This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/YmHcrnOOhyVRFSzhb5LmKrSYZKs.roa File: YmHcrnOOhyVRFSzhb5LmKrSYZKs.roa (raw, json) Hash identifier: 5Tv/E4FlLGmCFNLyr1qqDnFaOB6Omm/F5UCvSaKyKeA= Subject key identifier: 62:61:DC:AE:73:8E:87:25:51:15:2C:E1:6F:92:E6:2A:B4:98:64:AB Certificate issuer: /CN=e49dbf3c44468e52411d4861856bf0bdc79063e4 Certificate serial: 019B7E37772ED47705E52B42CB84A29B3438 Authority key identifier: E4:9D:BF:3C:44:46:8E:52:41:1D:48:61:85:6B:F0:BD:C7:90:63:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5J2_PERGjlJBHUhhhWvwvceQY-Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/YmHcrnOOhyVRFSzhb5LmKrSYZKs.roa Signing time: Fri 02 Jan 2026 10:18:42 +0000 ROA not before: Fri 02 Jan 2026 10:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56975 IP address blocks: 185.108.220.0/24 maxlen: 24 185.108.222.0/24 maxlen: 24 185.108.223.0/24 maxlen: 24 2a00:e000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/5J2_PERGjlJBHUhhhWvwvceQY-Q.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/5J2_PERGjlJBHUhhhWvwvceQY-Q.mft rsync://rpki.ripe.net/repository/DEFAULT/5J2_PERGjlJBHUhhhWvwvceQY-Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:77:2e:d4:77:05:e5:2b:42:cb:84:a2:9b:34:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e49dbf3c44468e52411d4861856bf0bdc79063e4 Validity Not Before: Jan 2 10:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6261dcae738e872551152ce16f92e62ab49864ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:56:4c:ea:9c:11:b6:76:f2:32:2b:7a:4b:3f: fb:03:6d:e3:13:7d:cd:89:6d:02:e3:cf:03:e5:cd: 17:aa:e7:c4:f3:f0:54:3a:b6:2b:3b:67:2a:c2:6c: e1:e1:2a:e4:a0:a0:77:70:f1:7f:2c:3c:a6:33:b5: b7:7d:9d:c8:38:21:d1:97:a2:c7:a6:ae:4c:fc:e9: ce:83:21:c8:26:31:b4:47:5b:a1:8f:30:05:aa:f5: 9b:4a:41:de:8a:15:de:37:ad:e5:e5:1e:14:52:76: 24:85:79:77:f2:2a:29:c9:9f:b2:6c:5b:d2:6b:c9: c9:77:68:89:49:82:61:6c:82:7c:3f:56:92:8a:88: 01:de:13:e1:3b:41:3f:e2:70:c9:b8:fe:56:9f:4a: ec:63:ec:e7:6a:25:6b:83:32:6c:79:b0:5c:5b:08: 5b:06:90:d4:cc:0f:41:1f:13:5e:1d:7f:65:20:ef: a1:b6:f0:7e:e4:0a:70:e6:f2:a0:89:47:43:72:ee: 58:5a:c2:8a:b2:cc:90:28:ba:2c:98:5e:8f:63:d5: 0f:d8:51:c6:bd:37:76:ed:ec:dc:95:8a:13:e6:b8: b6:48:f9:13:dd:65:54:4a:64:05:2e:09:62:ee:39: e6:8a:74:9b:d2:ae:9a:22:f5:d7:bd:02:2c:27:aa: ab:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:61:DC:AE:73:8E:87:25:51:15:2C:E1:6F:92:E6:2A:B4:98:64:AB X509v3 Authority Key Identifier: keyid:E4:9D:BF:3C:44:46:8E:52:41:1D:48:61:85:6B:F0:BD:C7:90:63:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5J2_PERGjlJBHUhhhWvwvceQY-Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/YmHcrnOOhyVRFSzhb5LmKrSYZKs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/6e457e-366d-440b-af2c-5cadbdcf2215/1/5J2_PERGjlJBHUhhhWvwvceQY-Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.108.220.0/24 