This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yk7iChWsGNDvyn-dwFACg30GPL0.roa File: yk7iChWsGNDvyn-dwFACg30GPL0.roa (raw, json) Hash identifier: JRoohQXpL9qJ1VNkDuIde8Sn+IjqBsC+/Oc4EyHIe98= Subject key identifier: CA:4E:E2:0A:15:AC:18:D0:EF:CA:7F:9D:C0:50:02:83:7D:06:3C:BD Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Certificate serial: 019B7C1365105A56211E39323E63D05777CA Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yk7iChWsGNDvyn-dwFACg30GPL0.roa Signing time: Fri 02 Jan 2026 00:20:04 +0000 ROA not before: Fri 02 Jan 2026 00:20:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20473 IP address blocks: 185.209.38.0/24 maxlen: 24 185.209.73.0/24 maxlen: 24 185.210.233.0/24 maxlen: 24 185.222.30.0/24 maxlen: 24 194.5.67.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 19:40:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:65:10:5a:56:21:1e:39:32:3e:63:d0:57:77:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf Validity Not Before: Jan 2 00:20:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ca4ee20a15ac18d0efca7f9dc05002837d063cbd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:eb:87:4b:db:10:27:84:fa:91:55:4b:6f:cc: 03:31:07:dd:8a:d7:4d:9f:b2:56:7f:81:f6:b6:31: 3e:94:45:2d:9a:20:85:ac:28:ef:7c:25:b2:d4:37: c4:a0:ed:2d:e7:bc:e6:8b:a3:0f:37:52:97:fa:61: a0:d8:8e:da:82:28:fe:24:de:c0:64:40:9a:3c:6e: 7f:55:c6:8f:e3:70:89:0c:6f:d0:f4:66:1c:c0:47: bb:0a:8d:6c:b8:55:5c:4a:f8:dd:c7:11:4b:23:e8: 41:35:49:01:bd:ff:08:8d:bf:be:7c:8d:6b:eb:31: a3:e2:65:86:19:fd:86:b3:49:e5:31:f6:49:62:dd: 09:f6:e4:6b:c6:f3:b2:e6:55:57:64:e1:dc:8e:01: ba:ef:d6:7c:e2:9f:9c:b7:e7:5f:72:d7:78:6a:11: 13:48:3e:ec:e6:70:5c:72:c0:ff:b0:66:eb:21:12: 20:61:80:ad:06:2b:38:a0:39:7e:4b:40:11:6d:72: 05:39:19:dd:8e:2b:8b:2b:20:18:e0:78:fe:0b:10: 55:b6:a4:9c:bc:21:a0:37:f5:dc:bf:6f:08:b4:40: 8c:f4:de:ee:75:7e:0f:95:f9:a4:e4:bf:49:eb:4a: f9:9f:64:6f:54:33:11:50:b3:b9:3a:74:90:04:da: 73:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:4E:E2:0A:15:AC:18:D0:EF:CA:7F:9D:C0:50:02:83:7D:06:3C:BD X509v3 Authority Key Identifier: keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/yk7iChWsGNDvyn-dwFACg30GPL0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.209.38.0/24 185.209.73.0/24 185.210.233.0/24 185.222.30.0/24 194.5.67.0/24 Signature Algorithm: sha256WithRSAEncryption a7:6c:0c:20:5b:60:19:c6:c9:05:30:d1:69:1f:66:c3:7b:e7: d8:50:c4:81:d7:23:8f:0f:ed:c9:94:a8:6d:cf:fb:cc:75:b6: 29:d0:67:a9:d4:a1:f6:04:61:2b:33:05:82:94:e5:34:49:66: 3c:e3:d9:df:b0:29:34:5f:5e:fd:1b:4c:2b:a7:ee:4a:34:d8: 91:5e:68:9a:12:b3:3d:c7:f2:3c:6c:6c:3d:19:8f:8d:62:cc: d1:45:c1:e6:2d:b6:83:27:84:1e:83:61:4c:76:f8:af:a9:41: be:f7:04:7f:d1:89:74:49:4b:ee:04:51:f9:a4:de:68:c9:be: 6f:c5:6e:37:70:ae:84:2d:c0:81:ba:9e:02:eb:02:1b:6f:77: 4a:aa:3c:d0:2b:f5:af:d4:1a:11:67:e6:59:14:d3:0f:1f:79: 70:66:85:67:ab:81:0b:22:fa:19:79:70:4a:c9:cc:00:10:65: 6c:e6:84:88:cf:ad:6d:a1:ef:34:11:bf:2c:af:53:68:3c:66: ea:1f:e4:ed:6d:db:3b:2f:30:a3:ce:00:c5:3a:8d:fa:f6:17: 70:fa:2a:d0:e4:f8:f1:92:8a:53:0c:af:d0:2f:d7:26:d5:e6: 0d:d0:14:6b:a4:9d:d6:01:66:65:3e:f8:2d:f4:13:4a:bd:a3: 73:c1:dd:16 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt8E2UQWlYhHjkyPmPQV3fKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx MTRjYWYwHhcNMjYwMTAyMDAyMDA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYTRlZTIwYTE1YWMxOGQwZWZjYTdmOWRjMDUwMDI4MzdkMDYzY2JkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOuHS9sQJ4T6kVVLb8wDMQfditdN n7JWf4H2tjE+lEUtmiCFrCjvfCWy1DfEoO0t57zmi6MPN1KX+mGg2I7agij+JN7A ZECaPG5/VcaP43CJDG/Q9GYcwEe7Co1suFVcSvjdxxFLI+hBNUkBvf8Ijb++fI1r 6zGj4mWGGf2Gs0nlMfZJYt0J9uRrxvOy5lVXZOHcjgG679Z84p+ct+dfctd4ahET SD7s5nBccsD/sGbrIRIgYYCtBis4oDl+S0ARbXIFORndjiuLKyAY4Hj+CxBVtqSc vCGgN/Xcv28ItECM9N7udX4Plfmk5L9J60r5n2RvVDMRULO5OnSQBNpzowIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFMpO4goVrBjQ78p/ncBQAoN9Bjy9MB8GA1UdIwQY MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt YjQzNDJiYTkxYWJjLzEveWs3aUNoV3NHTkR2eW4tZHdGQUNnMzBHUEwwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAudEmAwQA udFJAwQAudLpAwQAud4eAwQAwgVDMA0GCSqGSIb3DQEBCwUAA4IBAQCnbAwgW2AZ xskFMNFpH2bDe+fYUMSB1yOPD+3JlKhtz/vMdbYp0Gep1KH2BGErMwWClOU0SWY8 49nfsCk0X179G0wrp+5KNNiRXmiaErM9x/I8bGw9GY+NYszRRcHmLbaDJ4Qeg2FM dvivqUG+9wR/0Yl0SUvuBFH5pN5oyb5vxW43cK6ELcCBup4C6wIbb3dKqjzQK/Wv 1BoRZ+ZZFNMPH3lwZoVnq4ELIvoZeXBKycwAEGVs5oSIz61toe80Eb8sr1NoPGbq H+Ttbds7LzCjzgDFOo369hdw+irQ5PjxkopTDK/QL9cm1eYN0BRrpJ3WAWZlPvgt 9BNKvaNzwd0W -----END CERTIFICATE-----Generated at Fri Jan 2 23:47:29 2026 by rpki-client