This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/Aa3-IX9Q5L903l6hxbaGkutiUDc.roa File: Aa3-IX9Q5L903l6hxbaGkutiUDc.roa (raw, json) Hash identifier: 86HjD4s9N7nHz6qRPx1oJDAQW0wNKeBRj+6qzWFQ0Mo= Subject key identifier: 01:AD:FE:21:7F:50:E4:BF:74:DE:5E:A1:C5:B6:86:92:EB:62:50:37 Certificate issuer: /CN=1bd2d463ae15346d5edd7937b8bfa8e09b14376d Certificate serial: 019B7BA3909EC589E55C307EC2220D651214 Authority key identifier: 1B:D2:D4:63:AE:15:34:6D:5E:DD:79:37:B8:BF:A8:E0:9B:14:37:6D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9LUY64VNG1e3Xk3uL-o4JsUN20.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/Aa3-IX9Q5L903l6hxbaGkutiUDc.roa Signing time: Thu 01 Jan 2026 22:17:55 +0000 ROA not before: Thu 01 Jan 2026 22:17:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204467 IP address blocks: 185.247.156.0/22 maxlen: 22 2a01:6dc0::/32 maxlen: 32 2a0d:c680::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/G9LUY64VNG1e3Xk3uL-o4JsUN20.crl rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/G9LUY64VNG1e3Xk3uL-o4JsUN20.mft rsync://rpki.ripe.net/repository/DEFAULT/G9LUY64VNG1e3Xk3uL-o4JsUN20.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:90:9e:c5:89:e5:5c:30:7e:c2:22:0d:65:12:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1bd2d463ae15346d5edd7937b8bfa8e09b14376d Validity Not Before: Jan 1 22:17:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=01adfe217f50e4bf74de5ea1c5b68692eb625037 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:4f:61:e0:2d:8a:bc:15:60:40:4a:fd:f1:b6: 04:32:be:62:29:8e:db:1a:b8:77:26:13:7c:29:0e: 9e:09:07:51:50:46:2a:93:26:85:e1:b4:2c:9f:b9: ee:c3:31:a4:cc:1f:aa:78:30:6d:8d:1f:3a:49:fc: 39:48:41:a5:9f:43:9b:16:23:ad:e0:17:61:11:f7: ec:89:b4:20:cd:92:2a:a5:f6:a8:29:21:fb:71:0e: a6:50:98:c8:7d:63:ab:79:df:b7:3b:82:14:64:c2: a8:9c:a7:da:ba:47:22:52:26:76:6e:9b:0c:f0:88: 18:10:e3:a4:81:97:c8:16:ce:f8:f6:01:fd:27:4f: 0c:0d:3d:0d:de:0a:0d:38:fb:0f:81:5f:58:1a:1d: 20:9e:b1:4d:04:6c:71:f7:d3:40:e9:89:89:1f:4b: f5:f7:fc:0c:65:0d:f9:77:0f:fc:ce:72:16:5e:30: b3:36:3e:e8:3f:21:38:fa:95:c0:e1:fe:82:c2:b2: 79:36:e8:8e:83:a6:15:33:b6:93:1b:c6:9b:7b:62: 90:eb:95:0c:7e:2a:59:1c:8c:c3:14:1c:d7:58:93: 09:3c:69:5e:9b:c6:01:a0:c6:a3:49:3b:b0:e3:8e: fb:85:ea:9f:8c:53:1d:65:fb:9e:c0:16:b8:c9:f3: ff:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:AD:FE:21:7F:50:E4:BF:74:DE:5E:A1:C5:B6:86:92:EB:62:50:37 X509v3 Authority Key Identifier: keyid:1B:D2:D4:63:AE:15:34:6D:5E:DD:79:37:B8:BF:A8:E0:9B:14:37:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9LUY64VNG1e3Xk3uL-o4JsUN20.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/Aa3-IX9Q5L903l6hxbaGkutiUDc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/70c477-a8cd-4a72-b669-1f93c239a012/1/G9LUY64VNG1e3Xk3uL-o4JsUN20.