This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/yXhNyXRSfQjfxmo-xnpGQqFi810.roa File: yXhNyXRSfQjfxmo-xnpGQqFi810.roa (raw, json) Hash identifier: SLF2lVj7vn7i6fplRiTtNXFnugUCA5oqM+ECg7CqrFk= Subject key identifier: C9:78:4D:C9:74:52:7D:08:DF:C6:6A:3E:C6:7A:46:42:A1:62:F3:5D Certificate issuer: /CN=d3c8b10a38f81c64e201207bfc3544c2972af5f3 Certificate serial: 019B79ED16453B623EF73957C132A14CCEF9 Authority key identifier: D3:C8:B1:0A:38:F8:1C:64:E2:01:20:7B:FC:35:44:C2:97:2A:F5:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08ixCjj4HGTiASB7_DVEwpcq9fM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/yXhNyXRSfQjfxmo-xnpGQqFi810.roa Signing time: Thu 01 Jan 2026 14:18:59 +0000 ROA not before: Thu 01 Jan 2026 14:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50736 IP address blocks: 185.25.152.0/22 maxlen: 22 193.124.48.0/24 maxlen: 24 193.124.54.0/24 maxlen: 24 193.124.116.0/24 maxlen: 24 193.124.134.0/24 maxlen: 24 194.58.78.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/08ixCjj4HGTiASB7_DVEwpcq9fM.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/08ixCjj4HGTiASB7_DVEwpcq9fM.mft rsync://rpki.ripe.net/repository/DEFAULT/08ixCjj4HGTiASB7_DVEwpcq9fM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:16:45:3b:62:3e:f7:39:57:c1:32:a1:4c:ce:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3c8b10a38f81c64e201207bfc3544c2972af5f3 Validity Not Before: Jan 1 14:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9784dc974527d08dfc66a3ec67a4642a162f35d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:5a:a4:95:85:0d:81:f3:92:6d:f9:6d:e7:02: 03:6f:ae:8d:5e:20:62:e5:7a:ce:7d:45:91:b8:17: 4a:a9:b6:16:0a:b5:e8:05:d0:b6:72:cf:d9:93:4b: 82:2f:f4:73:72:fe:a4:c1:30:1f:89:35:64:56:88: f4:cc:bb:99:05:62:d4:12:42:3b:9a:ff:56:75:4f: ba:df:79:4b:a7:41:85:58:51:a6:6a:bc:14:55:5b: b9:fc:c5:98:d4:0d:f8:1b:8a:ad:40:ed:f6:9f:e7: 89:0b:fe:7e:ca:4f:4c:49:e9:66:dc:60:66:78:3c: f1:61:59:2f:6d:9c:21:35:3e:8c:c5:db:4e:80:7a: 50:ae:22:16:4c:27:e8:74:ab:92:ff:d6:31:08:f0: 63:ba:e5:48:18:dd:c2:0d:76:b8:7e:e1:4b:b2:13: 23:a8:4e:94:b6:a4:1c:1c:10:07:94:76:75:b0:e4: 60:7f:6e:94:b5:70:07:e8:c0:11:ea:68:4e:d2:f9: 23:b0:ca:e7:bf:96:3e:b6:75:eb:a9:e3:8a:f6:f4: 4f:15:94:df:c2:c9:05:75:d3:b0:33:f6:d6:0b:9f: 48:77:17:78:ee:8d:ca:0b:5f:35:33:63:98:07:f0: 71:61:b4:4a:33:7f:cc:ab:d9:97:8b:81:1e:55:bb: d7:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:78:4D:C9:74:52:7D:08:DF:C6:6A:3E:C6:7A:46:42:A1:62:F3:5D X509v3 Authority Key Identifier: keyid:D3:C8:B1:0A:38:F8:1C:64:E2:01:20:7B:FC:35:44:C2:97:2A:F5:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08ixCjj4HGTiASB7_DVEwpcq9fM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/yXhNyXRSfQjfxmo-xnpGQqFi810.