This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/Yd0ISItT25nHU31sDdFobBWtukM.roa File: Yd0ISItT25nHU31sDdFobBWtukM.roa (raw, json) Hash identifier: BpfqZXiuQQu7xNd4WIEYwPFlxLRUFTvBsSR5u9ClQwA= Subject key identifier: 61:DD:08:48:8B:53:DB:99:C7:53:7D:6C:0D:D1:68:6C:15:AD:BA:43 Certificate issuer: /CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13 Certificate serial: 019B7CEDF47007B94A9F8E50EA9A98FBF2F9 Authority key identifier: D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/Yd0ISItT25nHU31sDdFobBWtukM.roa Signing time: Fri 02 Jan 2026 04:18:47 +0000 ROA not before: Fri 02 Jan 2026 04:18:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210004 IP address blocks: 194.0.5.0/24 maxlen: 24 194.0.29.0/24 maxlen: 24 2001:678:8::/48 maxlen: 48 2001:678:30::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.mft rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 10:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:f4:70:07:b9:4a:9f:8e:50:ea:9a:98:fb:f2:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2c2b0ee187928409065d19ee9c0858e8c17ea13 Validity Not Before: Jan 2 04:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=61dd08488b53db99c7537d6c0dd1686c15adba43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:ae:7e:d9:c2:68:63:7c:32:7b:f3:5a:ab:d4: 88:af:ce:77:bb:5f:d3:d0:94:fa:69:4f:b1:d7:e9: ff:5a:7c:dc:28:03:1b:c6:7c:28:79:41:44:ce:f0: e0:dc:fa:fd:a2:1b:ab:06:33:b1:61:ac:b9:ad:55: fd:c5:68:83:d4:14:15:7b:a5:d9:3d:60:c3:3c:de: 27:da:2f:b9:2f:5f:01:2e:d1:c8:ef:39:12:9c:ee: 5e:e9:66:a0:ec:30:61:61:95:6d:d2:1c:9b:a1:72: 55:bf:f3:a0:a8:38:05:4d:44:90:1e:1b:fb:df:96: 6b:b7:b0:09:96:34:0c:da:2a:a8:be:51:e2:65:ad: b9:d0:d1:6d:d0:6b:e2:40:36:ed:8b:64:16:37:b3: 99:cd:79:84:23:9d:42:2e:59:38:f2:9a:65:38:4f: cb:45:3b:ac:e5:7e:e5:b9:f3:06:ec:c3:84:33:4d: 49:30:ed:6e:2f:95:05:d1:77:98:6d:d2:33:71:2d: cf:d0:19:f3:8b:5f:96:1a:1e:e3:6f:9c:45:9f:d1: 85:30:f5:e1:84:f2:c6:97:61:d9:97:d2:b2:dd:bc: 43:dc:2d:d0:76:8f:2d:19:1f:31:e8:fb:f6:a7:4d: a0:bd:f5:19:0f:e3:f5:25:8a:19:a5:a8:1c:d1:0f: 0a:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:DD:08:48:8B:53:DB:99:C7:53:7D:6C:0D:D1:68:6C:15:AD:BA:43 X509v3 Authority Key Identifier: keyid:D2:C2:B0:EE:18:79:28:40:90:65:D1:9E:E9:C0:85:8E:8C:17:EA:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sKw7hh5KECQZdGe6cCFjowX6hM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/Yd0ISItT25nHU31sDdFobBWtukM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/abac14-6eab-4985-867a-c8e863c1a8d1/1/0sKw7hh5KECQZdGe6cCFjowX6hM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.0.5.0/24 