This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/YS4KfdF48rW5SEIpeCeYxOP-Du0.roa File: YS4KfdF48rW5SEIpeCeYxOP-Du0.roa (raw, json) Hash identifier: FKGkIDKaHogWgazEiZbFbdSEfBT5S7dX/PkphiCX2e8= Subject key identifier: 61:2E:0A:7D:D1:78:F2:B5:B9:48:42:29:78:27:98:C4:E3:FE:0E:ED Certificate issuer: /CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b Certificate serial: 019B7F811EFB5C903E933C8DC1FB41030E52 Authority key identifier: 63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/YS4KfdF48rW5SEIpeCeYxOP-Du0.roa Signing time: Fri 02 Jan 2026 16:18:47 +0000 ROA not before: Fri 02 Jan 2026 16:18:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202208 IP address blocks: 193.111.168.0/24 maxlen: 24 193.111.174.0/24 maxlen: 24 193.111.226.0/24 maxlen: 24 193.111.229.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.mft rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:81:1e:fb:5c:90:3e:93:3c:8d:c1:fb:41:03:0e:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=633b6895fe4993397b66232bb0a2d3e3c625cc1b Validity Not Before: Jan 2 16:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=612e0a7dd178f2b5b9484229782798c4e3fe0eed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:7c:a6:97:f7:7d:37:68:53:c5:23:b7:5d:9b: 8b:b7:57:11:86:f2:ae:c5:4e:ac:91:4d:65:cb:23: 7d:05:1b:57:d3:de:d6:f3:17:d1:ae:af:35:cf:43: 78:f2:d2:0b:72:f6:6b:b0:3f:1e:91:c5:05:21:67: 32:5d:da:a1:1d:b0:9b:16:77:80:39:da:f2:b9:ec: 05:b7:fe:da:57:c9:49:88:08:f5:2e:c7:22:e3:be: 35:c4:ab:00:e8:09:32:76:7b:98:3d:62:44:28:85: f7:eb:ea:0b:41:99:6e:e2:50:ee:3e:67:4c:24:29: 5a:cb:f1:76:b3:28:2f:e8:4e:45:aa:11:50:4c:69: d3:96:a7:94:47:46:ea:71:1b:22:9f:6c:97:ed:ee: aa:ba:28:17:5b:77:d6:85:65:95:f9:4f:38:18:7e: b8:ea:d4:e5:f2:05:a4:46:d6:45:04:05:eb:63:02: 1f:b8:d7:de:8a:5f:46:cc:bb:06:83:53:f4:22:95: ac:31:3d:4d:80:05:dc:59:7b:88:e4:f7:1b:51:65: e5:57:57:e0:8d:cb:fc:d3:85:df:c4:38:92:6b:27: 61:79:0a:6c:fd:3d:24:4b:37:7a:48:d6:66:4c:8a: 20:1e:81:aa:81:62:7e:c1:04:54:65:a6:84:b2:db: 4c:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:2E:0A:7D:D1:78:F2:B5:B9:48:42:29:78:27:98:C4:E3:FE:0E:ED X509v3 Authority Key Identifier: keyid:63:3B:68:95:FE:49:93:39:7B:66:23:2B:B0:A2:D3:E3:C6:25:CC:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yztolf5Jkzl7ZiMrsKLT48YlzBs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/YS4KfdF48rW5SEIpeCeYxOP-Du0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2fc40a-55e3-4aba-91b5-70b8871b8e20/1/Yztolf5Jkzl7ZiMrsKLT48YlzBs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.111.168.0/24 