This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/yUKdjmZYtQWjFFXFgM-27cUdhs0.roa File: yUKdjmZYtQWjFFXFgM-27cUdhs0.roa (raw, json) Hash identifier: ob1AlTKcmBmfwJd93MbWCK4KiRPHg8c27xb+FIsvFL8= Subject key identifier: C9:42:9D:8E:66:58:B5:05:A3:14:55:C5:80:CF:B6:ED:C5:1D:86:CD Certificate issuer: /CN=b51e3f6bebcd05291dc5265e08b1cd6c401b9cfd Certificate serial: 019B7C125B73F213426CFFBD9C090F407079 Authority key identifier: B5:1E:3F:6B:EB:CD:05:29:1D:C5:26:5E:08:B1:CD:6C:40:1B:9C:FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tR4_a-vNBSkdxSZeCLHNbEAbnP0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/yUKdjmZYtQWjFFXFgM-27cUdhs0.roa Signing time: Fri 02 Jan 2026 00:18:56 +0000 ROA not before: Fri 02 Jan 2026 00:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8495 IP address blocks: 85.209.200.0/22 maxlen: 24 89.146.192.0/18 maxlen: 24 195.34.160.0/19 maxlen: 24 2a01:130::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/tR4_a-vNBSkdxSZeCLHNbEAbnP0.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/tR4_a-vNBSkdxSZeCLHNbEAbnP0.mft rsync://rpki.ripe.net/repository/DEFAULT/tR4_a-vNBSkdxSZeCLHNbEAbnP0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 00:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:5b:73:f2:13:42:6c:ff:bd:9c:09:0f:40:70:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b51e3f6bebcd05291dc5265e08b1cd6c401b9cfd Validity Not Before: Jan 2 00:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9429d8e6658b505a31455c580cfb6edc51d86cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:d4:a9:2c:bc:91:e0:cc:80:68:28:23:03:1f: b6:bd:02:f9:b9:cf:56:35:73:f5:ad:e3:bd:35:b5: 4d:44:a4:7c:dd:6e:66:b9:2b:b9:0e:72:09:89:a7: 1f:5a:02:f0:85:95:a6:b1:75:05:4f:9b:66:b1:76: 7a:c6:f5:fd:c7:a0:4e:f2:b5:1d:40:70:40:81:18: c3:4f:31:3c:59:29:0a:4e:91:d2:5a:fc:b7:88:80: 85:fb:a5:8f:77:20:fb:a4:f6:da:db:f2:37:86:10: 2d:2b:10:4e:1c:8f:85:f8:24:26:62:18:97:6e:50: d4:17:3f:b0:90:ec:c7:32:7c:dc:95:85:ae:50:fa: 0b:c6:f1:55:59:d3:70:4d:69:2c:63:d4:d5:57:55: e2:f6:18:ea:ab:ca:59:e3:2b:37:df:65:d0:84:3e: 63:ff:a6:4c:47:26:9d:3b:4f:2d:e5:b0:98:fe:f1: 01:62:6c:b0:83:86:04:73:f8:0e:aa:73:50:08:87: 9c:6d:5a:db:ed:81:c5:a3:e2:bb:2e:32:d2:31:a4: 4a:08:49:31:54:4c:c8:16:4b:8b:67:56:7f:69:d3: d4:3b:11:28:56:a9:c5:f7:f8:2a:f5:60:f1:dc:eb: 46:89:13:33:1b:5d:b4:40:60:7c:52:a4:d6:bc:79: 45:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:42:9D:8E:66:58:B5:05:A3:14:55:C5:80:CF:B6:ED:C5:1D:86:CD X509v3 Authority Key Identifier: keyid:B5:1E:3F:6B:EB:CD:05:29:1D:C5:26:5E:08:B1:CD:6C:40:1B:9C:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tR4_a-vNBSkdxSZeCLHNbEAbnP0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/yUKdjmZYtQWjFFXFgM-27cUdhs0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/02fdfd-7ac8-4321-b930-8fa551e6ae75/1/tR4_a-vNBSkdxSZeCLHNbEAbnP0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.209.200.0/22 