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/08ixCjj4HGTiASB7_DVEwpcq9fM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.25.152.0/22 193.124.48.0/24 193.124.54.0/24 193.124.116.0/24 193.124.134.0/24 194.58.78.0/24 Signature Algorithm: sha256WithRSAEncryption a8:55:e5:2e:40:03:d4:62:91:ac:65:1e:8a:19:af:da:29:33: 79:e8:9d:1b:23:88:9c:7e:f6:7b:dc:76:e5:fb:27:24:95:0e: 62:3b:f5:ac:c5:90:98:40:82:b3:51:41:60:90:94:a4:88:f7: ee:d3:77:4b:cf:84:b0:9e:4d:97:93:88:f5:57:62:71:b5:ba: 00:96:6f:8e:5c:50:13:9d:d3:3d:a4:fc:6f:12:03:56:62:4c: 7e:3a:9f:0c:ca:a7:4e:c6:f0:ea:0c:50:1b:cf:d9:b2:8c:8e: 67:43:28:17:ad:b6:c5:a1:ec:3e:7b:0b:32:92:1e:da:57:eb: d2:37:0d:9d:75:0c:ff:62:6a:84:1f:32:d5:9c:f6:b7:8a:21: ae:4e:7b:6c:58:eb:64:c4:7e:7c:7c:50:c6:ae:05:1e:3f:86: b4:e8:01:d7:ec:6d:7a:57:b5:38:9d:25:c9:7e:94:01:41:24: fb:7a:fd:98:57:f6:51:4c:08:25:6a:05:13:23:7d:f6:e2:67: 2f:27:9c:de:b9:c7:29:0b:37:dd:3b:c2:bc:84:ce:97:74:36: 19:f1:69:f4:00:f7:3c:b1:0f:cb:bd:97:5c:7f:84:be:4e:c1: ef:d5:18:9b:38:b5:46:fe:9b:c3:2a:db:67:87:10:d3:42:76: 3e:b5:bb:fd -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt57RZFO2I+9zlXwTKhTM75MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzYzhiMTBhMzhmODFjNjRlMjAxMjA3YmZjMzU0NGMyOTcy YWY1ZjMwHhcNMjYwMTAxMTQxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOTc4NGRjOTc0NTI3ZDA4ZGZjNjZhM2VjNjdhNDY0MmExNjJmMzVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFqklYUNgfOSbflt5wIDb66NXiBi 5XrOfUWRuBdKqbYWCrXoBdC2cs/Zk0uCL/Rzcv6kwTAfiTVkVoj0zLuZBWLUEkI7 mv9WdU+633lLp0GFWFGmarwUVVu5/MWY1A34G4qtQO32n+eJC/5+yk9MSelm3GBm eDzxYVkvbZwhNT6MxdtOgHpQriIWTCfodKuS/9YxCPBjuuVIGN3CDXa4fuFLshMj qE6UtqQcHBAHlHZ1sORgf26UtXAH6MAR6mhO0vkjsMrnv5Y+tnXrqeOK9vRPFZTf wskFddOwM/bWC59Idxd47o3KC181M2OYB/BxYbRKM3/Mq9mXi4EeVbvX0QIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFMl4Tcl0Un0I38ZqPsZ6RkKhYvNdMB8GA1UdIwQY MBaAFNPIsQo4+Bxk4gEge/w1RMKXKvXzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDhpeENqajRIR1RpQVNCN19EVkV3cGNxOWZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NGQ0ZDAtNmM5OC00ZWVjLWJiYTEt MzdhYTM1ZTY5ZGMxLzEveVhoTnlYUlNmUWpmeG1vLXhucEdRcUZpODEwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS82NGQ0ZDAtNmM5OC00ZWVjLWJiYTEtMzdhYTM1ZTY5ZGMx LzEvMDhpeENqajRIR1RpQVNCN19EVkV3cGNxOWZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuRmYAwQA wXwwAwQAwXw2AwQAwXx0AwQAwXyGAwQAwjpOMA0GCSqGSIb3DQEBCwUAA4IBAQCo VeUuQAPUYpGsZR6KGa/aKTN56J0bI4icfvZ73Hbl+ycklQ5iO/WsxZCYQIKzUUFg kJSkiPfu03dLz4Swnk2Xk4j1V2JxtboAlm+OXFATndM9pPxvEgNWYkx+Op8MyqdO xvDqDFAbz9myjI5nQygXrbbFoew+ewsykh7aV+vSNw2ddQz/YmqEHzLVnPa3iiGu TntsWOtkxH58fFDGrgUeP4a06AHX7G16V7U4nSXJfpQBQST7ev2YV/ZRTAglagUT I3324mcvJ5zeuccpCzfdO8K8hM6XdDYZ8Wn0APc8sQ/LvZdcf4S+TsHv1RibOLVG /pvDKttnhxDTQnY+tbv9 -----END CERTIFICATE-----Generated at Mon Feb 9 22:31:34 2026 by rpki-client