This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/yctCqdF2GcTXWy0WmDYHPzl-WtQ.roa File: yctCqdF2GcTXWy0WmDYHPzl-WtQ.roa (raw, json) Hash identifier: FQFO1j2YPQTxKyeArPzCOMAvtASBLvUVTye3eM/YxHo= Subject key identifier: C9:CB:42:A9:D1:76:19:C4:D7:5B:2D:16:98:36:07:3F:39:7E:5A:D4 Certificate issuer: /CN=d325fc508a7373256720a54d73fa9057d8a21c13 Certificate serial: 019B78A25B0EEB1BC19F4DA072733FB3E0F0 Authority key identifier: D3:25:FC:50:8A:73:73:25:67:20:A5:4D:73:FA:90:57:D8:A2:1C:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0yX8UIpzcyVnIKVNc_qQV9iiHBM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/yctCqdF2GcTXWy0WmDYHPzl-WtQ.roa Signing time: Thu 01 Jan 2026 08:17:44 +0000 ROA not before: Thu 01 Jan 2026 08:17:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205609 IP address blocks: 185.133.252.0/22 maxlen: 22 185.133.252.0/23 maxlen: 23 185.133.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/0yX8UIpzcyVnIKVNc_qQV9iiHBM.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/0yX8UIpzcyVnIKVNc_qQV9iiHBM.mft rsync://rpki.ripe.net/repository/DEFAULT/0yX8UIpzcyVnIKVNc_qQV9iiHBM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:5b:0e:eb:1b:c1:9f:4d:a0:72:73:3f:b3:e0:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d325fc508a7373256720a54d73fa9057d8a21c13 Validity Not Before: Jan 1 08:17:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9cb42a9d17619c4d75b2d169836073f397e5ad4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:78:f6:53:84:ae:18:79:e4:43:e3:d9:94:08: ce:10:3b:3f:20:7c:53:5d:53:92:e2:ab:85:50:e2: 91:a8:4c:3b:e1:e5:df:6e:0a:fe:b2:54:02:22:3e: f7:03:bd:9d:a0:98:90:30:25:3a:a4:6c:db:24:b4: 09:24:49:ab:18:17:d4:1a:a8:09:51:b4:2e:f1:03: 2f:3a:e2:b2:d4:4e:72:c6:c7:42:e0:77:56:0d:77: cd:85:b8:80:7e:a3:23:5a:60:72:12:bb:63:bd:26: 14:16:a7:3e:fb:2d:0c:3d:82:f3:0f:f1:0b:d5:95: 33:e2:f5:03:dc:b1:4b:23:d9:d4:ff:f4:d9:90:8e: 4a:72:87:ba:69:ba:1c:49:e9:7a:ca:b4:90:c9:e4: ef:63:60:6e:23:dc:30:67:2a:f3:51:a3:81:be:dd: 84:46:c2:a0:08:7f:7b:03:51:08:29:37:34:2a:87: 38:7f:ba:50:7f:97:ca:70:9d:ed:be:64:53:77:72: 85:11:97:76:cc:0c:2b:60:90:a3:a1:62:ce:90:2d: 05:ec:2d:24:d7:c9:e2:8a:c2:fc:70:a5:62:cc:63: d6:c3:30:72:e4:46:67:dd:ac:1a:b6:6d:d5:bf:c0: fe:55:22:6d:47:b3:b6:b8:fe:61:d7:d9:61:ef:d4: f7:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:CB:42:A9:D1:76:19:C4:D7:5B:2D:16:98:36:07:3F:39:7E:5A:D4 X509v3 Authority Key Identifier: keyid:D3:25:FC:50:8A:73:73:25:67:20:A5:4D:73:FA:90:57:D8:A2:1C:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0yX8UIpzcyVnIKVNc_qQV9iiHBM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/yctCqdF2GcTXWy0WmDYHPzl-WtQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/dc1724-3165-47ef-a6fe-1c6aa1f6b70b/1/0yX8UIpzcyVnIKVNc_qQV9iiHBM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.133.252.0/22 