This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/YBdjKOpPx8uTpelkpezRS4VHVDs.roa File: YBdjKOpPx8uTpelkpezRS4VHVDs.roa (raw, json) Hash identifier: g47OHvyplhMe9LLPCHH+92DsvGKeBtn1KXKqAXrEQ2Y= Subject key identifier: 60:17:63:28:EA:4F:C7:CB:93:A5:E9:64:A5:EC:D1:4B:85:47:54:3B Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c Certificate serial: 019A58875E1F6EAE05AFED1E7F84382FFF42 Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/YBdjKOpPx8uTpelkpezRS4VHVDs.roa Signing time: Thu 06 Nov 2025 09:37:37 +0000 ROA not before: Thu 06 Nov 2025 09:37:37 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 59651 IP address blocks: 193.233.88.0/24 maxlen: 24 193.233.89.0/24 maxlen: 24 193.233.90.0/24 maxlen: 24 193.233.91.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 07:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:58:87:5e:1f:6e:ae:05:af:ed:1e:7f:84:38:2f:ff:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c Validity Not Before: Nov 6 09:37:37 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=60176328ea4fc7cb93a5e964a5ecd14b8547543b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:c0:c3:45:89:58:ec:11:33:59:99:39:5d:b3: c1:aa:f2:41:0f:95:4e:96:ac:e9:db:e6:95:2c:e3: 99:b1:4f:5b:87:9b:66:97:bd:89:92:0b:92:f2:67: 73:1a:40:f2:98:7e:1e:f6:f3:a5:60:fa:b1:2d:35: 03:df:3b:db:ee:54:ff:70:b3:77:9f:3a:45:2c:f2: 0a:bc:ad:3c:23:58:f1:4b:30:ae:6f:24:78:a5:d7: 92:84:0c:cc:de:05:32:dd:4e:26:51:17:27:ae:a3: 03:42:11:7c:ce:92:f8:79:29:d1:86:01:51:2b:b7: 5a:02:73:1b:55:04:2e:16:c9:ea:5b:7b:d1:ae:5d: 8c:63:13:a1:d9:67:79:c7:50:b5:22:53:66:12:0c: 67:78:54:cc:a0:5a:b1:8a:79:25:2c:9d:d2:dc:c5: 4b:38:d6:d0:a7:82:fa:10:f2:52:40:18:98:10:88: e9:fa:68:af:e3:fc:08:86:46:50:d4:ff:14:7c:45: 56:fa:d7:b4:24:3c:04:36:51:20:d7:50:b7:1b:37: 1f:4b:69:06:7f:3e:80:5d:1f:36:aa:00:e3:ee:6a: dd:d9:34:83:e5:ca:9b:d4:90:ab:27:0d:5f:b2:03: a5:d0:f5:d3:ea:05:71:2e:cf:ab:5a:04:96:64:3e: 38:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:17:63:28:EA:4F:C7:CB:93:A5:E9:64:A5:EC:D1:4B:85:47:54:3B X509v3 Authority Key Identifier: keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/YBdjKOpPx8uTpelkpezRS4VHVDs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.233.88.0/22 Signature Algorithm: sha256WithRSAEncryption 48:ba:01:1a:f1:c5:f1:52:9c:43:b3:4d:1f:84:aa:1d:fd:64: 26:6e:06:fe:7e:69:49:03:ca:ed:2b:dc:b6:15:78:9c:c4:5f: 61:02:88:de:da:19:ef:9b:84:53:d5:1c:45:f2:36:8d:b9:f9: dd:f2:0f:ed:06:5c:9a:5f:67:f5:a6:10:79:05:67:91:b6:8e: aa:1b:2a:0a:16:19:b0:a6:98:93:1b:09:93:91:4a:e1:34:2c: 86:02:8e:26:b5:38:f8:1d:e7:dd:1b:40:b2:10:09:8d:89:a7: d0:53:7a:d9:ba:c7:67:85:18:8f:8e:85:6a:57:68:ce:09:1f: df:49:d4:30:c9:fc:9b:a6:3f:77:1b:97:d4:d5:03:89:fd:3c: e9:d8:e3:d7:8a:10:a2:84:48:1e:3a:11:90:a6:c2:f0:bf:20: 58:0a:16:43:a6:20:15:15:7f:ad:17:9e:e2:55:4f:33:f1:78: 57:2e:21:c7:b0:00:99:96:75:e5:fe:9b:2a:0b:9a:e2:08:ff: be:d9:3c:69:10:52:73:c7:5c:70:0f:9e:46:aa:36:78:4c:93: a3:2a:9c:b5:70:ae:d7:2b:98:6f:a3:4c:99:62:22:e2:1f:76: d5:ad:2d:32:11:39:e7:39:2e:4c:b3:3c:47:17:6a:b0:3e:a5: 2e:76:41:f0 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZpYh14fbq4Fr+0ef4Q4L/9CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4 Mjg3M2MwHhcNMjUxMTA2MDkzNzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MDE3NjMyOGVhNGZjN2NiOTNhNWU5NjRhNWVjZDE0Yjg1NDc1NDNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MDDRYlY7BEzWZk5XbPBqvJBD5VO lqzp2+aVLOOZsU9bh5tml72JkguS8mdzGkDymH4e9vOlYPqxLTUD3zvb7lT/cLN3 nzpFLPIKvK08I1jxSzCubyR4pdeShAzM3gUy3U4mURcnrqMDQhF8zpL4eSnRhgFR K7daAnMbVQQuFsnqW3vRrl2MYxOh2Wd5x1C1IlNmEgxneFTMoFqxinklLJ3S3MVL ONbQp4L6EPJSQBiYEIjp+miv4/wIhkZQ1P8UfEVW+te0JDwENlEg11C3GzcfS2kG fz6AXR82qgDj7mrd2TSD5cqb1JCrJw1fsgOl0PXT6gVxLs+rWgSWZD44IQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGAXYyjqT8fLk6XpZKXs0UuFR1Q7MB8GA1UdIwQY MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt NGRlYzRkYWZlZTQ5LzEvWUJkaktPcFB4OHVUcGVsa3BlelJTNFZIVkRzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5 LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwelYMA0G CSqGSIb3DQEBCwUAA4IBAQBIugEa8cXxUpxDs00fhKod/WQmbgb+fmlJA8rtK9y2 FXicxF9hAoje2hnvm4RT1RxF8jaNufnd8g/tBlyaX2f1phB5BWeRto6qGyoKFhmw ppiTGwmTkUrhNCyGAo4mtTj4HefdG0CyEAmNiafQU3rZusdnhRiPjoVqV2jOCR/f SdQwyfybpj93G5fU1QOJ/Tzp2OPXihCihEgeOhGQpsLwvyBYChZDpiAVFX+tF57i VU8z8XhXLiHHsACZlnXl/psqC5riCP++2TxpEFJzx1xwD55GqjZ4TJOjKpy1cK7X K5hvo0yZYiLiH3bVrS0yETnnOS5MszxHF2qwPqUudkHw -----END CERTIFICATE-----Generated at Wed Dec 3 14:41:27 2025 by rpki-client