This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/y2z9eC0pey0L-F8Me0uxP0CdRNE.roa File: y2z9eC0pey0L-F8Me0uxP0CdRNE.roa (raw, json) Hash identifier: ynALlANptr3j2opU4Eof0BTlyqYbPLK8fhfTetUFwTw= Subject key identifier: CB:6C:FD:78:2D:29:7B:2D:0B:F8:5F:0C:7B:4B:B1:3F:40:9D:44:D1 Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df Certificate serial: 019B8DCDDD67C10E6E7C270DBADA50B83F00 Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/y2z9eC0pey0L-F8Me0uxP0CdRNE.roa Signing time: Mon 05 Jan 2026 10:57:17 +0000 ROA not before: Mon 05 Jan 2026 10:57:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5501 IP address blocks: 129.233.0.0/17 maxlen: 17 129.233.128.0/17 maxlen: 17 129.233.163.0/24 maxlen: 24 129.233.252.0/22 maxlen: 22 129.233.252.0/24 maxlen: 24 129.233.253.0/24 maxlen: 24 129.233.254.0/24 maxlen: 24 129.233.255.0/24 maxlen: 24 137.251.0.0/16 maxlen: 16 153.96.0.0/21 maxlen: 21 153.96.8.0/23 maxlen: 23 153.96.10.0/24 maxlen: 24 153.96.12.0/22 maxlen: 22 153.96.16.0/23 maxlen: 23 153.96.18.0/24 maxlen: 24 153.96.19.0/24 maxlen: 24 153.96.24.0/24 maxlen: 24 153.96.54.0/23 maxlen: 23 153.96.112.0/23 maxlen: 23 153.96.126.0/23 maxlen: 23 153.96.144.0/23 maxlen: 23 153.96.220.0/22 maxlen: 22 153.96.248.0/23 maxlen: 23 153.96.250.0/24 maxlen: 24 153.96.253.0/24 maxlen: 24 153.96.254.0/24 maxlen: 24 153.97.0.0/21 maxlen: 21 153.97.11.0/24 maxlen: 24 153.97.26.0/24 maxlen: 24 192.42.63.0/24 maxlen: 24 192.42.64.0/24 maxlen: 24 192.44.0.0/22 maxlen: 22 192.44.0.0/24 maxlen: 24 192.44.1.0/24 maxlen: 24 192.44.2.0/23 maxlen: 23 192.44.10.0/24 maxlen: 24 192.44.13.0/24 maxlen: 24 192.44.17.0/24 maxlen: 24 192.44.24.0/24 maxlen: 24 192.44.37.0/24 maxlen: 24 192.102.165.0/24 maxlen: 24 192.102.171.0/24 maxlen: 24 192.102.172.0/23 maxlen: 23 2a03:db80:1c14::/48 maxlen: 48 2a03:db80:4404::/48 maxlen: 48 2a03:db80:4410::/48 maxlen: 48 2a03:db80:4414::/48 maxlen: 48 2a03:db80:4415::/48 maxlen: 48 2a03:db80:4416::/48 maxlen: 48 2a03:db80:4420::/48 maxlen: 48 2a03:db80:4424::/48 maxlen: 48 2a03:db80:4434::/48 maxlen: 48 2a03:db80:4460::/48 maxlen: 48 2a03:db80:4470::/48 maxlen: 48 2a03:db80:4480::/48 maxlen: 48 2a03:db80:4484::/48 maxlen: 48 2a03:db80:4494::/48 maxlen: 48 2a03:db80:4c80::/48 maxlen: 48 2a03:db80:4c84::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.mft rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 05:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:8d:cd:dd:67:c1:0e:6e:7c:27:0d:ba:da:50:b8:3f:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df Validity Not Before: Jan 5 10:57:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb6cfd782d297b2d0bf85f0c7b4bb13f409d44d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:91:80:d0:b9:ff:a0:d8:b0:d1:46:d9:60:07: 42:bc:6b:a9:d6:99:6a:b2:80:13:fb:0d:2c:f1:49: 6a:23:9b:1d:65:12:50:64:04:20:fc:a0:ac:ad:eb: 33:d8:64:4c:67:3a:67:5c:f6:c6:a3:1d:54:fc:69: e8:4c:b0:d2:51:e2:57:23:d8:85:b2:c9:19:d6:0c: 1d:6d:83:83:62:2e:42:6b:6d:80:2c:90:08:06:e9: d8:d8:3f:27:2f:38:fa:48:8e:75:02:7d:44:54:a5: 24:d5:f5:87:21:df:8f:0e:ac:b6:cc:6c:ab:98:b1: fc:11:ea:a5:c2:38:76:17:fd:91:07:66:97:f9:c0: 15:f4:45:0c:c6:07:dd:50:22:88:2e:4f:c8:7f:b5: d1:9f:bc:23:93:50:bb:91:13:5a:40:44:2b:9b:da: 69:c4:9e:cc:e3:77:2b:d9:63:f9:78:15:72:11:29: fe:fe:8d:69:70:c0:3b:84:55:a8:cf:32:f6:0b:a6: 6f:03:97:3e:0c:55:2f:f5:c1:33:14:ea:eb:1f:cc: 1b:6a:56:7c:60:db:2d:aa:9c:11:77:65:61:aa:82: 69:be:b1:11:87:b8:93:4b:af:b4:e6:eb:a4:83:77: 2c:a3:df:b8:95:1f:9c:81:86:57:00:34:24:d8:e4: 53:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:6C:FD:78:2D:29:7B:2D:0B:F8:5F:0C:7B:4B:B1:3F:40:9D:44:D1 X509v3 Authority Key Identifier: keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/y2z9eC0pey0L-F8Me0uxP0CdRNE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 129.233.0.0/16 137.251.0.0/16 153.96.0.0-153.96.10.255 153.96.12.0-153.96.19.255 153.96.24.0/24 153.96.54.0/23 153.96.112.0/23 153.96.126.0/23 153.96.144.0/23 153.96.220.0/22 153.96.248.0-153.96.250.255 153.96.253.0-153.96.254.255 153.97.0.0/21 153.97.11.0/24 153.97.26.0/24 192.42.63.0-192.42.64.255 192.44.0.0/22 192.44.10.0/24 192.44.13.0/24 192.44.17.0/24 192.44.24.0/24 192.44.37.0/24 192.102.165.0/24 192.102.171.0-192.102.173.255 IPv6: 2a03:db80:1c14::/48 2a03:db80:4404::/48 2a03:db80:4410::/48 2a03:db80:4414::-2a03:db80:4416:ffff:ffff:ffff:ffff:ffff 2a03:db80:4420::/48 2a03:db80:4424::/48 2a03:db80:4434::/48 2a03:db80:4460::/48 2a03:db80:4470::/48 2a03:db80:4480::/48 2a03:db80:4484::/48 2a03:db80:4494::/48 2a03:db80:4c80::/48 2a03:db80:4c84::/48 Signature Algorithm: sha256WithRSAEncryption 38:f2:3d:54:78:4f:d3:9d:ab:99:22:25:db:3f:49:61:95:01: f2:47:e4:84:1d:67:e1:5a:47:55:f2:4a:ef:56:40:2d:61:93: 45:e4:88:19:2f:6e:45:42:c1:96:70:fd:0a:25:92:57:90:ee: cb:ea:da:e5:fc:cb:7a:5f:f2:9d:0f:8b:51:d4:34:7d:6e:5a: 3b:84:7b:3a:08:cc:96:12:77:50:07:35:db:03:0e:18:65:e3: