This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/ICKtn9FiA8o1E110emXc1Z_9SHM.roa File: ICKtn9FiA8o1E110emXc1Z_9SHM.roa (raw, json) Hash identifier: VFWWvtCtDRylV3Kwhn/OLe+sEMZLlpEgPe5DOIGJ9cA= Subject key identifier: 20:22:AD:9F:D1:62:03:CA:35:13:5D:74:7A:65:DC:D5:9F:FD:48:73 Certificate issuer: /CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c Certificate serial: 019B7C8007886045CA0BD67DDC345444B7B9 Authority key identifier: DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/ICKtn9FiA8o1E110emXc1Z_9SHM.roa Signing time: Fri 02 Jan 2026 02:18:43 +0000 ROA not before: Fri 02 Jan 2026 02:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209242 IP address blocks: 25.25.25.0/24 maxlen: 24 25.26.27.0/24 maxlen: 24 25.129.196.0/23 maxlen: 23 25.129.198.0/23 maxlen: 23 2a08:600::/48 maxlen: 48 2a08:600:e0::/47 maxlen: 47 2a08:600:ee::/47 maxlen: 47 2a08:600:ff::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.crl rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.mft rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:07:88:60:45:ca:0b:d6:7d:dc:34:54:44:b7:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c Validity Not Before: Jan 2 02:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2022ad9fd16203ca35135d747a65dcd59ffd4873 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:af:03:3f:84:cf:99:f7:3b:ff:3f:8e:fc:cc: 39:ac:1d:8d:0c:65:47:52:57:fb:be:14:20:e1:c7: 60:87:28:8f:4a:a0:cd:2d:55:60:31:52:ae:98:ab: dc:59:98:73:9c:a9:f7:42:93:ab:99:1f:51:93:3d: ad:ad:e5:a0:fc:2b:c8:96:bd:f5:b5:49:f1:b4:2d: 74:8f:ad:6a:4b:3e:f4:e6:2f:b9:d3:7a:0e:43:ad: c4:06:05:39:f1:73:df:36:1a:45:e6:ef:9f:a8:6f: a3:8e:cd:cf:c9:92:02:da:c6:2a:62:32:0b:92:a0: 2a:19:98:e3:ff:29:9c:ad:a1:a8:e8:6d:8a:d3:28: d3:4a:e1:ce:83:a3:cc:38:40:f7:b0:31:23:4f:59: 02:51:55:75:87:67:6f:e7:53:d0:57:eb:e4:c4:7e: 2d:61:b5:36:97:b8:67:88:3d:ee:38:bc:e5:4b:f5: 8f:84:bf:cd:6e:0f:b7:a6:d1:af:af:bb:88:e3:3f: e0:5b:e6:52:af:4d:df:b9:e8:f4:3d:76:cf:fa:3b: 09:75:f7:a2:ea:e7:a6:ab:53:a7:4f:bb:38:9f:5f: 43:e1:83:4a:5e:0f:79:5d:f8:4b:e8:d5:62:f6:19: 8b:9a:7e:97:e1:10:1f:aa:ce:e4:6a:40:36:ec:1a: 7c:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:22:AD:9F:D1:62:03:CA:35:13:5D:74:7A:65:DC:D5:9F:FD:48:73 X509v3 Authority Key Identifier: keyid:DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/ICKtn9FiA8o1E110emXc1Z_9SHM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 25.25.25.0/24 25.26.27.0/24 25.129.196.0/22 IPv6: 2a08:600::/48 