This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/y0HSKe7CzMBtdpz9DmRn9tJBwb8.roa File: y0HSKe7CzMBtdpz9DmRn9tJBwb8.roa (raw, json) Hash identifier: bOHva0sJms6ywiPuzz/IRYYizszJ2NQLVc8uPSnnx10= Subject key identifier: CB:41:D2:29:EE:C2:CC:C0:6D:76:9C:FD:0E:64:67:F6:D2:41:C1:BF Certificate issuer: /CN=d5620cec70974d037d7769758c74668305b32cf2 Certificate serial: 019B7E379769EBD765509E33BF9CFA9A98CC Authority key identifier: D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/y0HSKe7CzMBtdpz9DmRn9tJBwb8.roa Signing time: Fri 02 Jan 2026 10:18:51 +0000 ROA not before: Fri 02 Jan 2026 10:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62212 IP address blocks: 87.236.146.0/24 maxlen: 24 91.184.248.0/22 maxlen: 24 91.199.137.0/24 maxlen: 24 91.199.147.0/24 maxlen: 24 91.199.154.0/24 maxlen: 24 91.199.160.0/24 maxlen: 24 92.61.70.0/23 maxlen: 24 109.172.8.0/23 maxlen: 24 188.127.246.0/23 maxlen: 24 2a11:3b80::/29 maxlen: 48 2a11:3b80::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.mft rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:97:69:eb:d7:65:50:9e:33:bf:9c:fa:9a:98:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5620cec70974d037d7769758c74668305b32cf2 Validity Not Before: Jan 2 10:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb41d229eec2ccc06d769cfd0e6467f6d241c1bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:68:8c:8b:2a:09:7a:6d:37:14:13:af:ae:8a: ed:3f:23:d9:02:eb:e3:15:f4:9a:6a:ad:84:65:1a: bd:2d:00:3c:f5:cb:08:dd:83:ca:a5:72:af:48:67: 14:5f:54:fd:84:ef:20:c7:27:18:7b:a7:21:4a:10: 45:8b:a4:14:92:06:00:dd:f3:03:61:40:c9:9d:c0: 52:af:16:19:e7:27:10:6e:9c:0f:40:be:10:7b:6e: 8c:97:b1:48:0f:21:3c:47:ea:d2:52:51:7d:82:e8: a4:08:d1:21:1f:4e:8d:a3:08:b0:2f:58:cc:e5:e8: fa:3f:93:e0:22:07:7b:c0:4a:54:a1:bc:cb:ff:e2: a1:f8:dc:77:2e:3e:bb:70:fc:0b:0f:dc:d9:50:d4: d0:39:94:6e:28:c4:ec:25:d2:84:c2:cf:74:26:57: 5e:01:2c:07:af:f3:48:60:39:3f:0a:b2:d6:65:87: 6e:1f:f1:3e:a7:ed:f6:c6:59:72:90:12:8a:3b:59: b8:07:a2:af:f2:cf:24:2a:d7:42:15:87:8a:ff:07: 46:ac:13:2b:72:ce:cb:bb:cb:d6:59:49:5d:13:2e: 05:49:e2:8e:9f:1a:01:3c:0d:fa:ef:08:c7:41:15: e9:cd:79:63:bf:d8:db:de:35:0a:41:0d:cc:8b:85: c7:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:41:D2:29:EE:C2:CC:C0:6D:76:9C:FD:0E:64:67:F6:D2:41:C1:BF X509v3 Authority Key Identifier: keyid:D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/y0HSKe7CzMBtdpz9DmRn9tJBwb8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.236.146.0/24 91.184.248.0/22 91.199.137.0/24 91.199.147.0/24 91.199.154.0/24 