d5:79:c4:2a:ac:e3:a9:c6:4f:ca:ef:43:74:18:57:c3:b0:ff: 49:26:2a:40:0f:d2:23:62:b0:fb:d0:2e:05:91:7d:14:93:34: fa:6d:f8:08:5f:f3:fc:e9:1e:83:b6:38:7b:16:c2:69:97:77: ec:fe:cc:b8:de:9e:de:33:80:f1:75:5b:d8:48:20:d9:1a:2e: 32:37:ec:26:31:fe:98:d3:64:d3:8b:35:a0:fa:90:db:e9:bd: 52:3b:ed:79:33:3f:06:50:68:96:68:b4:e8:8a:1d:3a:72:cf: 55:37:cb:46:82:15:97:3d:85:de:dc:9a:e3:f9:f7:87:55:ba: af:f5:05:3f:2d:2e:ad:35:c1:4a:c2:21:f2:8e:40:e2:35:4a: 90:13:13:20:82:6f:55:d9:42:2c:bd:33:7c:3e:b3:2c:ce:4d: 28:e1:70:e2 -----BEGIN CERTIFICATE----- MIIGTzCCBTegAwIBAgISAZuNzd1nwQ5ufCcNutpQuD8AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2 NDIwZGYwHhcNMjYwMTA1MTA1NzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjZjZmQ3ODJkMjk3YjJkMGJmODVmMGM3YjRiYjEzZjQwOWQ0NGQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5GA0Ln/oNiw0UbZYAdCvGup1plq soAT+w0s8UlqI5sdZRJQZAQg/KCsresz2GRMZzpnXPbGox1U/GnoTLDSUeJXI9iF sskZ1gwdbYODYi5Ca22ALJAIBunY2D8nLzj6SI51An1EVKUk1fWHId+PDqy2zGyr mLH8Eeqlwjh2F/2RB2aX+cAV9EUMxgfdUCKILk/If7XRn7wjk1C7kRNaQEQrm9pp xJ7M43cr2WP5eBVyESn+/o1pcMA7hFWozzL2C6ZvA5c+DFUv9cEzFOrrH8wbalZ8 YNstqpwRd2VhqoJpvrERh7iTS6+05uukg3cso9+4lR+cgYZXADQk2ORTzwIDAQAB o4IDWzCCA1cwHQYDVR0OBBYEFMts/XgtKXstC/hfDHtLsT9AnUTRMB8GA1UdIwQY MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct YWQ4ZmJlYWE4ZGQ5LzEveTJ6OWVDMHBleTBMLUY4TWUwdXhQMENkUk5FLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5 LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBbwYIKwYBBQUHAQcBAf8EggFeMIIBWjCBxAQCAAEwgb0D AwCB6QMDAIn7MAsDAwWZYAMEAJlgCjAMAwQCmWAMAwQCmWAQAwQAmWAYAwQBmWA2 AwQBmWBwAwQBmWB+AwQBmWCQAwQCmWDcMAwDBAOZYPgDBACZYPowDAMEAJlg/QME AJlg/gMEA5lhAAMEAJlhCwMEAJlhGjAMAwQAwCo/AwQAwCpAAwQCwCwAAwQAwCwK AwQAwCwNAwQAwCwRAwQAwCwYAwQAwCwlAwQAwGalMAwDBADAZqsDBAHAZqwwgZAE AgACMIGJAwcAKgPbgBwUAwcAKgPbgEQEAwcAKgPbgEQQMBIDBwIqA9uARBQDBwAq A9uARBYDBwAqA9uARCADBwAqA9uARCQDBwAqA9uARDQDBwAqA9uARGADBwAqA9uA RHADBwAqA9uARIADBwAqA9uARIQDBwAqA9uARJQDBwAqA9uATIADBwAqA9uATIQw DQYJKoZIhvcNAQELBQADggEBADjyPVR4T9Odq5kiJds/SWGVAfJH5IQdZ+FaR1Xy Su9WQC1hk0XkiBkvbkVCwZZw/QolkleQ7svq2uX8y3pf8p0Pi1HUNH1uWjuEezoI zJYSd1AHNdsDDhhl49V5xCqs46nGT8rvQ3QYV8Ow/0kmKkAP0iNisPvQLgWRfRST NPpt+Ahf8/zpHoO2OHsWwmmXd+z+zLjent4zgPF1W9hIINkaLjI37CYx/pjTZNOL NaD6kNvpvVI77XkzPwZQaJZotOiKHTpyz1U3y0aCFZc9hd7cmuP594dVuq/1BT8t Lq01wUrCIfKOQOI1SpATEyCCb1XZQiy9M3w+syzOTSjhcOI= -----END CERTIFICATE-----Generated at Wed Jan 21 14:40:58 2026 by rpki-client