This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/ab11c9-25d5-43fa-9bd3-b1ec28c67c74/1/i2cZnlYGJSDWJ6GKJm4zBpOtiSE.roa File: i2cZnlYGJSDWJ6GKJm4zBpOtiSE.roa (raw, json) Hash identifier: yQNvuB3MUN74TcqegiLU8qLGixGGpPrYKgj9auUBTzo= Subject key identifier: 8B:67:19:9E:56:06:25:20:D6:27:A1:8A:26:6E:33:06:93:AD:89:21 Certificate issuer: /CN=f08a08eb8fa7bee6a3183e32de51a2f3ccd4ae47 Certificate serial: 019B797EE61CD4585D9649C210F8242E5201 Authority key identifier: F0:8A:08:EB:8F:A7:BE:E6:A3:18:3E:32:DE:51:A2:F3:CC:D4:AE:47 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8IoI64-nvuajGD4y3lGi88zUrkc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/ab11c9-25d5-43fa-9bd3-b1ec28c67c74/1/i2cZnlYGJSDWJ6GKJm4zBpOtiSE.roa Signing time: Thu 01 Jan 2026 12:18:38 +0000 ROA not before: Thu 01 Jan 2026 12:18:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 135357 IP address blocks: 185.216.248.0/22 maxlen: 22 185.216.248.0/24 maxlen: 24 185.216.249.0/24 maxlen: 24 185.216.250.0/24 maxlen: 24 185.216.251.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/ab11c9-25d5-43fa-9bd3-b1ec28c67c74/1/8IoI64-nvuajGD4y3lGi88zUrkc.crl rsync://rpki.ripe.net/repository/DEFAULT/77/ab11c9-25d5-43fa-9bd3-b1ec28c67c74/1/8IoI64-nvuajGD4y3lGi88zUrkc.mft rsync://rpki.ripe.net/repository/DEFAULT/8IoI64-nvuajGD4y3lGi88zUrkc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:e6:1c:d4:58:5d:96:49:c2:10:f8:24:2e:52:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f08a08eb8fa7bee6a3183e32de51a2f3ccd4ae47 Validity Not Before: Jan 1 12:18:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8b67199e56062520d627a18a266e330693ad8921 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:b0:2c:bc:01:fc:6f:8f:17:ef:60:37:ab:21: b9:cc:fa:a2:34:2c:6c:b1:5f:46:f1:2f:50:a1:7e: b1:c1:a9:33:39:30:58:f9:42:4c:30:c6:ca:c1:5b: 49:77:48:88:a9:f3:4a:c4:8b:0b:01:c9:64:4a:28: 38:f3:75:db:96:97:2a:0a:5f:d2:36:31:75:9a:10: f2:f0:ff:03:92:56:df:43:0b:2a:91:e7:4d:9a:bd: 83:c6:6a:08:91:aa:85:1e:9b:ee:87:fc:57:4b:c7: e2:d1:8a:a1:62:17:31:f5:9b:c6:73:e0:5c:13:03: 12:65:71:5e:da:01:ec:b6:85:d6:d6:3b:bb:08:fa: e2:f0:ee:df:82:5e:e7:84:18:58:00:4b:8a:60:6b: d7:10:d9:9c:25:be:e2:de:e3:20:a7:0e:ab:0e:dd: 3f:f2:74:9c:25:14:38:f0:fa:9d:0f:13:2b:c8:0f: 6c:7f:b6:90:b5:c5:41:2a:e0:15:4c:d2:c2:59:17: 4e:a7:47:e1:f4:59:6f:a3:25:3a:be:40:a7:ca:eb: ad:a8:10:7c:37:62:ca:1d:22:c2:aa:b5:34:81:df: 10:93:05:2c:d1:4f:0e:2c:5d:18:32:7b:c3:15:7a: 45:94:da:dc:a4:c9:6e:3f:e7:22:fc:d5:83:6b:1d: 56:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:67:19:9E:56:06:25:20:D6:27:A1:8A:26:6E:33:06:93:AD:89:21 X509v3 Authority Key Identifier: keyid:F0:8A:08:EB:8F:A7:BE:E6:A3:18:3E:32:DE:51:A2:F3:CC:D4:AE:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8IoI64-nvuajGD4y3lGi88zUrkc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/ab11c9-25d5-43fa-9bd3-b1ec28c67c74/1/i2cZnlYGJSDWJ6GKJm4zBpOtiSE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/77/ab11c9-25d5-43fa-9bd3-b1ec28c67c74/1/8IoI64-nvuajGD4y3lGi88zUrkc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.216.248.0/22 Signature Algorithm: sha256WithRSAEncryption 3d:0f:9b:cd:9e:a0:f0:1a:22:e8:19:d1:83:c8:a6:22:a1:c1: b9:81:40:41:3a:62:3e:51:7d:16:94:ca:1e:70:ff:21:b2:fc: 3f:40:ea:09:ec:7a:43:66:14:93:49:b0:09:bb:16:8f:8c:2b: 07:c0:ce:36:71:f9:fb:b2:e5:bf:07:bb:bd:a6:42:1e:a8:e3: 7c:c4:0e:68:11:1d:df:a0:9a:3b:e7:ab:21:f6:8c:87:11:07: 20:92:e1:40:03:de:be:12:1b:d0:59:a2:e7:5d:d9:e1:6c:de: 3a:5c:fb:cb:73:41:5b:24:1a:4f:3d:0d:e4:eb:75:d4:ad:b6: fd:c3:fe:69:94:c5:eb:1a:d1:73:b9:f6:1a:3e:d9:38:e4:eb: 7c:ff:43:45:a1:4d:84:9e:bc:f9:dd:9d:d0:8c:23:fa:24:f2: 70:91:b9:01:10:b6:12:8c:a7:4a:06:08:ca:86:e4:b1:ca:a6: 38:44:d3:5c:04:0e:5a:6c:89:8c:8d:34:d4:87:66:c8:78:2f: c3:9a:15:70:d8:69:14:e1:79:ba:1c:4d:12:3d:85:48:2d:5c: ba:a2:cc:22:ba:b6:c4:56:3d:9f:a3:47:f5:3b:e1:41:24:d9: 5a:5a:7b:9d:a7:39:1c:7a:48:43:b3:8a:83:5b:03:54:57:ba: 5f:13:56:41 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5fuYc1FhdlknCEPgkLlIBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwOGEwOGViOGZhN2JlZTZhMzE4M2UzMmRlNTFhMmYzY2Nk NGFlNDcwHhcNMjYwMTAxMTIxODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YjY3MTk5ZTU2MDYyNTIwZDYyN2ExOGEyNjZlMzMwNjkzYWQ4OTIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbAsvAH8b48X72A3qyG5zPqiNCxs sV9G8S9QoX6xwakzOTBY+UJMMMbKwVtJd0iIqfNKxIsLAclkSig483XblpcqCl/S NjF1mhDy8P8DklbfQwsqkedNmr2DxmoIkaqFHpvuh/xXS8fi0YqhYhcx9ZvGc+Bc EwMSZXFe2gHstoXW1ju7CPri8O7fgl7nhBhYAEuKYGvXENmcJb7i3uMgpw6rDt0/ 8nScJRQ48PqdDxMryA9sf7aQtcVBKuAVTNLCWRdOp0fh9FlvoyU6vkCnyuutqBB8 N2LKHSLCqrU0gd8QkwUs0U8OLF0YMnvDFXpFlNrcpMluP+ci/NWDax1WVwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFItnGZ5WBiUg1iehiiZuMwaTrYkhMB8GA1UdIwQY MBaAFPCKCOuPp77moxg+Mt5RovPM1K5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOElvSTY0LW52dWFqR0Q0eTNsR2k4OHpVcmtjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9hYjExYzktMjVkNS00M2ZhLTliZDMt YjFlYzI4YzY3Yzc0LzEvaTJjWm5sWUdKU0RXSjZHS0ptNHpCcE90aVNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ny9hYjExYzktMjVkNS00M2ZhLTliZDMtYjFlYzI4YzY3Yzc0 LzEvOElvSTY0LW52dWFqR0Q0eTNsR2k4OHpVcmtjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudj4MA0G CSqGSIb3DQEBCwUAA4IBAQA9D5vNnqDwGiLoGdGDyKYiocG5gUBBOmI+UX0WlMoe cP8hsvw/QOoJ7HpDZhSTSbAJuxaPjCsHwM42cfn7suW/B7u9pkIeqON8xA5oER3f oJo756sh9oyHEQcgkuFAA96+EhvQWaLnXdnhbN46XPvLc0FbJBpPPQ3k63XUrbb9 w/5plMXrGtFzufYaPtk45Ot8/0NFoU2Enrz53Z3QjCP6JPJwkbkBELYSjKdKBgjK huSxyqY4RNNcBA5abImMjTTUh2bIeC/DmhVw2GkU4Xm6HE0SPYVILVy6oswiurbE Vj2fo0f1O+FBJNlaWnudpzkcekhDs4qDWwNUV7pfE1ZB -----END CERTIFICATE-----Generated at Sun Jan 25 15:15:20 2026 by rpki-client