2a08:600:e0::/47 2a08:600:ee::/47 2a08:600:ff::/48 Signature Algorithm: sha256WithRSAEncryption a0:af:46:52:67:60:22:d2:7b:d3:fc:f9:4e:a2:10:73:1f:99: 6f:4e:16:7a:87:62:ff:04:d6:06:2a:de:aa:4f:c4:f6:4a:90: 8f:a8:96:76:3a:20:45:4d:e4:3b:39:5e:9e:e7:78:e8:f6:8a: 90:54:74:ec:cf:80:09:cd:90:2a:27:cf:fa:1d:80:23:3c:13: 56:88:dd:6f:b1:09:a0:d7:fa:10:89:16:b6:52:2b:58:e4:f5: 92:2d:97:7a:91:4b:80:3c:f6:43:86:31:15:c6:ad:00:90:30: e3:ee:7e:c3:94:05:0c:be:43:11:85:00:5a:47:ac:48:e7:bd: 02:c0:ee:c4:3d:2e:87:09:bf:c5:a0:f6:fa:73:55:8b:f7:7d: 89:d5:d2:29:fb:fe:c6:df:8a:fa:23:6c:5c:a2:0e:54:f3:a5: d3:30:fa:d0:1f:fc:d1:b6:74:3c:82:fa:5f:1b:ce:aa:4a:b6: 72:08:41:31:f5:e6:17:45:95:c7:4b:ce:d9:4a:0a:2a:55:76: d6:90:a4:b6:86:be:97:df:6b:cc:c4:37:f8:f6:90:34:f6:a2: 3a:a1:a1:d0:94:ed:51:f6:a0:94:5e:70:15:f1:dc:f8:fb:65: aa:1c:23:d4:23:82:41:04:71:18:24:ae:64:5b:05:90:18:54: a9:79:07:bd -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgISAZt8gAeIYEXKC9Z93DRURLe5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjNDRlMTllMmJiNGU3MDIzY2MxYmExMGQ0OWI3NGVkZTRi Zjg2NWMwHhcNMjYwMTAyMDIxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMDIyYWQ5ZmQxNjIwM2NhMzUxMzVkNzQ3YTY1ZGNkNTlmZmQ0ODczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3K8DP4TPmfc7/z+O/Mw5rB2NDGVH Ulf7vhQg4cdghyiPSqDNLVVgMVKumKvcWZhznKn3QpOrmR9Rkz2treWg/CvIlr31 tUnxtC10j61qSz705i+503oOQ63EBgU58XPfNhpF5u+fqG+jjs3PyZIC2sYqYjIL kqAqGZjj/ymcraGo6G2K0yjTSuHOg6PMOED3sDEjT1kCUVV1h2dv51PQV+vkxH4t YbU2l7hniD3uOLzlS/WPhL/Nbg+3ptGvr7uI4z/gW+ZSr03fuej0PXbP+jsJdfei 6uemq1OnT7s4n19D4YNKXg95XfhL6NVi9hmLmn6X4RAfqs7kakA27Bp8+QIDAQAB o4ICQTCCAj0wHQYDVR0OBBYEFCAirZ/RYgPKNRNddHpl3NWf/UhzMB8GA1UdIwQY MBaAFNxE4Z4rtOcCPMG6ENSbdO3kv4ZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjIt NGM4MmFjZTcyYzg1LzEvSUNLdG45RmlBOG8xRTExMGVtWGMxWl85U0hNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjItNGM4MmFjZTcyYzg1 LzEvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAYBAIAATASAwQAGRkZAwQA GRobAwQCGYHEMCoEAgACMCQDBwAqCAYAAAADBwEqCAYAAOADBwEqCAYAAO4DBwAq CAYAAP8wDQYJKoZIhvcNAQELBQADggEBAKCvRlJnYCLSe9P8+U6iEHMfmW9OFnqH Yv8E1gYq3qpPxPZKkI+olnY6IEVN5Ds5Xp7neOj2ipBUdOzPgAnNkConz/odgCM8 E1aI3W+xCaDX+hCJFrZSK1jk9ZItl3qRS4A89kOGMRXGrQCQMOPufsOUBQy+QxGF AFpHrEjnvQLA7sQ9LocJv8Wg9vpzVYv3fYnV0in7/sbfivojbFyiDlTzpdMw+tAf /NG2dDyC+l8bzqpKtnIIQTH15hdFlcdLztlKCipVdtaQpLaGvpffa8zEN/j2kDT2 ojqhodCU7VH2oJRecBXx3Pj7ZaocI9QjgkEEcRgkrmRbBZAYVKl5B70= -----END CERTIFICATE-----Generated at Sun Jan 25 09:41:19 2026 by rpki-client