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.247.156.0/22 IPv6: 2a01:6dc0::/32 2a0d:c680::/29 Signature Algorithm: sha256WithRSAEncryption 1e:86:b8:18:c5:dd:2a:39:df:c8:5d:72:fb:0b:95:84:35:f0: a9:ee:f5:9c:2c:4c:98:ce:95:f3:b0:5d:21:e2:68:6f:54:0e: 0e:90:30:fb:71:e2:e3:2e:72:28:1e:f2:e8:23:71:40:2d:4f: 10:bd:ec:f0:f3:07:84:fd:c4:2a:f8:32:82:6d:12:64:73:6c: 9b:c7:ff:fb:b2:1b:5a:40:32:d6:14:16:a6:ed:af:ef:6f:cf: 6b:39:20:fb:1b:84:a9:c2:bc:59:41:e4:89:12:02:1a:a8:fe: 42:51:52:df:a0:89:db:ed:09:3d:23:ae:58:ef:bb:4b:d4:82: 70:a1:49:97:cc:f4:61:37:fb:52:c1:86:55:ec:49:2b:ec:97: bb:1d:2e:5d:4b:a6:ef:cb:7e:4d:ca:97:f0:c0:5e:18:a4:8f: 2a:76:2d:70:dc:12:e3:ed:ca:42:a8:69:cd:ad:ad:59:4d:68: 7d:91:88:48:37:83:e1:05:60:0f:4d:3a:e3:64:7c:4a:fc:9c: be:45:93:ec:95:14:7f:3a:aa:2b:74:fd:02:3e:ca:c6:7e:f8: db:e7:a6:bd:41:fa:1b:9a:2c:d2:b9:db:43:b3:aa:c0:2c:44: b7:4e:23:8a:d1:71:6b:ea:7d:2d:bb:9e:ba:f5:8b:be:33:a2: 33:59:da:aa -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt7o5CexYnlXDB+wiINZRIUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiZDJkNDYzYWUxNTM0NmQ1ZWRkNzkzN2I4YmZhOGUwOWIx NDM3NmQwHhcNMjYwMTAxMjIxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMWFkZmUyMTdmNTBlNGJmNzRkZTVlYTFjNWI2ODY5MmViNjI1MDM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsk9h4C2KvBVgQEr98bYEMr5iKY7b Grh3JhN8KQ6eCQdRUEYqkyaF4bQsn7nuwzGkzB+qeDBtjR86Sfw5SEGln0ObFiOt 4BdhEffsibQgzZIqpfaoKSH7cQ6mUJjIfWOred+3O4IUZMKonKfaukciUiZ2bpsM 8IgYEOOkgZfIFs749gH9J08MDT0N3goNOPsPgV9YGh0gnrFNBGxx99NA6YmJH0v1 9/wMZQ35dw/8znIWXjCzNj7oPyE4+pXA4f6CwrJ5NuiOg6YVM7aTG8abe2KQ65UM fipZHIzDFBzXWJMJPGlem8YBoMajSTuw4477heqfjFMdZfuewBa4yfP/UwIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFAGt/iF/UOS/dN5eocW2hpLrYlA3MB8GA1UdIwQY MBaAFBvS1GOuFTRtXt15N7i/qOCbFDdtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzlMVVk2NFZORzFlM1hrM3VMLW80SnNVTjIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83MGM0NzctYThjZC00YTcyLWI2Njkt MWY5M2MyMzlhMDEyLzEvQWEzLUlYOVE1TDkwM2w2aHhiYUdrdXRpVURjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC83MGM0NzctYThjZC00YTcyLWI2NjktMWY5M2MyMzlhMDEy LzEvRzlMVVk2NFZORzFlM1hrM3VMLW80SnNVTjIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQCufecMBQE AgACMA4DBQAqAW3AAwUDKg3GgDANBgkqhkiG9w0BAQsFAAOCAQEAHoa4GMXdKjnf yF1y+wuVhDXwqe71nCxMmM6V87BdIeJob1QODpAw+3Hi4y5yKB7y6CNxQC1PEL3s 8PMHhP3EKvgygm0SZHNsm8f/+7IbWkAy1hQWpu2v72/Pazkg+xuEqcK8WUHkiRIC Gqj+QlFS36CJ2+0JPSOuWO+7S9SCcKFJl8z0YTf7UsGGVexJK+yXux0uXUum78t+ TcqX8MBeGKSPKnYtcNwS4+3KQqhpza2tWU1ofZGISDeD4QVgD00642R8SvycvkWT 7JUUfzqqK3T9Aj7Kxn742+emvUH6G5os0rnbQ7OqwCxEt04jitFxa+p9LbueuvWL vjOiM1naqg== -----END CERTIFICATE-----Generated at Mon Jan 26 01:41:12 2026 by rpki-client