194.0.29.0/24 IPv6: 2001:678:8::/48 2001:678:30::/48 Signature Algorithm: sha256WithRSAEncryption 8d:ff:9a:4a:3d:db:0b:1a:0b:03:39:7c:c9:86:03:87:49:67: 4c:8a:9d:89:d5:df:4a:fb:5e:ea:47:64:66:4c:c0:11:fc:0e: 61:cd:3c:ab:00:3a:c2:bb:f6:81:3c:2f:d6:de:02:22:d9:1c: e4:6b:e6:30:8c:e6:cc:9c:12:da:50:82:ba:1f:6e:49:25:ad: c6:93:18:d3:e9:10:da:99:ce:a9:a7:93:09:22:af:5a:71:73: 9f:b8:a0:fa:b2:b5:66:68:e7:66:bf:c2:f1:38:10:af:68:5d: 51:6a:c5:01:42:6d:8c:7c:db:df:54:ec:76:d9:b9:c8:b6:b4: 6c:58:40:6d:4c:63:d0:ae:89:45:fa:53:25:f7:e3:8a:86:99: 7f:55:f4:c0:c5:98:c8:ac:42:84:26:8f:3e:84:88:03:a6:c6: ee:c5:3c:0f:3f:0a:3e:4b:7c:c6:78:39:f4:8c:69:0b:57:30: dc:d7:5e:c2:a5:38:0b:b2:b3:19:46:78:80:7f:bd:19:73:ac: 35:9b:a9:c5:a6:8f:79:8a:57:6d:40:12:55:79:7f:ad:7e:9e: d2:dd:4c:65:f3:02:1d:77:72:72:a7:ca:f7:84:ad:fa:85:2c: d2:a4:5c:cd:04:7c:ec:73:c3:a4:7a:d2:4b:f0:f9:bd:88:8d: d2:e6:e8:d4 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAZt87fRwB7lKn45Q6pqY+/L5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyYzJiMGVlMTg3OTI4NDA5MDY1ZDE5ZWU5YzA4NThlOGMx N2VhMTMwHhcNMjYwMTAyMDQxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MWRkMDg0ODhiNTNkYjk5Yzc1MzdkNmMwZGQxNjg2YzE1YWRiYTQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArq5+2cJoY3wye/Naq9SIr853u1/T 0JT6aU+x1+n/WnzcKAMbxnwoeUFEzvDg3Pr9ohurBjOxYay5rVX9xWiD1BQVe6XZ PWDDPN4n2i+5L18BLtHI7zkSnO5e6Wag7DBhYZVt0hyboXJVv/OgqDgFTUSQHhv7 35Zrt7AJljQM2iqovlHiZa250NFt0GviQDbti2QWN7OZzXmEI51CLlk48pplOE/L RTus5X7lufMG7MOEM01JMO1uL5UF0XeYbdIzcS3P0Bnzi1+WGh7jb5xFn9GFMPXh hPLGl2HZl9Ky3bxD3C3Qdo8tGR8x6Pv2p02gvfUZD+P1JYoZpagc0Q8KjwIDAQAB o4ICKTCCAiUwHQYDVR0OBBYEFGHdCEiLU9uZx1N9bA3RaGwVrbpDMB8GA1UdIwQY MBaAFNLCsO4YeShAkGXRnunAhY6MF+oTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2Et YzhlODYzYzFhOGQxLzEvWWQwSVNJdFQyNW5IVTMxc0RkRm9iQld0dWtNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy9hYmFjMTQtNmVhYi00OTg1LTg2N2EtYzhlODYzYzFhOGQx LzEvMHNLdzdoaDVLRUNRWmRHZTZjQ0Zqb3dYNmhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAwgAFAwQA wgAdMBgEAgACMBIDBwAgAQZ4AAgDBwAgAQZ4ADAwDQYJKoZIhvcNAQELBQADggEB AI3/mko92wsaCwM5fMmGA4dJZ0yKnYnV30r7XupHZGZMwBH8DmHNPKsAOsK79oE8 L9beAiLZHORr5jCM5sycEtpQgrofbkklrcaTGNPpENqZzqmnkwkir1pxc5+4oPqy tWZo52a/wvE4EK9oXVFqxQFCbYx8299U7HbZuci2tGxYQG1MY9CuiUX6UyX344qG mX9V9MDFmMisQoQmjz6EiAOmxu7FPA8/Cj5LfMZ4OfSMaQtXMNzXXsKlOAuysxlG eIB/vRlzrDWbqcWmj3mKV21AElV5f61+ntLdTGXzAh13cnKnyveErfqFLNKkXM0E fOxzw6R60kvw+b2IjdLm6NQ= -----END CERTIFICATE-----Generated at Mon Feb 9 18:30:23 2026 by rpki-client