This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/IkBDp9sw6tW_YC5RRt7xRLaFUy8.roa File: IkBDp9sw6tW_YC5RRt7xRLaFUy8.roa (raw, json) Hash identifier: 1Vo0RjNfCRPlqPYYWLgoO9JBVo66wAPLZiTyPuq0DdA= Subject key identifier: 22:40:43:A7:DB:30:EA:D5:BF:60:2E:51:46:DE:F1:44:B6:85:53:2F Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75 Certificate serial: 019BE527D12842FF5378D2C50291054A71B3 Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/IkBDp9sw6tW_YC5RRt7xRLaFUy8.roa Signing time: Thu 22 Jan 2026 10:02:30 +0000 ROA not before: Thu 22 Jan 2026 10:02:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44477 IP address blocks: 2.58.124.0/22 maxlen: 24 5.252.20.0/24 maxlen: 24 5.252.21.0/24 maxlen: 24 5.252.22.0/24 maxlen: 24 5.252.23.0/24 maxlen: 24 92.118.126.0/24 maxlen: 24 92.118.127.0/24 maxlen: 24 146.19.233.0/24 maxlen: 24 2a0b:ec82::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e5:27:d1:28:42:ff:53:78:d2:c5:02:91:05:4a:71:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75 Validity Not Before: Jan 22 10:02:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=224043a7db30ead5bf602e5146def144b685532f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:95:14:1a:bf:48:61:6f:31:16:30:37:bb:f9: 1f:f3:eb:7b:8c:b7:2c:4d:55:dd:62:48:f0:14:bc: fa:af:2b:7b:04:b2:52:e4:c9:47:77:1c:1e:36:15: 54:5a:15:7e:c9:2c:23:da:47:0c:8c:6d:ec:8b:b0: f5:9c:7a:79:7b:81:43:89:c6:cd:ca:ad:aa:97:ef: 31:95:f4:02:79:55:a1:9d:bf:bd:8a:55:ae:db:c1: 42:90:3c:58:fd:72:2b:31:5e:ef:a6:5b:3f:05:61: 0e:4b:7c:af:a7:e9:e3:60:49:41:9f:f7:8e:af:45: 2d:99:97:49:c9:d5:73:46:41:54:aa:a8:9e:7a:46: 23:b7:cd:e3:03:57:2c:e2:7e:31:0d:02:89:37:62: 3b:f9:fa:fd:97:08:60:b9:41:60:33:32:8f:0b:1e: 79:3d:cb:01:5e:02:98:29:c0:e0:56:f7:4f:70:bf: ee:52:30:54:00:33:b7:db:56:ca:4d:d9:c3:62:77: 98:0c:64:86:bf:51:35:cb:6a:2f:eb:44:cb:bb:c9: 72:a3:e2:d9:14:2b:32:ab:2f:1e:af:02:ca:49:ca: 5f:6c:2d:2d:d4:cb:e7:57:81:1c:e4:fd:2f:97:c8: 9b:9c:f4:fd:b3:30:70:c4:f7:84:8d:60:41:05:70: fb:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:40:43:A7:DB:30:EA:D5:BF:60:2E:51:46:DE:F1:44:B6:85:53:2F X509v3 Authority Key Identifier: keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/IkBDp9sw6tW_YC5RRt7xRLaFUy8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.124.0/22 5.252.20.0/22 92.118.126.0/23 146.19.233.0/24 IPv6: 2a0b:ec82::/32 Signature Algorithm: sha256WithRSAEncryption 1a:56:47:e6:7b:a9:54:18:ab:4c:b9:34:b0:b0:65:56:34:88: d9:f3:02:7f:93:b0:1d:03:92:33:bf:03:ce:80:da:a5:86:13: f7:f0:15:a9:83:18:0f:a5:a1:5c:52:d7:32:c2:55:78:f5:eb: 2b:92:05:6d:c2:1f:af:23:df:0b:09:35:b1:e7:7c:c8:07:bf: 5e:87:ed:28:f6:d4:c1:72:a9:8a:b7:0b:f3:29:a1:40:c7:82: dc:40:95:40:09:91:bf:dc:fc:e2:69:73:7f:8e:df:12:7e:f0: 0e:06:86:31:62:db:39:36:5d:42:6e:b5:59:de:0d:09:0a:fb: ee:f3:32:80:76:b0:cd:b8:6d:0e:dc:cf:01:06:39:e2:a5:39: 7d:23:17:de:e9:48:3a:fc:78:66:03:ae:63:b7:6c:d0:98:ff: 64:c4:69:56:9a:a1:e6:20:ee:a5:94:08:e1:2e:a0:6b:65:70: ae:a8:45:f8:b7:0a:a6:b7:ce:e7:d3:b0:5c:13:8c:76:55:09: b3:4d:51:1b:b7:45:da:e3:92:41:53:6e:ca:d6:e0:7d:3b:c7: 87:c5:bc:98:18:d4:53:3b:6f:3c:3c:3f:28:d7:66:9c:24:a9: 3a:55:33:32:0c:5b:b5:6a:4a:0a:d2:c2:d5:01:f8:6f:54:2a: f8:6f:6b:f4 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZvlJ9EoQv9TeNLFApEFSnGzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3 MjRmNzUwHhcNMjYwMTIyMTAwMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMjQwNDNhN2RiMzBlYWQ1YmY2MDJlNTE0NmRlZjE0NGI2ODU1MzJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspUUGr9IYW8xFjA3u/kf8+t7jLcs TVXdYkjwFLz6ryt7BLJS5MlHdxweNhVUWhV+ySwj2kcMjG3si7D1nHp5e4FDicbN yq2ql+8xlfQCeVWhnb+9ilWu28FCkDxY/XIrMV7vpls/BWEOS3yvp+njYElBn/eO r0UtmZdJydVzRkFUqqieekYjt83jA1cs4n4xDQKJN2I7+fr9lwhguUFgMzKPCx55 PcsBXgKYKcDgVvdPcL/uUjBUADO321bKTdnDYneYDGSGv1E1y2ov60TLu8lyo+LZ FCsyqy8erwLKScpfbC0t1MvnV4Ec5P0vl8ibnPT9szBwxPeEjWBBBXD7WQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFCJAQ6fbMOrVv2AuUUbe8US2hVMvMB8GA1UdIwQY MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt MzZkZTY1NzIzMmJlLzEvSWtCRHA5c3c2dFdfWUM1UlJ0N3hSTGFGVXk4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCAjp8AwQC BfwUAwQBXHZ+AwQAkhPpMA0EAgACMAcDBQAqC+yCMA0GCSqGSIb3DQEBCwUAA4IB AQAaVkfme6lUGKtMuTSwsGVWNIjZ8wJ/k7AdA5IzvwPOgNqlhhP38BWpgxgPpaFc UtcywlV49esrkgVtwh+vI98LCTWx53zIB79eh+0o9tTBcqmKtwvzKaFAx4LcQJVA CZG/3PziaXN/jt8SfvAOBoYxYts5Nl1CbrVZ3g0JCvvu8zKAdrDNuG0O3M8BBjni pTl9Ixfe6Ug6/HhmA65jt2zQmP9kxGlWmqHmIO6llAjhLqBrZXCuqEX4twqmt87n 07BcE4x2VQmzTVEbt0Xa45JBU27K1uB9O8eHxbyYGNRTO288PD8o12acJKk6VTMy DFu1akoK0sLVAfhvVCr4b2v0 -----END CERTIFICATE-----Generated at Sun Jan 25 13:03:19 2026 by rpki-client