This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/8YpwJkM4ApxJ79nY1Tn1a81nlqM.roa File: 8YpwJkM4ApxJ79nY1Tn1a81nlqM.roa (raw, json) Hash identifier: tcShowN5n/wg+sXuZ3o0xwGbFl1QoPNhkaf9D8szQoM= Subject key identifier: F1:8A:70:26:43:38:02:9C:49:EF:D9:D8:D5:39:F5:6B:CD:67:96:A3 Certificate issuer: /CN=8166038385b343d55e76b728efe23c0731787668 Certificate serial: 019B7BA4D7558484615B561DE3CA6AB169A4 Authority key identifier: 81:66:03:83:85:B3:43:D5:5E:76:B7:28:EF:E2:3C:07:31:78:76:68 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gWYDg4WzQ9Vedrco7-I8BzF4dmg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/8YpwJkM4ApxJ79nY1Tn1a81nlqM.roa Signing time: Thu 01 Jan 2026 22:19:19 +0000 ROA not before: Thu 01 Jan 2026 22:19:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201825 IP address blocks: 89.17.33.0/24 maxlen: 24 89.17.35.0/24 maxlen: 24 89.17.49.0/24 maxlen: 24 89.17.51.0/24 maxlen: 24 89.17.52.0/22 maxlen: 22 89.17.56.0/21 maxlen: 21 185.62.192.0/22 maxlen: 22 185.127.224.0/22 maxlen: 22 217.15.53.0/24 maxlen: 24 217.15.62.0/23 maxlen: 23 2a04:f240::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/gWYDg4WzQ9Vedrco7-I8BzF4dmg.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/gWYDg4WzQ9Vedrco7-I8BzF4dmg.mft rsync://rpki.ripe.net/repository/DEFAULT/gWYDg4WzQ9Vedrco7-I8BzF4dmg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:d7:55:84:84:61:5b:56:1d:e3:ca:6a:b1:69:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8166038385b343d55e76b728efe23c0731787668 Validity Not Before: Jan 1 22:19:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f18a70264338029c49efd9d8d539f56bcd6796a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d0:c9:31:1f:36:52:a1:e6:a9:f8:e6:5b:33: fb:8c:87:75:85:3e:c0:dc:74:2e:1d:84:f7:17:eb: 2f:8b:e1:f8:b4:06:bf:c3:88:dc:18:bd:50:dd:cb: 73:e6:2f:9d:b0:97:37:d9:27:bd:a3:ee:27:90:e2: 2b:6d:c3:da:1f:d2:d0:ad:fd:f7:31:08:87:90:c4: 39:fb:b4:9d:64:00:8d:b6:20:92:66:c1:c5:b1:f0: 90:ca:57:a1:31:5a:97:22:45:e3:00:47:2c:d7:37: 2f:ae:b2:c7:24:e3:42:96:d4:dd:61:48:0f:34:a0: d8:84:aa:fc:8c:3e:ae:61:04:b6:cd:8e:19:b5:04: 32:c9:50:70:0e:df:8f:5d:75:76:59:87:c6:1c:01: 6b:a1:3b:17:58:2d:7c:9e:cd:0e:b5:41:a4:cb:f6: 13:7a:c6:46:91:37:bc:62:bb:4e:9e:e6:09:2d:8a: 79:40:f8:7d:00:35:bf:7b:d3:9a:f8:04:46:3e:c2: a4:5d:e5:4e:7c:c2:a4:bb:68:e2:8e:f7:84:52:2f: d0:28:90:dd:55:e7:28:bc:53:89:99:7d:bc:c8:d3: 3a:a4:90:3e:e3:26:bf:b5:d7:16:eb:f1:e8:d6:79: 3b:28:53:cb:59:45:fa:ac:ef:88:aa:f1:58:55:a1: ad:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:8A:70:26:43:38:02:9C:49:EF:D9:D8:D5:39:F5:6B:CD:67:96:A3 X509v3 Authority Key Identifier: keyid:81:66:03:83:85:B3:43:D5:5E:76:B7:28:EF:E2:3C:07:31:78:76:68 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gWYDg4WzQ9Vedrco7-I8BzF4dmg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/8YpwJkM4ApxJ79nY1Tn1a81nlqM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/gWYDg4WzQ9Vedrco7-I8BzF4dmg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.17.33.0/24 