This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/YsTwicH1tOydKXwijh3NKIAFLS0.roa File: YsTwicH1tOydKXwijh3NKIAFLS0.roa (raw, json) Hash identifier: a4Esas1VFYhKGMF7C/m0rI+wkbXft/Q6b4xO9aKQj64= Subject key identifier: 62:C4:F0:89:C1:F5:B4:EC:9D:29:7C:22:8E:1D:CD:28:80:05:2D:2D Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea Certificate serial: 019B7834445DB7D61204D43F2CFBE6C3DC71 Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/YsTwicH1tOydKXwijh3NKIAFLS0.roa Signing time: Thu 01 Jan 2026 06:17:29 +0000 ROA not before: Thu 01 Jan 2026 06:17:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214729 IP address blocks: 193.104.198.0/24 maxlen: 32 2a00:8740:f002::/48 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.mft rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:44:5d:b7:d6:12:04:d4:3f:2c:fb:e6:c3:dc:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea Validity Not Before: Jan 1 06:17:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=62c4f089c1f5b4ec9d297c228e1dcd2880052d2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:66:3d:40:6d:95:a0:e7:a9:19:3d:83:88:c5: be:53:a1:2d:13:67:f6:67:9f:af:c7:f6:ad:b7:03: f7:fa:e6:91:e9:9e:fb:e4:47:9c:b5:53:19:47:b6: 33:07:6e:24:7b:c9:f5:bc:f8:07:7a:d7:81:dd:ca: 46:35:c1:94:6f:0c:8f:c5:cd:20:70:e2:d4:38:58: df:95:ad:11:9b:9d:03:41:8d:85:3c:78:a2:b7:3b: d4:8a:00:93:c2:ff:9c:db:22:5a:00:5c:b5:d9:e4: 5c:0f:ac:6a:94:67:74:fd:63:03:e0:19:1f:16:54: fb:56:91:23:80:1a:12:fc:2d:97:89:30:26:cc:12: 44:c2:f0:80:b2:9c:3f:27:0f:dc:4c:79:73:34:c4: 11:0b:03:bb:2c:0a:79:b4:43:33:29:f0:29:5c:1f: 48:fe:7e:8c:31:ef:6f:19:ec:62:7a:a3:b9:04:5d: 67:cd:df:bb:16:08:db:13:9f:1a:4c:bd:56:43:4e: 4e:dc:fd:45:00:34:be:0b:cf:2f:50:2f:cc:24:90: 42:f3:0b:3e:16:a7:35:d5:7a:97:52:f2:cc:bb:02: 05:64:e4:f9:76:48:94:8d:7b:c9:b0:e3:23:75:e8: 9f:61:4b:d3:9a:0b:43:81:42:87:de:de:77:be:67: 6c:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:C4:F0:89:C1:F5:B4:EC:9D:29:7C:22:8E:1D:CD:28:80:05:2D:2D X509v3 Authority Key Identifier: keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/YsTwicH1tOydKXwijh3NKIAFLS0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.104.198.0/24 IPv6: 2a00:8740:f002::/48 Signature Algorithm: sha256WithRSAEncryption 7b:a9:d0:62:43:a3:a8:2e:be:e5:7e:51:ad:5f:10:3f:fe:89: f4:7b:87:12:1f:a5:4d:47:df:f7:2c:2b:f4:03:7d:3b:ac:e7: 1b:f9:3f:87:04:be:d3:70:4d:aa:05:f2:ac:a7:04:12:95:fd: 1a:9d:8a:1d:66:ee:fb:7e:77:a6:24:2a:58:18:49:85:ce:1a: 79:e0:de:06:0b:9f:52:b6:50:a4:8e:80:c7:29:df:43:ef:71: 02:d1:e8:c5:e8:f2:97:ec:f0:ad:ff:6e:b5:09:96:dd:0f:42: 67:f2:4f:b3:f5:16:21:cf:4c:13:f2:cf:c4:c5:24:54:02:eb: e3:39:24:43:04:d0:12:8c:09:2a:07:c7:00:57:69:5a:8d:29: 3f:2f:6e:76:75:43:77:69:1b:85:70:9a:b9:d3:f0:f4:b4:92: df:2b:bb:65:f7:50:45:2b:78:4f:f9:74:8f:e2:b9:ac:ad:93: 70:11:64:d6:cd:9f:65:9d:32:8d:95:23:5e:be:d9:56:a1:9e: fe:71:71:46:37:8f:82:50:c2:b9:88:f0:79:13:8b:69:a0:07: 03:68:35:02:71:ca:fd:ad:89:1b:22:88:0d:73:ce:7c:d7:58: cb:fe:de:4e:a9:dc:8f:1b:98:6e:92:5c:d6:3e:8b:e8:ca:85: bd:7f:7b:fb -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt4NERdt9YSBNQ/LPvmw9xxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5 M2NiZWEwHhcNMjYwMTAxMDYxNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MmM0ZjA4OWMxZjViNGVjOWQyOTdjMjI4ZTFkY2QyODgwMDUyZDJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGY9QG2VoOepGT2DiMW+U6EtE2f2 Z5+vx/attwP3+uaR6Z775EectVMZR7YzB24ke8n1vPgHeteB3cpGNcGUbwyPxc0g cOLUOFjfla0Rm50DQY2FPHiitzvUigCTwv+c2yJaAFy12eRcD6xqlGd0/WMD4Bkf FlT7VpEjgBoS/C2XiTAmzBJEwvCAspw/Jw/cTHlzNMQRCwO7LAp5tEMzKfApXB9I /n6MMe9vGexieqO5BF1nzd+7FgjbE58aTL1WQ05O3P1FADS+C88vUC/MJJBC8ws+ Fqc11XqXUvLMuwIFZOT5dkiUjXvJsOMjdeifYUvTmgtDgUKH3t53vmdslQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFGLE8InB9bTsnSl8Io4dzSiABS0tMB8GA1UdIwQY MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt ZGJmOWQ0MWYxNzk4LzEvWXNUd2ljSDF0T3lkS1h3aWpoM05LSUFGTFMwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4 LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwWjGMA8E AgACMAkDBwAqAIdA8AIwDQYJKoZIhvcNAQELBQADggEBAHup0GJDo6guvuV+Ua1f ED/+ifR7hxIfpU1H3/csK/QDfTus5xv5P4cEvtNwTaoF8qynBBKV/Rqdih1m7vt+ d6YkKlgYSYXOGnng3gYLn1K2UKSOgMcp30PvcQLR6MXo8pfs8K3/brUJlt0PQmfy T7P1FiHPTBPyz8TFJFQC6+M5JEME0BKMCSoHxwBXaVqNKT8vbnZ1Q3dpG4VwmrnT 8PS0kt8ru2X3UEUreE/5dI/iuaytk3ARZNbNn2WdMo2VI16+2Vahnv5xcUY3j4JQ wrmI8HkTi2mgBwNoNQJxyv2tiRsiiA1zznzXWMv+3k6p3I8bmG6SXNY+i+jKhb1/ e/s= -----END CERTIFICATE-----Generated at Mon Jan 26 03:04:39 2026 by rpki-client