This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/iYtloRWl9kFypd8JJUfmPgfj4cA.roa File: iYtloRWl9kFypd8JJUfmPgfj4cA.roa (raw, json) Hash identifier: S73CmXUZ6HVY4mwA83JVTETkq549rHQpfRMzqNjQiJI= Subject key identifier: 89:8B:65:A1:15:A5:F6:41:72:A5:DF:09:25:47:E6:3E:07:E3:E1:C0 Certificate issuer: /CN=d038c338b128f83adec2f69d93c32c5353ca0398 Certificate serial: 019BDAD980462B799F7732279900B0914D8A Authority key identifier: D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/iYtloRWl9kFypd8JJUfmPgfj4cA.roa Signing time: Tue 20 Jan 2026 10:00:45 +0000 ROA not before: Tue 20 Jan 2026 10:00:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 559 IP address blocks: 89.206.64.0/18 maxlen: 18 130.60.0.0/16 maxlen: 16 185.207.117.0/24 maxlen: 24 185.207.118.0/23 maxlen: 24 192.12.247.0/24 maxlen: 24 192.41.132.0/22 maxlen: 22 192.41.136.0/24 maxlen: 24 2001:67c:16dc::/48 maxlen: 48 2a0b:2040::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.crl rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.mft rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:da:d9:80:46:2b:79:9f:77:32:27:99:00:b0:91:4d:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d038c338b128f83adec2f69d93c32c5353ca0398 Validity Not Before: Jan 20 10:00:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=898b65a115a5f64172a5df092547e63e07e3e1c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:b9:64:ff:ce:f8:e2:1a:fa:ff:ab:44:c2:62: fb:89:13:6f:4b:2d:dc:2f:10:c4:c2:de:7a:78:a6: 7c:ce:34:fc:74:21:a1:a1:ca:dd:d4:59:3b:98:04: 83:90:b4:d0:f4:47:18:58:ef:10:ec:c2:0d:3b:fd: 38:18:6b:ce:02:3c:24:17:01:ae:e0:fa:94:b8:43: d6:dc:1e:ae:9f:e6:07:1a:3c:71:03:76:e7:0f:f2: 9b:3b:a5:0b:7f:98:5f:4c:e6:e1:ae:bd:da:96:a0: 7c:1d:b0:44:1f:5b:a5:68:78:38:eb:6e:d0:2a:3f: 8e:88:ae:0e:4f:68:3d:cc:c6:aa:48:5b:ff:12:aa: 24:49:1e:60:10:15:3d:51:bb:77:e3:67:f0:86:f1: 47:1f:93:86:d2:82:34:68:19:df:f0:82:7d:bd:ac: ba:68:f1:a3:a8:d5:10:3d:69:64:9c:96:fc:e4:5e: 1c:8c:86:31:b4:7a:b6:57:a5:e0:60:38:d5:8d:ed: 43:30:6f:68:24:95:1b:93:a6:44:9e:a6:77:0f:44: 4d:44:5b:74:93:33:56:22:30:80:57:5a:ba:e8:77: 15:da:7f:e3:cc:3a:9a:83:32:44:68:da:86:fb:7f: 4d:1e:bc:86:f3:53:46:c2:52:af:21:46:17:d4:e0: ee:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:8B:65:A1:15:A5:F6:41:72:A5:DF:09:25:47:E6:3E:07:E3:E1:C0 X509v3 Authority Key Identifier: keyid:D0:38:C3:38:B1:28:F8:3A:DE:C2:F6:9D:93:C3:2C:53:53:CA:03:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0DjDOLEo-Drewvadk8MsU1PKA5g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/iYtloRWl9kFypd8JJUfmPgfj4cA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/925f91-30c5-4a6b-a149-9bf8b1ef2e96/1/0DjDOLEo-Drewvadk8MsU1PKA5g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.206.64.0/18 