This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/ddYTOcOmB0o9lm0zE3zt2oO1U1g.roa File: ddYTOcOmB0o9lm0zE3zt2oO1U1g.roa (raw, json) Hash identifier: hdKwDZDL26ytQwp0S8rV3Crlq4ka+0ODIpyfMgGOmSc= Subject key identifier: 75:D6:13:39:C3:A6:07:4A:3D:96:6D:33:13:7C:ED:DA:83:B5:53:58 Certificate issuer: /CN=610f8f99fca69aa73f88a531db46d228a7e2c3d3 Certificate serial: 019B79ED59467248C07714B8B483DEB9A71A Authority key identifier: 61:0F:8F:99:FC:A6:9A:A7:3F:88:A5:31:DB:46:D2:28:A7:E2:C3:D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YQ-Pmfymmqc_iKUx20bSKKfiw9M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/ddYTOcOmB0o9lm0zE3zt2oO1U1g.roa Signing time: Thu 01 Jan 2026 14:19:16 +0000 ROA not before: Thu 01 Jan 2026 14:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60517 IP address blocks: 178.157.96.0/22 maxlen: 24 178.157.96.0/24 maxlen: 24 178.157.97.0/24 maxlen: 24 178.157.98.0/24 maxlen: 24 178.157.99.0/24 maxlen: 24 185.27.120.0/22 maxlen: 24 185.27.120.0/24 maxlen: 24 185.27.121.0/24 maxlen: 24 185.27.122.0/24 maxlen: 24 185.27.123.0/24 maxlen: 24 185.36.92.0/22 maxlen: 24 185.36.92.0/24 maxlen: 24 185.36.93.0/24 maxlen: 24 185.36.94.0/24 maxlen: 24 185.36.95.0/24 maxlen: 24 185.51.128.0/22 maxlen: 24 185.51.128.0/24 maxlen: 24 185.51.129.0/24 maxlen: 24 185.51.130.0/24 maxlen: 24 185.51.131.0/24 maxlen: 24 185.91.172.0/22 maxlen: 24 185.91.172.0/24 maxlen: 24 185.91.173.0/24 maxlen: 24 185.91.174.0/24 maxlen: 24 185.91.175.0/24 maxlen: 24 185.118.244.0/22 maxlen: 24 185.118.244.0/24 maxlen: 24 185.118.245.0/24 maxlen: 24 185.118.246.0/24 maxlen: 24 185.118.247.0/24 maxlen: 24 185.131.180.0/22 maxlen: 24 185.131.180.0/24 maxlen: 24 185.131.181.0/24 maxlen: 24 185.131.182.0/24 maxlen: 24 185.131.183.0/24 maxlen: 24 185.175.212.0/22 maxlen: 24 2a06:96c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/YQ-Pmfymmqc_iKUx20bSKKfiw9M.crl rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/YQ-Pmfymmqc_iKUx20bSKKfiw9M.mft rsync://rpki.ripe.net/repository/DEFAULT/YQ-Pmfymmqc_iKUx20bSKKfiw9M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:59:46:72:48:c0:77:14:b8:b4:83:de:b9:a7:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=610f8f99fca69aa73f88a531db46d228a7e2c3d3 Validity Not Before: Jan 1 14:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=75d61339c3a6074a3d966d33137cedda83b55358 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:46:92:5f:26:21:b4:34:4a:52:ce:7c:af:a1: 12:c5:02:bc:a8:83:93:e9:24:18:7c:c6:bc:32:af: b5:34:8f:79:a7:a0:15:de:c2:e2:68:2c:14:41:fc: f1:ec:4f:b5:25:bb:0e:c1:da:ec:a3:52:e6:4e:e5: 19:3e:b2:99:8e:5e:94:f7:58:b0:f6:fe:94:5b:61: 35:1b:d9:05:97:84:59:08:c2:f6:cc:88:a0:1b:d1: e7:db:8e:e5:3e:a9:64:91:68:83:f9:26:c9:1d:98: 74:6b:db:78:3b:94:62:4e:84:f3:9f:f9:cf:4e:14: ca:83:f7:e7:fa:0c:eb:d4:47:94:33:f4:a3:14:4b: c3:82:db:39:27:c6:fd:3c:6e:62:87:95:29:3e:fe: 2d:ea:b8:c0:3d:d4:13:ea:6c:76:71:de:22:6a:d5: 00:83:94:cf:82:5b:e7:95:64:de:63:4f:88:8f:dc: 6e:1d:92:ed:66:ce:61:6a:1b:30:8f:e3:56:5d:53: d0:f9:58:42:43:c7:7e:3c:96:b0:20:04:1d:09:2c: 0e:f2:1a:2f:ce:79:a9:ff:03:68:d0:61:9d:a8:e4: 93:ac:a7:e6:6d:08:b2:c4:4e:26:dc:c2:5b:d5:16: bd:6b:e6:5f:4a:2f:61:c4:c8:0f:e8:ce:0a:5e:7b: fe:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:D6:13:39:C3:A6:07:4A:3D:96:6D:33:13:7C:ED:DA:83:B5:53:58 