This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/IoieNHiG8u34Xaf6cZuwExSjHiY.roa File: IoieNHiG8u34Xaf6cZuwExSjHiY.roa (raw, json) Hash identifier: 6TOHj18/V3jeZNm1eBZWledHoUVLVjMzbsE5Bn+ZcQo= Subject key identifier: 22:88:9E:34:78:86:F2:ED:F8:5D:A7:FA:71:9B:B0:13:14:A3:1E:26 Certificate issuer: /CN=0fe39b41074c7d6adc8ee274e239f7b8eb3585e9 Certificate serial: 019B7F832C377C626E557DE072C182405696 Authority key identifier: 0F:E3:9B:41:07:4C:7D:6A:DC:8E:E2:74:E2:39:F7:B8:EB:35:85:E9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/IoieNHiG8u34Xaf6cZuwExSjHiY.roa Signing time: Fri 02 Jan 2026 16:21:01 +0000 ROA not before: Fri 02 Jan 2026 16:21:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12338 IP address blocks: 5.159.128.0/18 maxlen: 23 37.218.0.0/17 maxlen: 17 62.99.0.0/17 maxlen: 17 81.9.128.0/17 maxlen: 24 82.130.128.0/17 maxlen: 24 83.213.0.0/16 maxlen: 22 85.84.0.0/16 maxlen: 22 85.85.0.0/16 maxlen: 22 85.86.0.0/16 maxlen: 16 85.87.0.0/16 maxlen: 24 91.116.0.0/18 maxlen: 24 178.60.64.0/18 maxlen: 24 185.116.180.0/22 maxlen: 22 212.8.64.0/18 maxlen: 18 212.55.0.0/19 maxlen: 19 212.142.128.0/17 maxlen: 17 2a00:7b00::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/D-ObQQdMfWrcjuJ04jn3uOs1hek.crl rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/D-ObQQdMfWrcjuJ04jn3uOs1hek.mft rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:2c:37:7c:62:6e:55:7d:e0:72:c1:82:40:56:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0fe39b41074c7d6adc8ee274e239f7b8eb3585e9 Validity Not Before: Jan 2 16:21:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=22889e347886f2edf85da7fa719bb01314a31e26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:c0:dd:0c:0a:94:b5:01:12:26:64:13:c7:1b: 7f:33:2d:34:7a:af:ce:9c:bb:c0:5e:f2:86:3b:05: 5e:1d:c0:a1:b9:aa:b9:02:93:84:fa:1f:54:9c:03: fa:30:24:1d:6d:5a:fc:18:45:ce:0e:04:53:d9:e6: 3f:67:cf:e7:d3:97:77:8e:53:2d:c0:d5:64:18:6b: 35:8d:39:b4:b2:3a:df:91:d5:13:41:24:b0:06:4a: fc:b2:47:79:bf:41:1c:12:53:11:d6:49:3e:0e:06: f8:31:2e:ef:0b:21:a3:40:c9:3b:0e:f5:d7:45:e8: df:8f:9b:5a:29:f4:be:eb:a6:31:44:3b:de:d9:98: 55:9e:17:b2:12:f8:de:81:d1:75:b7:4b:65:f0:c3: 50:a1:74:fe:ac:4f:01:e0:f7:22:2f:12:d7:89:59: 20:51:36:56:74:7b:83:32:58:b8:9f:b2:e7:08:b1: c2:2d:6e:a8:7f:c2:c1:66:30:18:3c:fb:80:ba:4d: 9a:0b:88:b9:7b:b5:65:4f:4f:65:2f:26:bc:1f:ff: 18:c9:84:c1:fb:ad:56:47:8c:d9:b6:55:83:3b:6f: da:84:eb:c1:f4:4a:c9:c6:81:dd:81:ff:9c:24:cf: b5:a9:25:64:3b:40:78:bc:36:12:e9:0b:e2:1c:95: 84:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:88:9E:34:78:86:F2:ED:F8:5D:A7:FA:71:9B:B0:13:14:A3:1E:26 X509v3 Authority Key Identifier: keyid:0F:E3:9B:41:07:4C:7D:6A:DC:8E:E2:74:E2:39:F7:B8:EB:35:85:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-ObQQdMfWrcjuJ04jn3uOs1hek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/IoieNHiG8u34Xaf6cZuwExSjHiY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/13ea1f-0bc1-457c-8ab5-04e812d48e72/1/D-ObQQdMfWrcjuJ04jn3uOs1hek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.159.128.0/18 