Signature Algorithm: sha256WithRSAEncryption 38:d5:d7:9c:87:4a:7d:45:0d:7e:48:8c:a4:c7:bb:81:62:0f: 65:a0:cc:e0:d2:d3:fc:c5:dc:59:78:dd:b3:2f:6d:79:e2:5b: 8e:93:03:80:00:19:d1:43:04:84:1c:b3:5c:0e:c9:2f:ed:1c: ea:37:5f:f4:52:1e:7b:6c:05:74:da:3a:68:85:2f:0d:70:28: ac:39:b0:57:43:37:c7:2a:19:0d:64:67:88:89:0b:d3:44:52: 49:a0:12:68:49:2c:0a:56:98:85:1c:2b:2e:8b:6b:94:be:ac: 27:e7:ee:d3:85:96:f5:5d:c0:9a:64:a0:62:4e:2c:ff:5a:05: d5:fe:b7:12:b4:b5:7b:91:67:20:39:25:c7:54:dd:ef:03:70: e6:66:7e:60:f9:40:5f:f7:4e:68:33:be:86:4c:5c:71:27:54: eb:bd:f4:bc:ce:cf:53:d7:00:f6:e2:34:b0:db:14:7a:09:4c: 6b:9b:fb:04:46:94:f4:3b:d5:b3:4e:7f:97:85:c3:c2:b0:95: fa:bb:e4:1f:5e:42:0d:df:c9:0f:a9:e9:9b:a7:62:3d:3f:06: ee:90:4a:68:f5:bc:0d:db:88:61:5d:f5:d2:c5:1f:6b:1a:2a: b9:3d:2e:dd:bb:43:5a:4a:5b:2c:a1:30:85:ff:d6:89:1b:b5: f3:44:24:87 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4olsO6xvBn02gcnM/s+DwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzMjVmYzUwOGE3MzczMjU2NzIwYTU0ZDczZmE5MDU3ZDhh MjFjMTMwHhcNMjYwMTAxMDgxNzQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOWNiNDJhOWQxNzYxOWM0ZDc1YjJkMTY5ODM2MDczZjM5N2U1YWQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA03j2U4SuGHnkQ+PZlAjOEDs/IHxT XVOS4quFUOKRqEw74eXfbgr+slQCIj73A72doJiQMCU6pGzbJLQJJEmrGBfUGqgJ UbQu8QMvOuKy1E5yxsdC4HdWDXfNhbiAfqMjWmByErtjvSYUFqc++y0MPYLzD/EL 1ZUz4vUD3LFLI9nU//TZkI5Kcoe6abocSel6yrSQyeTvY2BuI9wwZyrzUaOBvt2E RsKgCH97A1EIKTc0Koc4f7pQf5fKcJ3tvmRTd3KFEZd2zAwrYJCjoWLOkC0F7C0k 18niisL8cKVizGPWwzBy5EZn3awatm3Vv8D+VSJtR7O2uP5h19lh79T3PwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFMnLQqnRdhnE11stFpg2Bz85flrUMB8GA1UdIwQY MBaAFNMl/FCKc3MlZyClTXP6kFfYohwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHlYOFVJcHpjeVZuSUtWTmNfcVFWOWlpSEJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9kYzE3MjQtMzE2NS00N2VmLWE2ZmUt MWM2YWExZjZiNzBiLzEveWN0Q3FkRjJHY1RYV3kwV21EWUhQemwtV3RRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC9kYzE3MjQtMzE2NS00N2VmLWE2ZmUtMWM2YWExZjZiNzBi LzEvMHlYOFVJcHpjeVZuSUtWTmNfcVFWOWlpSEJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYX8MA0G CSqGSIb3DQEBCwUAA4IBAQA41dech0p9RQ1+SIykx7uBYg9loMzg0tP8xdxZeN2z L2154luOkwOAABnRQwSEHLNcDskv7RzqN1/0Uh57bAV02jpohS8NcCisObBXQzfH KhkNZGeIiQvTRFJJoBJoSSwKVpiFHCsui2uUvqwn5+7ThZb1XcCaZKBiTiz/WgXV /rcStLV7kWcgOSXHVN3vA3DmZn5g+UBf905oM76GTFxxJ1TrvfS8zs9T1wD24jSw 2xR6CUxrm/sERpT0O9WzTn+XhcPCsJX6u+QfXkIN38kPqembp2I9PwbukEpo9bwN 24hhXfXSxR9rGiq5PS7du0NaSlssoTCF/9aJG7XzRCSH -----END CERTIFICATE-----Generated at Mon Jan 26 13:11:04 2026 by rpki-client