This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/ycEAE8U3GOcT-dI1EM9rShcAaZs.roa File: ycEAE8U3GOcT-dI1EM9rShcAaZs.roa (raw, json) Hash identifier: xuaS4IHUOmueIKBaxW7itaqT5M/7ix/11RW1ctyKbMg= Subject key identifier: C9:C1:00:13:C5:37:18:E7:13:F9:D2:35:10:CF:6B:4A:17:00:69:9B Certificate issuer: /CN=918ef823bb041ea3ac7c8936c750b6018137e2cd Certificate serial: 019B7AC86A2F1A8EC4D4F9917CFCD8F05D99 Authority key identifier: 91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/ycEAE8U3GOcT-dI1EM9rShcAaZs.roa Signing time: Thu 01 Jan 2026 18:18:33 +0000 ROA not before: Thu 01 Jan 2026 18:18:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6908 IP address blocks: 185.4.116.0/22 maxlen: 24 185.4.116.0/24 maxlen: 24 185.4.117.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.crl rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.mft rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:6a:2f:1a:8e:c4:d4:f9:91:7c:fc:d8:f0:5d:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=918ef823bb041ea3ac7c8936c750b6018137e2cd Validity Not Before: Jan 1 18:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9c10013c53718e713f9d23510cf6b4a1700699b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:38:23:32:10:f2:e9:ac:35:2c:b2:00:c6:be: da:3f:68:86:41:30:d9:f1:37:f2:e1:75:9b:18:d0: bb:28:f2:0a:f3:44:2e:20:8a:0e:66:2e:3b:7f:53: 19:62:b2:2e:0d:08:aa:12:b6:83:78:20:5c:76:18: 46:4d:cb:69:f5:a1:ae:b2:04:7f:ba:bc:af:12:d0: d1:11:c0:d9:98:88:33:d6:18:bc:86:06:90:2e:40: d4:8d:55:69:44:87:74:52:63:d5:ee:1c:03:8a:98: d2:45:fa:49:8a:71:b0:0a:10:17:e1:25:07:7a:17: f4:c0:3c:52:eb:86:1d:6d:38:03:a3:2e:b7:5f:61: ab:c4:8e:12:10:28:89:0d:54:d6:a6:8e:95:ed:d3: 22:04:65:e1:70:64:fa:cf:5e:bc:bf:52:a3:48:8e: f7:be:cb:b2:fe:3f:e6:e5:37:9b:77:44:d2:90:82: 7d:31:dd:4c:0c:e0:4f:76:d7:b0:cf:3b:64:4b:8c: 55:25:9c:97:e0:62:3d:7e:d7:a9:5a:cc:f5:47:7a: 33:e9:66:56:5a:47:d8:ed:c5:5a:db:ee:55:a5:13: bf:48:6e:0d:15:02:29:67:04:ba:89:6d:39:3a:3b: f9:ce:8b:91:47:04:c2:c4:57:2e:70:c2:d4:f7:5c: 7f:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:C1:00:13:C5:37:18:E7:13:F9:D2:35:10:CF:6B:4A:17:00:69:9B X509v3 Authority Key Identifier: keyid:91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/ycEAE8U3GOcT-dI1EM9rShcAaZs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.4.116.0/22 Signature Algorithm: sha256WithRSAEncryption 91:0a:bd:23:44:ff:76:ff:0c:fd:13:d6:7f:56:50:2c:bc:f6: 30:8d:af:1b:8e:38:5e:ff:35:ab:30:2f:27:ce:5e:ef:d1:66: 51:1f:51:3c:00:28:74:69:e2:8d:d4:65:f3:6c:32:9f:17:6a: af:49:78:c0:14:fe:e6:c8:33:5e:9d:23:b0:dc:84:3c:54:1a: 02:bc:ff:a8:d9:ac:69:a4:47:e6:de:dd:58:16:63:00:c7:d2: fb:29:50:b8:d9:8a:89:00:82:c9:50:34:7b:04:31:1d:92:76: 5e:71:b6:d1:2f:a6:ad:7f:c8:0c:db:6c:78:f2:8b:80:b5:1c: 59:46:fd:c9:1b:a3:d6:5c:53:32:53:2e:18:f1:38:d3:f9:b7: 9e:a1:32:c5:5d:30:d3:7b:e0:dc:ce:42:b4:1a:d7:fe:68:bd: 44:f5:f9:7c:82:d5:9c:a3:66:02:34:b3:02:60:18:65:2e:b7: 8b:28:5f:9b:fc:b9:82:b8:f4:5b:db:28:37:94:40:f2:4a:df: d5:20:08:43:e5:38:e7:21:06:f3:37:12:d4:f3:3a:54:68:57: 6a:0c:f4:83:f9:1b:24:9e:9e:7b:26:1b:cc:43:31:6e:f1:a5: 5c:2e:d2:87:3f:04:9d:14:58:a5:6c:ff:d5:11:a1:c6:75:70: 30:63:e7:46 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6yGovGo7E1PmRfPzY8F2ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxOGVmODIzYmIwNDFlYTNhYzdjODkzNmM3NTBiNjAxODEz N2UyY2QwHhcNMjYwMTAxMTgxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOWMxMDAxM2M1MzcxOGU3MTNmOWQyMzUxMGNmNmI0YTE3MDA2OTliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDgjMhDy6aw1LLIAxr7aP2iGQTDZ 8Tfy4XWbGNC7KPIK80QuIIoOZi47f1MZYrIuDQiqEraDeCBcdhhGTctp9aGusgR/ uryvEtDREcDZmIgz1hi8hgaQLkDUjVVpRId0UmPV7hwDipjSRfpJinGwChAX4SUH ehf0wDxS64YdbTgDoy63X2GrxI4SECiJDVTWpo6V7dMiBGXhcGT6z168v1KjSI73 vsuy/j/m5Tebd0TSkIJ9Md1MDOBPdtewzztkS4xVJZyX4GI9ftepWsz1R3oz6WZW WkfY7cVa2+5VpRO/SG4NFQIpZwS6iW05Ojv5zouRRwTCxFcucMLU91x/7QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMnBABPFNxjnE/nSNRDPa0oXAGmbMB8GA1UdIwQY MBaAFJGO+CO7BB6jrHyJNsdQtgGBN+LNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMt NjUyOTc1MWIyYjAxLzEveWNFQUU4VTNHT2NULWRJMUVNOXJTaGNBYVpzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMtNjUyOTc1MWIyYjAx LzEva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQR0MA0G CSqGSIb3DQEBCwUAA4IBAQCRCr0jRP92/wz9E9Z/VlAsvPYwja8bjjhe/zWrMC8n zl7v0WZRH1E8ACh0aeKN1GXzbDKfF2qvSXjAFP7myDNenSOw3IQ8VBoCvP+o2axp pEfm3t1YFmMAx9L7KVC42YqJAILJUDR7BDEdknZecbbRL6atf8gM22x48ouAtRxZ Rv3JG6PWXFMyUy4Y8TjT+beeoTLFXTDTe+DczkK0Gtf+aL1E9fl8gtWco2YCNLMC YBhlLreLKF+b/LmCuPRb2yg3lEDySt/VIAhD5TjnIQbzNxLU8zpUaFdqDPSD+Rsk np57JhvMQzFu8aVcLtKHPwSdFFilbP/VEaHGdXAwY+dG -----END CERTIFICATE-----Generated at Mon Jan 26 07:41:56 2026 by rpki-client