This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/614b05-7445-4046-9fb1-2fde80435f4d/1/YcaaAclAYCZA0bQEtArsD3C2cfU.roa File: YcaaAclAYCZA0bQEtArsD3C2cfU.roa (raw, json) Hash identifier: 7YmlJQnQIkOS++HCP7NR3QXbRt39kMWOkSZeS0idrew= Subject key identifier: 61:C6:9A:01:C9:40:60:26:40:D1:B4:04:B4:0A:EC:0F:70:B6:71:F5 Certificate issuer: /CN=6dbd5cb29940ac2a8553b6ec0a8cec7c209f7ce7 Certificate serial: 019B7CEE5BDF9481F79E6C3CF19B6884336D Authority key identifier: 6D:BD:5C:B2:99:40:AC:2A:85:53:B6:EC:0A:8C:EC:7C:20:9F:7C:E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bb1csplArCqFU7bsCozsfCCffOc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/614b05-7445-4046-9fb1-2fde80435f4d/1/YcaaAclAYCZA0bQEtArsD3C2cfU.roa Signing time: Fri 02 Jan 2026 04:19:14 +0000 ROA not before: Fri 02 Jan 2026 04:19:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43791 IP address blocks: 185.212.220.0/24 maxlen: 24 185.212.221.0/24 maxlen: 24 185.212.222.0/24 maxlen: 24 185.212.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/614b05-7445-4046-9fb1-2fde80435f4d/1/bb1csplArCqFU7bsCozsfCCffOc.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/614b05-7445-4046-9fb1-2fde80435f4d/1/bb1csplArCqFU7bsCozsfCCffOc.mft rsync://rpki.ripe.net/repository/DEFAULT/bb1csplArCqFU7bsCozsfCCffOc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:5b:df:94:81:f7:9e:6c:3c:f1:9b:68:84:33:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6dbd5cb29940ac2a8553b6ec0a8cec7c209f7ce7 Validity Not Before: Jan 2 04:19:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=61c69a01c940602640d1b404b40aec0f70b671f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:fb:72:d6:b3:19:e7:d6:65:90:bc:aa:4c:79: 5a:04:20:a2:9c:bf:60:4d:15:0a:79:84:80:a6:7a: d7:eb:3f:80:ac:6a:f7:5b:d3:bf:cc:a7:e1:3a:ce: 66:b6:9b:3d:66:fe:73:f4:6c:24:6e:03:6b:93:57: 75:d5:dd:9c:71:b2:57:c1:69:da:2c:28:bd:95:80: a1:87:3e:03:ed:ee:9b:a1:23:5a:7a:7c:52:a9:c3: e0:61:be:2d:80:05:a4:18:78:3a:eb:bf:db:d0:ed: 25:ae:f0:0e:72:32:79:64:83:44:09:c7:2f:fb:b8: 85:25:d0:62:df:4d:30:43:25:f5:6b:fa:78:17:d6: ff:b1:f5:62:2c:a4:91:cb:3e:73:ec:c2:52:d1:d8: 56:87:ca:38:7e:b4:6f:09:41:9a:50:f1:cb:f2:72: 14:97:ac:6e:55:80:43:c6:7e:3c:55:b7:38:8c:5e: 40:38:94:b3:65:88:51:93:4d:50:b6:50:6f:a6:58: ce:d0:11:25:3a:68:64:0f:68:49:f6:cd:86:9e:39: c0:1a:4a:85:06:26:b5:6f:29:d3:8c:09:d9:e5:85: b5:07:9b:58:5b:67:62:4a:d5:0e:5d:92:ab:1e:4a: 5f:cb:87:cc:5c:c8:9c:cd:b0:e6:91:a1:71:c1:00: 8e:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:C6:9A:01:C9:40:60:26:40:D1:B4:04:B4:0A:EC:0F:70:B6:71:F5 X509v3 Authority Key Identifier: