This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/yhCwjfMZQm7fd9jkt80pOtuEFGo.roa File: yhCwjfMZQm7fd9jkt80pOtuEFGo.roa (raw, json) Hash identifier: hs2p0KXq3AByfrOTWurPjFi6ySD7XrB1GNNKZ5BnbRc= Subject key identifier: CA:10:B0:8D:F3:19:42:6E:DF:77:D8:E4:B7:CD:29:3A:DB:84:14:6A Certificate issuer: /CN=d3acd2b7b7473af4350ea1aba83d177585ceedad Certificate serial: 019B775892A0D669D2E2FF5D3A1F48CD48BD Authority key identifier: D3:AC:D2:B7:B7:47:3A:F4:35:0E:A1:AB:A8:3D:17:75:85:CE:ED:AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/06zSt7dHOvQ1DqGrqD0XdYXO7a0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/yhCwjfMZQm7fd9jkt80pOtuEFGo.roa Signing time: Thu 01 Jan 2026 02:17:31 +0000 ROA not before: Thu 01 Jan 2026 02:17:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205360 IP address blocks: 185.221.4.0/22 maxlen: 22 2a0b:fec0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/06zSt7dHOvQ1DqGrqD0XdYXO7a0.crl rsync://rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/06zSt7dHOvQ1DqGrqD0XdYXO7a0.mft rsync://rpki.ripe.net/repository/DEFAULT/06zSt7dHOvQ1DqGrqD0XdYXO7a0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:92:a0:d6:69:d2:e2:ff:5d:3a:1f:48:cd:48:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3acd2b7b7473af4350ea1aba83d177585ceedad Validity Not Before: Jan 1 02:17:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ca10b08df319426edf77d8e4b7cd293adb84146a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:9a:76:de:a2:38:e5:b5:a1:16:e4:b5:6e:3c: 29:4c:7c:4e:6a:5d:e8:92:3b:cd:8c:d3:7a:d3:69: 60:7c:04:2f:30:c6:2b:c4:60:af:33:39:1d:bb:a2: 6d:bc:21:e5:24:c7:07:a8:08:d9:b1:e6:78:c9:39: de:31:03:52:ba:b2:9d:82:13:ff:b0:f3:40:86:d0: ae:bd:81:39:99:ea:f2:cf:57:b5:f4:30:76:08:23: 9c:67:d0:4b:c4:1d:b6:60:00:59:4b:a7:09:d3:96: b4:a2:7b:b0:37:d2:d8:55:ac:42:17:57:d0:3e:26: 7f:db:17:37:04:cd:1e:04:b4:7d:1a:73:db:4c:ad: 8d:3e:1b:6e:22:82:93:a2:c2:67:9e:2d:a3:15:0d: 0e:92:64:93:0e:ae:26:3d:9b:9d:ff:01:3f:b9:b1: 96:01:42:48:e2:c3:93:71:21:2e:37:c4:bf:3a:4e: be:1b:3e:03:e2:21:6e:32:b8:96:4e:fa:ef:f5:06: 19:af:30:db:c0:f2:15:ba:95:28:01:b6:a6:2c:6f: da:01:50:4e:fe:3b:59:83:4f:91:24:45:4c:37:f2: 00:44:88:20:93:85:ba:03:40:6d:fc:b9:63:ca:96: 87:8d:ad:7f:4a:4c:dd:88:51:2d:9d:44:10:35:d6: 52:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:10:B0:8D:F3:19:42:6E:DF:77:D8:E4:B7:CD:29:3A:DB:84:14:6A X509v3 Authority Key Identifier: keyid:D3:AC:D2:B7:B7:47:3A:F4:35:0E:A1:AB:A8:3D:17:75:85:CE:ED:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/06zSt7dHOvQ1DqGrqD0XdYXO7a0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/yhCwjfMZQm7fd9jkt80pOtuEFGo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/06zSt7dHOvQ1DqGrqD0XdYXO7a0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.221.4.0/22 