This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/y2jdo6b6nRL77GlTLjuis0gIsBM.roa File: y2jdo6b6nRL77GlTLjuis0gIsBM.roa (raw, json) Hash identifier: L7d8RW0wrr/KMosNTQC1a3Hee1syZ+cfF2XSibGwRTA= Subject key identifier: CB:68:DD:A3:A6:FA:9D:12:FB:EC:69:53:2E:3B:A2:B3:48:08:B0:13 Certificate issuer: /CN=5d0c27f85581e2e7bde0c98fbd54be1d49670517 Certificate serial: 019B7F14C0977D0E5879645096EE879B5B7D Authority key identifier: 5D:0C:27:F8:55:81:E2:E7:BD:E0:C9:8F:BD:54:BE:1D:49:67:05:17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XQwn-FWB4ue94MmPvVS-HUlnBRc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/y2jdo6b6nRL77GlTLjuis0gIsBM.roa Signing time: Fri 02 Jan 2026 14:20:25 +0000 ROA not before: Fri 02 Jan 2026 14:20:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48159 IP address blocks: 178.251.208.0/24 maxlen: 24 178.251.212.0/24 maxlen: 24 178.251.213.0/24 maxlen: 24 178.251.214.0/24 maxlen: 24 178.251.215.0/24 maxlen: 24 185.11.88.0/24 maxlen: 24 185.11.89.0/24 maxlen: 24 185.11.90.0/24 maxlen: 24 2a03:57c0::/32 maxlen: 32 2a03:57c0:7c00::1208:3/128 maxlen: 128 2a03:57c0:7c00::1208:25/128 maxlen: 128 2a03:57c0:7c00::1208:27/128 maxlen: 128 2a03:57c0:7c00::1208:45/128 maxlen: 128 2a03:57c0:7c00::1208:55/128 maxlen: 128 2a03:57c0:7c00::1208:65/128 maxlen: 128 2a03:57c0:7c00::1208:75/128 maxlen: 128 2a03:57c0:7c00::1208:95/128 maxlen: 128 2a03:57c0:7c00::1208:137/128 maxlen: 128 2a03:57c0:7c00::1208:143/128 maxlen: 128 2a03:57c0:7c00::1208:165/128 maxlen: 128 2a03:57c0:7c00::1208:175/128 maxlen: 128 2a03:57c0:7c00::1208:177/128 maxlen: 128 2a03:57c0:7c00::1208:185/128 maxlen: 128 2a03:57c0:7c00::1208:201/128 maxlen: 128 2a03:57c0:7c00::1208:215/128 maxlen: 128 2a03:57c0:7c00::1208:220/128 maxlen: 128 2a03:57c0:7c00::1208:235/128 maxlen: 128 2a03:57c0:7c00::1209:25/128 maxlen: 128 2a03:57c0:7c00::1209:27/128 maxlen: 128 2a03:57c0:7c00::1209:55/128 maxlen: 128 2a03:57c0:7c00::1209:75/128 maxlen: 128 2a03:57c0:7c00::1209:85/128 maxlen: 128 2a03:57c0:7c00::1209:95/128 maxlen: 128 2a03:57c0:7c00::1209:135/128 maxlen: 128 2a03:57c0:7c00::1209:155/128 maxlen: 128 2a03:57c0:7c00::1209:165/128 maxlen: 128 2a03:57c0:7c00::1209:177/128 maxlen: 128 2a03:57c0:7c00::1209:211/128 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/XQwn-FWB4ue94MmPvVS-HUlnBRc.crl rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/XQwn-FWB4ue94MmPvVS-HUlnBRc.mft rsync://rpki.ripe.net/repository/DEFAULT/XQwn-FWB4ue94MmPvVS-HUlnBRc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:c0:97:7d:0e:58:79:64:50:96:ee:87:9b:5b:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d0c27f85581e2e7bde0c98fbd54be1d49670517 Validity Not Before: Jan 2 14:20:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb68dda3a6fa9d12fbec69532e3ba2b34808b013 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:eb:91:dd:01:85:18:c2:7e:b5:88:72:49:d9: 14:6d:f4:0c:9f:47:0e:44:bf:c5:41:20:47:cb:07: 5d:80:0e:8a:6c:e2:0a:d3:2b:c2:74:c2:9c:d7:f0: 70:02:2b:94:c1:c1:74:d3:f7:5c:da:19:46:aa:1a: 7a:1d:ce:16:a1:b4:bf:b6:e4:b9:23:bc:d0:bc:e3: 3e:ad:a0:7c:1c:4b:da:5c:e0:b7:4e:ad:ed:4c:19: bb:40:af:51:13:7c:5a:9d:e8:fb:a1:44:14:de:24: 01:e3:c2:d4:a0:99:2f:08:53:b2:a6:dc:1b:1c:fd: 53:5f:7d:26:70:ba:09:cf:f6:d3:14:f4:80:19:a7: b7:4d:30:6e:56:06:56:76:e9:52:1f:ff:8f:49:6c: d0:c8:f0:a8:62:4b:25:e0:1e:9e:00:45:80:ff:33: 5f:f6:e7:a9:4e:7f:52:40:d0:af:b3:7f:64:21:1b: 