This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/iycZ2loJdRjirtO_seZ634r8_x0.roa File: iycZ2loJdRjirtO_seZ634r8_x0.roa (raw, json) Hash identifier: thC+/QzA8XYVNXPbLOpRmVtVajPX50NvJVqTRlkA1kA= Subject key identifier: 8B:27:19:DA:5A:09:75:18:E2:AE:D3:BF:B1:E6:7A:DF:8A:FC:FF:1D Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315 Certificate serial: 019B7D5D17E88BEF56744E12FCE3DE581749 Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/iycZ2loJdRjirtO_seZ634r8_x0.roa Signing time: Fri 02 Jan 2026 06:20:11 +0000 ROA not before: Fri 02 Jan 2026 06:20:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31400 IP address blocks: 37.114.96.0/19 maxlen: 24 82.211.0.0/18 maxlen: 24 84.200.0.0/16 maxlen: 32 84.201.0.0/18 maxlen: 32 185.171.204.0/22 maxlen: 32 2001:1608::/32 maxlen: 48 2001:1638::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.mft rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:17:e8:8b:ef:56:74:4e:12:fc:e3:de:58:17:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315 Validity Not Before: Jan 2 06:20:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8b2719da5a097518e2aed3bfb1e67adf8afcff1d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:8f:07:b0:91:fb:0c:18:1b:ff:1f:86:49:9f: 01:73:84:8f:43:b0:a6:57:fc:6f:d6:1d:9a:28:8f: de:18:56:ed:18:00:53:04:29:ff:f1:3c:c5:13:3f: 5e:7d:16:af:93:a6:28:c4:87:5e:e4:25:7b:fd:62: ad:94:ea:80:20:d5:d7:f1:37:14:7e:55:61:38:af: 34:24:a0:65:87:55:52:88:66:54:15:af:34:e3:e8: 72:92:72:1a:b8:f8:5e:de:9b:a6:01:c1:d1:90:06: 2c:90:d5:83:6e:80:02:01:53:27:2c:75:bf:f5:ce: fe:ec:40:f5:ab:6b:3e:dc:55:ac:fd:0b:40:be:95: e6:03:eb:99:28:94:9f:1e:99:80:08:69:83:31:08: 69:c3:0a:00:aa:9e:0a:3d:5b:77:a1:9d:fc:e3:76: d4:71:fd:51:2e:1f:d5:dc:1d:c2:12:66:85:94:1e: 21:85:94:e5:df:b6:c8:40:6a:93:90:13:f2:1a:dd: 1e:86:cf:6b:01:a9:f5:28:b7:61:77:69:35:58:14: e6:ab:0a:70:90:55:64:4e:97:91:bd:e1:05:8f:cc: 96:b9:c5:04:af:e3:1b:81:9e:43:68:95:dc:13:8f: 5c:a8:d2:18:e6:bb:c8:9a:18:99:aa:5c:a4:1e:04: 56:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:27:19:DA:5A:09:75:18:E2:AE:D3:BF:B1:E6:7A:DF:8A:FC:FF:1D X509v3 Authority Key Identifier: keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/iycZ2loJdRjirtO_seZ634r8_x0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.114.96.0/19 82.211.0.0/18 84.200.0.0-84.201.63.255 185.171.204.0/22 IPv6: 2001:1608::/32 2001:1638::/32 Signature Algorithm: sha256WithRSAEncryption 43:5b:c9:ea:d2:dd:c2:13:28:68:b0:e7:40:c4:24:f3:4f:5d: 1e:57:37:97:e0:00:26:3f:e4:c9:55:81:e2:5c:1d:d8:ca:0d: 2f:44:75:89:50:b8:f8:d6:22:9d:f9:54:d5:97:09:0e:f0:19: 18:91:a7:0d:46:c0:99:95:ce:b5:09:38:62:c4:ca:fc:c0:08: b9:0a:f4:d9:b4:7b:b8:72:ad:6d:63:65:6a:33:5b:a1:a8:2f: 95:8e:ca:a6:16:27:71:f5:90:93:d6:1e:9d:18:ae:33:fd:8a: 69:2b:36:83:8e:1b:5b:50:d0:5a:89:74:74:fd:49:36:48:1d: 33:f0:20:6d:82:b0:db:6d:36:ec:2b:21:68:bd:1e:13:57:9a: b4:4e:33:9a:1d:47:1f:ae:06:f3:b3:e0:06:ea:3d:7b:d4:be: 7a:76:22:f6:70:46:55:dd:63:76:dd:f2:ac:e9:ed:34:ed:86: a3:31:b2:97:72:88:89:f3:34:b9:90:74:7a:b4:8f:49:70:29: de:34:90:a4:fb:a1:70:61:32:78:ef:b9:77:5d:f2:11:19:ad: 6b:6d:b6:7a:f5:39:5e:5a:53:0d:df:74:24:7c:48:17:19:d2: a5:3b:6d:b2:be:06:01:8a:39:7e:4f:d6:30:45:6d:88:8d:44: 25:25:46:74 -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgISAZt9XRfoi+9WdE4S/OPeWBdJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3 NWQzMTUwHhcNMjYwMTAyMDYyMDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YjI3MTlkYTVhMDk3NTE4ZTJhZWQzYmZiMWU2N2FkZjhhZmNmZjFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwY8HsJH7DBgb/x+GSZ8Bc4SPQ7Cm V/xv1h2aKI/eGFbtGABTBCn/8TzFEz9efRavk6YoxIde5CV7/WKtlOqAINXX8TcU flVhOK80JKBlh1VSiGZUFa804+hyknIauPhe3pumAcHRkAYskNWDboACAVMnLHW/ 9c7+7ED1q2s+3FWs/QtAvpXmA+uZKJSfHpmACGmDMQhpwwoAqp4KPVt3oZ3843bU cf1RLh/V3B3CEmaFlB4hhZTl37bIQGqTkBPyGt0ehs9rAan1KLdhd2k1WBTmqwpw kFVkTpeRveEFj8yWucUEr+MbgZ5DaJXcE49cqNIY5rvImhiZqlykHgRW6wIDAQAB o4ICODCCAjQwHQYDVR0OBBYEFIsnGdpaCXUY4q7Tv7Hmet+K/P8dMB8GA1UdIwQY MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt MzNkNzI4NDMzYzExLzEvaXljWjJsb0pkUmppcnRPX3NlWjYzNHI4X3gwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAlBAIAATAfAwQFJXJgAwQG UtMAMAsDAwNUyAMEBlTJAAMEArmrzDAUBAIAAjAOAwUAIAEWCAMFACABFjgwDQYJ KoZIhvcNAQELBQADggEBAENbyerS3cITKGiw50DEJPNPXR5XN5fgACY/5MlVgeJc HdjKDS9EdYlQuPjWIp35VNWXCQ7wGRiRpw1GwJmVzrUJOGLEyvzACLkK9Nm0e7hy rW1jZWozW6GoL5WOyqYWJ3H1kJPWHp0YrjP9imkrNoOOG1tQ0FqJdHT9STZIHTPw IG2CsNttNuwrIWi9HhNXmrROM5odRx+uBvOz4AbqPXvUvnp2IvZwRlXdY3bd8qzp 7TTthqMxspdyiInzNLmQdHq0j0lwKd40kKT7oXBhMnjvuXdd8hEZrWtttnr1OV5a Uw3fdCR8SBcZ0qU7bbK+BgGKOX5P1jBFbYiNRCUlRnQ= -----END CERTIFICATE-----Generated at Sun Jan 25 16:40:21 2026 by rpki-client