This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ykMOxNfjS-vqAEial74o856O6c0.roa File: ykMOxNfjS-vqAEial74o856O6c0.roa (raw, json) Hash identifier: VC7AcuplTftdX1hkRufVprbTyDIhwpVO8tWKCFEqnPw= Subject key identifier: CA:43:0E:C4:D7:E3:4B:EB:EA:00:48:9A:97:BE:28:F3:9E:8E:E9:CD Certificate issuer: /CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1 Certificate serial: 019B78A30A581B3E9EEE8FA374A8F1B4B7D4 Authority key identifier: BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ykMOxNfjS-vqAEial74o856O6c0.roa Signing time: Thu 01 Jan 2026 08:18:29 +0000 ROA not before: Thu 01 Jan 2026 08:18:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20904 IP address blocks: 5.61.94.0/24 maxlen: 24 37.35.80.0/21 maxlen: 24 46.254.208.0/22 maxlen: 22 46.254.208.0/24 maxlen: 24 46.254.210.0/24 maxlen: 24 46.254.211.0/24 maxlen: 24 77.95.242.0/24 maxlen: 24 77.95.245.0/24 maxlen: 24 77.95.246.0/23 maxlen: 23 80.75.96.0/20 maxlen: 20 80.75.106.0/24 maxlen: 24 93.174.192.0/21 maxlen: 22 149.126.176.0/21 maxlen: 21 185.16.168.0/22 maxlen: 22 185.25.76.0/22 maxlen: 24 185.67.80.0/22 maxlen: 22 188.64.0.0/21 maxlen: 21 2a00:1a58::/32 maxlen: 32 2a00:74a0::/32 maxlen: 32 2a04:240::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.mft rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:0a:58:1b:3e:9e:ee:8f:a3:74:a8:f1:b4:b7:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba31bcf923c5f25cafbdabdfdd46e511f95df0d1 Validity Not Before: Jan 1 08:18:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ca430ec4d7e34bebea00489a97be28f39e8ee9cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:44:f1:6b:81:74:83:21:b0:71:90:85:4c:4b: 33:53:8a:89:ae:f4:7c:ff:48:6f:d1:50:2a:82:8e: 07:0c:a7:e0:c2:63:bf:35:2e:98:2f:65:26:61:3c: 62:14:42:a8:74:3c:d5:70:1c:7a:69:3d:88:29:83: 92:79:a0:7b:29:e7:24:a3:e4:26:76:50:6c:75:2d: 73:ea:4f:75:1c:dd:1f:4e:9a:12:ae:56:1f:49:60: d1:c1:05:44:03:6d:e1:3f:df:41:c8:71:ee:4e:c7: 62:91:82:e8:9f:af:bb:95:b5:95:4e:69:2a:7a:63: ba:b3:a4:d4:49:14:35:a7:56:a1:b2:c0:1c:17:f8: a1:ce:86:7d:0d:c0:34:01:08:49:bc:34:cd:29:03: c9:0d:6f:c9:3d:24:5d:0e:13:a6:d3:97:ae:9b:f5: 84:ef:9c:7c:f0:5c:97:0e:fd:1e:de:15:9f:32:e1: 78:a5:b0:1b:1c:6d:29:00:bd:24:84:63:8a:5d:49: 1b:5f:dd:cb:17:34:e2:50:7e:f6:01:95:0e:e7:62: 09:54:b0:19:16:30:50:72:a6:f2:d6:ae:8f:ff:85: 2c:0e:1f:5d:2b:53:27:28:ff:51:1f:b1:d5:b8:82: 57:15:04:47:a0:85:62:96:88:99:6a:c2:4b:e5:e8: b5:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:43:0E:C4:D7:E3:4B:EB:EA:00:48:9A:97:BE:28:F3:9E:8E:E9:CD X509v3 Authority Key Identifier: keyid:BA:31:BC:F9:23:C5:F2:5C:AF:BD:AB:DF:DD:46:E5:11:F9:5D:F0:D1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ujG8-SPF8lyvvavf3UblEfld8NE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ykMOxNfjS-vqAEial74o856O6c0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/76a7f1-748d-406c-a51f-1ba343f17ec2/1/ujG8-SPF8lyvvavf3UblEfld8NE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.61.94.0/24 