This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/YSMWuDqk-bjhkPi8WnOACn6bd88.roa File: YSMWuDqk-bjhkPi8WnOACn6bd88.roa (raw, json) Hash identifier: yo88cm9+7+sB1BFSP6snooV47AtjlChRf2YYkKtTUBE= Subject key identifier: 61:23:16:B8:3A:A4:F9:B8:E1:90:F8:BC:5A:73:80:0A:7E:9B:77:CF Certificate issuer: /CN=a1dca44b4ab54533f8b5196cf92d68deb8fcc5e2 Certificate serial: 019B7DCA1BAA010CE305BFD7DAE1E96EA8D0 Authority key identifier: A1:DC:A4:4B:4A:B5:45:33:F8:B5:19:6C:F9:2D:68:DE:B8:FC:C5:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/odykS0q1RTP4tRls-S1o3rj8xeI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/YSMWuDqk-bjhkPi8WnOACn6bd88.roa Signing time: Fri 02 Jan 2026 08:19:15 +0000 ROA not before: Fri 02 Jan 2026 08:19:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57643 IP address blocks: 91.235.20.0/22 maxlen: 22 91.235.24.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/odykS0q1RTP4tRls-S1o3rj8xeI.crl rsync://rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/odykS0q1RTP4tRls-S1o3rj8xeI.mft rsync://rpki.ripe.net/repository/DEFAULT/odykS0q1RTP4tRls-S1o3rj8xeI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:1b:aa:01:0c:e3:05:bf:d7:da:e1:e9:6e:a8:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a1dca44b4ab54533f8b5196cf92d68deb8fcc5e2 Validity Not Before: Jan 2 08:19:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=612316b83aa4f9b8e190f8bc5a73800a7e9b77cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:a6:f7:58:28:78:83:47:28:d1:d8:87:b8:9c: cb:77:d3:9a:6b:b1:fb:bb:32:58:6e:3b:b0:d0:3a: b2:e5:80:8d:68:43:2a:0f:ba:9c:a4:d0:27:20:ce: cf:2e:62:fa:77:36:ad:70:c3:64:e0:96:74:2c:27: b5:da:c5:1e:2e:8e:f6:84:6e:0b:4c:6b:06:ab:9f: c4:7f:53:e6:2b:0f:cc:0c:cb:09:2c:a3:32:bb:ca: d3:33:cb:b2:62:06:49:95:d8:46:22:48:61:ea:c0: 84:3b:1c:89:51:8a:b2:84:36:a9:2a:69:7a:6e:71: 38:fa:23:05:2b:b0:43:d7:00:0e:8b:76:a3:ce:73: b7:07:97:7c:31:97:6c:13:37:5c:8b:5a:45:52:52: ed:7a:97:9a:0c:f0:13:4e:a4:2f:65:d4:bd:55:a6: b3:58:2e:49:bf:4d:24:e9:bf:b0:0d:12:a7:d7:7d: d1:7a:ad:0d:3a:70:31:ac:75:86:6f:5a:23:c2:d3: d1:07:3b:0d:8d:37:61:1a:b3:b9:c6:8a:5e:8a:ef: f0:1b:3b:59:cd:76:0c:80:de:2d:1e:d7:ec:b5:f7: 43:d1:da:19:a9:8b:88:43:ed:6e:a1:7b:01:9b:dc: 5a:85:f8:bf:1f:d1:ea:d4:01:ba:39:1e:4d:c3:e2: 72:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:23:16:B8:3A:A4:F9:B8:E1:90:F8:BC:5A:73:80:0A:7E:9B:77:CF X509v3 Authority Key Identifier: keyid:A1:DC:A4:4B:4A:B5:45:33:F8:B5:19:6C:F9:2D:68:DE:B8:FC:C5:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/odykS0q1RTP4tRls-S1o3rj8xeI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/YSMWuDqk-bjhkPi8WnOACn6bd88.