This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/ykE1MwKYkciApw-UZeYngB_HUNs.roa File: ykE1MwKYkciApw-UZeYngB_HUNs.roa (raw, json) Hash identifier: SkxpvOB9g0NJAFJu1F10IT/jLtAQ4gxiMRGC76Dncgg= Subject key identifier: CA:41:35:33:02:98:91:C8:80:A7:0F:94:65:E6:27:80:1F:C7:50:DB Certificate issuer: /CN=86963d003134ccda56fedfeb278f7a768a7f402f Certificate serial: 019B7D5C7A4B328FA64B3C412AE987F74612 Authority key identifier: 86:96:3D:00:31:34:CC:DA:56:FE:DF:EB:27:8F:7A:76:8A:7F:40:2F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpY9ADE0zNpW_t_rJ496dop_QC8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/ykE1MwKYkciApw-UZeYngB_HUNs.roa Signing time: Fri 02 Jan 2026 06:19:31 +0000 ROA not before: Fri 02 Jan 2026 06:19:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48257 IP address blocks: 185.187.188.0/22 maxlen: 24 195.138.232.0/21 maxlen: 24 217.71.224.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/hpY9ADE0zNpW_t_rJ496dop_QC8.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/hpY9ADE0zNpW_t_rJ496dop_QC8.mft rsync://rpki.ripe.net/repository/DEFAULT/hpY9ADE0zNpW_t_rJ496dop_QC8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:7a:4b:32:8f:a6:4b:3c:41:2a:e9:87:f7:46:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=86963d003134ccda56fedfeb278f7a768a7f402f Validity Not Before: Jan 2 06:19:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ca413533029891c880a70f9465e627801fc750db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0b:a7:a9:90:df:c2:43:80:a8:fc:52:cc:9c: 93:ba:b3:3a:94:c0:56:d2:68:75:6b:17:7c:57:52: da:52:28:66:c1:a8:bc:72:cd:da:f8:5f:72:e4:8b: c4:70:04:9c:f8:35:a9:cb:b7:b5:f6:f9:8f:26:99: 6b:5d:03:5c:52:6d:3c:10:f6:6a:2b:5e:0b:d0:26: 57:b5:dd:f4:ca:a4:08:6c:cb:8e:3b:c9:ff:b9:70: 8c:99:c7:05:cd:f3:5f:11:39:10:ba:05:83:65:df: ee:27:5c:29:59:89:78:6d:95:d9:38:ba:c2:cb:5f: e2:59:59:1c:8f:19:e6:fc:85:0f:b4:3e:29:53:6f: 88:56:cc:af:62:2a:39:80:09:d4:e0:db:47:d9:88: 8c:27:9d:53:d6:36:aa:06:a8:78:28:02:79:bf:d0: e7:5d:ba:01:39:64:43:43:5f:19:a9:97:ab:98:4e: fc:55:79:1c:be:55:bc:0c:ce:57:ae:56:38:ed:e7: 81:c7:4f:3b:19:0e:4c:20:b6:aa:7d:fb:e5:5b:53: 1f:cd:a4:37:40:92:77:bb:8b:c0:26:c7:87:64:03: ec:5a:ed:bb:a2:5f:a1:b6:6f:7e:da:ed:f0:c3:27: 4f:ab:92:22:63:62:04:7c:72:07:be:d2:28:40:70: a2:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:41:35:33:02:98:91:C8:80:A7:0F:94:65:E6:27:80:1F:C7:50:DB X509v3 Authority Key Identifier: keyid:86:96:3D:00:31:34:CC:DA:56:FE:DF:EB:27:8F:7A:76:8A:7F:40:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpY9ADE0zNpW_t_rJ496dop_QC8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/ykE1MwKYkciApw-UZeYngB_HUNs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/2c0971-aeef-417e-8b54-121d2cbb21d6/1/hpY9ADE0zNpW_t_rJ496dop_QC8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.187.188.0/22 