89.17.35.0/24 89.17.49.0/24 89.17.51.0-89.17.63.255 185.62.192.0/22 185.127.224.0/22 217.15.53.0/24 217.15.62.0/23 IPv6: 2a04:f240::/29 Signature Algorithm: sha256WithRSAEncryption 25:e4:27:78:69:f1:b1:2d:65:46:e6:7b:cc:80:0a:75:67:8e: a4:f7:d0:90:c5:07:76:80:cf:08:d0:c6:a9:b2:a5:7c:05:91: 44:33:6b:ec:99:d1:74:ad:af:37:45:ea:65:a3:00:82:aa:da: 5e:b0:52:24:6e:eb:8f:2b:d3:40:9c:97:06:b7:0f:19:88:dd: 8a:7c:71:09:99:47:9e:fb:48:56:36:1a:f1:cf:cd:12:6f:02: aa:80:68:f1:0c:da:fa:52:39:d1:52:6e:aa:c4:9a:f6:c7:d2: 3b:5f:0c:ec:31:34:c4:9d:36:bf:0e:49:b2:eb:8d:7d:5c:82: c2:3c:3d:71:99:7e:e8:c3:2c:a1:e9:24:9c:e2:cf:2c:02:8c: 6d:cc:c4:7a:47:cc:49:03:44:45:92:5a:73:6b:78:2e:eb:02: e9:21:0a:a6:29:0c:fb:44:cb:0c:20:17:1f:4a:50:5d:91:7e: 96:49:c1:2d:4e:ef:54:97:b2:8c:de:23:1c:56:4d:2b:32:76: 2c:cd:4a:72:88:56:7e:36:51:10:dd:7b:91:fa:de:72:f4:f1: 79:bf:5c:3c:04:17:fd:a5:f9:3c:83:9a:b1:7b:af:f3:fa:3a: 7d:79:98:f4:75:8d:00:48:fe:4a:86:b1:72:25:bd:a9:4b:64: 98:c1:03:8a -----BEGIN CERTIFICATE----- MIIFPjCCBCagAwIBAgISAZt7pNdVhIRhW1Yd48pqsWmkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgxNjYwMzgzODViMzQzZDU1ZTc2YjcyOGVmZTIzYzA3MzE3 ODc2NjgwHhcNMjYwMTAxMjIxOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMThhNzAyNjQzMzgwMjljNDllZmQ5ZDhkNTM5ZjU2YmNkNjc5NmEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtDJMR82UqHmqfjmWzP7jId1hT7A 3HQuHYT3F+svi+H4tAa/w4jcGL1Q3ctz5i+dsJc32Se9o+4nkOIrbcPaH9LQrf33 MQiHkMQ5+7SdZACNtiCSZsHFsfCQylehMVqXIkXjAEcs1zcvrrLHJONCltTdYUgP NKDYhKr8jD6uYQS2zY4ZtQQyyVBwDt+PXXV2WYfGHAFroTsXWC18ns0OtUGky/YT esZGkTe8YrtOnuYJLYp5QPh9ADW/e9Oa+ARGPsKkXeVOfMKku2jijveEUi/QKJDd VecovFOJmX28yNM6pJA+4ya/tdcW6/Ho1nk7KFPLWUX6rO+IqvFYVaGt8wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPGKcCZDOAKcSe/Z2NU59WvNZ5ajMB8GA1UdIwQY MBaAFIFmA4OFs0PVXna3KO/iPAcxeHZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ1dZRGc0V3pROVZlZHJjbzctSThCekY0ZG1nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy80OGNmZDAtMzIzOC00YWFmLWI2NjMt NDM3M2I2NTc5MGI4LzEvOFlwd0prTTRBcHhKNzluWTFUbjFhODFubHFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy80OGNmZDAtMzIzOC00YWFmLWI2NjMtNDM3M2I2NTc5MGI4 LzEvZ1dZRGc0V3pROVZlZHJjbzctSThCekY0ZG1nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQAWREhAwQA WREjAwQAWRExMAwDBABZETMDBAZZEQADBAK5PsADBAK5f+ADBADZDzUDBAHZDz4w DQQCAAIwBwMFAyoE8kAwDQYJKoZIhvcNAQELBQADggEBACXkJ3hp8bEtZUbme8yA CnVnjqT30JDFB3aAzwjQxqmypXwFkUQza+yZ0XStrzdF6mWjAIKq2l6wUiRu648r 00Cclwa3DxmI3Yp8cQmZR577SFY2GvHPzRJvAqqAaPEM2vpSOdFSbqrEmvbH0jtf DOwxNMSdNr8OSbLrjX1cgsI8PXGZfujDLKHpJJzizywCjG3MxHpHzEkDREWSWnNr eC7rAukhCqYpDPtEywwgFx9KUF2RfpZJwS1O71SXsozeIxxWTSsydizNSnKIVn42 URDde5H63nL08Xm/XDwEF/2l+TyDmrF7r/P6On15mPR1jQBI/kqGsXIlvalLZJjB A4o= -----END CERTIFICATE-----Generated at Mon Jan 26 09:25:00 2026 by rpki-client