This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/yDOczuJC_WLHV4Ya3yqTtThAzjc.roa File: yDOczuJC_WLHV4Ya3yqTtThAzjc.roa (raw, json) Hash identifier: rUsqBRYV5w6oIt/F9qarEoMetvvYx4/9g1ZMzy8MePc= Subject key identifier: C8:33:9C:CE:E2:42:FD:62:C7:57:86:1A:DF:2A:93:B5:38:40:CE:37 Certificate issuer: /CN=7d502e2d24b1f216913088207a268e6626b0ce39 Certificate serial: 019B7B35407190CA50BBF3D40BCAD633614F Authority key identifier: 7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/yDOczuJC_WLHV4Ya3yqTtThAzjc.roa Signing time: Thu 01 Jan 2026 20:17:25 +0000 ROA not before: Thu 01 Jan 2026 20:17:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209505 IP address blocks: 185.250.8.0/22 maxlen: 22 185.250.8.0/24 maxlen: 24 185.250.9.0/24 maxlen: 24 185.250.10.0/23 maxlen: 23 2a0b:9400::/30 maxlen: 30 2a0b:9400:1000::/48 maxlen: 48 2a0b:9401::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.crl rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.mft rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:40:71:90:ca:50:bb:f3:d4:0b:ca:d6:33:61:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7d502e2d24b1f216913088207a268e6626b0ce39 Validity Not Before: Jan 1 20:17:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c8339ccee242fd62c757861adf2a93b53840ce37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:3f:b5:5f:8e:95:64:a3:fa:fd:1a:b6:f0:ea: a9:ab:01:f3:cb:55:5f:64:cf:dd:65:3f:cf:77:2c: 33:8f:94:bb:eb:6f:24:81:c0:df:55:4d:b3:12:c3: 80:78:1d:07:88:9d:fc:7d:82:5c:7d:c3:f9:c0:30: 55:21:bf:57:5c:f7:1e:cb:48:16:b7:6f:f1:b0:2b: 1f:ee:47:40:c6:bb:77:fc:7a:0b:0f:ea:bf:0a:55: 44:0e:1c:89:cb:0d:81:2c:5f:ca:ee:bd:75:07:04: 61:c3:64:7e:8d:e8:eb:0a:62:65:ab:2c:18:e4:e3: 36:c0:1a:16:c1:32:06:32:3c:de:75:2e:b1:40:5d: b7:bb:63:a8:fd:af:c5:c4:8b:eb:e3:f0:90:32:45: a4:f2:de:80:9a:bf:64:45:a1:de:05:94:38:94:8f: 26:92:33:f1:ba:b6:48:5d:af:13:d8:db:9e:c6:2b: a8:65:45:31:47:1c:1f:35:ef:97:d1:88:83:a6:ce: 28:d6:56:ab:ac:e8:47:4c:d4:fa:47:bf:2b:23:b1: 51:4b:37:c2:e3:21:37:3d:c1:49:ec:b8:c8:a1:dd: a5:a8:08:d6:d6:97:9a:d6:f0:4c:fa:0d:69:c4:b3: 2a:67:59:55:f6:ba:58:88:c1:6c:0c:a5:d6:45:b2: e7:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:33:9C:CE:E2:42:FD:62:C7:57:86:1A:DF:2A:93:B5:38:40:CE:37 X509v3 Authority Key Identifier: keyid:7D:50:2E:2D:24:B1:F2:16:91:30:88:20:7A:26:8E:66:26:B0:CE:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVAuLSSx8haRMIggeiaOZiawzjk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/yDOczuJC_WLHV4Ya3yqTtThAzjc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/aa53cf-f988-40eb-8083-51d75568a9e3/1/fVAuLSSx8haRMIggeiaOZiawzjk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.250.8.0/22 