195.138.232.0/21 217.71.224.0/20 Signature Algorithm: sha256WithRSAEncryption 3a:8f:2d:2a:af:a9:cb:43:3c:b6:8c:7b:16:79:7e:89:c4:49: 58:a7:5e:8b:85:57:cf:11:67:6e:3b:cc:f4:99:2b:9e:78:7b: 35:51:be:bb:bd:c2:87:84:bf:18:62:16:88:36:58:bf:63:66: c4:d7:da:a4:70:0d:0b:7d:35:0b:3c:02:48:4c:27:95:02:27: 43:c3:9e:58:5e:ae:be:24:8f:4a:1f:c1:7a:0e:98:66:72:55: 55:cf:bb:9f:c1:5b:ca:c9:64:da:9a:3c:0d:0a:54:6a:68:2e: cf:d3:b7:2d:6f:02:4d:36:dd:46:7f:31:88:76:a0:ee:14:19: 52:e7:6f:56:f0:7d:58:9c:ac:66:83:5e:7b:dc:a8:23:41:9f: 88:65:c6:0a:97:36:e2:75:c6:ca:4b:0f:0b:77:e0:ce:68:37: 2e:78:c2:f3:b1:ff:17:02:5a:26:c0:ca:89:01:c8:4d:97:29: 38:75:08:37:56:36:95:fa:5c:f0:07:4c:08:fd:e1:26:7e:44: 48:f1:95:d1:e2:56:f3:62:68:42:f9:35:85:14:60:d6:04:ca: d9:7e:0e:61:10:68:95:64:d1:15:60:1d:8e:a7:f6:28:e2:fd: e9:c4:62:05:57:61:86:f7:15:3d:13:b3:68:ea:cd:64:b9:ba: fd:09:a4:61 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9XHpLMo+mSzxBKumH90YSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2OTYzZDAwMzEzNGNjZGE1NmZlZGZlYjI3OGY3YTc2OGE3 ZjQwMmYwHhcNMjYwMTAyMDYxOTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYTQxMzUzMzAyOTg5MWM4ODBhNzBmOTQ2NWU2Mjc4MDFmYzc1MGRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgunqZDfwkOAqPxSzJyTurM6lMBW 0mh1axd8V1LaUihmwai8cs3a+F9y5IvEcASc+DWpy7e19vmPJplrXQNcUm08EPZq K14L0CZXtd30yqQIbMuOO8n/uXCMmccFzfNfETkQugWDZd/uJ1wpWYl4bZXZOLrC y1/iWVkcjxnm/IUPtD4pU2+IVsyvYio5gAnU4NtH2YiMJ51T1jaqBqh4KAJ5v9Dn XboBOWRDQ18ZqZermE78VXkcvlW8DM5XrlY47eeBx087GQ5MILaqffvlW1MfzaQ3 QJJ3u4vAJseHZAPsWu27ol+htm9+2u3wwydPq5IiY2IEfHIHvtIoQHCiBQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFMpBNTMCmJHIgKcPlGXmJ4Afx1DbMB8GA1UdIwQY MBaAFIaWPQAxNMzaVv7f6yePenaKf0AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaHBZOUFERTB6TnBXX3Rfcko0OTZkb3BfUUM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8yYzA5NzEtYWVlZi00MTdlLThiNTQt MTIxZDJjYmIyMWQ2LzEveWtFMU13S1lrY2lBcHctVVplWW5nQl9IVU5zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC8yYzA5NzEtYWVlZi00MTdlLThiNTQtMTIxZDJjYmIyMWQ2 LzEvaHBZOUFERTB6TnBXX3Rfcko0OTZkb3BfUUM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCubu8AwQD w4roAwQE2UfgMA0GCSqGSIb3DQEBCwUAA4IBAQA6jy0qr6nLQzy2jHsWeX6JxElY p16LhVfPEWduO8z0mSueeHs1Ub67vcKHhL8YYhaINli/Y2bE19qkcA0LfTULPAJI TCeVAidDw55YXq6+JI9KH8F6DphmclVVz7ufwVvKyWTamjwNClRqaC7P07ctbwJN Nt1GfzGIdqDuFBlS529W8H1YnKxmg1573KgjQZ+IZcYKlzbidcbKSw8Ld+DOaDcu eMLzsf8XAlomwMqJAchNlyk4dQg3VjaV+lzwB0wI/eEmfkRI8ZXR4lbzYmhC+TWF FGDWBMrZfg5hEGiVZNEVYB2Op/Yo4v3pxGIFV2GG9xU9E7No6s1kubr9CaRh -----END CERTIFICATE-----Generated at Tue Feb 10 03:10:24 2026 by rpki-client