This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/ychIJ2QPcZlZoWi9AtRiqbIeEes.roa File: ychIJ2QPcZlZoWi9AtRiqbIeEes.roa (raw, json) Hash identifier: Hs1swYEG/DTaRK/PwknMDVO6VvDFcV2evpuVVIze/ko= Subject key identifier: C9:C8:48:27:64:0F:71:99:59:A1:68:BD:02:D4:62:A9:B2:1E:11:EB Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827 Certificate serial: 019B7758E101F5DE07EB68540E2DA65A29DD Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/ychIJ2QPcZlZoWi9AtRiqbIeEes.roa Signing time: Thu 01 Jan 2026 02:17:51 +0000 ROA not before: Thu 01 Jan 2026 02:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199912 IP address blocks: 88.214.24.0/24 maxlen: 24 91.238.180.0/24 maxlen: 24 91.239.208.0/24 maxlen: 24 185.55.240.0/24 maxlen: 24 194.24.161.0/24 maxlen: 24 2a12:5e40::/32 maxlen: 32 2a12:5e41::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.mft rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:e1:01:f5:de:07:eb:68:54:0e:2d:a6:5a:29:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827 Validity Not Before: Jan 1 02:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9c84827640f719959a168bd02d462a9b21e11eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:2e:77:da:0b:95:61:cc:3e:1a:50:6f:a8:a2: 1c:54:0c:3c:87:ed:a1:24:6f:9c:0d:af:25:02:a0: 56:eb:88:6e:11:22:d0:54:f3:b5:82:7f:f6:83:3d: 45:eb:ff:f4:51:24:01:ec:a8:ce:ed:4f:54:d9:4c: c5:f8:d3:31:f6:20:cb:f1:78:82:78:e3:0c:14:6f: 2d:35:d0:39:e1:0e:58:e3:84:a3:a3:73:06:fa:19: 51:a0:01:53:f7:5e:61:1c:e0:4c:79:1b:63:7c:4d: e3:1c:f8:16:98:3f:b9:aa:69:5b:91:f2:4b:49:67: e8:bf:ac:3c:ab:ba:f3:9f:f9:b5:52:b7:bd:72:ec: a6:21:0d:c5:9b:1e:6c:46:2d:b1:d1:07:3b:dc:38: db:01:96:9e:b7:40:48:e7:d7:dd:15:ff:80:c5:2e: e4:5f:9a:b7:9e:ab:57:b8:62:ce:07:99:1e:24:fe: 65:72:6e:67:f7:9a:50:3a:ee:cd:1a:e6:e7:6c:c1: c8:4c:25:e0:89:93:d2:17:32:ce:af:6d:30:5e:7c: fb:e9:66:02:46:69:bc:d6:18:cb:0a:75:ad:c8:db: c7:97:e6:19:b0:56:78:9f:0d:2e:dd:7e:b8:0f:1d: 06:f9:c9:95:41:96:3d:43:09:df:65:97:49:db:a4: 74:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:C8:48:27:64:0F:71:99:59:A1:68:BD:02:D4:62:A9:B2:1E:11:EB X509v3 Authority Key Identifier: keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/ychIJ2QPcZlZoWi9AtRiqbIeEes.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.214.24.0/24 91.238.180.0/24 91.239.208.0/24 185.55.240.0/24 194.24.161.0/24 IPv6: 2a12:5e40::/31 Signature Algorithm: sha256WithRSAEncryption 5a:25:df:82:33:0e:49:ae:fa:09:ad:ae:95:ce:17:f6:e5:db: 61:fc:29:e8:7a:84:da:d4:7a:54:a7:9c:c5:b5:78:b6:95:e7: ed:cf:36:d7:41:e7:7c:76:00:54:87:da:e8:3b:b7:fb:7f:f9: 35:60:a9:ce:ee:9a:0f:eb:4b:9c:fc:7b:dc:e8:96:4d:1d:cd: 44:0a:2f:36:6f:91:ac:11:7e:3a:ab:4b:a7:dc:c5:f5:0e:b3: 93:c8:18:fa:d9:c6:e3:67:4b:fa:c6:cc:c2:fe:3b:c0:63:2b: a6:be:4e:a5:76:f3:3c:93:67:24:0c:ca:ee:1b:ef:e3:dc:f3: 5d:bd:46:70:b7:8a:a4:a4:fb:a0:ed:b3:c1:ab:ad:59:e6:e1: 51:4b:92:99:10:2b:65:b3:8f:42:46:ba:1e:fb:f3:9e:0e:1c: 52:c3:2b:c3:75:47:de:31:59:53:b8:31:35:b1:e7:4d:4a:8a: 43:16:e3:3a:53:e1:99:33:2d:a9:2a:9a:ed:1f:c9:d3:9c:72: 01:da:96:95:2c:0b:ee:b6:1f:96:36:49:32:e4:c5:6e:c9:c8: 5a:cf:6a:d4:8e:6b:15:81:ec:86:b2:52:77:8d:29:2d:74:43: 1a:79:fe:0f:47:de:29:8c:da:d5:e6:42:bf:8f:e7:23:9c:03: b3:8f:2e:b3 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt3WOEB9d4H62hUDi2mWindMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1 ODg4MjcwHhcNMjYwMTAxMDIxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOWM4NDgyNzY0MGY3MTk5NTlhMTY4YmQwMmQ0NjJhOWIyMWUxMWViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApi532guVYcw+GlBvqKIcVAw8h+2h JG+cDa8lAqBW64huESLQVPO1gn/2gz1F6//0USQB7KjO7U9U2UzF+NMx9iDL8XiC eOMMFG8tNdA54Q5Y44Sjo3MG+hlRoAFT915hHOBMeRtjfE3jHPgWmD+5qmlbkfJL SWfov6w8q7rzn/m1Ure9cuymIQ3Fmx5sRi2x0Qc73DjbAZaet0BI59fdFf+AxS7k X5q3nqtXuGLOB5keJP5lcm5n95pQOu7NGubnbMHITCXgiZPSFzLOr20wXnz76WYC Rmm81hjLCnWtyNvHl+YZsFZ4nw0u3X64Dx0G+cmVQZY9QwnfZZdJ26R0JQIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFMnISCdkD3GZWaFovQLUYqmyHhHrMB8GA1UdIwQY MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct OGNmNDFjYWZkY2UyLzEveWNoSUoyUVBjWmxab1dpOUF0UmlxYkllRWVzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAWNYYAwQA W+60AwQAW+/QAwQAuTfwAwQAwhihMA0EAgACMAcDBQEqEl5AMA0GCSqGSIb3DQEB CwUAA4IBAQBaJd+CMw5JrvoJra6Vzhf25dth/CnoeoTa1HpUp5zFtXi2leftzzbX Qed8dgBUh9roO7f7f/k1YKnO7poP60uc/Hvc6JZNHc1ECi82b5GsEX46q0un3MX1 DrOTyBj62cbjZ0v6xszC/jvAYyumvk6ldvM8k2ckDMruG+/j3PNdvUZwt4qkpPug 7bPBq61Z5uFRS5KZECtls49CRroe+/OeDhxSwyvDdUfeMVlTuDE1sedNSopDFuM6 U+GZMy2pKprtH8nTnHIB2paVLAvuth+WNkky5MVuychaz2rUjmsVgeyGslJ3jSkt dEMaef4PR94pjNrV5kK/j+cjnAOzjy6z -----END CERTIFICATE-----Generated at Mon Jan 26 00:14:03 2026 by rpki-client