This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/79d1a1-091c-4039-8778-b697907ffdc8/1/yGB3G9JvJrN2ebP00_hjVPvgDtg.roa File: yGB3G9JvJrN2ebP00_hjVPvgDtg.roa (raw, json) Hash identifier: bHuIB6ZCObrwj4J53cKXr7Vc20aEn6p9E11VTiZdX7k= Subject key identifier: C8:60:77:1B:D2:6F:26:B3:76:79:B3:F4:D3:F8:63:54:FB:E0:0E:D8 Certificate issuer: /CN=5efff2578a0e6215dc60e2da946f30d25c63cd6a Certificate serial: 019B79ECF390357F30CDC073BAB04371C059 Authority key identifier: 5E:FF:F2:57:8A:0E:62:15:DC:60:E2:DA:94:6F:30:D2:5C:63:CD:6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xv_yV4oOYhXcYOLalG8w0lxjzWo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/79d1a1-091c-4039-8778-b697907ffdc8/1/yGB3G9JvJrN2ebP00_hjVPvgDtg.roa Signing time: Thu 01 Jan 2026 14:18:50 +0000 ROA not before: Thu 01 Jan 2026 14:18:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203089 IP address blocks: 185.136.124.0/24 maxlen: 24 185.136.125.0/24 maxlen: 24 185.136.126.0/24 maxlen: 24 185.136.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/79d1a1-091c-4039-8778-b697907ffdc8/1/Xv_yV4oOYhXcYOLalG8w0lxjzWo.crl rsync://rpki.ripe.net/repository/DEFAULT/84/79d1a1-091c-4039-8778-b697907ffdc8/1/Xv_yV4oOYhXcYOLalG8w0lxjzWo.mft rsync://rpki.ripe.net/repository/DEFAULT/Xv_yV4oOYhXcYOLalG8w0lxjzWo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:f3:90:35:7f:30:cd:c0:73:ba:b0:43:71:c0:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5efff2578a0e6215dc60e2da946f30d25c63cd6a Validity Not Before: Jan 1 14:18:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c860771bd26f26b37679b3f4d3f86354fbe00ed8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:67:f8:d1:5f:f2:83:51:6e:dc:0e:49:85:bb: d2:8d:92:a6:94:84:a4:e2:9f:63:f9:42:99:79:c6: 73:64:86:82:38:69:1b:ad:9c:0b:74:d9:1c:40:0b: 23:8b:ee:57:b0:aa:05:ef:02:75:a2:8d:eb:1f:c2: 7b:9b:9f:50:4f:36:5f:e3:2d:d3:40:65:cf:ab:f9: 62:00:1f:03:9d:3f:3a:87:ed:4f:d9:71:9b:35:ee: e1:7f:07:50:44:e3:02:1b:bc:ad:71:af:89:6c:70: 76:b7:77:cc:f8:40:d0:40:b0:3e:81:a4:3a:45:78: 5c:f0:21:7f:b7:b6:30:ca:1d:4c:bb:12:aa:72:39: a3:f8:55:f7:c8:a2:0c:cd:60:eb:c6:92:04:21:0d: 59:6d:42:16:e8:68:56:f9:7c:2d:84:8a:d3:2a:a9: 11:2c:d7:8c:bc:91:ee:72:8f:9f:9c:06:1e:7b:50: d8:dd:62:04:9a:17:db:56:22:d8:ac:ae:0f:b0:67: 0e:9d:51:f9:30:33:39:14:93:1c:cd:8a:e5:aa:42: e9:86:49:b0:f5:dc:14:7b:10:8a:58:2f:8d:d9:07: cc:ca:f5:1c:a3:73:ef:a1:6b:b6:68:0a:c9:d7:29: 1f:7e:df:48:96:fe:4a:ac:de:35:0a:cd:af:be:1f: ae:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:60:77:1B:D2:6F:26:B3:76:79:B3:F4:D3:F8:63:54:FB:E0:0E:D8 X509v3 Authority Key Identifier: