This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/YmzSN3CxoEaMItVWadiSdwt1T5I.roa File: YmzSN3CxoEaMItVWadiSdwt1T5I.roa (raw, json) Hash identifier: HPMbLMiBYjqe0j6oEqnaSv/OFZMfvnhI9tq5FPC/DiU= Subject key identifier: 62:6C:D2:37:70:B1:A0:46:8C:22:D5:56:69:D8:92:77:0B:75:4F:92 Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c Certificate serial: 019B7F1459D9EE8FA93D131143779158CF30 Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/YmzSN3CxoEaMItVWadiSdwt1T5I.roa Signing time: Fri 02 Jan 2026 14:19:58 +0000 ROA not before: Fri 02 Jan 2026 14:19:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203163 IP address blocks: 193.233.155.0/24 maxlen: 24 193.233.156.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:59:d9:ee:8f:a9:3d:13:11:43:77:91:58:cf:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c Validity Not Before: Jan 2 14:19:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=626cd23770b1a0468c22d55669d892770b754f92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:be:e1:8d:70:19:f8:c4:6a:0f:a2:66:e8:67: d7:d3:6f:b6:79:f7:07:29:92:6d:0c:6b:9e:a2:4c: 74:35:ae:3e:77:cd:8d:96:96:0b:49:f2:82:4a:02: 66:03:58:c9:78:4a:92:e5:20:1e:60:f7:a1:a1:81: 24:70:a4:3e:ea:d7:28:c4:54:d6:3e:b5:d4:f0:ab: 32:f2:50:78:8f:aa:0d:ca:46:11:8d:81:76:40:d8: ad:45:b5:11:fa:99:2f:42:f1:99:b1:7f:be:b7:58: 6b:48:0f:21:64:c4:14:7d:32:d7:26:b9:83:19:7d: 8c:08:d4:20:45:cd:42:0b:ff:ea:6b:7b:83:f8:63: db:e0:e2:17:f1:01:71:8c:49:d2:be:79:6e:6f:2c: af:38:4b:63:dd:d0:89:f1:d1:59:8b:4e:80:bc:54: 51:c9:e7:79:c0:78:da:67:1d:89:b8:cb:9c:77:db: 5a:a2:10:b4:6d:5e:2c:aa:59:c6:92:75:a4:2c:dd: 00:7f:4a:88:dc:bf:fe:ba:17:67:57:98:ec:98:24: 53:c2:33:cb:a5:a5:97:c3:a6:70:7c:78:35:f1:96: d6:bb:b0:12:28:b0:0b:dd:85:b6:05:60:77:06:cf: f5:8f:3b:85:42:fc:d3:32:e0:98:a0:76:17:00:65: 08:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:6C:D2:37:70:B1:A0:46:8C:22:D5:56:69:D8:92:77:0B:75:4F:92 X509v3 Authority Key Identifier: keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/YmzSN3CxoEaMItVWadiSdwt1T5I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.233.155.0-193.233.156.255 Signature Algorithm: sha256WithRSAEncryption 9d:89:14:b8:a4:9c:93:d9:a9:bf:a3:6a:dd:64:33:e0:14:b5: 9a:d9:e7:51:23:d0:c3:56:c6:7a:ad:17:25:5a:5f:ff:db:58: 07:f0:15:45:43:ad:e4:4e:a4:cd:53:bf:4b:70:22:a5:dc:f6: 38:1b:91:58:79:6b:a9:4b:fd:89:9e:c8:57:3d:71:8a:ad:8d: 0e:ed:82:ac:40:ce:b9:ba:30:17:c5:bc:67:f1:44:65:44:f6: 9b:f0:8e:77:aa:c8:94:4b:49:ab:39:15:ca:e8:cc:79:76:06: 7e:f6:68:ec:b3:7c:3a:0f:79:05:fc:19:45:c8:7b:38:45:39: 13:c5:a7:5c:7b:1f:81:e0:ed:3d:71:a1:3b:7f:95:8d:fe:6f: 9b:9f:67:fa:3e:16:6f:bf:3a:58:d4:d6:52:86:33:46:ee:3c: 3b:39:47:ad:e4:b5:6e:a7:3b:ea:85:0f:4c:59:7b:1d:e0:2e: bb:66:07:bd:10:a8:a9:cb:b1:00:52:ca:2d:88:9f:90:5e:00: 6c:aa:71:32:24:0a:9b:ee:fb:2b:d3:9f:f0:c8:6a:b6:67:19: b5:ee:4a:f9:a4:e7:8c:5e:d4:81:dd:4f:5f:7b:41:65:09:10: d6:22:16:73:a9:2a:13:99:07:b0:83:d5:ef:6e:79:42:17:57: 5b:10:ac:44 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt/FFnZ7o+pPRMRQ3eRWM8wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4 Mjg3M2MwHhcNMjYwMTAyMTQxOTU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MjZjZDIzNzcwYjFhMDQ2OGMyMmQ1NTY2OWQ4OTI3NzBiNzU0ZjkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo77hjXAZ+MRqD6Jm6GfX02+2efcH KZJtDGueokx0Na4+d82NlpYLSfKCSgJmA1jJeEqS5SAeYPehoYEkcKQ+6tcoxFTW PrXU8Ksy8lB4j6oNykYRjYF2QNitRbUR+pkvQvGZsX++t1hrSA8hZMQUfTLXJrmD GX2MCNQgRc1CC//qa3uD+GPb4OIX8QFxjEnSvnlubyyvOEtj3dCJ8dFZi06AvFRR yed5wHjaZx2JuMucd9taohC0bV4sqlnGknWkLN0Af0qI3L/+uhdnV5jsmCRTwjPL paWXw6ZwfHg18ZbWu7ASKLAL3YW2BWB3Bs/1jzuFQvzTMuCYoHYXAGUI3QIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFGJs0jdwsaBGjCLVVmnYkncLdU+SMB8GA1UdIwQY MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt NGRlYzRkYWZlZTQ5LzEvWW16U04zQ3hvRWFNSXRWV2FkaVNkd3QxVDVJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5 LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADB6ZsD BADB6ZwwDQYJKoZIhvcNAQELBQADggEBAJ2JFLiknJPZqb+jat1kM+AUtZrZ51Ej 0MNWxnqtFyVaX//bWAfwFUVDreROpM1Tv0twIqXc9jgbkVh5a6lL/YmeyFc9cYqt jQ7tgqxAzrm6MBfFvGfxRGVE9pvwjneqyJRLSas5FcrozHl2Bn72aOyzfDoPeQX8 GUXIezhFORPFp1x7H4Hg7T1xoTt/lY3+b5ufZ/o+Fm+/OljU1lKGM0buPDs5R63k tW6nO+qFD0xZex3gLrtmB70QqKnLsQBSyi2In5BeAGyqcTIkCpvu+yvTn/DIarZn GbXuSvmk54xe1IHdT197QWUJENYiFnOpKhOZB7CD1e9ueUIXV1sQrEQ= -----END CERTIFICATE-----Generated at Tue Jan 20 11:09:51 2026 by rpki-client