This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HyKHKsnuXquDbN5cvqnPCVBzPtA.roa File: HyKHKsnuXquDbN5cvqnPCVBzPtA.roa (raw, json) Hash identifier: NYZl0EAgGQtMwxRuBNlUUoCIdz3utAB55MgQRGp5oAA= Subject key identifier: 1F:22:87:2A:C9:EE:5E:AB:83:6C:DE:5C:BE:A9:CF:09:50:73:3E:D0 Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Certificate serial: 019B7C135EEBC5B08236DFF314C23AAA7F6E Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HyKHKsnuXquDbN5cvqnPCVBzPtA.roa Signing time: Fri 02 Jan 2026 00:20:02 +0000 ROA not before: Fri 02 Jan 2026 00:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 834 IP address blocks: 45.90.16.0/24 maxlen: 24 45.90.17.0/24 maxlen: 24 45.131.134.0/24 maxlen: 24 185.108.204.0/24 maxlen: 24 185.126.82.0/24 maxlen: 24 185.199.54.0/24 maxlen: 24 185.199.158.0/24 maxlen: 24 185.199.159.0/24 maxlen: 24 185.206.251.0/24 maxlen: 24 185.209.38.0/24 maxlen: 24 185.209.73.0/24 maxlen: 24 185.209.74.0/24 maxlen: 24 185.209.75.0/24 maxlen: 24 185.210.233.0/24 maxlen: 24 185.210.235.0/24 maxlen: 24 185.214.108.0/24 maxlen: 24 185.218.20.0/24 maxlen: 24 185.218.101.0/24 maxlen: 24 185.220.248.0/24 maxlen: 24 185.220.249.0/24 maxlen: 24 185.220.250.0/23 maxlen: 24 185.221.20.0/24 maxlen: 24 185.222.28.0/24 maxlen: 24 185.222.29.0/24 maxlen: 24 185.223.80.0/24 maxlen: 24 185.223.155.0/24 maxlen: 24 185.225.0.0/23 maxlen: 23 185.225.1.0/24 maxlen: 24 185.225.2.0/24 maxlen: 24 185.225.3.0/24 maxlen: 24 185.226.104.0/24 maxlen: 24 185.226.105.0/24 maxlen: 24 185.226.107.0/24 maxlen: 24 185.227.144.0/24 maxlen: 24 185.227.146.0/23 maxlen: 24 185.227.147.0/24 maxlen: 24 185.228.72.0/24 maxlen: 24 185.228.75.0/24 maxlen: 24 185.232.206.0/24 maxlen: 24 185.234.22.0/24 maxlen: 24 185.246.112.0/24 maxlen: 24 193.8.112.0/23 maxlen: 24 193.8.112.0/24 maxlen: 24 193.8.114.0/24 maxlen: 24 193.58.144.0/24 maxlen: 24 193.58.146.0/23 maxlen: 24 193.58.146.0/24 maxlen: 24 194.5.67.0/24 maxlen: 24 194.76.169.0/24 maxlen: 24 194.76.172.0/24 maxlen: 24 194.124.69.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:40:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:5e:eb:c5:b0:82:36:df:f3:14:c2:3a:aa:7f:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Validity Not Before: Jan 2 00:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1f22872ac9ee5eab836cde5cbea9cf0950733ed0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:f0:71:02:dc:67:f0:d5:9a:42:0b:af:e4:ad: 9a:74:b9:44:73:22:14:1a:8d:fb:1c:0a:6b:40:32: 65:46:6b:e9:bf:7b:28:7a:cf:48:77:43:5b:08:80: 92:15:7c:cb:d5:5a:27:1e:47:c0:b0:e1:e6:9f:14: ab:d3:14:30:ea:c4:a5:91:19:b6:f5:22:da:86:e1: ce:27:84:c2:49:72:dc:83:36:66:34:a6:f7:5f:ad: 42:a3:13:c7:09:a9:d0:8d:50:7c:dc:dd:d9:11:8f: 80:d0:1c:e4:9d:99:3a:6b:05:48:98:c0:01:4b:8b: 29:52:dc:df:f9:77:55:ee:15:2e:fd:c6:d3:89:e6: 00:e8:9e:7f:f8:6c:88:01:a3:a1:c7:bb:3f:8a:1f: 13:f1:b3:2d:86:98:76:e6:59:15:b5:e0:a3:1a:0e: a6:f8:62:10:b1:d2:4e:bc:99:de:3a:36:67:4b:8a: 26:68:56:2b:6b:0e:76:29:82:ec:90:71:bd:e3:70: ba:17:a2:23:43:c1:78:11:6f:1e:5b:bb:88:0c:e7: 9f:80:2e:65:52:2c:5c:77:17:0a:3e:08:cc:84:15: fa:97:85:d2:b2:ea:1f:46:b5:31:26:0f:4d:3c:de: d3:24:7e:60:be:05:12:79:e4:95:8f:88:39:ed:aa: 3c:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:22:87:2A:C9:EE:5E:AB:83:6C:DE:5C:BE:A9:CF:09:50:73:3E:D0 X509v3 Authority