This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/ygzwdt05FZY5UgU4PNRonpu2D5Q.roa File: ygzwdt05FZY5UgU4PNRonpu2D5Q.roa (raw, json) Hash identifier: iuwiLZg36gzzO6D5OpB0qDgYjkp9/xl1ZMAuUek9+EY= Subject key identifier: CA:0C:F0:76:DD:39:15:96:39:52:05:38:3C:D4:68:9E:9B:B6:0F:94 Certificate issuer: /CN=af781c845339900f7e6b2033e63888b53ae57875 Certificate serial: 019B7A5A1415AA3598F7F6E3C0555A4BA753 Authority key identifier: AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/ygzwdt05FZY5UgU4PNRonpu2D5Q.roa Signing time: Thu 01 Jan 2026 16:18:02 +0000 ROA not before: Thu 01 Jan 2026 16:18:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203536 IP address blocks: 46.167.8.0/21 maxlen: 21 92.118.120.0/22 maxlen: 22 194.59.14.0/23 maxlen: 23 194.59.14.0/24 maxlen: 24 194.59.32.0/23 maxlen: 23 2a09:a640::/32 maxlen: 32 2a0f:bc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.mft rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:14:15:aa:35:98:f7:f6:e3:c0:55:5a:4b:a7:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af781c845339900f7e6b2033e63888b53ae57875 Validity Not Before: Jan 1 16:18:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ca0cf076dd391596395205383cd4689e9bb60f94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:73:b2:e3:35:e9:81:fc:f8:ac:af:40:f3:b8: f6:56:15:1c:a8:83:af:c8:b4:05:37:a9:50:f3:68: 19:bd:96:b3:07:b5:2a:42:ff:0d:c2:b4:20:3e:fe: d5:c2:b5:59:70:bc:46:50:c0:72:1f:e7:60:f1:45: 33:d1:53:48:df:0b:a3:32:88:cf:9b:50:1a:a0:59: ca:c2:22:f3:73:41:fd:b2:d3:0d:38:b1:37:ed:d3: c9:d1:5b:42:20:38:de:2e:e0:9e:cc:68:fb:56:25: 6a:3c:b4:d1:2b:46:a4:06:9e:78:d9:61:39:f3:38: 0c:71:0e:82:74:be:d1:71:f6:58:d7:46:a4:00:e5: 82:02:b6:ab:11:11:01:e6:5b:d4:7c:e6:fc:21:7e: b6:95:58:18:cd:27:94:2c:a0:aa:9d:1d:1b:70:c3: ab:eb:de:db:7f:85:78:0b:d5:e6:ed:24:b8:5e:2b: f3:96:b7:15:ec:a4:60:82:2d:59:38:3b:32:5a:99: a3:26:9f:a3:25:02:20:c0:d3:6f:39:6c:c7:bb:de: bf:1e:97:81:6d:1e:78:6b:ad:6f:c5:2d:28:92:2d: 51:5a:fd:53:af:e0:6d:3f:f4:95:b2:59:bd:db:ef: 87:37:42:1a:ac:70:8a:5e:69:57:2d:e8:6c:a9:ef: 95:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:0C:F0:76:DD:39:15:96:39:52:05:38:3C:D4:68:9E:9B:B6:0F:94 X509v3 Authority Key Identifier: keyid:AF:78:1C:84:53:39:90:0F:7E:6B:20:33:E6:38:88:B5:3A:E5:78:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3gchFM5kA9-ayAz5jiItTrleHU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/ygzwdt05FZY5UgU4PNRonpu2D5Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/d1c71d-aa50-4d78-8e52-5cf37a34830d/1/r3gchFM5kA9-ayAz5jiItTrleHU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.167.8.0/21 