This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/yOtgoQUSDDTF6dzBLbgn19zbD20.roa File: yOtgoQUSDDTF6dzBLbgn19zbD20.roa (raw, json) Hash identifier: FLmTb8uB8aThQGwMLCsGAZe9JiC1Qd3BPfuyYTN+2do= Subject key identifier: C8:EB:60:A1:05:12:0C:34:C5:E9:DC:C1:2D:B8:27:D7:DC:DB:0F:6D Certificate issuer: /CN=bfabf5a474afe7212331670e831e119da38f284f Certificate serial: 019B76EAF116D4F7A2935421AA3E214E885B Authority key identifier: BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/yOtgoQUSDDTF6dzBLbgn19zbD20.roa Signing time: Thu 01 Jan 2026 00:17:47 +0000 ROA not before: Thu 01 Jan 2026 00:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21232 IP address blocks: 62.32.0.0/19 maxlen: 19 77.74.56.0/21 maxlen: 21 79.142.128.0/20 maxlen: 20 82.192.224.0/19 maxlen: 19 93.184.16.0/20 maxlen: 20 185.31.248.0/22 maxlen: 22 185.41.132.0/22 maxlen: 22 185.45.236.0/22 maxlen: 22 185.64.184.0/22 maxlen: 22 185.110.72.0/22 maxlen: 22 185.110.88.0/22 maxlen: 22 185.110.184.0/22 maxlen: 22 185.119.36.0/22 maxlen: 22 185.132.16.0/22 maxlen: 22 195.216.64.0/19 maxlen: 19 213.160.32.0/19 maxlen: 19 213.188.32.0/19 maxlen: 19 2a02:5c0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/v6v1pHSv5yEjMWcOgx4RnaOPKE8.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/v6v1pHSv5yEjMWcOgx4RnaOPKE8.mft rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:f1:16:d4:f7:a2:93:54:21:aa:3e:21:4e:88:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bfabf5a474afe7212331670e831e119da38f284f Validity Not Before: Jan 1 00:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c8eb60a105120c34c5e9dcc12db827d7dcdb0f6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:9e:16:88:29:20:01:91:00:2c:06:e4:63:38: 30:0e:ad:a6:8f:c2:c6:4e:84:99:fe:9f:62:cc:61: 9c:fe:23:c3:fc:db:fe:6a:bc:51:84:f8:50:1d:21: df:a6:d6:3b:93:01:99:1a:c7:23:37:2a:fd:31:f4: 0a:62:5a:c1:7a:cf:31:f0:59:89:c0:17:08:53:17: a1:86:f2:93:c2:22:8c:21:c3:c4:e3:54:21:e1:62: db:29:b5:32:79:9a:46:56:9c:42:3a:53:cf:b4:04: 61:4b:d4:63:5b:43:12:8e:cf:fb:a1:a8:4f:a3:c5: 42:76:05:2a:41:59:90:e3:c4:d7:19:83:91:9a:f6: 3e:cc:d0:08:94:01:20:dc:56:f7:d4:b8:09:c8:35: c9:f3:14:fe:c4:3f:6c:37:c7:39:ad:49:09:d2:b1: 99:a1:ac:c6:f0:80:d5:a2:2a:05:d2:aa:66:1a:11: 50:0d:f3:8b:62:dd:ab:64:b0:87:d3:64:d5:ba:ad: e3:00:e6:aa:a7:2f:a1:33:9a:c3:05:d4:ed:2e:e3: a1:77:7e:d2:dc:37:fa:36:29:e5:c5:27:df:31:25: 4b:3b:97:e0:a3:12:0f:b1:e2:97:61:e8:2b:87:22: ab:ed:55:c0:1c:85:f0:89:a3:ec:c9:69:b4:a5:05: 3a:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:EB:60:A1:05:12:0C:34:C5:E9:DC:C1:2D:B8:27:D7:DC:DB:0F:6D X509v3 Authority Key Identifier: keyid:BF:AB:F5:A4:74:AF:E7:21:23:31:67:0E:83:1E:11:9D:A3:8F:28:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6v1pHSv5yEjMWcOgx4RnaOPKE8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/yOtgoQUSDDTF6dzBLbgn19zbD20.