This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/ybGOVfya0JJH14IWQC-d-Y3nVIw.roa File: ybGOVfya0JJH14IWQC-d-Y3nVIw.roa (raw, json) Hash identifier: t0pVqgHknRDwOdfYkcVxATIE3U9MoB5xTK9HaX4a6b4= Subject key identifier: C9:B1:8E:55:FC:9A:D0:92:47:D7:82:16:40:2F:9D:F9:8D:E7:54:8C Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51 Certificate serial: 019B77C67D4A1483474A32BE2C9D1DBB99D2 Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/ybGOVfya0JJH14IWQC-d-Y3nVIw.roa Signing time: Thu 01 Jan 2026 04:17:35 +0000 ROA not before: Thu 01 Jan 2026 04:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7018 IP address blocks: 5.249.176.0/22 maxlen: 24 5.249.184.0/22 maxlen: 24 37.19.64.0/22 maxlen: 24 37.19.68.0/22 maxlen: 24 185.145.52.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.mft rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 03:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:7d:4a:14:83:47:4a:32:be:2c:9d:1d:bb:99:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51 Validity Not Before: Jan 1 04:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c9b18e55fc9ad09247d78216402f9df98de7548c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:9b:c3:9c:45:a7:b1:8c:85:7a:25:5d:6d:ac: 73:14:77:ba:a8:db:cd:b1:b1:8a:fa:1b:5b:64:95: fc:a1:25:26:70:6c:b4:d3:fe:93:79:9a:2a:a0:55: af:3a:ac:98:23:e7:7d:d8:82:55:e4:33:1d:80:e4: 54:67:19:3e:50:e1:c2:5d:3c:7d:8c:8c:f2:2e:25: 12:c2:a4:e9:c4:13:f8:94:80:da:40:83:16:d3:a4: d6:d7:9b:29:a2:43:c8:77:62:13:ce:b0:a8:77:68: 61:bd:03:a4:b0:1e:4c:7f:35:ad:96:7e:3f:7c:de: cc:8a:1d:8d:a4:48:52:ce:86:2d:3c:5b:b5:8d:cf: 2b:d2:fc:29:4c:a0:38:90:06:9b:fb:9d:f6:c5:62: 18:d4:9b:a1:26:c2:d6:14:d0:99:da:30:b2:18:b5: 53:1a:2e:64:da:4a:ef:09:da:25:77:34:d7:c9:23: d2:cc:5c:1e:7c:11:52:68:c3:6c:35:b1:90:ac:b0: 87:95:8e:cc:53:1f:bd:b7:1f:87:a2:93:01:ab:04: 18:4c:6b:7a:05:c8:27:66:9b:45:cd:51:73:55:13: 71:a8:db:01:a7:18:12:74:5b:c9:61:0c:e7:ef:5a: 6f:74:8d:22:b8:af:8e:5d:ed:03:6b:45:ca:ed:9b: 39:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:B1:8E:55:FC:9A:D0:92:47:D7:82:16:40:2F:9D:F9:8D:E7:54:8C X509v3 Authority Key Identifier: keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/ybGOVfya0JJH14IWQC-d-Y3nVIw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.249.176.0/22 5.249.184.0/22 37.19.64.0/21 185.145.52.0/24 Signature Algorithm: sha256WithRSAEncryption 89:54:9e:d9:1e:b2:c4:aa:24:61:fc:cd:eb:b3:ae:72:11:29: 62:db:9f:39:34:6b:cb:e3:7e:f8:df:ca:dc:a6:0a:eb:cc:11: 1c:3e:38:f9:36:cf:5f:4a:11:05:5d:87:09:7e:da:dc:d5:13: 38:07:af:6a:10:50:07:48:ad:09:21:8b:14:f7:93:67:c2:ad: 47:b8:98:a3:64:a8:95:f8:9f:58:62:a0:20:5f:fd:cf:6b:7c: 7b:96:7a:18:a6:0e:fe:8e:2e:ce:ff:bd:f2:1f:bc:27:a6:45: 48:6f:19:97:e8:e1:bb:62:a6:b1:49:60:d4:07:34:9e:d1:da: 7e:36:df:70:c5:91:23:17:63:aa:9e:b4:12:a0:94:63:98:a5: c3:44:b9:60:b2:38:4f:d2:dd:2a:c5:82:49:b5:c6:e1:69:6f: 32:9a:79:ca:3a:7e:2c:6a:24:60:aa:31:96:29:fe:6d:69:45: d6:49:c3:a4:ba:9f:ca:5d:5f:f6:12:ed:3b:bc:02:68:e9:d3: 6f:dd:65:ab:a9:06:bd:a1:04:2f:62:8a:6f:7b:38:68:04:15: 9d:ad:f3:08:02:8c:52:8a:0c:7b:e1:9c:bd:94:da:03:2c:30: 2c:2d:1f:58:96:bc:af:53:af:0b:56:e4:86:82:38:21:7a:9d: 89:99:b7:0d -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt3xn1KFINHSjK+LJ0du5nSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk NmNlNTEwHhcNMjYwMTAxMDQxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjOWIxOGU1NWZjOWFkMDkyNDdkNzgyMTY0MDJmOWRmOThkZTc1NDhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZvDnEWnsYyFeiVdbaxzFHe6qNvN sbGK+htbZJX8oSUmcGy00/6TeZoqoFWvOqyYI+d92IJV5DMdgORUZxk+UOHCXTx9 jIzyLiUSwqTpxBP4lIDaQIMW06TW15spokPId2ITzrCod2hhvQOksB5MfzWtln4/ fN7Mih2NpEhSzoYtPFu1jc8r0vwpTKA4kAab+532xWIY1JuhJsLWFNCZ2jCyGLVT Gi5k2krvCdoldzTXySPSzFwefBFSaMNsNbGQrLCHlY7MUx+9tx+HopMBqwQYTGt6 BcgnZptFzVFzVRNxqNsBpxgSdFvJYQzn71pvdI0iuK+OXe0Da0XK7Zs5RwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFMmxjlX8mtCSR9eCFkAvnfmN51SMMB8GA1UdIwQY MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt ZGY2NGYwZTgyMzYwLzEveWJHT1ZmeWEwSkpIMTRJV1FDLWQtWTNuVkl3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBfmwAwQC Bfm4AwQDJRNAAwQAuZE0MA0GCSqGSIb3DQEBCwUAA4IBAQCJVJ7ZHrLEqiRh/M3r s65yESli2585NGvL437438rcpgrrzBEcPjj5Ns9fShEFXYcJftrc1RM4B69qEFAH SK0JIYsU95Nnwq1HuJijZKiV+J9YYqAgX/3Pa3x7lnoYpg7+ji7O/73yH7wnpkVI bxmX6OG7YqaxSWDUBzSe0dp+Nt9wxZEjF2OqnrQSoJRjmKXDRLlgsjhP0t0qxYJJ tcbhaW8ymnnKOn4saiRgqjGWKf5taUXWScOkup/KXV/2Eu07vAJo6dNv3WWrqQa9 oQQvYopvezhoBBWdrfMIAoxSigx74Zy9lNoDLDAsLR9YlryvU68LVuSGgjghep2J mbcN -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:24 2026 by rpki-client