This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/ykX411maDM_hoQQSeoWB0H-jloc.roa File: ykX411maDM_hoQQSeoWB0H-jloc.roa (raw, json) Hash identifier: PqUBGKaIrQdj/K09XPKqO3Gzxr9j5HkAFLnQMItff0c= Subject key identifier: CA:45:F8:D7:59:9A:0C:CF:E1:A1:04:12:7A:85:81:D0:7F:A3:96:87 Certificate issuer: /CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10 Certificate serial: 019B7BA3C581D2F6D061167CA7B979C7F326 Authority key identifier: 5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/ykX411maDM_hoQQSeoWB0H-jloc.roa Signing time: Thu 01 Jan 2026 22:18:09 +0000 ROA not before: Thu 01 Jan 2026 22:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16299 IP address blocks: 95.169.251.0/24 maxlen: 24 217.168.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.mft rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:c5:81:d2:f6:d0:61:16:7c:a7:b9:79:c7:f3:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10 Validity Not Before: Jan 1 22:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ca45f8d7599a0ccfe1a104127a8581d07fa39687 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:9c:ca:ca:9c:e8:51:06:8f:73:e9:8c:16:af: 4c:78:65:16:98:4c:d4:52:98:a9:19:8e:b9:ae:2d: 4d:d8:f8:c3:40:9c:aa:0a:1c:8b:32:40:78:9e:1f: f4:3c:64:cb:7f:a6:d5:bc:8a:60:6d:9f:89:ac:83: 30:51:8a:7a:d5:cd:51:f5:14:2b:96:67:4e:39:ed: 15:38:23:79:ec:97:5e:53:d4:ce:a5:c3:e5:6d:6b: e3:a7:65:9d:ec:99:bb:89:d5:14:d6:5a:3d:2d:01: 16:5c:96:55:c6:ae:fc:90:50:a3:8b:7b:a8:ca:58: d8:a9:66:f1:b8:59:4c:fc:c8:fc:73:8a:55:b9:25: ea:da:97:6a:3e:4f:c9:d9:09:31:e9:c7:42:7a:18: b2:92:6a:5c:0a:18:91:fa:f8:b1:4f:21:d6:e9:51: 36:71:00:9e:3c:31:1d:0a:83:cf:e7:e2:d1:bc:6c: 09:79:bb:42:53:ef:d0:2d:05:25:a0:61:ec:d0:13: b2:09:20:81:a0:59:87:7a:3a:f7:64:98:40:55:7b: e3:ee:8a:25:c5:e9:a4:d4:35:ed:65:28:57:e4:35: 24:1a:e5:ec:a4:6e:0c:4f:24:8f:45:f9:6f:15:4f: 4e:ae:75:f8:c6:fd:29:24:f6:ec:ac:51:f6:6b:f6: 88:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:45:F8:D7:59:9A:0C:CF:E1:A1:04:12:7A:85:81:D0:7F:A3:96:87 X509v3 Authority Key Identifier: keyid:5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/ykX411maDM_hoQQSeoWB0H-jloc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.169.251.0/24 217.168.2.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:08:0e:21:d1:8f:f5:41:d3:1a:97:29:a8:f4:64:bb:4c:10: 7c:f9:e7:59:8c:bc:b1:49:77:69:0d:d6:51:f6:1b:44:38:9c: 31:54:c6:d8:b8:67:22:b3:5c:fa:dd:75:1a:bc:ef:ea:f3:f0: c4:a2:66:78:ef:94:0c:fb:e5:f9:0e:9b:49:31:c1:62:c1:4b: fa:fa:3d:63:ed:f5:ee:a2:76:fc:36:85:60:c2:6d:63:d0:98: 78:88:ce:c7:45:54:6c:5f:eb:f2:b4:f1:75:22:d0:f5:71:fb: c4:46:97:2e:d7:a8:1b:d6:df:18:75:f2:e3:72:ef:41:0a:7d: f8:7c:93:70:fd:db:76:10:1f:c6:d9:9f:e4:93:31:08:da:09: 2e:0f:22:4f:4d:ad:9d:39:22:6c:c5:2d:4f:ae:1e:5b:cb:34: b3:86:f1:1a:92:a1:f1:01:a8:27:f0:f7:1f:08:f4:5f:4f:fc: ad:3a:c9:92:c5:34:30:8d:c3:84:2d:de:b0:65:90:48:bf:b5: ea:e6:12:3e:a8:36:5b:37:a0:7f:63:f1:0d:ff:81:27:83:46: 13:71:e0:05:83:e4:f9:30:58:d7:86:22:9b:9b:ea:8c:8e:72: 34:bf:fa:0e:4b:c5:67:fb:33:1a:b4:8a:1f:c8:ca:59:71:4d: 88:00:97:d4 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7o8WB0vbQYRZ8p7l5x/MmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhOTM5YjBjZWQzOGQ3NWNjNjNlZDUwZDZlNWNlNzJiYmI1 YjRiMTAwHhcNMjYwMTAxMjIxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYTQ1ZjhkNzU5OWEwY2NmZTFhMTA0MTI3YTg1ODFkMDdmYTM5Njg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5zKypzoUQaPc+mMFq9MeGUWmEzU UpipGY65ri1N2PjDQJyqChyLMkB4nh/0PGTLf6bVvIpgbZ+JrIMwUYp61c1R9RQr lmdOOe0VOCN57JdeU9TOpcPlbWvjp2Wd7Jm7idUU1lo9LQEWXJZVxq78kFCji3uo yljYqWbxuFlM/Mj8c4pVuSXq2pdqPk/J2Qkx6cdCehiykmpcChiR+vixTyHW6VE2 cQCePDEdCoPP5+LRvGwJebtCU+/QLQUloGHs0BOyCSCBoFmHejr3ZJhAVXvj7ool xemk1DXtZShX5DUkGuXspG4MTySPRflvFU9OrnX4xv0pJPbsrFH2a/aI9wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMpF+NdZmgzP4aEEEnqFgdB/o5aHMB8GA1UdIwQY MBaAFFqTmwztONdcxj7VDW5c5yu7W0sQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgt ZDYwYjNiNmNjYTZlLzEveWtYNDExbWFETV9ob1FRU2VvV0IwSC1qbG9jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgtZDYwYjNiNmNjYTZl LzEvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX6n7AwQA 2agCMA0GCSqGSIb3DQEBCwUAA4IBAQAtCA4h0Y/1QdMalymo9GS7TBB8+edZjLyx SXdpDdZR9htEOJwxVMbYuGcis1z63XUavO/q8/DEomZ475QM++X5DptJMcFiwUv6 +j1j7fXuonb8NoVgwm1j0Jh4iM7HRVRsX+vytPF1ItD1cfvERpcu16gb1t8YdfLj cu9BCn34fJNw/dt2EB/G2Z/kkzEI2gkuDyJPTa2dOSJsxS1Prh5byzSzhvEakqHx Aagn8PcfCPRfT/ytOsmSxTQwjcOELd6wZZBIv7Xq5hI+qDZbN6B/Y/EN/4Eng0YT ceAFg+T5MFjXhiKbm+qMjnI0v/oOS8Vn+zMatIofyMpZcU2IAJfU -----END CERTIFICATE-----Generated at Sun Jan 25 23:32:50 2026 by rpki-client