91.199.160.0/24 92.61.70.0/23 109.172.8.0/23 188.127.246.0/23 IPv6: 2a11:3b80::/29 Signature Algorithm: sha256WithRSAEncryption 7a:3e:2e:59:66:7f:c7:e5:2c:cd:1d:e1:b0:a0:79:4c:4f:4f: 9b:ae:7f:6c:7a:5f:ca:7f:c5:81:34:d8:0e:dd:84:80:15:29: 28:f3:e5:8a:00:97:96:f3:22:c9:65:39:e9:54:b5:8e:83:39: f9:31:24:b4:2d:c4:c1:a9:ea:11:5e:6b:66:fa:43:ce:c5:5d: 7c:de:26:9f:1b:66:47:89:1d:a1:cd:20:12:9a:0e:e3:ef:1c: da:e3:cd:4f:8e:23:18:4d:60:17:6e:7e:89:b5:33:46:f6:43: 8d:70:da:96:cf:e4:4d:f2:c2:49:67:9b:87:24:a6:ef:b7:52: 19:7c:9f:ce:81:68:e4:cb:36:00:41:d2:59:4f:06:4c:a0:1e: b4:43:c9:98:79:c2:6b:87:12:1f:a6:1b:1e:23:dd:7e:d6:72: 25:b6:92:ff:aa:1d:4d:59:70:67:70:04:c4:9d:fe:e9:c3:c2: 77:62:16:c3:cd:6f:ce:64:71:42:bd:fe:57:5f:ca:f4:e2:3c: 7b:0e:71:56:24:c5:a6:39:ac:2e:13:85:3e:8f:9b:05:40:26: 0e:9c:56:21:81:b8:8b:94:a8:f6:8f:2f:47:6a:bb:1a:95:96: 86:1d:4b:06:35:5b:bb:3c:dc:e9:12:61:c6:16:ee:a9:9c:0b: 2a:6b:45:e4 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgISAZt+N5dp69dlUJ4zv5z6mpjMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1NjIwY2VjNzA5NzRkMDM3ZDc3Njk3NThjNzQ2NjgzMDVi MzJjZjIwHhcNMjYwMTAyMTAxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjQxZDIyOWVlYzJjY2MwNmQ3NjljZmQwZTY0NjdmNmQyNDFjMWJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2iMiyoJem03FBOvrortPyPZAuvj FfSaaq2EZRq9LQA89csI3YPKpXKvSGcUX1T9hO8gxycYe6chShBFi6QUkgYA3fMD YUDJncBSrxYZ5ycQbpwPQL4Qe26Ml7FIDyE8R+rSUlF9guikCNEhH06NowiwL1jM 5ej6P5PgIgd7wEpUobzL/+Kh+Nx3Lj67cPwLD9zZUNTQOZRuKMTsJdKEws90Jlde ASwHr/NIYDk/CrLWZYduH/E+p+32xllykBKKO1m4B6Kv8s8kKtdCFYeK/wdGrBMr cs7Lu8vWWUldEy4FSeKOnxoBPA367wjHQRXpzXljv9jb3jUKQQ3Mi4XHuQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMtB0inuwszAbXac/Q5kZ/bSQcG/MB8GA1UdIwQY MBaAFNViDOxwl00DfXdpdYx0ZoMFsyzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTkt YmU0MzRjYjlmOGY4LzEveTBIU0tlN0N6TUJ0ZHB6OURtUm45dEpCd2I4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTktYmU0MzRjYjlmOGY4 LzEvMVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQAV+ySAwQC W7j4AwQAW8eJAwQAW8eTAwQAW8eaAwQAW8egAwQBXD1GAwQBbawIAwQBvH/2MA0E AgACMAcDBQMqETuAMA0GCSqGSIb3DQEBCwUAA4IBAQB6Pi5ZZn/H5SzNHeGwoHlM T0+brn9sel/Kf8WBNNgO3YSAFSko8+WKAJeW8yLJZTnpVLWOgzn5MSS0LcTBqeoR Xmtm+kPOxV183iafG2ZHiR2hzSASmg7j7xza481PjiMYTWAXbn6JtTNG9kONcNqW z+RN8sJJZ5uHJKbvt1IZfJ/OgWjkyzYAQdJZTwZMoB60Q8mYecJrhxIfphseI91+ 1nIltpL/qh1NWXBncATEnf7pw8J3YhbDzW/OZHFCvf5XX8r04jx7DnFWJMWmOawu E4U+j5sFQCYOnFYhgbiLlKj2jy9HarsalZaGHUsGNVu7PNzpEmHGFu6pnAsqa0Xk -----END CERTIFICATE-----Generated at Mon Jan 26 08:39:31 2026 by rpki-client