X509v3 Authority Key Identifier: keyid:61:0F:8F:99:FC:A6:9A:A7:3F:88:A5:31:DB:46:D2:28:A7:E2:C3:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YQ-Pmfymmqc_iKUx20bSKKfiw9M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/ddYTOcOmB0o9lm0zE3zt2oO1U1g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/d94681-abe6-4e23-9b98-79a0a528e0a4/1/YQ-Pmfymmqc_iKUx20bSKKfiw9M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 178.157.96.0/22 185.27.120.0/22 185.36.92.0/22 185.51.128.0/22 185.91.172.0/22 185.118.244.0/22 185.131.180.0/22 185.175.212.0/22 IPv6: 2a06:96c0::/29 Signature Algorithm: sha256WithRSAEncryption 69:e9:42:15:26:d5:b9:cc:8f:e9:99:7b:eb:6d:a1:89:7d:12: 5d:b2:f0:4c:a6:73:b7:02:01:f8:17:ba:44:5e:63:4f:34:6c: be:d3:e9:1e:95:90:7b:84:a3:fb:30:b5:1d:06:04:00:a1:54: 97:76:2f:b1:d2:1f:b1:d9:7e:dc:54:d0:c2:fd:bc:35:f2:3e: 36:a5:a0:bd:ac:ff:17:41:26:57:7a:79:88:a1:dd:67:bc:e4: 89:e8:4f:d5:07:51:e9:1c:c6:ae:ed:df:5f:94:42:55:ff:38: db:45:85:5e:0e:2f:93:ba:6e:8d:d7:cd:a1:9b:bb:ad:83:96: a4:80:80:f6:01:a3:a0:92:07:fd:61:dd:90:a9:91:73:2c:69: 73:0c:3e:3b:ef:3b:82:eb:70:43:be:ff:ab:61:d9:2e:2b:a7: 19:b7:36:a2:de:a8:04:cf:98:1f:f2:84:01:b8:5a:a2:fc:c6: 76:dc:da:2b:42:f8:45:91:c0:7e:2a:f1:92:3b:16:72:4a:10: f5:58:8e:6b:93:90:a0:99:36:b5:21:ae:ed:4b:fe:28:10:8b: 93:90:c9:7a:4e:de:94:35:de:88:b3:b3:06:ef:0f:70:99:92: f6:c8:57:8c:90:8c:b0:1c:10:e8:07:e5:09:99:d7:da:14:cf: 14:74:63:1a -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZt57VlGckjAdxS4tIPeuacaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxMGY4Zjk5ZmNhNjlhYTczZjg4YTUzMWRiNDZkMjI4YTdl MmMzZDMwHhcNMjYwMTAxMTQxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NWQ2MTMzOWMzYTYwNzRhM2Q5NjZkMzMxMzdjZWRkYTgzYjU1MzU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkaSXyYhtDRKUs58r6ESxQK8qIOT 6SQYfMa8Mq+1NI95p6AV3sLiaCwUQfzx7E+1JbsOwdrso1LmTuUZPrKZjl6U91iw 9v6UW2E1G9kFl4RZCML2zIigG9Hn247lPqlkkWiD+SbJHZh0a9t4O5RiToTzn/nP ThTKg/fn+gzr1EeUM/SjFEvDgts5J8b9PG5ih5UpPv4t6rjAPdQT6mx2cd4iatUA g5TPglvnlWTeY0+Ij9xuHZLtZs5hahswj+NWXVPQ+VhCQ8d+PJawIAQdCSwO8hov znmp/wNo0GGdqOSTrKfmbQiyxE4m3MJb1Ra9a+ZfSi9hxMgP6M4KXnv+OQIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFHXWEznDpgdKPZZtMxN87dqDtVNYMB8GA1UdIwQY MBaAFGEPj5n8ppqnP4ilMdtG0iin4sPTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWVEtUG1meW1tcWNfaUtVeDIwYlNLS2ZpdzlNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9kOTQ2ODEtYWJlNi00ZTIzLTliOTgt NzlhMGE1MjhlMGE0LzEvZGRZVE9jT21CMG85bG0wekUzenQyb08xVTFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9kOTQ2ODEtYWJlNi00ZTIzLTliOTgtNzlhMGE1MjhlMGE0 LzEvWVEtUG1meW1tcWNfaUtVeDIwYlNLS2ZpdzlNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCsp1gAwQC uRt4AwQCuSRcAwQCuTOAAwQCuVusAwQCuXb0AwQCuYO0AwQCua/UMA0EAgACMAcD BQMqBpbAMA0GCSqGSIb3DQEBCwUAA4IBAQBp6UIVJtW5zI/pmXvrbaGJfRJdsvBM pnO3AgH4F7pEXmNPNGy+0+kelZB7hKP7MLUdBgQAoVSXdi+x0h+x2X7cVNDC/bw1 8j42paC9rP8XQSZXenmIod1nvOSJ6E/VB1HpHMau7d9flEJV/zjbRYVeDi+Tum6N 182hm7utg5akgID2AaOgkgf9Yd2QqZFzLGlzDD477zuC63BDvv+rYdkuK6cZtzai 3qgEz5gf8oQBuFqi/MZ23NorQvhFkcB+KvGSOxZyShD1WI5rk5CgmTa1Ia7tS/4o EIuTkMl6Tt6UNd6Is7MG7w9wmZL2yFeMkIywHBDoB+UJmdfaFM8UdGMa -----END CERTIFICATE-----Generated at Tue Feb 10 04:27:43 2026 by rpki-client