89.146.192.0/18 195.34.160.0/19 IPv6: 2a01:130::/32 Signature Algorithm: sha256WithRSAEncryption 18:dc:95:75:d8:42:7d:45:4f:81:42:0a:a5:2c:3b:97:46:b5: a7:d8:e8:84:a1:3c:19:ef:87:d7:ef:09:ea:b7:12:27:4d:8b: 33:23:72:7b:c8:6c:cb:7b:b5:b8:cf:bc:58:3b:44:01:32:fb: 33:fc:75:ca:10:61:71:9d:96:94:cd:d6:82:c0:61:7b:05:a7: ed:4b:fb:fe:f8:4d:00:33:f3:5c:cf:7f:c6:7c:b2:34:e2:49: 4c:a8:2d:b1:04:2c:47:29:89:5a:e7:a7:c3:36:1d:c9:b8:08: d3:76:86:37:8a:f5:41:5e:5e:b0:22:97:b4:15:3b:de:69:0d: f8:09:29:92:17:08:bc:74:af:89:9f:bb:29:e5:e1:63:8c:2b: e7:d7:3c:eb:b3:0d:f8:cc:91:11:89:04:d9:c9:71:96:df:db: c5:f7:5a:61:83:21:fe:24:53:ed:a1:39:68:95:a1:4d:ff:9a: 70:10:2c:64:77:ca:58:3e:3f:3b:90:45:90:23:f1:e4:eb:3c: fd:15:c6:e8:23:e6:29:fc:cb:05:aa:89:b4:0a:54:2e:38:91: b5:b0:79:ca:ed:dc:5b:49:3b:a4:4c:1a:24:76:0e:dd:ef:49: 7b:7a:94:06:dc:83:32:f4:4d:8b:0c:14:3f:3e:61:5a:52:39: 24:4c:c2:c5 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt8Eltz8hNCbP+9nAkPQHB5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1MWUzZjZiZWJjZDA1MjkxZGM1MjY1ZTA4YjFjZDZjNDAx YjljZmQwHhcNMjYwMTAyMDAxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOTQyOWQ4ZTY2NThiNTA1YTMxNDU1YzU4MGNmYjZlZGM1MWQ4NmNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdSpLLyR4MyAaCgjAx+2vQL5uc9W NXP1reO9NbVNRKR83W5muSu5DnIJiacfWgLwhZWmsXUFT5tmsXZ6xvX9x6BO8rUd QHBAgRjDTzE8WSkKTpHSWvy3iICF+6WPdyD7pPba2/I3hhAtKxBOHI+F+CQmYhiX blDUFz+wkOzHMnzclYWuUPoLxvFVWdNwTWksY9TVV1Xi9hjqq8pZ4ys332XQhD5j /6ZMRyadO08t5bCY/vEBYmywg4YEc/gOqnNQCIecbVrb7YHFo+K7LjLSMaRKCEkx VEzIFkuLZ1Z/adPUOxEoVqnF9/gq9WDx3OtGiRMzG120QGB8UqTWvHlFLQIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFMlCnY5mWLUFoxRVxYDPtu3FHYbNMB8GA1UdIwQY MBaAFLUeP2vrzQUpHcUmXgixzWxAG5z9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFI0X2Etdk5CU2tkeFNaZUNMSE5iRUFiblAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wMmZkZmQtN2FjOC00MzIxLWI5MzAt OGZhNTUxZTZhZTc1LzEveVVLZGptWll0UVdqRkZYRmdNLTI3Y1VkaHMwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8wMmZkZmQtN2FjOC00MzIxLWI5MzAtOGZhNTUxZTZhZTc1 LzEvdFI0X2Etdk5CU2tkeFNaZUNMSE5iRUFiblAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCVdHIAwQG WZLAAwQFwyKgMA0EAgACMAcDBQAqAQEwMA0GCSqGSIb3DQEBCwUAA4IBAQAY3JV1 2EJ9RU+BQgqlLDuXRrWn2OiEoTwZ74fX7wnqtxInTYszI3J7yGzLe7W4z7xYO0QB Mvsz/HXKEGFxnZaUzdaCwGF7BaftS/v++E0AM/Ncz3/GfLI04klMqC2xBCxHKYla 56fDNh3JuAjTdoY3ivVBXl6wIpe0FTveaQ34CSmSFwi8dK+Jn7sp5eFjjCvn1zzr sw34zJERiQTZyXGW39vF91phgyH+JFPtoTlolaFN/5pwECxkd8pYPj87kEWQI/Hk 6zz9FcboI+Yp/MsFqom0ClQuOJG1sHnK7dxbSTukTBokdg7d70l7epQG3IMy9E2L DBQ/PmFaUjkkTMLF -----END CERTIFICATE-----Generated at Mon Jan 26 10:53:00 2026 by rpki-client