This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/I5oIKyc-Nnsg2P5sBEZFMHv808I.roa File: I5oIKyc-Nnsg2P5sBEZFMHv808I.roa (raw, json) Hash identifier: A5np8yhL8kgzony1w/u2xXkkcbdyP8sEVHMrTdXVIdE= Subject key identifier: 23:9A:08:2B:27:3E:36:7B:20:D8:FE:6C:04:46:45:30:7B:FC:D3:C2 Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34 Certificate serial: 019B7EA71DA1933FF2E17BCFA9BC44740477 Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/I5oIKyc-Nnsg2P5sBEZFMHv808I.roa Signing time: Fri 02 Jan 2026 12:20:39 +0000 ROA not before: Fri 02 Jan 2026 12:20:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30971 IP address blocks: 83.136.32.0/21 maxlen: 24 185.102.15.0/24 maxlen: 24 193.46.104.0/21 maxlen: 24 193.46.112.0/20 maxlen: 24 2a02:850::/44 maxlen: 44 2a02:850:10::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.mft rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 21:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:1d:a1:93:3f:f2:e1:7b:cf:a9:bc:44:74:04:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34 Validity Not Before: Jan 2 12:20:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=239a082b273e367b20d8fe6c044645307bfcd3c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:3e:33:a9:5b:39:cb:d2:dc:6e:c8:40:41:63: b2:03:60:60:8c:38:9a:a1:64:2b:c2:25:88:1d:11: 0d:5b:e7:b7:6a:9b:b3:86:55:29:7a:1b:07:04:bc: bb:35:98:b1:d8:dc:13:30:a3:11:6f:f0:07:0b:9e: 93:b8:a6:f9:69:a1:94:88:dc:ac:47:bf:db:f6:fe: 9d:a6:d1:13:e8:ba:1b:26:d6:94:ce:5f:77:97:58: 02:ad:1c:78:5f:37:69:96:ff:ef:4d:07:76:76:ff: 7e:60:83:04:d0:f3:06:3f:e0:cd:fb:09:51:38:d1: e9:a1:0b:0e:5e:40:e7:d6:78:68:3a:98:d8:c1:f0: 35:ea:2b:0c:70:08:2e:da:7f:86:7d:3a:46:66:92: 7c:10:47:b8:4c:1d:92:a9:4c:f7:4f:b1:35:36:66: 84:05:53:ab:96:9c:6a:9c:c0:48:b4:e1:4f:fb:25: d9:20:ba:d9:0b:e0:0d:85:a2:a0:a1:b8:d1:1e:b6: 5f:f3:67:9a:7e:61:e1:63:cd:fe:b9:eb:37:56:fe: 7b:60:ff:60:10:78:fc:1c:50:11:de:3a:97:2c:44: 9c:41:66:45:2d:a5:e9:41:b7:0f:e6:b8:e4:8f:41: de:98:a9:f6:1e:70:f7:53:76:6a:b0:2e:56:70:d9: 30:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:9A:08:2B:27:3E:36:7B:20:D8:FE:6C:04:46:45:30:7B:FC:D3:C2 X509v3 Authority Key Identifier: keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/I5oIKyc-Nnsg2P5sBEZFMHv808I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.136.32.0/21 185.102.15.0/24 193.46.104.0-193.46.127.255 IPv6: 2a02:850::/43 Signature Algorithm: sha256WithRSAEncryption 1e:a9:db:21:a2:5b:10:91:e6:b3:47:56:55:47:64:93:ab:65: 5f:6a:e3:39:be:6e:e5:8b:dc:8a:2d:5a:23:66:43:42:16:4c: 05:eb:c0:ef:54:3e:3d:61:f6:7d:bb:99:00:67:80:79:26:ec: e1:f6:98:db:9e:16:a8:ac:92:61:8f:4a:9b:05:6f:e7:32:85: b7:22:4e:44:6d:0c:00:3b:85:b5:72:f1:fd:38:4a:88:7d:07: 63:fe:f5:d6:af:50:f8:51:06:d8:c8:0e:09:ea:af:0d:42:a2: 9b:35:1d:55:34:08:ce:41:01:4e:bc:2a:ce:98:54:10:5b:76: 0d:a9:73:99:a3:fe:51:66:e1:ff:d6:ac:da:dc:cc:b5:12:22: 90:e6:90:cd:7d:05:7f:96:64:17:f1:bc:1b:c1:f8:84:b3:10: 3e:db:79:c9:a3:ae:e6:86:65:8b:be:cd:75:9c:8d:4f:b2:16: 02:fb:ca:9d:e2:0e:82:b9:f6:22:14:57:c6:d9:a6:e8:b4:40: 34:c6:dc:8a:e6:69:99:e0:43:7c:44:cb:2d:34:86:f7:0f:ec: 9a:58:82:d9:b5:55:09:22:e2:d5:6a:22:5a:cf:ed:70:72:81: d7:69:62:e5:c9:a1:31:9d:1a:36:9f:12:42:da:8a:d5:a1:12: ab:89:b0:5c -----BEGIN CERTIFICATE----- MIIFIjCCBAqgAwIBAgISAZt+px2hkz/y4XvPqbxEdAR3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2 ZWFjMzQwHhcNMjYwMTAyMTIyMDM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMzlhMDgyYjI3M2UzNjdiMjBkOGZlNmMwNDQ2NDUzMDdiZmNkM2MyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0D4zqVs5y9LcbshAQWOyA2BgjDia oWQrwiWIHRENW+e3apuzhlUpehsHBLy7NZix2NwTMKMRb/AHC56TuKb5aaGUiNys R7/b9v6dptET6LobJtaUzl93l1gCrRx4Xzdplv/vTQd2dv9+YIME0PMGP+DN+wlR ONHpoQsOXkDn1nhoOpjYwfA16isMcAgu2n+GfTpGZpJ8EEe4TB2SqUz3T7E1NmaE BVOrlpxqnMBItOFP+yXZILrZC+ANhaKgobjRHrZf82eafmHhY83+ues3Vv57YP9g EHj8HFAR3jqXLEScQWZFLaXpQbcP5rjkj0HemKn2HnD3U3ZqsC5WcNkwWQIDAQAB o4ICLjCCAiowHQYDVR0OBBYEFCOaCCsnPjZ7INj+bARGRTB7/NPCMB8GA1UdIwQY MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt YTk3NjVlZGM3OTVjLzEvSTVvSUt5Yy1ObnNnMlA1c0JFWkZNSHY4MDhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQDU4ggAwQA uWYPMAwDBAPBLmgDBAfBLgAwDwQCAAIwCQMHBSoCCFAAADANBgkqhkiG9w0BAQsF AAOCAQEAHqnbIaJbEJHms0dWVUdkk6tlX2rjOb5u5Yvcii1aI2ZDQhZMBevA71Q+ PWH2fbuZAGeAeSbs4faY254WqKySYY9KmwVv5zKFtyJORG0MADuFtXLx/ThKiH0H Y/711q9Q+FEG2MgOCeqvDUKimzUdVTQIzkEBTrwqzphUEFt2DalzmaP+UWbh/9as 2tzMtRIikOaQzX0Ff5ZkF/G8G8H4hLMQPtt5yaOu5oZli77NdZyNT7IWAvvKneIO grn2IhRXxtmm6LRANMbciuZpmeBDfETLLTSG9w/smliC2bVVCSLi1WoiWs/tcHKB 12li5cmhMZ0aNp8SQtqK1aESq4mwXA== -----END CERTIFICATE-----Generated at Tue Jan 27 07:12:42 2026 by rpki-client