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f76a83-ae09-411f-ae9f-5386a79ade80/1/odykS0q1RTP4tRls-S1o3rj8xeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.235.20.0-91.235.25.255 Signature Algorithm: sha256WithRSAEncryption 83:96:b0:95:84:c2:e1:00:b8:f5:88:77:16:7d:f2:02:0c:0d: 88:f6:d0:19:d8:38:7a:fd:ce:1b:08:4b:e5:67:36:ef:3b:60: 11:dc:87:70:dc:37:95:0b:66:16:4f:fd:60:62:8c:ee:d8:ae: 57:ff:3d:c2:59:64:ad:c0:38:04:3e:1c:8e:95:9b:dd:05:42: c4:9c:6b:ed:b6:63:17:81:94:d4:4b:66:46:8a:c1:49:d1:08: 2e:a8:b8:a4:fb:3e:f0:c0:9f:18:38:44:bc:1f:aa:7e:5f:bf: 7d:9a:ed:6a:43:ff:c4:24:6c:5d:04:3a:d8:8d:7b:74:45:f4: ab:0d:15:f0:7b:7a:3d:39:d3:ce:ba:7d:75:21:aa:6b:f0:b5: 69:88:4d:48:8b:eb:b5:d5:ab:e8:14:dc:8a:0a:14:22:45:11: 75:4c:de:39:16:ab:f5:b2:27:fe:ce:95:52:8e:26:4d:2e:fc: 63:e0:92:bd:fd:51:41:3e:97:d9:27:8e:0b:73:f4:f6:d1:a5: 2c:9f:5e:d2:4a:9b:6b:04:86:9d:ee:a0:d1:4b:cd:01:20:60: b5:6b:f1:c9:b6:db:4c:5d:d8:65:8c:dd:df:8f:c7:90:e1:63: f6:1c:13:d0:c9:01:3b:ff:d6:77:22:50:47:a9:cf:17:89:2c: 82:38:35:81 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt9yhuqAQzjBb/X2uHpbqjQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGExZGNhNDRiNGFiNTQ1MzNmOGI1MTk2Y2Y5MmQ2OGRlYjhm Y2M1ZTIwHhcNMjYwMTAyMDgxOTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MTIzMTZiODNhYTRmOWI4ZTE5MGY4YmM1YTczODAwYTdlOWI3N2NmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ab3WCh4g0co0diHuJzLd9Oaa7H7 uzJYbjuw0Dqy5YCNaEMqD7qcpNAnIM7PLmL6dzatcMNk4JZ0LCe12sUeLo72hG4L TGsGq5/Ef1PmKw/MDMsJLKMyu8rTM8uyYgZJldhGIkhh6sCEOxyJUYqyhDapKml6 bnE4+iMFK7BD1wAOi3ajznO3B5d8MZdsEzdci1pFUlLtepeaDPATTqQvZdS9Vaaz WC5Jv00k6b+wDRKn133Req0NOnAxrHWGb1ojwtPRBzsNjTdhGrO5xopeiu/wGztZ zXYMgN4tHtfstfdD0doZqYuIQ+1uoXsBm9xahfi/H9Hq1AG6OR5Nw+JyDwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFGEjFrg6pPm44ZD4vFpzgAp+m3fPMB8GA1UdIwQY MBaAFKHcpEtKtUUz+LUZbPktaN64/MXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2R5a1MwcTFSVFA0dFJscy1TMW8zcmo4eGVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mNzZhODMtYWUwOS00MTFmLWFlOWYt NTM4NmE3OWFkZTgwLzEvWVNNV3VEcWstYmpoa1BpOFduT0FDbjZiZDg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yi9mNzZhODMtYWUwOS00MTFmLWFlOWYtNTM4NmE3OWFkZTgw LzEvb2R5a1MwcTFSVFA0dFJscy1TMW8zcmo4eGVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJb6xQD BAFb6xgwDQYJKoZIhvcNAQELBQADggEBAIOWsJWEwuEAuPWIdxZ98gIMDYj20BnY OHr9zhsIS+VnNu87YBHch3DcN5ULZhZP/WBijO7Yrlf/PcJZZK3AOAQ+HI6Vm90F QsSca+22YxeBlNRLZkaKwUnRCC6ouKT7PvDAnxg4RLwfqn5fv32a7WpD/8QkbF0E OtiNe3RF9KsNFfB7ej050866fXUhqmvwtWmITUiL67XVq+gU3IoKFCJFEXVM3jkW q/WyJ/7OlVKOJk0u/GPgkr39UUE+l9knjgtz9PbRpSyfXtJKm2sEhp3uoNFLzQEg YLVr8cm220xd2GWM3d+Px5DhY/YcE9DJATv/1nciUEepzxeJLII4NYE= -----END CERTIFICATE-----Generated at Mon Jan 26 21:05:57 2026 by rpki-client