This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f46d4e-ac33-4fd1-9e69-7954ed38c8ba/1/IihrDiOMMogMysZiqLuZCTGW7ps.roa File: IihrDiOMMogMysZiqLuZCTGW7ps.roa (raw, json) Hash identifier: 27NO7W1ghNU5VtJT3vvPiTMqw3X03DbaQcQd4NemsmM= Subject key identifier: 22:28:6B:0E:23:8C:32:88:0C:CA:C6:62:A8:BB:99:09:31:96:EE:9B Certificate issuer: /CN=5525775a706ac00c82fa29339e22e43108099e79 Certificate serial: 019B7C7FD9BE44EA474F0FEA8787BCE7E1B0 Authority key identifier: 55:25:77:5A:70:6A:C0:0C:82:FA:29:33:9E:22:E4:31:08:09:9E:79 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSV3WnBqwAyC-ikzniLkMQgJnnk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/f46d4e-ac33-4fd1-9e69-7954ed38c8ba/1/IihrDiOMMogMysZiqLuZCTGW7ps.roa Signing time: Fri 02 Jan 2026 02:18:32 +0000 ROA not before: Fri 02 Jan 2026 02:18:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212694 IP address blocks: 109.233.40.0/21 maxlen: 21 178.17.212.0/22 maxlen: 22 2a04:c040::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/f46d4e-ac33-4fd1-9e69-7954ed38c8ba/1/VSV3WnBqwAyC-ikzniLkMQgJnnk.crl rsync://rpki.ripe.net/repository/DEFAULT/78/f46d4e-ac33-4fd1-9e69-7954ed38c8ba/1/VSV3WnBqwAyC-ikzniLkMQgJnnk.mft rsync://rpki.ripe.net/repository/DEFAULT/VSV3WnBqwAyC-ikzniLkMQgJnnk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:d9:be:44:ea:47:4f:0f:ea:87:87:bc:e7:e1:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5525775a706ac00c82fa29339e22e43108099e79 Validity Not Before: Jan 2 02:18:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=22286b0e238c32880ccac662a8bb99093196ee9b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:b4:e5:06:eb:44:da:ed:ee:f8:a6:f8:e5:d2: a5:97:ef:2d:18:1e:89:50:0b:27:e6:f2:2c:49:b9: fc:a0:1f:b9:50:af:97:51:c4:9c:f8:3f:84:1e:5c: b3:66:59:ae:33:94:74:37:9c:15:4f:19:29:70:40: eb:17:f7:c3:7b:a0:57:c9:ba:8a:ab:72:e2:0f:e8: c4:ed:42:5d:8c:21:43:2e:a8:df:c7:2a:81:85:80: 9d:8e:ca:b5:43:5c:1a:52:d3:d0:d4:5b:ce:48:fd: d0:a1:dc:ca:26:53:01:9b:c2:b1:04:dd:fe:25:a4: 99:93:bc:9c:d2:9b:16:f4:17:c5:80:0b:56:5f:2f: 99:5c:05:16:8c:eb:2f:d6:92:b5:7e:b1:0f:d5:d1: af:31:fc:50:92:79:34:8d:82:62:7d:0f:95:8e:3f: 17:79:2b:f8:3b:8a:10:bd:54:7e:c4:61:39:64:7c: e1:2b:77:ff:5b:13:8b:e5:2c:23:fd:10:10:70:eb: 3c:90:f1:6a:50:2c:37:09:7b:62:7e:7e:ae:5a:cd: 25:0b:20:d8:d0:7a:d3:69:7b:57:a2:35:d5:26:17: d6:84:cf:b6:04:b2:40:bf:3c:92:a6:1c:60:78:89: 2d:36:6e:52:a8:0e:b6:b0:d3:3f:1e:e7:71:bb:43: 10:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:28:6B:0E:23:8C:32:88:0C:CA:C6:62:A8:BB:99:09:31:96:EE:9B X509v3 Authority Key Identifier: keyid:55:25:77:5A:70:6A:C0:0C:82:FA:29:33:9E:22:E4:31:08:09:9E:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSV3WnBqwAyC-ikzniLkMQgJnnk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f46d4e-ac33-4fd1-9e69-7954ed38c8ba/1/IihrDiOMMogMysZiqLuZCTGW7ps.