37.218.0.0/17 62.99.0.0/17 81.9.128.0/17 82.130.128.0/17 83.213.0.0/16 85.84.0.0/14 91.116.0.0/18 178.60.64.0/18 185.116.180.0/22 212.8.64.0/18 212.55.0.0/19 212.142.128.0/17 IPv6: 2a00:7b00::/29 Signature Algorithm: sha256WithRSAEncryption 04:53:18:ad:07:ea:67:6e:71:d2:a7:f2:51:ce:d1:37:5e:ad: b6:50:84:99:f2:40:99:36:58:5b:13:d0:55:9d:5f:db:79:c9: cd:aa:b9:ea:77:6a:f1:25:01:b4:55:93:5e:f8:48:4f:12:3e: a1:20:8e:fa:e5:f8:45:b9:03:df:ed:a5:53:a6:62:89:87:2d: 5f:98:6e:59:cd:a2:20:31:16:ae:c0:1e:0c:99:12:72:24:75: 73:c3:4c:7f:4e:8f:52:09:dd:8e:62:c6:8b:39:65:1c:0b:63: a5:84:f6:40:80:8d:02:4b:5c:bf:c0:56:e2:58:a3:a7:0b:e3: 15:f6:55:b7:c3:ec:3d:e3:97:2e:0e:21:ae:04:7e:26:b5:19: 10:0b:9c:ed:ca:12:24:9a:99:35:0a:b7:63:cf:c0:87:ce:0f: 72:ce:a3:a1:2c:d8:4d:0b:df:d3:36:71:9b:66:d2:a4:5a:e3: c5:bc:7f:0d:32:3d:af:98:12:a2:cb:e2:dc:ed:c8:a6:fa:d1: 26:ae:8f:ad:ae:d0:58:bf:d3:bb:95:fe:1e:20:21:95:93:2b: a8:de:ee:98:4d:36:06:e8:39:4b:aa:2f:51:6e:3a:c3:a1:7f: 96:ea:4d:dd:8d:f8:1b:96:3c:6c:90:16:43:73:de:4e:e3:38: c2:a7:cf:7f -----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgISAZt/gyw3fGJuVX3gcsGCQFaWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmZTM5YjQxMDc0YzdkNmFkYzhlZTI3NGUyMzlmN2I4ZWIz NTg1ZTkwHhcNMjYwMTAyMTYyMTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMjg4OWUzNDc4ODZmMmVkZjg1ZGE3ZmE3MTliYjAxMzE0YTMxZTI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcDdDAqUtQESJmQTxxt/My00eq/O nLvAXvKGOwVeHcChuaq5ApOE+h9UnAP6MCQdbVr8GEXODgRT2eY/Z8/n05d3jlMt wNVkGGs1jTm0sjrfkdUTQSSwBkr8skd5v0EcElMR1kk+Dgb4MS7vCyGjQMk7DvXX Rejfj5taKfS+66YxRDve2ZhVnheyEvjegdF1t0tl8MNQoXT+rE8B4PciLxLXiVkg UTZWdHuDMli4n7LnCLHCLW6of8LBZjAYPPuAuk2aC4i5e7VlT09lLya8H/8YyYTB +61WR4zZtlWDO2/ahOvB9ErJxoHdgf+cJM+1qSVkO0B4vDYS6QviHJWEwwIDAQAB o4ICXjCCAlowHQYDVR0OBBYEFCKInjR4hvLt+F2n+nGbsBMUox4mMB8GA1UdIwQY MBaAFA/jm0EHTH1q3I7idOI597jrNYXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRC1PYlFRZE1mV3JjanVKMDRqbjN1T3MxaGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xM2VhMWYtMGJjMS00NTdjLThhYjUt MDRlODEyZDQ4ZTcyLzEvSW9pZU5IaUc4dTM0WGFmNmNadXdFeFNqSGlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS8xM2VhMWYtMGJjMS00NTdjLThhYjUtMDRlODEyZDQ4ZTcy LzEvRC1PYlFRZE1mV3JjanVKMDRqbjN1T3MxaGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQGBZ+AAwQH JdoAAwQHPmMAAwQHUQmAAwQHUoKAAwMAU9UDAwJVVAMEBlt0AAMEBrI8QAMEArl0 tAMEBtQIQAMEBdQ3AAMEB9SOgDANBAIAAjAHAwUDKgB7ADANBgkqhkiG9w0BAQsF AAOCAQEABFMYrQfqZ25x0qfyUc7RN16ttlCEmfJAmTZYWxPQVZ1f23nJzaq56ndq 8SUBtFWTXvhITxI+oSCO+uX4RbkD3+2lU6ZiiYctX5huWc2iIDEWrsAeDJkSciR1 c8NMf06PUgndjmLGizllHAtjpYT2QICNAktcv8BW4lijpwvjFfZVt8PsPeOXLg4h rgR+JrUZEAuc7coSJJqZNQq3Y8/Ah84Pcs6joSzYTQvf0zZxm2bSpFrjxbx/DTI9 r5gSosvi3O3IpvrRJq6Pra7QWL/Tu5X+HiAhlZMrqN7umE02Bug5S6ovUW46w6F/ lupN3Y34G5Y8bJAWQ3PeTuM4wqfPfw== -----END CERTIFICATE-----Generated at Mon Jan 26 09:23:42 2026 by rpki-client