IPv6: 2a0b:9400::/30 Signature Algorithm: sha256WithRSAEncryption 32:af:14:77:25:b2:0e:74:ec:b4:62:22:b2:8e:c3:bb:63:25: c8:aa:70:3e:72:22:be:e2:bb:d9:18:52:21:7b:0e:44:a9:5f: dd:24:77:30:f3:b4:0f:f0:e7:76:d6:d9:15:02:33:54:4c:53: 5c:87:68:c0:08:27:de:d7:8b:ff:a2:f9:a7:ce:23:e7:c1:c9: c4:51:49:b0:3c:c1:b3:b1:eb:40:45:f0:27:1e:a5:2f:b0:41: bb:d6:90:3d:db:6f:b3:67:92:f6:d7:8c:17:b2:37:cd:cd:bf: 3b:a1:a1:b7:9b:7a:a4:9d:58:08:bd:cb:5b:97:89:3a:6c:5a: 75:82:8a:2b:a5:58:f6:10:93:f4:d4:b3:06:82:86:91:a9:ce: 0e:21:b0:a1:15:b3:90:8b:b7:f8:0e:cc:b0:43:73:64:d6:7d: af:fc:ef:f0:8c:d3:6e:8b:85:50:5a:7d:96:b8:84:de:b3:62: 41:7d:8c:07:4c:c9:e5:ef:74:45:37:8c:80:36:0e:a2:af:84: af:9d:09:0c:2c:61:67:ed:10:16:d6:89:84:fe:b7:df:0d:b6: 6f:97:7d:1b:41:d4:e1:a3:d7:6b:6d:60:14:3e:9d:29:f4:ca: 71:b6:97:eb:6b:c7:77:f7:3b:ad:3f:8e:b7:af:5f:9a:dc:91: 30:10:a3:7e -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7NUBxkMpQu/PUC8rWM2FPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkNTAyZTJkMjRiMWYyMTY5MTMwODgyMDdhMjY4ZTY2MjZi MGNlMzkwHhcNMjYwMTAxMjAxNzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjODMzOWNjZWUyNDJmZDYyYzc1Nzg2MWFkZjJhOTNiNTM4NDBjZTM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj+1X46VZKP6/Rq28OqpqwHzy1Vf ZM/dZT/Pdywzj5S7628kgcDfVU2zEsOAeB0HiJ38fYJcfcP5wDBVIb9XXPcey0gW t2/xsCsf7kdAxrt3/HoLD+q/ClVEDhyJyw2BLF/K7r11BwRhw2R+jejrCmJlqywY 5OM2wBoWwTIGMjzedS6xQF23u2Oo/a/FxIvr4/CQMkWk8t6Amr9kRaHeBZQ4lI8m kjPxurZIXa8T2NuexiuoZUUxRxwfNe+X0YiDps4o1larrOhHTNT6R78rI7FRSzfC 4yE3PcFJ7LjIod2lqAjW1pea1vBM+g1pxLMqZ1lV9rpYiMFsDKXWRbLn+wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMgznM7iQv1ix1eGGt8qk7U4QM43MB8GA1UdIwQY MBaAFH1QLi0ksfIWkTCIIHomjmYmsM45MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMt NTFkNzU1NjhhOWUzLzEveURPY3p1SkNfV0xIVjRZYTN5cVR0VGhBempjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS9hYTUzY2YtZjk4OC00MGViLTgwODMtNTFkNzU1NjhhOWUz LzEvZlZBdUxTU3g4aGFSTUlnZ2VpYU9aaWF3emprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufoIMA0E AgACMAcDBQIqC5QAMA0GCSqGSIb3DQEBCwUAA4IBAQAyrxR3JbIOdOy0YiKyjsO7 YyXIqnA+ciK+4rvZGFIhew5EqV/dJHcw87QP8Od21tkVAjNUTFNch2jACCfe14v/ ovmnziPnwcnEUUmwPMGzsetARfAnHqUvsEG71pA922+zZ5L214wXsjfNzb87oaG3 m3qknVgIvctbl4k6bFp1goorpVj2EJP01LMGgoaRqc4OIbChFbOQi7f4DsywQ3Nk 1n2v/O/wjNNui4VQWn2WuITes2JBfYwHTMnl73RFN4yANg6ir4SvnQkMLGFn7RAW 1omE/rffDbZvl30bQdTho9drbWAUPp0p9Mpxtpfra8d39zutP463r1+a3JEwEKN+ -----END CERTIFICATE-----Generated at Mon Jan 26 04:42:01 2026 by rpki-client