This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jy0qY-BKlB0rW2fBk4ZxfjYF-UA.roa File: jy0qY-BKlB0rW2fBk4ZxfjYF-UA.roa (raw, json) Hash identifier: KXcgcIJwxTE21mlXkrLcsef2cwCUqxaQCCT0MmPQ3UI= Subject key identifier: 8F:2D:2A:63:E0:4A:94:1D:2B:5B:67:C1:93:86:71:7E:36:05:F9:40 Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Certificate serial: 019446651CACBE883518DD09B8F30A620A76 Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jy0qY-BKlB0rW2fBk4ZxfjYF-UA.roa Signing time: Wed 08 Jan 2025 14:50:19 +0000 ROA not before: Wed 08 Jan 2025 14:50:19 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 0 IP address blocks: 193.124.224.0/23 maxlen: 23 194.58.155.0/24 maxlen: 24 194.85.251.0/24 maxlen: 24 194.87.73.0/24 maxlen: 24 194.87.169.0/24 maxlen: 24 194.87.224.0/24 maxlen: 24 194.135.33.0/24 maxlen: 24 195.133.24.0/23 maxlen: 23 195.133.40.0/23 maxlen: 23 195.133.50.0/23 maxlen: 23 195.133.59.0/24 maxlen: 24 195.133.92.0/23 maxlen: 23 212.192.214.0/24 maxlen: 24 212.193.26.0/23 maxlen: 23 2a01:57c0::/29 maxlen: 29 2a0c:ff40::/29 maxlen: 29 Validation: Failed, RFC 3779 resource not subset of parent's resources Certificate: Data: Version: 3 (0x2) Serial Number: 01:94:46:65:1c:ac:be:88:35:18:dd:09:b8:f3:0a:62:0a:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Validity Not Before: Jan 8 14:50:19 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=8f2d2a63e04a941d2b5b67c19386717e3605f940 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:b0:af:30:65:4c:3b:b0:2e:ef:fc:74:ca:49: fd:b0:f9:35:62:ad:cb:b3:c7:61:2e:b3:21:12:7d: 70:b1:9c:18:bf:c9:8e:cc:23:32:d0:9d:b4:19:69: ba:f3:b9:da:45:b1:82:35:5b:06:c4:09:42:a6:dc: 8b:e7:2a:bf:db:2c:f5:44:d4:67:7c:a7:5d:4d:df: 44:6a:0f:42:ee:2f:22:3a:ba:6b:e8:0d:a9:8d:ce: 53:c3:e1:40:66:a5:d2:27:65:be:c1:12:e5:08:1f: fb:a6:58:5f:d6:d3:f7:32:03:6d:16:9a:a6:c5:23: 38:80:25:87:ac:3d:c1:5b:b8:21:78:a9:3f:13:74: 49:d3:62:70:20:fa:fe:06:11:59:e7:02:52:69:17: 7a:d8:03:c5:e0:29:62:90:be:6d:ce:6b:1e:9f:65: e2:0c:e7:cf:73:63:6c:fd:c1:9f:6d:50:dd:3a:32: f7:a5:d4:a4:78:b2:0d:99:3f:12:f4:a5:38:f6:57: 1f:71:d1:b4:45:28:b3:60:7c:ba:c5:e6:c5:eb:43: a8:33:43:aa:cc:f7:5c:b9:b4:42:0a:f3:ea:75:a3: d3:cf:06:0e:4a:45:07:66:7f:55:c1:41:12:b4:e5: 1b:55:f2:1f:3a:ab:57:d0:04:a5:94:5e:ec:65:30: af:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:2D:2A:63:E0:4A:94:1D:2B:5B:67:C1:93:86:71:7E:36:05:F9:40 X509v3 Authority Key Identifier: keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/jy0qY-BKlB0rW2fBk4ZxfjYF-UA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.124.224.0/23 