Key Identifier: keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/HyKHKsnuXquDbN5cvqnPCVBzPtA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.90.16.0/23 45.131.134.0/24 185.108.204.0/24 185.126.82.0/24 185.199.54.0/24 185.199.158.0/23 185.206.251.0/24 185.209.38.0/24 185.209.73.0-185.209.75.255 185.210.233.0/24 185.210.235.0/24 185.214.108.0/24 185.218.20.0/24 185.218.101.0/24 185.220.248.0/22 185.221.20.0/24 185.222.28.0/23 185.223.80.0/24 185.223.155.0/24 185.225.0.0/22 185.226.104.0/23 185.226.107.0/24 185.227.144.0/24 185.227.146.0/23 185.228.72.0/24 185.228.75.0/24 185.232.206.0/24 185.234.22.0/24 185.246.112.0/24 193.8.112.0-193.8.114.255 193.58.144.0/24 193.58.146.0/23 194.5.67.0/24 194.76.169.0/24 194.76.172.0/24 194.124.69.0/24 Signature Algorithm: sha256WithRSAEncryption 75:10:40:a3:e7:c1:bf:81:3e:a4:a6:c1:d9:15:47:70:bf:e3: 22:31:a8:b4:62:c2:48:77:7a:c5:6c:49:62:ca:fc:d2:29:ee: 1c:b8:8d:b9:58:9f:5f:0b:2a:45:a9:d0:d6:04:22:d0:4c:ab: bf:46:f9:f6:31:8f:fe:7d:d0:58:c2:bf:47:cd:0c:06:ea:bc: 76:35:70:75:61:2e:7e:dd:7b:76:18:19:5c:51:1c:f0:6a:0e: 0d:23:7f:5a:d3:07:b2:49:60:b4:fc:a3:af:39:56:85:eb:46: a7:59:05:cd:41:d7:f0:05:0b:b5:f7:76:e8:03:22:77:00:c3: b7:e4:e6:28:d5:da:c4:2d:d8:12:69:38:85:d8:0f:ce:d0:f0: a0:49:df:db:64:77:88:78:e4:58:2e:7b:1b:0b:c8:d6:85:fe: 62:6d:ad:11:e9:7c:0c:84:e6:bf:67:6b:f8:c3:31:e0:f0:21: 72:b3:b6:24:78:da:1e:d8:9a:d1:cd:a6:20:9f:91:dc:6b:45: 08:87:6d:25:1d:57:8e:2e:4c:2b:c8:d7:ff:38:da:e4:78:bf: ae:ab:b5:ad:27:da:d3:f4:9e:85:5d:d8:e7:8e:2e:dd:fc:c5: 7c:cd:21:ad:2e:6d:8a:5f:31:95:25:c4:6c:5a:32:19:be:79: e3:20:8e:32 -----BEGIN CERTIFICATE----- MIIF5TCCBM2gAwIBAgISAZt8E17rxbCCNt/zFMI6qn9uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx MTRjYWYwHhcNMjYwMTAyMDAyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxZjIyODcyYWM5ZWU1ZWFiODM2Y2RlNWNiZWE5Y2YwOTUwNzMzZWQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/BxAtxn8NWaQguv5K2adLlEcyIU Go37HAprQDJlRmvpv3soes9Id0NbCICSFXzL1VonHkfAsOHmnxSr0xQw6sSlkRm2 9SLahuHOJ4TCSXLcgzZmNKb3X61CoxPHCanQjVB83N3ZEY+A0BzknZk6awVImMAB S4spUtzf+XdV7hUu/cbTieYA6J5/+GyIAaOhx7s/ih8T8bMthph25lkVteCjGg6m +GIQsdJOvJneOjZnS4omaFYraw52KYLskHG943C6F6IjQ8F4EW8eW7uIDOefgC5l UixcdxcKPgjMhBX6l4XSsuofRrUxJg9NPN7TJH5gvgUSeeSVj4g57ao8uwIDAQAB o4IC8TCCAu0wHQYDVR0OBBYEFB8ihyrJ7l6rg2zeXL6pzwlQcz7QMB8GA1UdIwQY MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt YjQzNDJiYTkxYWJjLzEvSHlLSEtzbnVYcXVEYk41Y3ZxblBDVkJ6UHRBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBBQYIKwYBBQUHAQcBAf8EgfUwgfIwge8EAgABMIHoAwQB LVoQAwQALYOGAwQAuWzMAwQAuX5SAwQAucc2AwQBuceeAwQAuc77AwQAudEmMAwD BAC50UkDBAK50UgDBAC50ukDBAC50usDBAC51mwDBAC52hQDBAC52mUDBAK53PgD BAC53RQDBAG53hwDBAC531ADBAC535sDBAK54QADBAG54mgDBAC54msDBAC545AD BAG545IDBAC55EgDBAC55EsDBAC56M4DBAC56hYDBAC59nAwDAMEBMEIcAMEAMEI cgMEAME6kAMEAcE6kgMEAMIFQwMEAMJMqQMEAMJMrAMEAMJ8RTANBgkqhkiG9w0B AQsFAAOCAQEAdRBAo+fBv4E+pKbB2RVHcL/jIjGotGLCSHd6xWxJYsr80inuHLiN uVifXwsqRanQ1gQi0Eyrv0b59jGP/n3QWMK/R80MBuq8djVwdWEuft17dhgZXFEc 8GoODSN/WtMHsklgtPyjrzlWhetGp1kFzUHX8AULtfd26AMidwDDt+TmKNXaxC3Y Emk4hdgPztDwoEnf22R3iHjkWC57GwvI1oX+Ym2tEel8DITmv2dr+MMx4PAhcrO2 JHjaHtia0c2mIJ+R3GtFCIdtJR1Xji5MK8jX/zja5Hi/rqu1rSfa0/SehV3Y544u 3fzFfM0hrS5til8xlSXEbFoyGb554yCOMg== -----END CERTIFICATE-----Generated at Fri Jan 2 23:48:16 2026 by rpki-client