130.60.0.0/16 185.207.117.0-185.207.119.255 192.12.247.0/24 192.41.132.0-192.41.136.255 IPv6: 2001:67c:16dc::/48 2a0b:2040::/29 Signature Algorithm: sha256WithRSAEncryption a7:db:fc:11:61:0d:27:d5:85:9b:50:9d:24:55:fd:ab:bb:d5: 2f:e7:a4:f2:1d:81:a4:04:4e:b0:4d:88:f1:bc:2f:7c:f9:ca: b4:e9:51:e7:8d:1a:4c:68:cb:46:80:82:e3:c0:ce:fc:7a:da: 63:ad:84:5c:6a:a6:aa:f8:8a:b0:9c:c2:e4:91:3f:6e:f4:97: fb:37:4f:98:b5:22:56:7f:62:01:c4:b4:e3:fd:62:e9:13:d8: 67:79:83:a5:64:9e:64:f5:20:46:af:cc:3a:36:53:ed:b8:d0: 08:91:b4:49:d3:27:6b:bf:be:f2:75:9f:3f:10:30:bc:7e:3b: 9b:5b:61:32:85:66:9a:47:45:c5:c3:0f:e1:1c:33:7f:09:aa: f6:13:4c:e3:c5:83:91:84:3c:c7:92:28:20:14:90:e8:16:82: f0:5f:6c:9a:48:38:84:82:ff:45:f0:21:46:6c:6c:fb:b3:83: f6:00:6d:a2:83:c4:a9:0b:96:ef:35:b9:29:3a:57:3d:f6:3a: 63:a8:39:f9:e5:3b:cb:54:b7:86:8e:b3:4e:f3:a5:86:14:90: 44:1a:7c:ec:f7:35:95:53:0b:dc:d0:3d:4f:93:37:41:ff:3c: d4:73:fc:1a:f1:fe:e6:88:86:9e:cb:f8:f8:b2:15:49:d8:7b: 1f:7d:de:5f -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgISAZva2YBGK3mfdzInmQCwkU2KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwMzhjMzM4YjEyOGY4M2FkZWMyZjY5ZDkzYzMyYzUzNTNj YTAzOTgwHhcNMjYwMTIwMTAwMDQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OThiNjVhMTE1YTVmNjQxNzJhNWRmMDkyNTQ3ZTYzZTA3ZTNlMWMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7lk/8744hr6/6tEwmL7iRNvSy3c LxDEwt56eKZ8zjT8dCGhocrd1Fk7mASDkLTQ9EcYWO8Q7MINO/04GGvOAjwkFwGu 4PqUuEPW3B6un+YHGjxxA3bnD/KbO6ULf5hfTObhrr3alqB8HbBEH1ulaHg4627Q Kj+OiK4OT2g9zMaqSFv/EqokSR5gEBU9Ubt342fwhvFHH5OG0oI0aBnf8IJ9vay6 aPGjqNUQPWlknJb85F4cjIYxtHq2V6XgYDjVje1DMG9oJJUbk6ZEnqZ3D0RNRFt0 kzNWIjCAV1q66HcV2n/jzDqagzJEaNqG+39NHryG81NGwlKvIUYX1ODuewIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFImLZaEVpfZBcqXfCSVH5j4H4+HAMB8GA1UdIwQY MBaAFNA4wzixKPg63sL2nZPDLFNTygOYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85MjVmOTEtMzBjNS00YTZiLWExNDkt OWJmOGIxZWYyZTk2LzEvaVl0bG9SV2w5a0Z5cGQ4SkpVZm1QZ2ZqNGNBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS85MjVmOTEtMzBjNS00YTZiLWExNDktOWJmOGIxZWYyZTk2 LzEvMERqRE9MRW8tRHJld3ZhZGs4TXNVMVBLQTVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAzBAIAATAtAwQGWc5AAwMA gjwwDAMEALnPdQMEA7nPcAMEAMAM9zAMAwQCwCmEAwQAwCmIMBYEAgACMBADBwAg AQZ8FtwDBQMqCyBAMA0GCSqGSIb3DQEBCwUAA4IBAQCn2/wRYQ0n1YWbUJ0kVf2r u9Uv56TyHYGkBE6wTYjxvC98+cq06VHnjRpMaMtGgILjwM78etpjrYRcaqaq+Iqw nMLkkT9u9Jf7N0+YtSJWf2IBxLTj/WLpE9hneYOlZJ5k9SBGr8w6NlPtuNAIkbRJ 0ydrv77ydZ8/EDC8fjubW2EyhWaaR0XFww/hHDN/Car2E0zjxYORhDzHkiggFJDo FoLwX2yaSDiEgv9F8CFGbGz7s4P2AG2ig8SpC5bvNbkpOlc99jpjqDn55TvLVLeG jrNO86WGFJBEGnzs9zWVUwvc0D1PkzdB/zzUc/wa8f7miIaey/j4shVJ2Hsffd5f -----END CERTIFICATE-----Generated at Sun Jan 25 21:05:11 2026 by rpki-client