37.35.80.0/21 46.254.208.0/22 77.95.242.0/24 77.95.245.0-77.95.247.255 80.75.96.0/20 93.174.192.0/21 149.126.176.0/21 185.16.168.0/22 185.25.76.0/22 185.67.80.0/22 188.64.0.0/21 IPv6: 2a00:1a58::/32 2a00:74a0::/32 2a04:240::/29 Signature Algorithm: sha256WithRSAEncryption 54:76:2a:c5:57:22:01:81:6a:dc:2c:90:35:6e:ea:ef:5a:83: c2:4a:03:1d:c5:4a:a6:42:b7:10:10:8f:84:64:19:99:9e:19: c8:b8:93:91:92:f6:4a:63:7a:43:77:79:5d:2e:1e:cb:c8:94: 81:d8:c0:63:6f:8d:2c:19:1e:9c:e2:8f:97:76:24:2a:d8:c5: fd:ba:bb:be:81:be:0d:a7:19:0b:1a:f5:d6:9a:23:5a:bf:8d: 8a:1b:ee:7d:d5:53:0c:4f:5e:5b:10:4a:f9:0a:5b:3d:f6:99: e1:be:42:00:87:be:b2:ae:76:e2:c8:ed:28:5b:33:cf:de:40: 9e:a9:ac:d6:2a:79:e2:ee:21:4f:7e:6f:40:70:b5:ad:b7:9a: 69:ee:0d:1d:5f:89:a3:a9:10:52:c4:70:ad:94:f2:38:8a:a1: 3b:db:1d:aa:a2:7e:14:23:9b:5c:18:28:1f:e1:0a:5d:e5:e3: 83:34:e8:4c:dd:d7:3b:be:f5:46:1e:dc:63:c1:ee:9b:4c:54: c6:43:1b:12:60:92:3d:5e:6a:58:8f:1e:88:7d:08:08:46:4a: 5d:5a:8a:5b:3a:7c:ef:11:42:f1:3b:c5:2e:f3:fd:a3:71:42: 80:f7:6b:07:86:fe:f3:75:ee:04:cd:60:e6:ff:b4:47:fa:6f: ae:3a:09:0c -----BEGIN CERTIFICATE----- MIIFZTCCBE2gAwIBAgISAZt4owpYGz6e7o+jdKjxtLfUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhMzFiY2Y5MjNjNWYyNWNhZmJkYWJkZmRkNDZlNTExZjk1 ZGYwZDEwHhcNMjYwMTAxMDgxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYTQzMGVjNGQ3ZTM0YmViZWEwMDQ4OWE5N2JlMjhmMzllOGVlOWNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkTxa4F0gyGwcZCFTEszU4qJrvR8 /0hv0VAqgo4HDKfgwmO/NS6YL2UmYTxiFEKodDzVcBx6aT2IKYOSeaB7Kecko+Qm dlBsdS1z6k91HN0fTpoSrlYfSWDRwQVEA23hP99ByHHuTsdikYLon6+7lbWVTmkq emO6s6TUSRQ1p1ahssAcF/ihzoZ9DcA0AQhJvDTNKQPJDW/JPSRdDhOm05eum/WE 75x88FyXDv0e3hWfMuF4pbAbHG0pAL0khGOKXUkbX93LFzTiUH72AZUO52IJVLAZ FjBQcqby1q6P/4UsDh9dK1MnKP9RH7HVuIJXFQRHoIViloiZasJL5ei1IQIDAQAB o4ICcTCCAm0wHQYDVR0OBBYEFMpDDsTX40vr6gBImpe+KPOejunNMB8GA1UdIwQY MBaAFLoxvPkjxfJcr72r391G5RH5XfDRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYt MWJhMzQzZjE3ZWMyLzEveWtNT3hOZmpTLXZxQUVpYWw3NG84NTZPNmMwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi83NmE3ZjEtNzQ4ZC00MDZjLWE1MWYtMWJhMzQzZjE3ZWMy LzEvdWpHOC1TUEY4bHl2dmF2ZjNVYmxFZmxkOE5FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwVgQCAAEwUAMEAAU9XgME AyUjUAMEAi7+0AMEAE1f8jAMAwQATV/1AwQDTV/wAwQEUEtgAwQDXa7AAwQDlX6w AwQCuRCoAwQCuRlMAwQCuUNQAwQDvEAAMBsEAgACMBUDBQAqABpYAwUAKgB0oAMF AyoEAkAwDQYJKoZIhvcNAQELBQADggEBAFR2KsVXIgGBatwskDVu6u9ag8JKAx3F SqZCtxAQj4RkGZmeGci4k5GS9kpjekN3eV0uHsvIlIHYwGNvjSwZHpzij5d2JCrY xf26u76Bvg2nGQsa9daaI1q/jYob7n3VUwxPXlsQSvkKWz32meG+QgCHvrKuduLI 7ShbM8/eQJ6prNYqeeLuIU9+b0Bwta23mmnuDR1fiaOpEFLEcK2U8jiKoTvbHaqi fhQjm1wYKB/hCl3l44M06Ezd1zu+9UYe3GPB7ptMVMZDGxJgkj1ealiPHoh9CAhG Sl1ails6fO8RQvE7xS7z/aNxQoD3aweG/vN17gTNYOb/tEf6b646CQw= -----END CERTIFICATE-----Generated at Tue Feb 10 05:47:59 2026 by rpki-client