keyid:5E:FF:F2:57:8A:0E:62:15:DC:60:E2:DA:94:6F:30:D2:5C:63:CD:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xv_yV4oOYhXcYOLalG8w0lxjzWo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/79d1a1-091c-4039-8778-b697907ffdc8/1/yGB3G9JvJrN2ebP00_hjVPvgDtg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/84/79d1a1-091c-4039-8778-b697907ffdc8/1/Xv_yV4oOYhXcYOLalG8w0lxjzWo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.136.124.0/22 Signature Algorithm: sha256WithRSAEncryption a4:e8:52:76:82:ae:49:d6:73:c4:3e:b1:01:3a:fd:41:60:2b: 5d:4e:a0:b3:ba:4f:1f:d2:97:e4:21:70:a0:9e:93:f0:9b:de: c4:b5:93:b4:41:1c:1d:7b:d4:b7:fc:58:27:91:23:e1:66:a8: f7:dd:4a:bb:e7:36:43:51:95:85:95:a8:54:80:6a:55:0f:88: 9b:0d:62:2a:e4:54:ae:e3:8a:79:a8:2e:b8:97:a6:d9:05:d8: 68:80:29:39:b9:bd:d0:e6:fc:7c:af:1a:57:44:a7:bd:9e:4e: 74:28:4e:94:27:3d:69:01:ce:5c:f9:9b:c1:90:0e:68:85:bd: f1:3c:9d:3e:df:c2:8e:e9:bc:06:34:2f:3c:cc:11:5e:9c:ac: 9c:ce:91:68:b8:c2:14:9d:5d:85:c4:15:96:46:8a:ce:e8:6e: 4e:e9:29:ee:c9:9d:b1:95:a0:84:36:7b:2e:10:bc:2b:8c:20: a2:09:f3:9b:2d:94:d2:83:09:f9:43:b4:2e:c1:ef:a4:a9:db: 44:d5:53:c3:40:ff:c6:13:d9:8a:5f:e4:8e:23:53:f9:09:9e: e6:e9:3a:f4:1e:90:e4:e0:e5:d7:91:92:f3:a8:ad:2e:81:38: 04:a7:01:1c:8a:d3:53:b8:f2:52:3d:51:ba:3e:e2:06:69:df: c8:d7:60:9c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt57POQNX8wzcBzurBDccBZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZmZmMjU3OGEwZTYyMTVkYzYwZTJkYTk0NmYzMGQyNWM2 M2NkNmEwHhcNMjYwMTAxMTQxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjODYwNzcxYmQyNmYyNmIzNzY3OWIzZjRkM2Y4NjM1NGZiZTAwZWQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2f40V/yg1Fu3A5JhbvSjZKmlISk 4p9j+UKZecZzZIaCOGkbrZwLdNkcQAsji+5XsKoF7wJ1oo3rH8J7m59QTzZf4y3T QGXPq/liAB8DnT86h+1P2XGbNe7hfwdQROMCG7ytca+JbHB2t3fM+EDQQLA+gaQ6 RXhc8CF/t7Ywyh1MuxKqcjmj+FX3yKIMzWDrxpIEIQ1ZbUIW6GhW+XwthIrTKqkR LNeMvJHuco+fnAYee1DY3WIEmhfbViLYrK4PsGcOnVH5MDM5FJMczYrlqkLphkmw 9dwUexCKWC+N2QfMyvUco3PvoWu2aArJ1ykfft9Ilv5KrN41Cs2vvh+uTQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMhgdxvSbyazdnmz9NP4Y1T74A7YMB8GA1UdIwQY MBaAFF7/8leKDmIV3GDi2pRvMNJcY81qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHZfeVY0b09ZaFhjWU9MYWxHOHcwbHhqeldvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC83OWQxYTEtMDkxYy00MDM5LTg3Nzgt YjY5NzkwN2ZmZGM4LzEveUdCM0c5SnZKck4yZWJQMDBfaGpWUHZnRHRnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NC83OWQxYTEtMDkxYy00MDM5LTg3NzgtYjY5NzkwN2ZmZGM4 LzEvWHZfeVY0b09ZaFhjWU9MYWxHOHcwbHhqeldvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYh8MA0G CSqGSIb3DQEBCwUAA4IBAQCk6FJ2gq5J1nPEPrEBOv1BYCtdTqCzuk8f0pfkIXCg npPwm97EtZO0QRwde9S3/FgnkSPhZqj33Uq75zZDUZWFlahUgGpVD4ibDWIq5FSu 44p5qC64l6bZBdhogCk5ub3Q5vx8rxpXRKe9nk50KE6UJz1pAc5c+ZvBkA5ohb3x PJ0+38KO6bwGNC88zBFenKyczpFouMIUnV2FxBWWRorO6G5O6SnuyZ2xlaCENnsu ELwrjCCiCfObLZTSgwn5Q7Quwe+kqdtE1VPDQP/GE9mKX+SOI1P5CZ7m6Tr0HpDk 4OXXkZLzqK0ugTgEpwEcitNTuPJSPVG6PuIGad/I12Cc -----END CERTIFICATE-----Generated at Tue Jan 27 04:59:48 2026 by rpki-client