194.58.155.0/24 194.85.251.0/24 194.87.73.0/24 194.87.169.0/24 194.87.224.0/24 194.135.33.0/24 195.133.24.0/23 195.133.40.0/23 195.133.50.0/23 195.133.59.0/24 195.133.92.0/23 212.192.214.0/24 212.193.26.0/23 IPv6: 2a01:57c0::/29 2a0c:ff40::/29 Signature Algorithm: sha256WithRSAEncryption 3d:21:02:92:fd:a8:6d:15:e5:97:ae:24:11:ff:31:ed:f9:b5: 9f:1f:1e:31:73:26:07:60:84:24:9e:80:fe:d5:da:19:0e:fd: f6:84:dc:d9:94:41:f2:6a:aa:57:f9:36:32:bb:d9:ba:df:6d: 7d:72:9d:02:27:91:f3:88:77:79:19:61:83:9d:43:2a:4c:81: e3:9c:ca:3f:68:35:67:5b:70:a5:6a:ad:38:b7:d3:27:bf:41: 5e:c2:a4:1d:22:c1:22:8a:e6:ba:46:85:b9:eb:74:10:c3:0c: d4:44:29:40:fd:56:e3:ea:07:95:22:01:c4:6e:56:a1:c2:aa: 77:e7:58:8d:25:3d:bf:7f:a2:82:73:b7:d8:08:d1:dd:7e:8a: dc:60:8c:b8:f1:3e:6d:d1:5c:56:39:e7:d7:17:4a:15:d1:91: 30:52:4d:81:2a:90:91:da:e3:eb:bb:d3:5c:65:63:73:77:60: 5b:86:7a:ae:8c:ec:29:10:d8:9a:8b:61:4e:cf:77:76:6e:6d: 6c:db:fb:b8:c3:7e:52:10:bb:01:a7:c7:4d:cd:af:38:46:52: 14:16:c0:f7:af:da:fc:ba:78:af:c0:e3:57:6d:67:b6:4f:00: 53:28:c0:aa:ce:41:9a:74:e6:0e:9e:a8:54:fb:e7:97:97:01: cf:61:23:fe -----BEGIN CERTIFICATE----- MIIFYjCCBEqgAwIBAgISAZRGZRysvog1GN0JuPMKYgp2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw ZTFhYzcwHhcNMjUwMTA4MTQ1MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZjJkMmE2M2UwNGE5NDFkMmI1YjY3YzE5Mzg2NzE3ZTM2MDVmOTQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrCvMGVMO7Au7/x0ykn9sPk1Yq3L s8dhLrMhEn1wsZwYv8mOzCMy0J20GWm687naRbGCNVsGxAlCptyL5yq/2yz1RNRn fKddTd9Eag9C7i8iOrpr6A2pjc5Tw+FAZqXSJ2W+wRLlCB/7plhf1tP3MgNtFpqm xSM4gCWHrD3BW7gheKk/E3RJ02JwIPr+BhFZ5wJSaRd62APF4ClikL5tzmsen2Xi DOfPc2Ns/cGfbVDdOjL3pdSkeLINmT8S9KU49lcfcdG0RSizYHy6xebF60OoM0Oq zPdcubRCCvPqdaPTzwYOSkUHZn9VwUEStOUbVfIfOqtX0ASllF7sZTCvcwIDAQAB o4ICbjCCAmowHQYDVR0OBBYEFI8tKmPgSpQdK1tnwZOGcX42BflAMB8GA1UdIwQY MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt NWE0MjQyOGYxMTQzLzEvankwcVktQktsQjByVzJmQms0WnhmallGLVVBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEAcF84AME AMI6mwMEAMJV+wMEAMJXSQMEAMJXqQMEAMJX4AMEAMKHIQMEAcOFGAMEAcOFKAME AcOFMgMEAMOFOwMEAcOFXAMEANTA1gMEAdTBGjAUBAIAAjAOAwUDKgFXwAMFAyoM /0AwDQYJKoZIhvcNAQELBQADggEBAD0hApL9qG0V5ZeuJBH/Me35tZ8fHjFzJgdg hCSegP7V2hkO/faE3NmUQfJqqlf5NjK72brfbX1ynQInkfOId3kZYYOdQypMgeOc yj9oNWdbcKVqrTi30ye/QV7CpB0iwSKK5rpGhbnrdBDDDNREKUD9VuPqB5UiAcRu VqHCqnfnWI0lPb9/ooJzt9gI0d1+itxgjLjxPm3RXFY559cXShXRkTBSTYEqkJHa 4+u701xlY3N3YFuGeq6M7CkQ2JqLYU7Pd3ZubWzb+7jDflIQuwGnx03NrzhGUhQW wPev2vy6eK/A41dtZ7ZPAFMowKrOQZp05g6eqFT755eXAc9hI/4= -----END CERTIFICATE-----Generated at Fri Dec 26 09:39:01 2025 by rpki-client