193.111.174.0/24 193.111.226.0/24 193.111.229.0/24 Signature Algorithm: sha256WithRSAEncryption 38:c1:3e:80:75:b6:0b:19:7e:e2:c4:2e:8e:f4:af:1e:e2:09: e5:7a:ad:e3:fa:79:6d:b2:f9:53:b2:bb:d7:7e:7b:00:cb:0d: d3:a6:21:1f:c5:dd:fb:20:d3:00:c9:ad:ad:ec:b4:a3:8e:02: d7:31:25:9c:71:d5:bf:1a:57:f8:c8:49:d3:88:a2:2f:2f:da: a5:f8:6d:a9:18:2b:6b:ce:f1:31:f6:41:9e:c7:ec:57:0d:cb: 7d:64:8c:f4:6f:b4:37:b0:3a:90:6a:b4:74:2a:36:b2:b3:10: cc:f7:13:e1:8d:5f:7f:a0:d2:2c:08:93:c4:59:e2:01:fb:82: 03:1b:0b:cf:87:fb:b3:8c:bb:67:2a:6d:49:24:3a:a9:f3:cc: ff:b0:25:28:33:df:93:60:b3:64:d6:cd:ba:6c:3a:33:b0:cd: 26:58:ab:46:f9:00:34:03:44:d7:30:af:c6:f1:b1:b1:f6:d9: 35:5b:f5:68:58:5d:f5:03:99:06:ba:38:8e:b3:48:81:be:f5: 56:65:76:77:4c:61:76:1a:87:b5:f4:6e:b3:2b:ba:93:0a:6c: 47:ef:44:89:71:13:9d:f7:66:f8:94:29:f4:fa:89:e4:b2:9d: 51:e4:8b:fd:32:f0:96:87:90:b4:4a:84:02:05:f3:1d:0d:2f: da:d2:7f:e0 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt/gR77XJA+kzyNwftBAw5SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYzM2I2ODk1ZmU0OTkzMzk3YjY2MjMyYmIwYTJkM2UzYzYy NWNjMWIwHhcNMjYwMTAyMTYxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2MTJlMGE3ZGQxNzhmMmI1Yjk0ODQyMjk3ODI3OThjNGUzZmUwZWVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnyml/d9N2hTxSO3XZuLt1cRhvKu xU6skU1lyyN9BRtX097W8xfRrq81z0N48tILcvZrsD8ekcUFIWcyXdqhHbCbFneA OdryuewFt/7aV8lJiAj1Lsci4741xKsA6AkydnuYPWJEKIX36+oLQZlu4lDuPmdM JClay/F2sygv6E5FqhFQTGnTlqeUR0bqcRsin2yX7e6quigXW3fWhWWV+U84GH64 6tTl8gWkRtZFBAXrYwIfuNfeil9GzLsGg1P0IpWsMT1NgAXcWXuI5PcbUWXlV1fg jcv804XfxDiSaydheQps/T0kSzd6SNZmTIogHoGqgWJ+wQRUZaaEsttMywIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFGEuCn3RePK1uUhCKXgnmMTj/g7tMB8GA1UdIwQY MBaAFGM7aJX+SZM5e2YjK7Ci0+PGJcwbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUt NzBiODg3MWI4ZTIwLzEvWVM0S2ZkRjQ4clc1U0VJcGVDZVl4T1AtRHUwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8yZmM0MGEtNTVlMy00YWJhLTkxYjUtNzBiODg3MWI4ZTIw LzEvWXp0b2xmNUpremw3WmlNcnNLTFQ0OFlsekJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwW+oAwQA wW+uAwQAwW/iAwQAwW/lMA0GCSqGSIb3DQEBCwUAA4IBAQA4wT6AdbYLGX7ixC6O 9K8e4gnleq3j+nltsvlTsrvXfnsAyw3TpiEfxd37INMAya2t7LSjjgLXMSWccdW/ Glf4yEnTiKIvL9ql+G2pGCtrzvEx9kGex+xXDct9ZIz0b7Q3sDqQarR0KjaysxDM 9xPhjV9/oNIsCJPEWeIB+4IDGwvPh/uzjLtnKm1JJDqp88z/sCUoM9+TYLNk1s26 bDozsM0mWKtG+QA0A0TXMK/G8bGx9tk1W/VoWF31A5kGujiOs0iBvvVWZXZ3TGF2 Goe19G6zK7qTCmxH70SJcROd92b4lCn0+onksp1R5Iv9MvCWh5C0SoQCBfMdDS/a 0n/g -----END CERTIFICATE-----Generated at Mon Feb 9 18:42:34 2026 by rpki-client