This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/8iiZMHriRE_NQY6BUN56TO301wk.roa File: 8iiZMHriRE_NQY6BUN56TO301wk.roa (raw, json) Hash identifier: 8IgM/46WS34GJx+A7aRcZL/22xuZUdfmC4JGezJbIGo= Subject key identifier: F2:28:99:30:7A:E2:44:4F:CD:41:8E:81:50:DE:7A:4C:ED:F4:D7:09 Certificate issuer: /CN=297364f502534e8771a0c6259794c26e26d4bca4 Certificate serial: 019B7B35C841B45F318091EC39ED9927D06E Authority key identifier: 29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/8iiZMHriRE_NQY6BUN56TO301wk.roa Signing time: Thu 01 Jan 2026 20:18:00 +0000 ROA not before: Thu 01 Jan 2026 20:18:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198247 IP address blocks: 141.105.160.0/23 maxlen: 23 185.26.24.0/24 maxlen: 24 185.203.228.0/24 maxlen: 24 185.203.229.0/24 maxlen: 24 185.203.230.0/23 maxlen: 23 2a02:f407:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.mft rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:c8:41:b4:5f:31:80:91:ec:39:ed:99:27:d0:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=297364f502534e8771a0c6259794c26e26d4bca4 Validity Not Before: Jan 1 20:18:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f22899307ae2444fcd418e8150de7a4cedf4d709 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:81:a8:70:4f:23:f2:07:94:81:4b:0e:6d:58: 25:4c:b5:75:b9:8b:47:56:1c:fb:14:4b:8d:ab:89: 8c:d8:3d:a4:87:25:f2:bd:7a:3b:5b:8c:bb:54:9d: 68:78:23:87:02:2b:33:31:44:aa:a6:4f:d0:b5:a4: eb:df:9e:49:4a:b8:1f:be:8b:cd:61:ff:c0:cd:47: ae:aa:6f:40:58:8a:84:2e:52:d5:50:b1:18:e3:2e: 88:6f:07:b8:ea:ff:02:4b:42:db:bb:19:1c:c7:6f: 90:e7:e9:f6:5c:ca:22:27:da:65:d5:97:14:d7:7d: ed:e4:5f:75:ea:ef:26:29:4f:7b:a2:c5:70:6f:65: 21:2a:ad:1e:b4:98:e9:30:40:d0:fe:a5:70:06:c9: 81:66:8e:4f:2f:b6:1b:f5:30:23:ca:2e:4c:8e:ce: ef:af:5d:71:bc:7a:8d:56:60:ae:d1:c8:28:5d:33: 8d:e1:cd:c6:48:13:99:cc:22:3f:18:27:19:a9:b7: fb:48:9b:e5:60:94:42:b7:dc:d0:e3:34:27:77:b6: 41:d8:90:d5:9e:0e:60:38:35:28:5f:1f:b4:28:5a: cb:5f:65:84:14:3d:ae:f6:cd:93:4b:6b:0d:05:ec: 30:42:f2:26:a3:fa:80:57:6a:ee:77:b5:d2:5a:15: d9:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:28:99:30:7A:E2:44:4F:CD:41:8E:81:50:DE:7A:4C:ED:F4:D7:09 X509v3 Authority Key Identifier: keyid:29:73:64:F5:02:53:4E:87:71:A0:C6:25:97:94:C2:6E:26:D4:BC:A4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXNk9QJTTodxoMYll5TCbibUvKQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/8iiZMHriRE_NQY6BUN56TO301wk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/045820-3546-407c-83a5-0a0f3e78a493/1/KXNk9QJTTodxoMYll5TCbibUvKQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.105.160.0/23 