This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/Io1aFz3FdR5Bh1mYcrCe9mIequ8.roa File: Io1aFz3FdR5Bh1mYcrCe9mIequ8.roa (raw, json) Hash identifier: MsqgD4dNC1FiLIJAOYEnGOt34n4HFw6UdIBX7nTzrgg= Subject key identifier: 22:8D:5A:17:3D:C5:75:1E:41:87:59:98:72:B0:9E:F6:62:1E:AA:EF Certificate issuer: /CN=a90200a0000df5d845b9db284d0a2dbee676c5a8 Certificate serial: 019B7BA35A1A0723859908A5FC137B1F229D Authority key identifier: A9:02:00:A0:00:0D:F5:D8:45:B9:DB:28:4D:0A:2D:BE:E6:76:C5:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qQIAoAAN9dhFudsoTQotvuZ2xag.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/Io1aFz3FdR5Bh1mYcrCe9mIequ8.roa Signing time: Thu 01 Jan 2026 22:17:41 +0000 ROA not before: Thu 01 Jan 2026 22:17:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8870 IP address blocks: 91.197.128.0/23 maxlen: 23 91.197.130.0/24 maxlen: 24 91.197.131.0/24 maxlen: 24 91.222.64.0/23 maxlen: 23 91.222.66.0/24 maxlen: 24 91.222.67.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/qQIAoAAN9dhFudsoTQotvuZ2xag.crl rsync://rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/qQIAoAAN9dhFudsoTQotvuZ2xag.mft rsync://rpki.ripe.net/repository/DEFAULT/qQIAoAAN9dhFudsoTQotvuZ2xag.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:5a:1a:07:23:85:99:08:a5:fc:13:7b:1f:22:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a90200a0000df5d845b9db284d0a2dbee676c5a8 Validity Not Before: Jan 1 22:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=228d5a173dc5751e4187599872b09ef6621eaaef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:17:c6:ed:c1:50:c2:be:f8:14:b9:c8:88:69: 22:19:c6:fa:a0:84:53:d8:56:dc:45:95:84:f7:91: 5d:8c:7a:cd:ad:3e:e6:9e:5d:68:6b:27:63:70:85: 65:67:eb:a7:9b:f0:2a:15:d5:9b:9d:a1:15:68:39: d3:49:6b:93:cd:04:bf:e0:01:b5:1b:19:05:24:41: 7c:e2:94:1b:1c:f2:19:6e:f4:62:80:dd:d4:d8:42: 49:dc:a6:6b:6e:46:57:53:3b:c7:4f:05:f6:37:ae: 7c:77:03:3e:46:2c:ef:cf:3c:3a:fe:9a:bc:8f:f0: 92:71:d8:b9:0d:c3:73:f5:10:27:04:df:8a:72:85: f3:32:9d:09:55:bf:40:36:31:9b:52:eb:e1:45:6c: 36:9c:ba:a6:0e:7d:e9:84:3c:8e:8c:9d:f1:47:99: 0b:45:0a:18:2a:e7:81:57:52:3c:75:5b:96:db:13: fa:17:ad:44:5c:e7:01:8a:7d:9c:83:89:dd:58:66: bb:4c:4a:fc:f1:74:f4:9c:d0:df:58:21:31:2c:99: ab:35:7e:cb:a5:d6:b2:7f:41:40:5f:08:ab:35:68: 79:8f:88:07:c1:61:33:3f:d0:ae:7b:db:4a:d0:5a: b4:c6:0d:df:c5:b0:30:f0:2c:06:8f:03:92:d4:74: d9:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:8D:5A:17:3D:C5:75:1E:41:87:59:98:72:B0:9E:F6:62:1E:AA:EF X509v3 Authority Key Identifier: keyid:A9:02:00:A0:00:0D:F5:D8:45:B9:DB:28:4D:0A:2D:BE:E6:76:C5:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQIAoAAN9dhFudsoTQotvuZ2xag.