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/0188da-3655-482d-881b-febbc4a3b45b/1/v6v1pHSv5yEjMWcOgx4RnaOPKE8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.32.0.0/19 77.74.56.0/21 79.142.128.0/20 82.192.224.0/19 93.184.16.0/20 185.31.248.0/22 185.41.132.0/22 185.45.236.0/22 185.64.184.0/22 185.110.72.0/22 185.110.88.0/22 185.110.184.0/22 185.119.36.0/22 185.132.16.0/22 195.216.64.0/19 213.160.32.0/19 213.188.32.0/19 IPv6: 2a02:5c0::/32 Signature Algorithm: sha256WithRSAEncryption 70:68:56:6a:c3:f3:54:20:41:da:29:fa:a7:8a:72:9e:9f:84: 5f:af:46:f3:80:be:b5:96:60:65:37:d9:8e:3c:93:9a:e6:2e: 1f:4b:d2:cf:a1:c8:61:42:8b:3b:f3:13:59:32:28:ab:4a:18: e4:1a:b1:84:a3:08:6f:a0:30:2a:52:39:6f:52:17:a7:b0:3a: eb:c7:39:98:b8:a7:d6:fc:ef:f4:c9:32:45:aa:2d:dd:08:f4: ac:e9:7c:07:9c:20:fc:78:49:b9:08:25:36:ac:22:dd:d4:18: 1d:43:85:33:a9:24:3f:c7:49:81:3f:f3:b2:e6:e1:51:cc:32: b7:04:a5:e7:fa:e1:5b:b0:dd:8c:03:32:1f:6b:91:5a:55:4d: 2d:95:14:b9:d6:9a:43:0f:31:61:28:4b:0e:13:77:f8:e7:d5: 6d:c0:81:72:61:69:67:48:b9:57:3b:ac:84:8e:01:7e:64:d4: 79:b3:6f:14:26:d9:1c:c9:e9:87:b9:e1:26:8a:73:65:37:8a: 8d:06:4e:18:e6:7c:9a:57:e4:b7:ca:fd:37:80:23:f8:bd:21: 2e:37:40:cb:cc:fa:6a:87:6c:d0:dd:a4:0a:cd:e1:16:3f:a9: 38:a8:b7:4f:8a:d2:71:a2:14:e1:65:fa:40:a3:4f:de:73:d4: c6:67:c3:13 -----BEGIN CERTIFICATE----- MIIFbTCCBFWgAwIBAgISAZt26vEW1Peik1Qhqj4hTohbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmYWJmNWE0NzRhZmU3MjEyMzMxNjcwZTgzMWUxMTlkYTM4 ZjI4NGYwHhcNMjYwMTAxMDAxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOGViNjBhMTA1MTIwYzM0YzVlOWRjYzEyZGI4MjdkN2RjZGIwZjZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZ4WiCkgAZEALAbkYzgwDq2mj8LG ToSZ/p9izGGc/iPD/Nv+arxRhPhQHSHfptY7kwGZGscjNyr9MfQKYlrBes8x8FmJ wBcIUxehhvKTwiKMIcPE41Qh4WLbKbUyeZpGVpxCOlPPtARhS9RjW0MSjs/7oahP o8VCdgUqQVmQ48TXGYORmvY+zNAIlAEg3Fb31LgJyDXJ8xT+xD9sN8c5rUkJ0rGZ oazG8IDVoioF0qpmGhFQDfOLYt2rZLCH02TVuq3jAOaqpy+hM5rDBdTtLuOhd37S 3Df6NinlxSffMSVLO5fgoxIPseKXYegrhyKr7VXAHIXwiaPsyWm0pQU6ywIDAQAB o4ICeTCCAnUwHQYDVR0OBBYEFMjrYKEFEgw0xencwS24J9fc2w9tMB8GA1UdIwQY MBaAFL+r9aR0r+chIzFnDoMeEZ2jjyhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjZ2MXBIU3Y1eUVqTVdjT2d4NFJuYU9QS0U4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8wMTg4ZGEtMzY1NS00ODJkLTg4MWIt ZmViYmM0YTNiNDViLzEveU90Z29RVVNERFRGNmR6QkxiZ24xOXpiRDIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS8wMTg4ZGEtMzY1NS00ODJkLTg4MWItZmViYmM0YTNiNDVi LzEvdjZ2MXBIU3Y1eUVqTVdjT2d4NFJuYU9QS0U4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEBT4gAAME A01KOAMEBE+OgAMEBVLA4AMEBF24EAMEArkf+AMEArkphAMEArkt7AMEArlAuAME ArluSAMEArluWAMEArluuAMEArl3JAMEArmEEAMEBcPYQAMEBdWgIAMEBdW8IDAN BAIAAjAHAwUAKgIFwDANBgkqhkiG9w0BAQsFAAOCAQEAcGhWasPzVCBB2in6p4py np+EX69G84C+tZZgZTfZjjyTmuYuH0vSz6HIYUKLO/MTWTIoq0oY5BqxhKMIb6Aw KlI5b1IXp7A668c5mLin1vzv9MkyRaot3Qj0rOl8B5wg/HhJuQglNqwi3dQYHUOF M6kkP8dJgT/zsubhUcwytwSl5/rhW7DdjAMyH2uRWlVNLZUUudaaQw8xYShLDhN3 +OfVbcCBcmFpZ0i5VzushI4BfmTUebNvFCbZHMnph7nhJopzZTeKjQZOGOZ8mlfk t8r9N4Aj+L0hLjdAy8z6aods0N2kCs3hFj+pOKi3T4rScaIU4WX6QKNP3nPUxmfD Ew== -----END CERTIFICATE-----Generated at Mon Jan 26 09:55:15 2026 by rpki-client