9c:39:92:c7:3a:08:57:6b:8a:3e:de:99:7e:05:82: 29:a7:7a:c2:08:2b:2a:28:ad:40:60:82:f9:22:89: b7:15:18:f8:66:0a:57:03:01:20:19:7b:89:11:19: 57:e7:ba:73:dc:8c:05:5e:22:74:24:22:b7:8d:91: 69:ad:01:16:da:9e:d1:80:1f:2c:be:77:85:e9:89: 69:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:68:DD:A3:A6:FA:9D:12:FB:EC:69:53:2E:3B:A2:B3:48:08:B0:13 X509v3 Authority Key Identifier: keyid:5D:0C:27:F8:55:81:E2:E7:BD:E0:C9:8F:BD:54:BE:1D:49:67:05:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XQwn-FWB4ue94MmPvVS-HUlnBRc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/y2jdo6b6nRL77GlTLjuis0gIsBM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/XQwn-FWB4ue94MmPvVS-HUlnBRc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 178.251.208.0/24 178.251.212.0/22 185.11.88.0-185.11.90.255 IPv6: 2a03:57c0::/32 Signature Algorithm: sha256WithRSAEncryption 5f:2b:a8:21:e9:ef:ad:47:f3:a8:89:ec:99:32:69:cf:04:f7: 35:d9:82:83:76:f8:cd:f5:08:65:2b:a5:6f:b0:09:ed:b3:af: 6e:82:0b:cd:ab:28:50:1d:cf:6e:b0:ce:b7:64:77:f7:af:c9: 3d:3f:39:73:1e:ad:9b:00:56:dd:18:bc:50:0b:9e:ee:eb:7f: 6b:64:a8:42:6a:94:33:99:66:cf:ce:79:39:38:45:2f:bf:ed: dd:d1:a6:29:32:53:c4:e7:8f:26:6f:53:f5:10:5f:d3:42:be: 18:41:2b:d0:04:6d:6a:c5:09:03:88:12:33:19:ed:09:e2:a7: ed:4a:54:1f:84:16:b6:6f:e2:67:cf:a7:67:9b:74:a9:24:10: c3:4b:c8:8a:46:73:9b:3d:42:91:7e:8d:dd:b4:11:03:7f:9c: 5f:48:7d:d3:c0:c8:61:12:16:e8:a4:b2:f5:cb:d5:1a:0a:b5: 5b:a0:02:c1:fd:fd:7e:30:9f:f5:db:c5:f8:85:f4:ae:29:bf: 0d:f6:70:ce:37:bc:64:c4:8b:e1:95:11:6c:43:09:5d:ce:f6: da:82:4a:97:08:76:ce:be:f6:49:52:3a:82:13:13:d9:fd:56: cc:1c:2b:b6:21:f2:14:f2:35:a9:0a:3c:43:85:cb:a9:ec:c7: 6f:d1:01:22 -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZt/FMCXfQ5YeWRQlu6Hm1t9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMGMyN2Y4NTU4MWUyZTdiZGUwYzk4ZmJkNTRiZTFkNDk2 NzA1MTcwHhcNMjYwMTAyMTQyMDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjY4ZGRhM2E2ZmE5ZDEyZmJlYzY5NTMyZTNiYTJiMzQ4MDhiMDEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+uR3QGFGMJ+tYhySdkUbfQMn0cO RL/FQSBHywddgA6KbOIK0yvCdMKc1/BwAiuUwcF00/dc2hlGqhp6Hc4WobS/tuS5 I7zQvOM+raB8HEvaXOC3Tq3tTBm7QK9RE3xanej7oUQU3iQB48LUoJkvCFOyptwb HP1TX30mcLoJz/bTFPSAGae3TTBuVgZWdulSH/+PSWzQyPCoYksl4B6eAEWA/zNf 9uepTn9SQNCvs39kIRucOZLHOghXa4o+3pl+BYIpp3rCCCsqKK1AYIL5Iom3FRj4 ZgpXAwEgGXuJERlX57pz3IwFXiJ0JCK3jZFprQEW2p7RgB8svneF6YlpIQIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFMto3aOm+p0S++xpUy47orNICLATMB8GA1UdIwQY MBaAFF0MJ/hVgeLnveDJj71Uvh1JZwUXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFF3bi1GV0I0dWU5NE1tUHZWUy1IVWxuQlJjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9mNzg3YTktNTc2My00YzM2LThjNzMt MzQxZjUxNzNmY2Y3LzEveTJqZG82YjZuUkw3N0dsVExqdWlzMGdJc0JNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yy9mNzg3YTktNTc2My00YzM2LThjNzMtMzQxZjUxNzNmY2Y3 LzEvWFF3bi1GV0I0dWU5NE1tUHZWUy1IVWxuQlJjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAsvvQAwQC svvUMAwDBAO5C1gDBAC5C1owDQQCAAIwBwMFACoDV8AwDQYJKoZIhvcNAQELBQAD ggEBAF8rqCHp761H86iJ7Jkyac8E9zXZgoN2+M31CGUrpW+wCe2zr26CC82rKFAd z26wzrdkd/evyT0/OXMerZsAVt0YvFALnu7rf2tkqEJqlDOZZs/OeTk4RS+/7d3R pikyU8TnjyZvU/UQX9NCvhhBK9AEbWrFCQOIEjMZ7Qnip+1KVB+EFrZv4mfPp2eb dKkkEMNLyIpGc5s9QpF+jd20EQN/nF9IfdPAyGESFuiksvXL1RoKtVugAsH9/X4w n/XbxfiF9K4pvw32cM43vGTEi+GVEWxDCV3O9tqCSpcIds6+9klSOoITE9n9Vswc K7Yh8hTyNakKPEOFy6nsx2/RASI= -----END CERTIFICATE-----Generated at Mon Jan 26 07:09:22 2026 by rpki-client