This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/Iah6OtePYjsFUK1ItaCxT3f3zKY.roa File: Iah6OtePYjsFUK1ItaCxT3f3zKY.roa (raw, json) Hash identifier: 0NSq5x0ip6moKx2U8dB9ksLnbIPKXG3GFtAROl7MkCQ= Subject key identifier: 21:A8:7A:3A:D7:8F:62:3B:05:50:AD:48:B5:A0:B1:4F:77:F7:CC:A6 Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315 Certificate serial: 019B7D5D1A609C0EF2E054BD22BADA6E0D14 Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/Iah6OtePYjsFUK1ItaCxT3f3zKY.roa Signing time: Fri 02 Jan 2026 06:20:12 +0000 ROA not before: Fri 02 Jan 2026 06:20:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214036 IP address blocks: 31.172.80.0/24 maxlen: 32 31.172.83.0/24 maxlen: 32 31.172.87.0/24 maxlen: 32 79.133.41.0/24 maxlen: 32 79.133.46.0/24 maxlen: 32 79.133.51.0/24 maxlen: 32 79.133.56.0/24 maxlen: 32 79.133.57.0/24 maxlen: 32 84.200.16.0/24 maxlen: 32 84.200.17.0/24 maxlen: 32 84.200.24.0/24 maxlen: 32 84.200.27.0/24 maxlen: 32 84.200.73.0/24 maxlen: 32 84.200.77.0/24 maxlen: 32 84.200.80.0/24 maxlen: 32 84.200.81.0/24 maxlen: 32 84.200.87.0/24 maxlen: 32 84.200.89.0/24 maxlen: 32 84.200.91.0/24 maxlen: 32 84.200.125.0/24 maxlen: 32 84.200.128.0/24 maxlen: 32 84.200.154.0/24 maxlen: 32 84.200.192.0/24 maxlen: 32 84.200.193.0/24 maxlen: 32 84.200.205.0/24 maxlen: 32 84.201.4.0/24 maxlen: 32 84.201.5.0/24 maxlen: 32 84.201.6.0/24 maxlen: 32 84.201.14.0/24 maxlen: 24 84.201.20.0/24 maxlen: 32 84.201.25.0/24 maxlen: 24 159.100.6.0/24 maxlen: 32 159.100.9.0/24 maxlen: 32 159.100.13.0/24 maxlen: 32 159.100.14.0/24 maxlen: 32 159.100.17.0/24 maxlen: 32 159.100.18.0/24 maxlen: 32 159.100.19.0/24 maxlen: 32 159.100.20.0/24 maxlen: 32 159.100.22.0/24 maxlen: 32 159.100.29.0/24 maxlen: 32 159.100.30.0/24 maxlen: 32 212.224.86.0/24 maxlen: 32 212.224.88.0/24 maxlen: 32 212.224.93.0/24 maxlen: 32 212.224.107.0/24 maxlen: 32 212.224.125.0/24 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.mft rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:1a:60:9c:0e:f2:e0:54:bd:22:ba:da:6e:0d:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315 Validity Not Before: Jan 2 06:20:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21a87a3ad78f623b0550ad48b5a0b14f77f7cca6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:72:6e:e6:77:ba:1d:ec:71:a2:21:9d:3a:2b: d3:12:ff:ea:b0:42:1c:2c:73:f4:50:1b:d3:29:19: 7e:24:6b:75:67:cd:02:29:55:5c:76:7f:9d:8e:fc: 68:e7:c6:15:2e:68:42:4e:7e:38:98:a4:1a:6e:85: 16:30:a1:f9:eb:dd:f4:bd:72:1c:2e:ce:26:39:3d: 33:38:1c:2a:55:4b:e2:6d:c7:e9:60:9b:e0:fe:70: ae:3c:16:3d:25:9b:f0:7d:00:3e:31:ab:3d:3e:d6: ac:a3:3d:21:1e:fd:30:c3:ea:93:82:45:34:65:e9: 4e:c8:1b:39:aa:07:a5:0b:f7:7b:6e:f7:ff:d2:17: 9a:10:c1:ae:2b:bb:d0:4f:41:dd:bf:b6:da:ae:51: 4a:4a:21:96:87:8c:b7:a2:21:8f:d8:d7:0d:cf:c6: 0b:2d:36:f6:a0:16:d8:a3:56:a4:e6:70:d5:b5:98: 71:d7:f9:77:bb:a0:c2:36:5a:32:65:0e:a7:26:5f: bf:e8:ca:ef:3d:d5:2f:1f:25:94:7e:1a:0e:0c:da: 9c:99:b1:4d:ff:64:c3:7a:4e:01:82:49:99:21:2a: 21:21:e0:15:ef:dd:3e:32:cb:85:70:3f:60:e4:44: c1:4d:90:13:25:b1:5c:75:34:00:6c:4b:96:73:6f: 52:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:A8:7A:3A:D7:8F:62:3B:05:50:AD:48:B5:A0:B1:4F:77:F7:CC:A6 X509v3 Authority Key Identifier: keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/Iah6OtePYjsFUK1ItaCxT3f3zKY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.172.80.0/24 31.172.83.0/24 31.172.87.0/24 79.133.41.0/24 79.133.46.0/24 79.133.51.0/24 79.133.56.0/23 84.200.16.0/23 84.200.24.0/24 84.200.27.0/24 84.200.73.0/24 84.200.77.0/24 84.200.80.0/23 84.200.87.0/24 84.200.89.0/24 84.200.91.0/24 84.200.125.0/24 84.200.128.0/24 84.200.154.0/24 84.200.192.0/23 84.200.205.0/24 84.201.4.0-84.201.6.255 84.201.14.0/24 84.201.20.0/24 84.201.25.0/24 159.100.6.0/24 159.100.9.0/24 159.100.13.0-159.100.14.255 159.100.17.0-159.100.20.255 159.100.22.0/24 159.100.29.0-159.100.30.255 212.224.86.0/24 212.224.88.0/24 212.224.93.0/24 212.224.107.0/24 212.224.125.0/24 Signature Algorithm: sha256WithRSAEncryption 69:cc:13:e8:05:6f:d1:44:4b:d2:5f:34:ed:43:74:ca:c9:ae: 5f:f8:fc:74:80:ab:83:f4:b7:d3:ba:84:cd:0a:92:0a:ea:67: 15:1c:cc:21:2a:7d:e5:37:d1:7c:17:8a:22:66:73:9d:2a:06: 7c:0f:d5:f3:bc:44:05:dd:88:e3:c8:69:5d:69:38:41:a9:f5: 3b:de:3d:4e:72:6c:1b:c0:66:a7:9f:e0:03:28:85:23:79:67: d5:f2:fc:ac:a0:68:8c:d2:d4:f6:5c:0b:29:5c:d2:5c:aa:3b: 12:73:16:31:01:2d:a4:7f:30:d8:eb:37:8f:54:0e:5b:ad:51: ef:a9:68:d9:ec:1b:89:ee:c1:1d:8d:7f:bf:eb:22:d4:f1:d9: 70:2b:cf:1d:0c:2a:a7:d6:cf:71:2d:59:e7:d3:4d:44:a5:aa: bf:49:c9:9e:b8:b2:b3:dd:46:83:3b:9d:b3:a4:4e:4f:03:f7: 55:49:8d:66:ee:3d:64:c3:80:89:70:e3:4c:42:c0:94:a8:f1: 19:1e:6f:ef:63:63:b2:7b:51:55:db:9e:3d:57:29:b4:6d:75: 97:51:d9:01:86:85:f0:e8:4c:ff:8b:83:a6:05:35:d0:eb:18: f1:1b:be:0e:69:65:3b:5a:05:e7:e0:3a:7d:5d:e6:9b:c8:9d: 41:3b:a8:20 -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgISAZt9XRpgnA7y4FS9Irrabg0UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3 NWQzMTUwHhcNMjYwMTAyMDYyMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWE4N2EzYWQ3OGY2MjNiMDU1MGFkNDhiNWEwYjE0Zjc3ZjdjY2E2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXJu5ne6HexxoiGdOivTEv/qsEIc LHP0UBvTKRl+JGt1Z80CKVVcdn+djvxo58YVLmhCTn44mKQaboUWMKH56930vXIc Ls4mOT0zOBwqVUvibcfpYJvg/nCuPBY9JZvwfQA+Mas9Ptasoz0hHv0ww+qTgkU0 ZelOyBs5qgelC/d7bvf/0heaEMGuK7vQT0Hdv7barlFKSiGWh4y3oiGP2NcNz8YL LTb2oBbYo1ak5nDVtZhx1/l3u6DCNloyZQ6nJl+/6MrvPdUvHyWUfhoODNqcmbFN /2TDek4BgkmZISohIeAV790+MsuFcD9g5ETBTZATJbFcdTQAbEuWc29SgwIDAQAB o4IDAzCCAv8wHQYDVR0OBBYEFCGoejrXj2I7BVCtSLWgsU9398ymMB8GA1UdIwQY MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt MzNkNzI4NDMzYzExLzEvSWFoNk90ZVBZanNGVUsxSXRhQ3hUM2YzektZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCB/wQCAAEwgfgD BAAfrFADBAAfrFMDBAAfrFcDBABPhSkDBABPhS4DBABPhTMDBAFPhTgDBAFUyBAD BABUyBgDBABUyBsDBABUyEkDBABUyE0DBAFUyFADBABUyFcDBABUyFkDBABUyFsD BABUyH0DBABUyIADBABUyJoDBAFUyMADBABUyM0wDAMEAlTJBAMEAFTJBgMEAFTJ DgMEAFTJFAMEAFTJGQMEAJ9kBgMEAJ9kCTAMAwQAn2QNAwQAn2QOMAwDBACfZBED BACfZBQDBACfZBYwDAMEAJ9kHQMEAJ9kHgMEANTgVgMEANTgWAMEANTgXQMEANTg awMEANTgfTANBgkqhkiG9w0BAQsFAAOCAQEAacwT6AVv0URL0l807UN0ysmuX/j8 dICrg/S307qEzQqSCupnFRzMISp95TfRfBeKImZznSoGfA/V87xEBd2I48hpXWk4 Qan1O949TnJsG8Bmp5/gAyiFI3ln1fL8rKBojNLU9lwLKVzSXKo7EnMWMQEtpH8w 2Os3j1QOW61R76lo2ewbie7BHY1/v+si1PHZcCvPHQwqp9bPcS1Z59NNRKWqv0nJ nriys91Ggzuds6ROTwP3VUmNZu49ZMOAiXDjTELAlKjxGR5v72NjsntRVduePVcp tG11l1HZAYaF8OhM/4uDpgU10OsY8Ru+DmllO1oF5+A6fV3mm8idQTuoIA== -----END CERTIFICATE-----Generated at Sun Jan 25 21:26:22 2026 by rpki-client