:27:9f:30:01:bf:aa:df: ed:e7:38:d2:c3:c9:20:fb:e6:bb:8f:ea:56:6b:86: e3:10:41:2d:e4:69:cb:a2:43:2f:a3:27:2c:08:e2: d7:d3:4d:ff:a8:bb:8b:55:c5:1b:51:6b:c6:25:fd: 8a:7d:a9:36:7d:16:a1:c3:ef:6b:7d:66:f9:e5:e4: bb:95:4e:96:72:ad:cc:e6:79:e7:6d:f1:d1:30:bc: 3d:23:d1:62:04:a4:23:3d:29:d5:bf:e3:d3:38:ab: 60:ff:d4:c4:7f:49:47:08:ba:de:2c:27:bf:26:40: 44:8b:56:b5:8b:6f:f6:d8:f7:c6:99:06:38:0a:2d: be:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:C4:77:18:96:DD:5E:A9:7B:26:C8:77:77:15:A3:71:47:8F:E3:C6 X509v3 Authority Key Identifier: keyid:6A:46:23:F7:6B:D5:BB:2D:F0:AF:66:F3:60:FF:74:FF:1C:00:DB:02 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/akYj92vVuy3wr2bzYP90_xwA2wI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/YMR3GJbdXql7Jsh3dxWjcUeP48Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/599528-b89d-4402-a808-6c832050e77a/1/akYj92vVuy3wr2bzYP90_xwA2wI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.4.132.0/22 185.138.40.0/22 IPv6: 2a02:c500::/29 2a07:8c0::/29 Signature Algorithm: sha256WithRSAEncryption 48:2e:85:ac:80:c5:2b:93:cb:9a:31:89:4a:9d:7f:6b:2b:4c: 16:63:1f:7e:41:a0:67:ef:29:8c:3e:56:1f:7a:fa:13:aa:39: 7b:0a:67:87:48:68:c1:45:69:50:2d:6b:3a:9b:bc:dd:13:c3: fb:8e:da:ec:12:b2:bd:97:da:d4:4c:9f:44:37:8f:bf:d2:22: 48:58:f6:8a:58:c8:42:6b:0d:eb:24:81:74:2f:40:c6:3a:64: 4d:7c:0f:15:2f:ee:3b:d2:66:d8:86:b0:13:42:e4:36:63:9e: 0b:ef:8e:5f:8a:50:b6:9f:c9:5a:03:cd:c3:83:23:50:af:b7: f9:6c:55:3a:5d:1c:88:86:07:25:6e:2f:68:5b:83:d8:b0:3e: 93:62:42:93:bf:24:1e:48:98:62:cd:89:9a:a9:92:72:0b:c7: 55:c4:c6:a8:0f:5d:7d:cb:27:78:7d:01:ff:5b:3a:f5:c2:80: e7:4c:5e:85:fd:11:cc:6a:bd:8d:cf:a2:71:03:98:25:90:dd: 35:fc:07:02:70:e9:95:d1:c7:e6:87:fe:64:13:57:9b:6b:f7: 13:cc:74:5a:53:40:0a:30:fd:64:ff:3a:ae:26:0b:40:ed:ca: 29:c8:e4:c5:52:8e:a7:12:68:9d:52:ca:2d:57:e7:20:ab:7a: 50:f9:f3:4c -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZt4NL+Gp0mR66+GUW1A/AIvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhNDYyM2Y3NmJkNWJiMmRmMGFmNjZmMzYwZmY3NGZmMWMw MGRiMDIwHhcNMjYwMTAxMDYxODAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MGM0NzcxODk2ZGQ1ZWE5N2IyNmM4Nzc3NzE1YTM3MTQ3OGZlM2M2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2L9SeUH3ZDYvyQNC8eGPeWEMQj4 Px+UxEpIyWl4rhvXCvR9Ny3eJrlmlwZrce/VamHhrWEU1UQHTkb26gkt7Kc69ePI eiGWbv3vYyir5SzcnLKg/T5koJ6i6e+Hg2iCGS4/3KafO5UATELpmWusEnsafS+c zGn1WaFRQIqO3SefMAG/qt/t5zjSw8kg++a7j+pWa4bjEEEt5GnLokMvoycsCOLX 003/qLuLVcUbUWvGJf2Kfak2fRahw+9rfWb55eS7lU6Wcq3M5nnnbfHRMLw9I9Fi BKQjPSnVv+PTOKtg/9TEf0lHCLreLCe/JkBEi1a1i2/22PfGmQY4Ci2+rQIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFGDEdxiW3V6peybId3cVo3FHj+PGMB8GA1UdIwQY MBaAFGpGI/dr1bst8K9m82D/dP8cANsCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWtZajkydlZ1eTN3cjJiellQOTBfeHdBMndJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS81OTk1MjgtYjg5ZC00NDAyLWE4MDgt NmM4MzIwNTBlNzdhLzEvWU1SM0dKYmRYcWw3SnNoM2R4V2pjVWVQNDhZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS81OTk1MjgtYjg5ZC00NDAyLWE4MDgtNmM4MzIwNTBlNzdh LzEvYWtZajkydlZ1eTN3cjJiellQOTBfeHdBMndJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuQSEAwQC uYooMBQEAgACMA4DBQMqAsUAAwUDKgcIwDANBgkqhkiG9w0BAQsFAAOCAQEASC6F rIDFK5PLmjGJSp1/aytMFmMffkGgZ+8pjD5WH3r6E6o5ewpnh0howUVpUC1rOpu8 3RPD+47a7BKyvZfa1EyfRDePv9IiSFj2iljIQmsN6ySBdC9AxjpkTXwPFS/uO9Jm 2IawE0LkNmOeC++OX4pQtp/JWgPNw4MjUK+3+WxVOl0ciIYHJW4vaFuD2LA+k2JC k78kHkiYYs2JmqmScgvHVcTGqA9dfcsneH0B/1s69cKA50xehf0RzGq9jc+icQOY JZDdNfwHAnDpldHH5of+ZBNXm2v3E8x0WlNACjD9ZP86riYLQO3KKcjkxVKOpxJo nVLKLVfnIKt6UPnzTA== -----END CERTIFICATE-----Generated at Mon Jan 26 09:25:15 2026 by rpki-client