This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/iqkz-oFIpTUAukJ-q0KYzZGnhbY.roa File: iqkz-oFIpTUAukJ-q0KYzZGnhbY.roa (raw, json) Hash identifier: 4JwiIgby6A2ltqK6a4PhfhVkPMKWfaYDYeB6aMX/De4= Subject key identifier: 8A:A9:33:FA:81:48:A5:35:00:BA:42:7E:AB:42:98:CD:91:A7:85:B6 Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a Certificate serial: 019B7DCB3F56DDB689CD3EDAA85F4C615908 Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/iqkz-oFIpTUAukJ-q0KYzZGnhbY.roa Signing time: Fri 02 Jan 2026 08:20:30 +0000 ROA not before: Fri 02 Jan 2026 08:20:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42151 IP address blocks: 212.22.83.0/24 maxlen: 24 2a09:d002::/48 maxlen: 48 2a09:d003::/48 maxlen: 48 2a09:d004::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 01:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:3f:56:dd:b6:89:cd:3e:da:a8:5f:4c:61:59:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a Validity Not Before: Jan 2 08:20:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8aa933fa8148a53500ba427eab4298cd91a785b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:9f:41:eb:e1:80:4d:6e:12:0c:bd:74:7d:b7: 11:b0:3a:7d:f7:43:41:85:3b:e4:c5:05:22:3b:73: fe:91:e6:39:35:91:80:36:f9:d7:0c:c9:ad:a9:c4: d3:a9:4c:ff:57:70:81:89:a2:5d:3f:c7:d4:00:75: 52:c9:95:33:5d:93:0e:ce:a7:fc:fa:09:4d:13:f9: ec:ef:30:3e:18:e1:ae:ac:51:dd:18:0c:3e:ec:83: 41:40:13:38:08:5d:76:30:f9:44:1b:17:11:1d:1d: 9a:21:c3:3a:70:65:21:42:96:33:8b:09:f2:7d:d6: 2a:11:67:fd:da:e6:95:4d:bf:e8:2e:fa:b2:97:b0: f8:ec:7d:40:a2:38:3c:ef:3d:50:32:df:4b:52:78: 73:e5:c3:de:72:c9:33:cf:1e:4d:f7:7c:46:04:71: 85:ae:fb:d4:f7:ca:ad:76:1b:ac:4b:24:cd:19:66: c7:e4:b2:8d:3a:52:88:21:cc:9e:4b:f6:b8:d9:82: bc:b9:a2:27:6e:ae:e8:48:7c:37:82:dd:ac:89:be: 2e:cd:d9:6e:d0:07:71:5e:f5:4f:df:f6:aa:c5:51: d2:a6:5f:e8:72:f1:0c:0e:41:27:9e:f6:a8:12:04: 6f:96:1d:06:8e:02:dc:1f:47:31:56:b2:25:42:75: 68:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:A9:33:FA:81:48:A5:35:00:BA:42:7E:AB:42:98:CD:91:A7:85:B6 X509v3 Authority Key Identifier: keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/iqkz-oFIpTUAukJ-q0KYzZGnhbY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.22.83.0/24 IPv6: 2a09:d002::/48 2a09:d003::/48 2a09:d004::/48 Signature Algorithm: sha256WithRSAEncryption 00:ec:49:2c:0c:e0:66:03:86:0a:17:d8:39:6f:42:ce:c8:45: 7a:38:94:55:41:30:4e:4c:81:0f:13:71:e6:a9:7f:ab:6f:c2: 82:03:2f:e3:5a:f0:62:61:96:69:64:96:29:67:b5:fe:d3:5f: 36:2f:ae:b0:95:70:2d:75:2e:65:0d:67:13:b1:21:bc:54:0c: b2:f1:0d:df:86:ed:2a:74:62:10:fe:ab:44:e8:84:f2:ee:0f: 8c:fe:b9:54:ed:80:33:0f:8e:8b:e1:2d:97:73:da:8a:34:e4: 07:9f:7a:39:fd:6d:cf:83:04:01:dc:03:c5:43:e3:4d:78:5d: e5:eb:f4:16:f6:90:b6:70:2d:30:9d:de:0d:b4:da:0f:09:8a: d1:dc:6a:15:b1:ea:eb:78:ed:53:22:2d:62:b6:bd:e3:85:2d: 23:3c:a8:6a:f9:7f:22:c0:b5:40:b3:53:54:b4:20:2a:f2:69: 32:90:3e:ae:ef:06:ef:b9:e2:50:c9:a5:f7:e6:6c:0a:17:92: c5:37:87:1f:bc:bb:b8:4b:e0:6d:d0:a9:1f:f8:f0:24:0b:a6: f0:4a:7d:5d:0a:f2:e1:d8:a0:d8:45:d1:87:06:11:2c:49:8b: d8:af:b1:e7:ac:10:0e:f9:d6:93:57:49:0a:d0:fe:c5:b9:59: 08:b8:9f:0c -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZt9yz9W3baJzT7aqF9MYVkIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm YmViOWEwHhcNMjYwMTAyMDgyMDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YWE5MzNmYTgxNDhhNTM1MDBiYTQyN2VhYjQyOThjZDkxYTc4NWI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup9B6+GATW4SDL10fbcRsDp990NB hTvkxQUiO3P+keY5NZGANvnXDMmtqcTTqUz/V3CBiaJdP8fUAHVSyZUzXZMOzqf8 +glNE/ns7zA+GOGurFHdGAw+7INBQBM4CF12MPlEGxcRHR2aIcM6cGUhQpYziwny fdYqEWf92uaVTb/oLvqyl7D47H1Aojg87z1QMt9LUnhz5cPecskzzx5N93xGBHGF rvvU98qtdhusSyTNGWbH5LKNOlKIIcyeS/a42YK8uaInbq7oSHw3gt2sib4uzdlu 0AdxXvVP3/aqxVHSpl/ocvEMDkEnnvaoEgRvlh0GjgLcH0cxVrIlQnVocwIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFIqpM/qBSKU1ALpCfqtCmM2Rp4W2MB8GA1UdIwQY MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt NmE0ZWNhZjhiM2IxLzEvaXFrei1vRklwVFVBdWtKLXEwS1l6WkduaGJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQA1BZTMCEE AgACMBsDBwAqCdACAAADBwAqCdADAAADBwAqCdAEAAAwDQYJKoZIhvcNAQELBQAD ggEBAADsSSwM4GYDhgoX2DlvQs7IRXo4lFVBME5MgQ8Tceapf6tvwoIDL+Na8GJh lmlklilntf7TXzYvrrCVcC11LmUNZxOxIbxUDLLxDd+G7Sp0YhD+q0TohPLuD4z+ uVTtgDMPjovhLZdz2oo05Aefejn9bc+DBAHcA8VD4014XeXr9Bb2kLZwLTCd3g20 2g8JitHcahWx6ut47VMiLWK2veOFLSM8qGr5fyLAtUCzU1S0ICryaTKQPq7vBu+5 4lDJpffmbAoXksU3hx+8u7hL4G3QqR/48CQLpvBKfV0K8uHYoNhF0YcGESxJi9iv seesEA751pNXSQrQ/sW5WQi4nww= -----END CERTIFICATE-----Generated at Sun Jan 25 11:47:25 2026 by rpki-client