92.118.120.0/22 194.59.14.0/23 194.59.32.0/23 IPv6: 2a09:a640::/32 2a0f:bc0::/29 Signature Algorithm: sha256WithRSAEncryption 4b:ed:e0:04:f9:4e:4d:41:98:1c:dc:a9:02:fc:a3:c8:1d:98: 20:3e:04:87:08:f1:6e:04:65:a8:df:45:f3:b2:f0:e3:57:29: b0:cb:13:50:29:c7:d1:8b:e2:a7:f3:96:c1:40:e4:d6:ee:c5: 78:17:af:67:66:49:e7:f3:a1:79:5e:95:47:b3:f0:eb:c4:56: 10:ae:26:4e:bc:f2:d3:46:be:51:93:32:31:2f:cc:ae:83:9d: ce:c7:ad:8d:24:ba:22:b1:0e:f3:71:e6:4f:4f:9c:c2:ff:cf: 04:a5:4d:8f:87:24:e1:05:15:88:22:75:ae:9d:b2:33:01:b9: 88:36:1d:8e:7e:bc:d7:c0:1b:36:9a:42:57:3e:da:87:3b:81: e2:13:ba:2e:09:0a:b6:d7:32:ec:a9:2b:c0:6f:86:6a:3f:29: c4:a4:e1:7e:8c:2f:c1:9e:34:0e:16:c1:94:76:6d:c0:a7:06: 55:55:74:62:16:23:88:ec:e0:ce:86:e0:ba:2a:60:0c:37:a5: de:60:31:00:8d:98:26:b4:f4:3c:e8:c7:8e:4f:c2:f4:bc:cb: c1:b3:3e:6f:8a:a4:ff:e7:91:1d:1e:4a:7b:4f:c7:4c:a8:11: 64:52:d2:f0:98:fe:0c:71:eb:c2:57:ef:3b:e4:6b:e1:71:b2: 7b:93:61:55 -----BEGIN CERTIFICATE----- MIIFJTCCBA2gAwIBAgISAZt6WhQVqjWY9/bjwFVaS6dTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmNzgxYzg0NTMzOTkwMGY3ZTZiMjAzM2U2Mzg4OGI1M2Fl NTc4NzUwHhcNMjYwMTAxMTYxODAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYTBjZjA3NmRkMzkxNTk2Mzk1MjA1MzgzY2Q0Njg5ZTliYjYwZjk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXOy4zXpgfz4rK9A87j2VhUcqIOv yLQFN6lQ82gZvZazB7UqQv8NwrQgPv7VwrVZcLxGUMByH+dg8UUz0VNI3wujMojP m1AaoFnKwiLzc0H9stMNOLE37dPJ0VtCIDjeLuCezGj7ViVqPLTRK0akBp542WE5 8zgMcQ6CdL7RcfZY10akAOWCArarEREB5lvUfOb8IX62lVgYzSeULKCqnR0bcMOr 697bf4V4C9Xm7SS4XivzlrcV7KRggi1ZODsyWpmjJp+jJQIgwNNvOWzHu96/HpeB bR54a61vxS0oki1RWv1Tr+BtP/SVslm92++HN0IarHCKXmlXLehsqe+VewIDAQAB o4ICMTCCAi0wHQYDVR0OBBYEFMoM8HbdORWWOVIFODzUaJ6btg+UMB8GA1UdIwQY MBaAFK94HIRTOZAPfmsgM+Y4iLU65Xh1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTIt NWNmMzdhMzQ4MzBkLzEveWd6d2R0MDVGWlk1VWdVNFBOUm9ucHUyRDVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9kMWM3MWQtYWE1MC00ZDc4LThlNTItNWNmMzdhMzQ4MzBk LzEvcjNnY2hGTTVrQTktYXlBejVqaUl0VHJsZUhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDLqcIAwQC XHZ4AwQBwjsOAwQBwjsgMBQEAgACMA4DBQAqCaZAAwUDKg8LwDANBgkqhkiG9w0B AQsFAAOCAQEAS+3gBPlOTUGYHNypAvyjyB2YID4EhwjxbgRlqN9F87Lw41cpsMsT UCnH0Yvip/OWwUDk1u7FeBevZ2ZJ5/OheV6VR7Pw68RWEK4mTrzy00a+UZMyMS/M roOdzsetjSS6IrEO83HmT0+cwv/PBKVNj4ck4QUViCJ1rp2yMwG5iDYdjn6818Ab NppCVz7ahzuB4hO6LgkKttcy7KkrwG+Gaj8pxKThfowvwZ40DhbBlHZtwKcGVVV0 YhYjiOzgzobguipgDDel3mAxAI2YJrT0POjHjk/C9LzLwbM+b4qk/+eRHR5Ke0/H TKgRZFLS8Jj+DHHrwlfvO+Rr4XGye5NhVQ== -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:45 2026 by rpki-client