This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/iKpp3qI47nAdkGSzRA3WViJJwfU.roa File: iKpp3qI47nAdkGSzRA3WViJJwfU.roa (raw, json) Hash identifier: cua53JtZVRFiG1D02IQc2WZ6uSxKMIhsPK5IrnlN2iI= Subject key identifier: 88:AA:69:DE:A2:38:EE:70:1D:90:64:B3:44:0D:D6:56:22:49:C1:F5 Certificate issuer: /CN=c6c58ed1af964a7668e44397619ee1985a2491c5 Certificate serial: 019B7C126B1D1573ACD336E7B9D5E0F487D2 Authority key identifier: C6:C5:8E:D1:AF:96:4A:76:68:E4:43:97:61:9E:E1:98:5A:24:91:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xsWO0a-WSnZo5EOXYZ7hmFokkcU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/iKpp3qI47nAdkGSzRA3WViJJwfU.roa Signing time: Fri 02 Jan 2026 00:19:00 +0000 ROA not before: Fri 02 Jan 2026 00:19:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 201237 IP address blocks: 185.81.20.0/24 maxlen: 24 185.81.21.0/24 maxlen: 24 185.81.22.0/24 maxlen: 24 185.81.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/xsWO0a-WSnZo5EOXYZ7hmFokkcU.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/xsWO0a-WSnZo5EOXYZ7hmFokkcU.mft rsync://rpki.ripe.net/repository/DEFAULT/xsWO0a-WSnZo5EOXYZ7hmFokkcU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:6b:1d:15:73:ac:d3:36:e7:b9:d5:e0:f4:87:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c6c58ed1af964a7668e44397619ee1985a2491c5 Validity Not Before: Jan 2 00:19:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=88aa69dea238ee701d9064b3440dd6562249c1f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:31:82:4a:13:d7:3e:24:c3:01:fb:f3:06:15: 2f:eb:11:40:31:86:41:f9:6d:19:74:fe:23:86:17: 4f:4b:ca:94:b3:37:9e:b1:47:dd:74:af:89:b9:eb: 0e:20:40:b6:1b:70:a3:e7:3a:4b:ec:43:42:05:12: 4b:e3:70:8a:e5:90:1e:05:ab:47:97:7d:9c:b1:d3: 63:5f:f7:b4:61:bc:08:79:7a:9a:a3:94:cf:68:a6: 45:8a:ba:07:5a:af:ee:cf:fc:33:3e:33:2a:9a:9f: e5:32:df:cb:c4:85:09:87:98:75:ca:76:6d:fb:95: e5:c2:70:72:40:32:77:15:ca:4d:bc:85:d4:3b:0e: f8:c1:0c:75:d7:c2:70:c4:69:5b:bd:41:88:a8:8b: ed:65:f9:52:0b:37:64:5c:89:11:42:b4:20:9f:15: 12:f5:0f:9e:0c:64:2c:44:08:ab:55:d6:2b:30:c2: 1f:fb:0e:cf:85:46:8d:e2:f0:a9:cb:d9:40:de:60: 08:a9:b7:ae:d1:ad:bc:a5:e4:7f:cc:bf:c3:e0:9b: 93:5a:d9:41:73:65:30:f0:ed:b3:a3:69:53:68:a4: b0:fa:de:7d:27:5d:89:2c:98:d9:d3:2f:88:a0:78: a7:9a:73:76:9e:a0:02:9b:8a:16:f1:1b:60:37:29: ad:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:AA:69:DE:A2:38:EE:70:1D:90:64:B3:44:0D:D6:56:22:49:C1:F5 X509v3 Authority Key Identifier: keyid:C6:C5:8E:D1:AF:96:4A:76:68:E4:43:97:61:9E:E1:98:5A:24:91:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xsWO0a-WSnZo5EOXYZ7hmFokkcU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/iKpp3qI47nAdkGSzRA3WViJJwfU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/fc2815-d293-40af-bf3c-1c8afd19fdbb/1/xsWO0a-WSnZo5EOXYZ7hmFokkcU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.81.20.0/22 