This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/IHMW0iOLCaPimXteCXKckZiuXok.roa File: IHMW0iOLCaPimXteCXKckZiuXok.roa (raw, json) Hash identifier: eKTeqM0561BoLTc+G0Vfml+zBr4iHbl5NUyAYC+RQzM= Subject key identifier: 20:73:16:D2:23:8B:09:A3:E2:99:7B:5E:09:72:9C:91:98:AE:5E:89 Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795 Certificate serial: 019B77C75841DBEEECDDCDF6D54CEF86188F Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/IHMW0iOLCaPimXteCXKckZiuXok.roa Signing time: Thu 01 Jan 2026 04:18:31 +0000 ROA not before: Thu 01 Jan 2026 04:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216259 IP address blocks: 46.32.175.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.mft rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:58:41:db:ee:ec:dd:cd:f6:d5:4c:ef:86:18:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795 Validity Not Before: Jan 1 04:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=207316d2238b09a3e2997b5e09729c9198ae5e89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:18:72:16:da:80:dd:27:45:e0:b6:a5:12:df: 3a:83:9d:e0:f6:aa:f5:5f:06:c5:dc:e6:33:25:2a: d5:f5:e4:7d:21:b4:70:49:23:d8:e5:d4:7b:78:09: 61:ed:ee:68:ea:64:98:7c:85:fe:cb:fc:6d:15:3d: 91:71:5b:52:6e:97:7a:00:29:83:23:ff:64:a2:95: 06:d1:98:12:03:45:81:c1:a4:87:03:a0:f0:be:84: cb:c1:ec:2e:b2:aa:2f:3e:39:36:95:78:77:7b:bb: 2b:63:3c:0d:a9:9c:9e:9e:fc:71:e6:2a:a2:bc:51: 3b:99:b6:d9:0f:dc:8c:78:db:7d:ad:7e:b5:6d:3f: 15:9f:b7:7b:f1:8d:9b:aa:11:6b:1d:89:43:bb:8f: 5b:b5:4b:bf:ee:a8:f4:f9:20:6b:92:56:8d:f2:a8: 22:b5:fa:a7:3b:d7:a6:7e:f5:bb:a3:ff:15:ab:ce: b5:e0:6c:82:55:d8:db:81:08:3d:06:48:99:fc:82: b0:a2:d3:cd:8a:56:11:30:73:d4:d3:96:8f:f9:77: 52:23:9b:b7:50:d9:60:db:f5:72:e1:0e:c9:17:b7: 7c:c8:bb:f3:37:1a:cc:40:eb:56:d6:82:ee:1a:77: 57:0e:4f:c0:26:5e:3b:d7:54:3b:f7:35:db:7d:22: 87:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:73:16:D2:23:8B:09:A3:E2:99:7B:5E:09:72:9C:91:98:AE:5E:89 X509v3 Authority Key Identifier: keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/IHMW0iOLCaPimXteCXKckZiuXok.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.32.175.0/24 Signature Algorithm: sha256WithRSAEncryption 71:96:ed:e8:32:3f:d6:72:35:83:49:2e:95:81:09:0e:3e:85: f1:b6:a8:1d:3a:ed:38:7f:ec:d4:c1:16:df:ba:f6:99:32:bc: 5e:a1:b4:95:45:a3:4f:16:9f:eb:52:5e:40:2e:94:66:ef:99: 43:e8:d8:8b:0a:8e:12:33:d1:f3:cc:2f:fd:98:9d:f9:52:5d: 2f:30:df:f6:33:2c:d3:32:38:30:82:43:7c:3c:97:aa:76:3e: 3f:97:ac:c6:d0:c5:f0:63:eb:99:83:d4:31:66:23:1d:5d:c5: 2c:b8:e8:40:e2:84:74:79:41:8c:a7:0c:ed:19:36:d4:87:35: 70:36:d2:02:9a:f3:58:29:79:30:96:5e:c7:1a:11:d2:76:4e: a7:84:93:7c:78:38:ce:22:8f:6f:17:1e:8a:5d:3f:0b:64:a6: fb:29:77:92:50:46:04:b5:a8:d9:fe:91:4e:aa:88:3f:8a:11: ec:75:c1:85:98:06:fb:99:eb:39:40:fc:f4:c8:7b:d4:6b:0f: 3b:cd:21:0c:9f:4c:fa:19:44:a9:6b:c7:38:a0:24:f6:5e:48: 6f:6c:ba:e9:d2:db:ba:39:bb:48:d4:0d:c2:3d:af:b5:a6:2b: 8c:cf:eb:b5:4a:91:19:84:76:44:eb:15:36:ba:e8:23:91:f6: 82:4e:48:d6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3x1hB2+7s3c321UzvhhiPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0 Mzc3OTUwHhcNMjYwMTAxMDQxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMDczMTZkMjIzOGIwOWEzZTI5OTdiNWUwOTcyOWM5MTk4YWU1ZTg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6BhyFtqA3SdF4LalEt86g53g9qr1 XwbF3OYzJSrV9eR9IbRwSSPY5dR7eAlh7e5o6mSYfIX+y/xtFT2RcVtSbpd6ACmD I/9kopUG0ZgSA0WBwaSHA6DwvoTLwewusqovPjk2lXh3e7srYzwNqZyenvxx5iqi vFE7mbbZD9yMeNt9rX61bT8Vn7d78Y2bqhFrHYlDu49btUu/7qj0+SBrklaN8qgi tfqnO9emfvW7o/8Vq8614GyCVdjbgQg9BkiZ/IKwotPNilYRMHPU05aP+XdSI5u3 UNlg2/Vy4Q7JF7d8yLvzNxrMQOtW1oLuGndXDk/AJl4711Q79zXbfSKHgQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCBzFtIjiwmj4pl7XglynJGYrl6JMB8GA1UdIwQY MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt MzZlMzQ0YWJjOWQzLzEvSUhNVzBpT0xDYVBpbVh0ZUNYS2NrWml1WG9rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMtMzZlMzQ0YWJjOWQz LzEvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALiCvMA0G CSqGSIb3DQEBCwUAA4IBAQBxlu3oMj/WcjWDSS6VgQkOPoXxtqgdOu04f+zUwRbf uvaZMrxeobSVRaNPFp/rUl5ALpRm75lD6NiLCo4SM9HzzC/9mJ35Ul0vMN/2MyzT MjgwgkN8PJeqdj4/l6zG0MXwY+uZg9QxZiMdXcUsuOhA4oR0eUGMpwztGTbUhzVw NtICmvNYKXkwll7HGhHSdk6nhJN8eDjOIo9vFx6KXT8LZKb7KXeSUEYEtajZ/pFO qog/ihHsdcGFmAb7mes5QPz0yHvUaw87zSEMn0z6GUSpa8c4oCT2XkhvbLrp0tu6 ObtI1A3CPa+1piuMz+u1SpEZhHZE6xU2uugjkfaCTkjW -----END CERTIFICATE-----Generated at Sun Jan 25 22:47:04 2026 by rpki-client