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f46d4e-ac33-4fd1-9e69-7954ed38c8ba/1/VSV3WnBqwAyC-ikzniLkMQgJnnk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.233.40.0/21 178.17.212.0/22 IPv6: 2a04:c040::/29 Signature Algorithm: sha256WithRSAEncryption 3e:b6:7d:bb:4b:f6:99:e7:7b:63:1b:1f:f1:14:ff:0d:6e:d2: d5:6f:40:0d:0f:77:dd:9d:81:f8:a1:8f:29:d1:2b:d2:e0:f0: 9f:22:f6:ef:33:96:ac:8a:47:66:a3:57:b2:11:fe:07:f5:f3: 63:e0:b0:c2:77:db:02:4a:06:14:d0:38:26:e6:1a:f3:ce:7e: 7f:21:8f:3c:05:6e:c1:eb:3b:ef:a7:21:2b:11:02:88:ba:9e: c1:e6:75:cb:c1:05:d0:80:6f:b0:38:2b:66:c1:c7:71:14:3f: 87:28:54:a2:12:0b:10:88:fa:a4:84:7c:fe:37:6a:7b:0e:14: 82:ff:4c:21:07:8c:21:83:f6:e3:a7:a7:9a:ce:c2:d5:43:e8: f2:13:69:9b:e9:32:3e:44:93:b3:ff:83:d4:52:c2:87:48:32: b0:d8:80:3d:c0:3f:79:e5:6d:04:31:e9:e9:bd:f9:5c:df:bb: d3:40:27:ef:57:38:37:ee:80:8d:c1:30:05:20:45:5b:6f:28: 6f:10:f6:3f:6b:1a:d9:04:34:3f:e6:8d:15:d4:c8:90:10:69: 02:af:78:8c:a6:f9:66:ed:62:f6:cb:72:09:d5:2e:a1:b5:fc: a3:7c:d3:05:42:55:2d:ee:3e:86:bb:e5:29:fa:db:34:cb:b7: b8:e2:49:7e -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt8f9m+ROpHTw/qh4e85+GwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU1MjU3NzVhNzA2YWMwMGM4MmZhMjkzMzllMjJlNDMxMDgw OTllNzkwHhcNMjYwMTAyMDIxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMjI4NmIwZTIzOGMzMjg4MGNjYWM2NjJhOGJiOTkwOTMxOTZlZTliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbTlButE2u3u+Kb45dKll+8tGB6J UAsn5vIsSbn8oB+5UK+XUcSc+D+EHlyzZlmuM5R0N5wVTxkpcEDrF/fDe6BXybqK q3LiD+jE7UJdjCFDLqjfxyqBhYCdjsq1Q1waUtPQ1FvOSP3QodzKJlMBm8KxBN3+ JaSZk7yc0psW9BfFgAtWXy+ZXAUWjOsv1pK1frEP1dGvMfxQknk0jYJifQ+Vjj8X eSv4O4oQvVR+xGE5ZHzhK3f/WxOL5Swj/RAQcOs8kPFqUCw3CXtifn6uWs0lCyDY 0HrTaXtXojXVJhfWhM+2BLJAvzySphxgeIktNm5SqA62sNM/Hudxu0MQlwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFCIoaw4jjDKIDMrGYqi7mQkxlu6bMB8GA1UdIwQY MBaAFFUld1pwasAMgvopM54i5DEICZ55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVlNWM1duQnF3QXlDLWlrem5pTGtNUWdKbm5rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9mNDZkNGUtYWMzMy00ZmQxLTllNjkt Nzk1NGVkMzhjOGJhLzEvSWlockRpT01Nb2dNeXNaaXFMdVpDVEdXN3BzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OC9mNDZkNGUtYWMzMy00ZmQxLTllNjktNzk1NGVkMzhjOGJh LzEvVlNWM1duQnF3QXlDLWlrem5pTGtNUWdKbm5rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbekoAwQC shHUMA0EAgACMAcDBQMqBMBAMA0GCSqGSIb3DQEBCwUAA4IBAQA+tn27S/aZ53tj Gx/xFP8NbtLVb0AND3fdnYH4oY8p0SvS4PCfIvbvM5asikdmo1eyEf4H9fNj4LDC d9sCSgYU0Dgm5hrzzn5/IY88BW7B6zvvpyErEQKIup7B5nXLwQXQgG+wOCtmwcdx FD+HKFSiEgsQiPqkhHz+N2p7DhSC/0whB4whg/bjp6eazsLVQ+jyE2mb6TI+RJOz /4PUUsKHSDKw2IA9wD955W0EMenpvflc37vTQCfvVzg37oCNwTAFIEVbbyhvEPY/ axrZBDQ/5o0V1MiQEGkCr3iMpvlm7WL2y3IJ1S6htfyjfNMFQlUt7j6Gu+Up+ts0 y7e44kl+ -----END CERTIFICATE-----Generated at Sun Jan 25 17:20:06 2026 by rpki-client