185.26.24.0/24 185.203.228.0/22 IPv6: 2a02:f407:4::/48 Signature Algorithm: sha256WithRSAEncryption 9d:19:46:3e:aa:ce:f9:e2:50:f4:63:7d:61:c9:c9:1a:85:79: 7b:bd:1c:81:07:63:60:89:43:e6:81:fb:13:ff:52:10:e0:c0: 25:7b:30:5e:c1:41:45:f8:f8:9f:52:fd:52:f1:0d:7e:07:2e: 21:c7:05:dd:8f:0d:6a:47:eb:3c:b5:d5:01:f0:53:7e:b7:7e: d2:24:2b:b8:b1:80:8d:f1:49:98:51:6e:fe:82:2b:7b:74:69: dc:16:e8:46:34:a0:7b:86:f9:bc:7b:0c:14:b3:35:1f:22:e6: d2:fd:5a:fe:19:a5:99:07:d8:6a:12:3e:64:ca:77:6c:45:12: 51:5e:3c:f7:37:d1:70:c1:34:ae:d2:0d:1c:46:b9:5e:bf:6d: 96:2a:7b:e6:45:c0:af:72:fd:07:72:da:f1:a5:0e:71:30:5a: 53:e5:58:cb:b3:57:08:6f:e5:1e:4b:83:55:85:05:42:ed:c3: 4f:92:e1:d2:e2:2b:9b:4d:4b:40:5b:8b:f4:cd:39:3e:6b:b6: 5d:bf:02:ee:31:ec:60:c6:ac:43:3b:39:61:86:ca:83:c3:0f: 8f:7d:1b:73:70:7a:f2:28:56:8e:2c:e2:c2:77:52:95:d5:d9: 11:d0:99:cc:24:8c:c4:2f:fd:ce:75:c8:e0:09:9d:5a:0e:f2: 2a:a3:cd:12 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt7NchBtF8xgJHsOe2ZJ9BuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NzM2NGY1MDI1MzRlODc3MWEwYzYyNTk3OTRjMjZlMjZk NGJjYTQwHhcNMjYwMTAxMjAxODAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMjI4OTkzMDdhZTI0NDRmY2Q0MThlODE1MGRlN2E0Y2VkZjRkNzA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4GocE8j8geUgUsObVglTLV1uYtH Vhz7FEuNq4mM2D2khyXyvXo7W4y7VJ1oeCOHAiszMUSqpk/QtaTr355JSrgfvovN Yf/AzUeuqm9AWIqELlLVULEY4y6Ibwe46v8CS0Lbuxkcx2+Q5+n2XMoiJ9pl1ZcU 133t5F916u8mKU97osVwb2UhKq0etJjpMEDQ/qVwBsmBZo5PL7Yb9TAjyi5Mjs7v r11xvHqNVmCu0cgoXTON4c3GSBOZzCI/GCcZqbf7SJvlYJRCt9zQ4zQnd7ZB2JDV ng5gODUoXx+0KFrLX2WEFD2u9s2TS2sNBewwQvImo/qAV2rud7XSWhXZXwIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFPIomTB64kRPzUGOgVDeekzt9NcJMB8GA1UdIwQY MBaAFClzZPUCU06HcaDGJZeUwm4m1LykMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUt MGEwZjNlNzhhNDkzLzEvOGlpWk1IcmlSRV9OUVk2QlVONTZUTzMwMXdrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi8wNDU4MjAtMzU0Ni00MDdjLTgzYTUtMGEwZjNlNzhhNDkz LzEvS1hOazlRSlRUb2R4b01ZbGw1VENiaWJVdktRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBjWmgAwQA uRoYAwQCucvkMA8EAgACMAkDBwAqAvQHAAQwDQYJKoZIhvcNAQELBQADggEBAJ0Z Rj6qzvniUPRjfWHJyRqFeXu9HIEHY2CJQ+aB+xP/UhDgwCV7MF7BQUX4+J9S/VLx DX4HLiHHBd2PDWpH6zy11QHwU363ftIkK7ixgI3xSZhRbv6CK3t0adwW6EY0oHuG +bx7DBSzNR8i5tL9Wv4ZpZkH2GoSPmTKd2xFElFePPc30XDBNK7SDRxGuV6/bZYq e+ZFwK9y/Qdy2vGlDnEwWlPlWMuzVwhv5R5Lg1WFBULtw0+S4dLiK5tNS0Bbi/TN OT5rtl2/Au4x7GDGrEM7OWGGyoPDD499G3NwevIoVo4s4sJ3UpXV2RHQmcwkjMQv /c51yOAJnVoO8iqjzRI= -----END CERTIFICATE-----Generated at Sun Jan 25 16:39:43 2026 by rpki-client