keyid:6D:BD:5C:B2:99:40:AC:2A:85:53:B6:EC:0A:8C:EC:7C:20:9F:7C:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb1csplArCqFU7bsCozsfCCffOc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/614b05-7445-4046-9fb1-2fde80435f4d/1/YcaaAclAYCZA0bQEtArsD3C2cfU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/614b05-7445-4046-9fb1-2fde80435f4d/1/bb1csplArCqFU7bsCozsfCCffOc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.212.220.0/22 Signature Algorithm: sha256WithRSAEncryption 19:48:8c:6c:38:91:ac:2b:71:dc:47:bd:df:5c:08:2f:7c:21: c3:4c:2b:6a:a4:69:32:9e:f5:2c:f9:46:89:a2:19:a6:d3:89: a3:90:ff:9d:54:9e:a0:41:d5:69:04:aa:ce:9c:fe:46:34:52: ae:09:42:54:2d:e7:cd:3b:c2:2d:66:cb:51:9e:a0:6c:be:4b: 70:28:63:2c:63:39:5b:fd:b9:38:69:7d:9b:f3:71:de:8b:fd: ee:84:5a:a5:df:b8:b2:25:07:db:33:7f:c8:64:fd:93:7b:e8: f7:27:3c:d2:93:9b:f7:4d:a5:ba:d4:07:4b:55:eb:7e:92:b9: 22:c4:fd:8a:20:c1:34:cb:c4:d9:51:20:01:38:a3:43:27:5a: bf:da:58:59:f4:0b:e8:f7:7a:1a:4d:24:a0:df:78:80:7e:aa: ef:cc:2d:d2:cf:83:c0:2f:4b:e0:b3:05:25:0c:9e:3d:15:43: af:97:1a:b4:41:5e:ae:a7:36:f1:6f:5f:1b:93:9d:7a:da:0f: f2:3c:12:d1:6c:6e:81:4d:92:76:5f:a9:de:30:7f:c2:ab:70: d2:bb:60:bc:b0:f8:4e:7a:69:35:7a:2b:41:0a:e6:6c:df:5a: 75:b3:11:90:19:5c:0b:58:55:bc:1a:0b:30:24:c7:00:a3:2f: 50:f2:00:98 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87lvflIH3nmw88ZtohDNtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkYmQ1Y2IyOTk0MGFjMmE4NTUzYjZlYzBhOGNlYzdjMjA5 ZjdjZTcwHhcNMjYwMTAyMDQxOTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MWM2OWEwMWM5NDA2MDI2NDBkMWI0MDRiNDBhZWMwZjcwYjY3MWY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/ty1rMZ59ZlkLyqTHlaBCCinL9g TRUKeYSApnrX6z+ArGr3W9O/zKfhOs5mtps9Zv5z9GwkbgNrk1d11d2ccbJXwWna LCi9lYChhz4D7e6boSNaenxSqcPgYb4tgAWkGHg667/b0O0lrvAOcjJ5ZINECccv +7iFJdBi300wQyX1a/p4F9b/sfViLKSRyz5z7MJS0dhWh8o4frRvCUGaUPHL8nIU l6xuVYBDxn48Vbc4jF5AOJSzZYhRk01QtlBvpljO0BElOmhkD2hJ9s2GnjnAGkqF Bia1bynTjAnZ5YW1B5tYW2diStUOXZKrHkpfy4fMXMiczbDmkaFxwQCOTwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGHGmgHJQGAmQNG0BLQK7A9wtnH1MB8GA1UdIwQY MBaAFG29XLKZQKwqhVO27AqM7Hwgn3znMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYmIxY3NwbEFyQ3FGVTdic0NvenNmQ0NmZk9jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC82MTRiMDUtNzQ0NS00MDQ2LTlmYjEt MmZkZTgwNDM1ZjRkLzEvWWNhYUFjbEFZQ1pBMGJRRXRBcnNEM0MyY2ZVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC82MTRiMDUtNzQ0NS00MDQ2LTlmYjEtMmZkZTgwNDM1ZjRk LzEvYmIxY3NwbEFyQ3FGVTdic0NvenNmQ0NmZk9jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudTcMA0G CSqGSIb3DQEBCwUAA4IBAQAZSIxsOJGsK3HcR73fXAgvfCHDTCtqpGkynvUs+UaJ ohmm04mjkP+dVJ6gQdVpBKrOnP5GNFKuCUJULefNO8ItZstRnqBsvktwKGMsYzlb /bk4aX2b83Hei/3uhFql37iyJQfbM3/IZP2Te+j3JzzSk5v3TaW61AdLVet+krki xP2KIME0y8TZUSABOKNDJ1q/2lhZ9Avo93oaTSSg33iAfqrvzC3Sz4PAL0vgswUl DJ49FUOvlxq0QV6upzbxb18bk5162g/yPBLRbG6BTZJ2X6neMH/Cq3DSu2C8sPhO emk1eitBCuZs31p1sxGQGVwLWFW8GgswJMcAoy9Q8gCY -----END CERTIFICATE-----Generated at Mon Jan 26 00:13:58 2026 by rpki-client