185.108.222.0/23 IPv6: 2a00:e000::/48 Signature Algorithm: sha256WithRSAEncryption 73:dc:9d:4d:44:24:f6:71:1c:6b:9a:08:45:be:e5:e4:35:42: 0f:0b:2a:5a:3d:7a:e4:92:95:a5:8d:0e:90:bd:d8:c7:83:60: c3:ca:0b:2f:8b:d4:73:20:3f:27:df:0d:e3:db:bb:d9:c9:1c: 94:cf:7b:bd:39:0d:9b:90:95:28:8d:ff:1d:c5:63:5f:47:57: 6a:54:32:e9:2e:a9:c2:2a:6d:ff:fd:7f:f9:00:c1:e6:66:2d: c9:98:8b:49:b0:26:15:d7:62:44:b1:2a:1a:67:92:f1:2f:fb: 63:cb:e7:0f:c8:0f:68:b9:f9:08:b8:3d:26:4a:f2:b7:f9:b1: 12:a2:4b:49:5a:04:81:dd:c0:06:d5:10:38:cf:58:36:aa:f0: 7c:17:36:ec:36:87:50:a5:d7:bb:69:9c:80:74:e0:58:0e:ef: d8:39:4c:0b:67:17:0d:34:c4:75:a9:7d:cd:b0:33:48:77:c3: 22:e9:1c:df:4f:59:1f:b1:65:05:96:6c:c1:63:01:ca:52:37: b9:48:24:c9:6a:04:97:e4:41:72:85:a5:b8:d7:ca:d3:5c:42: ad:cc:3c:33:ab:58:dc:f5:18:51:e5:e9:32:af:c6:6f:3b:33: 3d:8d:df:f4:f8:80:0e:dd:6a:d6:93:7d:39:72:43:ef:82:80: 7b:60:0b:9d -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt+N3cu1HcF5StCy4SimzQ4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU0OWRiZjNjNDQ0NjhlNTI0MTFkNDg2MTg1NmJmMGJkYzc5 MDYzZTQwHhcNMjYwMTAyMTAxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MjYxZGNhZTczOGU4NzI1NTExNTJjZTE2ZjkyZTYyYWI0OTg2NGFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA61ZM6pwRtnbyMit6Sz/7A23jE33N iW0C488D5c0XqufE8/BUOrYrO2cqwmzh4SrkoKB3cPF/LDymM7W3fZ3IOCHRl6LH pq5M/OnOgyHIJjG0R1uhjzAFqvWbSkHeihXeN63l5R4UUnYkhXl38iopyZ+ybFvS a8nJd2iJSYJhbIJ8P1aSiogB3hPhO0E/4nDJuP5Wn0rsY+znaiVrgzJsebBcWwhb BpDUzA9BHxNeHX9lIO+htvB+5Apw5vKgiUdDcu5YWsKKssyQKLosmF6PY9UP2FHG vTd27ezclYoT5ri2SPkT3WVUSmQFLgli7jnminSb0q6aIvXXvQIsJ6qrKwIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFGJh3K5zjoclURUs4W+S5iq0mGSrMB8GA1UdIwQY MBaAFOSdvzxERo5SQR1IYYVr8L3HkGPkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNUoyX1BFUkdqbEpCSFVoaGhXdnd2Y2VRWS1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS82ZTQ1N2UtMzY2ZC00NDBiLWFmMmMt NWNhZGJkY2YyMjE1LzEvWW1IY3JuT09oeVZSRlN6aGI1TG1LclNZWktzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS82ZTQ1N2UtMzY2ZC00NDBiLWFmMmMtNWNhZGJkY2YyMjE1 LzEvNUoyX1BFUkdqbEpCSFVoaGhXdnd2Y2VRWS1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuWzcAwQB uWzeMA8EAgACMAkDBwAqAOAAAAAwDQYJKoZIhvcNAQELBQADggEBAHPcnU1EJPZx HGuaCEW+5eQ1Qg8LKlo9euSSlaWNDpC92MeDYMPKCy+L1HMgPyffDePbu9nJHJTP e705DZuQlSiN/x3FY19HV2pUMukuqcIqbf/9f/kAweZmLcmYi0mwJhXXYkSxKhpn kvEv+2PL5w/ID2i5+Qi4PSZK8rf5sRKiS0laBIHdwAbVEDjPWDaq8HwXNuw2h1Cl 17tpnIB04FgO79g5TAtnFw00xHWpfc2wM0h3wyLpHN9PWR+xZQWWbMFjAcpSN7lI JMlqBJfkQXKFpbjXytNcQq3MPDOrWNz1GFHl6TKvxm87Mz2N3/T4gA7dataTfTly Q++CgHtgC50= -----END CERTIFICATE-----Generated at Tue Jan 20 06:07:16 2026 by rpki-client