Signature Algorithm: sha256WithRSAEncryption 5f:0f:0d:8d:c9:c3:9d:15:8e:03:cc:e8:32:1a:f4:f7:e7:2c: 6b:7d:ba:7b:ce:f6:5f:e4:1a:ef:28:47:3e:41:24:cf:a9:b5: 95:9a:71:de:27:f4:16:a9:d5:b4:81:f3:cb:ff:af:ba:7a:2c: ea:84:27:f9:a3:de:2e:53:00:1b:7f:62:90:ab:5b:26:61:0c: 31:6c:5a:ec:c6:c0:da:6d:0c:2a:f8:32:cc:a3:4e:29:8e:dd: c1:e5:7b:8f:73:2b:91:41:a3:ba:3c:f1:50:f7:81:8a:17:6a: 24:a0:9c:b2:8d:ae:e0:03:6d:94:09:12:05:94:58:3c:c0:45: 7d:2c:34:c7:e8:6a:83:7f:d7:7e:88:f0:e1:76:81:be:9d:64: f0:fb:6e:2d:66:81:df:57:d1:89:e4:7b:45:60:0f:2d:69:49: 41:0e:4c:da:5d:4e:fa:51:54:13:f6:f0:43:b8:27:d6:5e:8d: 11:c4:21:95:18:c8:f8:3a:9b:1e:ce:02:3c:ae:5c:bc:d5:10: b8:ec:f4:35:ae:6f:be:92:98:76:16:af:00:6d:dc:df:af:00: 7d:29:0d:59:a5:48:f2:da:39:8c:46:8f:f3:78:c6:7d:c1:50: 1d:e7:0f:05:63:3f:e2:88:bd:04:3a:67:c2:cc:43:01:0b:39: ad:05:c2:b8 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8EmsdFXOs0zbnudXg9IfSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2YzU4ZWQxYWY5NjRhNzY2OGU0NDM5NzYxOWVlMTk4NWEy NDkxYzUwHhcNMjYwMTAyMDAxOTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OGFhNjlkZWEyMzhlZTcwMWQ5MDY0YjM0NDBkZDY1NjIyNDljMWY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzGCShPXPiTDAfvzBhUv6xFAMYZB +W0ZdP4jhhdPS8qUszeesUfddK+JuesOIEC2G3Cj5zpL7ENCBRJL43CK5ZAeBatH l32csdNjX/e0YbwIeXqao5TPaKZFiroHWq/uz/wzPjMqmp/lMt/LxIUJh5h1ynZt +5XlwnByQDJ3FcpNvIXUOw74wQx118JwxGlbvUGIqIvtZflSCzdkXIkRQrQgnxUS 9Q+eDGQsRAirVdYrMMIf+w7PhUaN4vCpy9lA3mAIqbeu0a28peR/zL/D4JuTWtlB c2Uw8O2zo2lTaKSw+t59J12JLJjZ0y+IoHinmnN2nqACm4oW8RtgNymtwQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIiqad6iOO5wHZBks0QN1lYiScH1MB8GA1UdIwQY MBaAFMbFjtGvlkp2aORDl2Ge4ZhaJJHFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveHNXTzBhLVdTblpvNUVPWFlaN2htRm9ra2NVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mYzI4MTUtZDI5My00MGFmLWJmM2Mt MWM4YWZkMTlmZGJiLzEvaUtwcDNxSTQ3bkFka0dTelJBM1dWaUpKd2ZVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9mYzI4MTUtZDI5My00MGFmLWJmM2MtMWM4YWZkMTlmZGJi LzEveHNXTzBhLVdTblpvNUVPWFlaN2htRm9ra2NVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVEUMA0G CSqGSIb3DQEBCwUAA4IBAQBfDw2NycOdFY4DzOgyGvT35yxrfbp7zvZf5BrvKEc+ QSTPqbWVmnHeJ/QWqdW0gfPL/6+6eizqhCf5o94uUwAbf2KQq1smYQwxbFrsxsDa bQwq+DLMo04pjt3B5XuPcyuRQaO6PPFQ94GKF2okoJyyja7gA22UCRIFlFg8wEV9 LDTH6GqDf9d+iPDhdoG+nWTw+24tZoHfV9GJ5HtFYA8taUlBDkzaXU76UVQT9vBD uCfWXo0RxCGVGMj4OpsezgI8rly81RC47PQ1rm++kph2Fq8AbdzfrwB9KQ1ZpUjy 2jmMRo/zeMZ9wVAd5w8FYz/iiL0EOmfCzEMBCzmtBcK4 -----END CERTIFICATE-----Generated at Sun Jan 25 17:32:50 2026 by rpki-client