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/Io1aFz3FdR5Bh1mYcrCe9mIequ8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b1e3e1-8b7d-4e22-870c-58f574495bb8/1/qQIAoAAN9dhFudsoTQotvuZ2xag.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.197.128.0/22 91.222.64.0/22 Signature Algorithm: sha256WithRSAEncryption 04:55:dc:76:e4:d9:29:a1:2b:b9:75:51:7a:5d:c7:98:4e:cd: bf:7a:d4:5c:ff:d2:fb:72:3c:d7:6b:57:7a:ad:48:d8:89:1b: 30:88:95:e4:b8:b5:c1:ce:d0:d3:b4:be:3d:fa:58:d6:5e:53: 8c:e2:eb:14:0d:36:2c:d2:8b:8e:d5:19:c8:6e:52:a7:83:d2: 05:e9:ba:ce:6e:a0:c8:36:f5:4e:ce:af:ff:4b:56:07:b8:fc: 65:71:14:d5:17:31:e7:1d:65:17:53:dd:a4:4c:78:7a:ef:07: 64:ee:28:78:49:74:c1:b2:79:63:13:9d:1a:c6:ec:fe:37:a8: fe:e7:11:13:07:3a:73:73:a5:59:64:e2:4d:0a:b9:ae:95:ab: cc:33:16:e2:71:b6:3d:06:d3:ce:3b:5f:9f:f0:7b:c4:16:b6: 94:63:2e:20:fb:3c:cf:07:f1:61:dc:79:a2:cf:c3:55:65:93: ab:14:23:d0:3d:fe:9b:59:86:78:c4:40:55:20:f0:6d:d6:d5: b1:22:1b:70:97:d4:11:86:18:1c:6b:1a:f1:b5:b2:ec:26:27: 2d:47:4a:e8:4e:89:d7:03:a6:ac:0e:a4:07:f7:99:5f:f5:00: 7e:69:da:9b:03:eb:fb:3b:7b:bc:b7:8a:f6:6c:09:11:3b:b3: 35:50:81:d9 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7o1oaByOFmQil/BN7HyKdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE5MDIwMGEwMDAwZGY1ZDg0NWI5ZGIyODRkMGEyZGJlZTY3 NmM1YTgwHhcNMjYwMTAxMjIxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMjhkNWExNzNkYzU3NTFlNDE4NzU5OTg3MmIwOWVmNjYyMWVhYWVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohfG7cFQwr74FLnIiGkiGcb6oIRT 2FbcRZWE95FdjHrNrT7mnl1oaydjcIVlZ+unm/AqFdWbnaEVaDnTSWuTzQS/4AG1 GxkFJEF84pQbHPIZbvRigN3U2EJJ3KZrbkZXUzvHTwX2N658dwM+Rizvzzw6/pq8 j/CScdi5DcNz9RAnBN+KcoXzMp0JVb9ANjGbUuvhRWw2nLqmDn3phDyOjJ3xR5kL RQoYKueBV1I8dVuW2xP6F61EXOcBin2cg4ndWGa7TEr88XT0nNDfWCExLJmrNX7L pdayf0FAXwirNWh5j4gHwWEzP9Cue9tK0Fq0xg3fxbAw8CwGjwOS1HTZSwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCKNWhc9xXUeQYdZmHKwnvZiHqrvMB8GA1UdIwQY MBaAFKkCAKAADfXYRbnbKE0KLb7mdsWoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcVFJQW9BQU45ZGhGdWRzb1RRb3R2dVoyeGFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iMWUzZTEtOGI3ZC00ZTIyLTg3MGMt NThmNTc0NDk1YmI4LzEvSW8xYUZ6M0ZkUjVCaDFtWWNyQ2U5bUllcXU4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi9iMWUzZTEtOGI3ZC00ZTIyLTg3MGMtNThmNTc0NDk1YmI4 LzEvcVFJQW9BQU45ZGhGdWRzb1RRb3R2dVoyeGFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8WAAwQC W95AMA0GCSqGSIb3DQEBCwUAA4IBAQAEVdx25NkpoSu5dVF6XceYTs2/etRc/9L7 cjzXa1d6rUjYiRswiJXkuLXBztDTtL49+ljWXlOM4usUDTYs0ouO1RnIblKng9IF 6brObqDINvVOzq//S1YHuPxlcRTVFzHnHWUXU92kTHh67wdk7ih4SXTBsnljE50a xuz+N6j+5xETBzpzc6VZZOJNCrmulavMMxbicbY9BtPOO1+f8HvEFraUYy4g+zzP B/Fh3Hmiz8NVZZOrFCPQPf6bWYZ4xEBVIPBt1tWxIhtwl9QRhhgcaxrxtbLsJict R0roTonXA6asDqQH95lf9QB+adqbA+v7O3u8t4r2bAkRO7M1UIHZ -----END CERTIFICATE-----Generated at Sun Jan 25 08:50:31 2026 by rpki-client