IPv6: 2a0b:fec0::/29 Signature Algorithm: sha256WithRSAEncryption 81:41:ae:26:30:43:f9:81:b6:36:11:74:a0:37:70:61:1d:7e: a2:2a:23:be:5b:f0:19:1f:2b:d5:33:02:06:73:5a:d0:fe:4e: 3f:b0:22:e1:72:db:df:0a:68:96:bc:48:55:00:3e:18:5f:68: 62:1f:90:ea:3b:cd:b9:c5:73:b1:8c:48:80:d0:1b:b7:4a:0f: c1:b2:9b:cb:51:78:b0:6b:c4:2c:4f:f6:d7:8a:54:99:00:42: 2d:b7:d2:e8:dc:13:a3:62:f7:09:ab:76:6f:5b:9d:73:ec:f0: 7e:6b:d4:0b:58:fe:13:f7:18:08:b8:37:27:fa:22:1a:e4:31: e7:ff:f5:3e:50:0b:3b:ff:26:35:ad:6d:06:46:ad:2f:80:27: 24:5c:11:40:ac:c6:c4:9a:63:fb:9c:20:65:d2:79:fa:b1:40: ae:ba:16:dc:b4:bc:50:fe:10:fb:a4:0d:07:5f:41:76:34:4d: 73:f0:13:45:77:b7:ce:1f:6f:aa:83:6c:78:68:12:3d:82:ea: 6d:74:10:46:0b:ee:14:fa:81:ee:f4:10:4e:ae:88:97:98:10: 94:af:6e:1c:b3:46:09:77:06:be:51:07:d1:5d:26:4d:c3:8b: 09:5d:c3:9c:85:9d:f7:67:b0:b9:a4:52:c8:88:3f:ca:ef:31: af:6d:f4:cd -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3WJKg1mnS4v9dOh9IzUi9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzYWNkMmI3Yjc0NzNhZjQzNTBlYTFhYmE4M2QxNzc1ODVj ZWVkYWQwHhcNMjYwMTAxMDIxNzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYTEwYjA4ZGYzMTk0MjZlZGY3N2Q4ZTRiN2NkMjkzYWRiODQxNDZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5p23qI45bWhFuS1bjwpTHxOal3o kjvNjNN602lgfAQvMMYrxGCvMzkdu6JtvCHlJMcHqAjZseZ4yTneMQNSurKdghP/ sPNAhtCuvYE5meryz1e19DB2CCOcZ9BLxB22YABZS6cJ05a0onuwN9LYVaxCF1fQ PiZ/2xc3BM0eBLR9GnPbTK2NPhtuIoKTosJnni2jFQ0OkmSTDq4mPZud/wE/ubGW AUJI4sOTcSEuN8S/Ok6+Gz4D4iFuMriWTvrv9QYZrzDbwPIVupUoAbamLG/aAVBO /jtZg0+RJEVMN/IARIggk4W6A0Bt/LljypaHja1/SkzdiFEtnUQQNdZSpQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFMoQsI3zGUJu33fY5LfNKTrbhBRqMB8GA1UdIwQY MBaAFNOs0re3Rzr0NQ6hq6g9F3WFzu2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDZ6U3Q3ZEhPdlExRHFHcnFEMFhkWVhPN2EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80NmMyMGMtZjE2Ni00MDQxLWEwMWIt MGVmZWM2ZWE3N2M2LzEveWhDd2pmTVpRbTdmZDlqa3Q4MHBPdHVFRkdvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNS80NmMyMGMtZjE2Ni00MDQxLWEwMWItMGVmZWM2ZWE3N2M2 LzEvMDZ6U3Q3ZEhPdlExRHFHcnFEMFhkWVhPN2EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud0EMA0E AgACMAcDBQMqC/7AMA0GCSqGSIb3DQEBCwUAA4IBAQCBQa4mMEP5gbY2EXSgN3Bh HX6iKiO+W/AZHyvVMwIGc1rQ/k4/sCLhctvfCmiWvEhVAD4YX2hiH5DqO825xXOx jEiA0Bu3Sg/BspvLUXiwa8QsT/bXilSZAEItt9Lo3BOjYvcJq3ZvW51z7PB+a9QL WP4T9xgIuDcn+iIa5DHn//U+UAs7/yY1rW0GRq0vgCckXBFArMbEmmP7nCBl0nn6 sUCuuhbctLxQ/hD7pA0HX0F2NE1z8BNFd7fOH2+qg2x4aBI9guptdBBGC+4U+oHu 9BBOroiXmBCUr24cs0YJdwa+UQfRXSZNw4sJXcOchZ33Z7C5pFLIiD/K7zGvbfTN -----END CERTIFICATE-----Generated at Mon Feb 9 18:21:37 2026 by rpki-client