This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/iafYMwA1CChI3CF3y86ruCA7o6I.roa File: iafYMwA1CChI3CF3y86ruCA7o6I.roa (raw, json) Hash identifier: tTSoeaNC29Xke1fF6xeZHo/CiLM3GLD82IygoT7IYr4= Subject key identifier: 89:A7:D8:33:00:35:08:28:48:DC:21:77:CB:CE:AB:B8:20:3B:A3:A2 Certificate issuer: /CN=712f2269d15633bdbc71d8cd3f458cbd03fe031f Certificate serial: 019B7FF1E4AC3D25D381EE8A10B5CF0F62C6 Authority key identifier: 71:2F:22:69:D1:56:33:BD:BC:71:D8:CD:3F:45:8C:BD:03:FE:03:1F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/iafYMwA1CChI3CF3y86ruCA7o6I.roa Signing time: Fri 02 Jan 2026 18:21:57 +0000 ROA not before: Fri 02 Jan 2026 18:21:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212616 IP address blocks: 91.230.48.0/24 maxlen: 24 93.175.32.0/19 maxlen: 24 93.175.32.0/24 maxlen: 24 93.175.33.0/24 maxlen: 24 93.175.40.0/24 maxlen: 24 93.175.41.0/24 maxlen: 24 93.175.42.0/24 maxlen: 24 93.175.45.0/24 maxlen: 24 93.175.47.0/24 maxlen: 24 93.175.50.0/24 maxlen: 24 93.175.57.0/24 maxlen: 24 93.175.58.0/24 maxlen: 24 93.175.59.0/24 maxlen: 24 93.175.60.0/24 maxlen: 24 176.97.214.0/24 maxlen: 24 2a0e:5b00::/29 maxlen: 48 2a0e:5b00::/48 maxlen: 48 2a0e:5b00:3::/48 maxlen: 48 2a0e:5b00:100::/48 maxlen: 48 2a0e:5b00:403::/48 maxlen: 48 2a0e:5b00:406::/48 maxlen: 48 2a0e:5b00:409::/48 maxlen: 48 2a0e:5b00:40f::/48 maxlen: 48 2a0e:5b00:411::/48 maxlen: 48 2a0e:5b00:412::/48 maxlen: 48 2a0e:5b00:413::/48 maxlen: 48 2a0e:5b00:415::/48 maxlen: 48 2a0e:5b00:418::/48 maxlen: 48 2a0e:5b00:419::/48 maxlen: 48 2a0e:5b00:41b::/48 maxlen: 48 2a0e:5b00:41d::/48 maxlen: 48 2a0e:5b00:41e::/48 maxlen: 48 2a0e:5b00:41f::/48 maxlen: 48 2a0e:5b00:420::/48 maxlen: 48 2a0e:5b00:500::/48 maxlen: 48 2a0e:5b00:a00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.mft rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:e4:ac:3d:25:d3:81:ee:8a:10:b5:cf:0f:62:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=712f2269d15633bdbc71d8cd3f458cbd03fe031f Validity Not Before: Jan 2 18:21:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=89a7d8330035082848dc2177cbceabb8203ba3a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:b8:65:7c:eb:28:a5:c1:ea:2e:28:55:44:bf: 01:e0:21:8f:e3:80:ed:95:c0:0d:77:96:84:55:e3: 44:c9:c1:74:32:9f:8a:93:c0:74:6d:00:6c:e0:14: 3e:a5:21:be:8f:a0:29:45:46:46:f0:9b:67:0c:f4: 90:d2:86:05:95:01:12:dc:09:9b:32:c5:f0:13:d6: 92:7a:b1:b4:47:4e:35:9b:5f:92:21:dd:be:20:f9: 18:80:0e:5b:d1:bb:a6:0b:73:ad:38:49:09:ef:cc: 07:11:be:48:44:7a:25:58:c7:f5:0f:d0:48:6c:76: a4:f5:b2:66:97:56:48:1f:f2:8c:b9:d6:00:29:95: bd:09:45:04:7b:ff:d0:9e:36:6a:55:5a:f1:f4:a2: a8:3e:bb:a0:f1:6b:94:bf:2c:63:ab:32:c8:38:1e: fa:80:c5:78:5e:c3:82:2d:33:2d:04:65:83:32:31: ec:d7:2c:cc:ee:36:93:f9:b9:47:22:c8:e9:8f:b8: 6d:b1:5a:f1:9d:74:2e:cf:62:a7:91:16:2f:6a:4d: cd:cf:2b:16:00:11:21:1d:3e:d8:83:62:e8:ff:4a: 22:d9:e8:87:d3:d2:0b:54:f1:8e:78:87:40:bb:b1: b7:c0:ba:e1:06:dc:b7:25:3e:f7:48:57:e1:b8:74: e1:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:A7:D8:33:00:35:08:28:48:DC:21:77:CB:CE:AB:B8:20:3B:A3:A2 X509v3 Authority Key Identifier: keyid:71:2F:22:69:D1:56:33:BD:BC:71:D8:CD:3F:45:8C:BD:03:FE:03:1F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/iafYMwA1CChI3CF3y86ruCA7o6I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.230.48.0/24 93.175.32.0/19 176.97.214.0/24 IPv6: 2a0e:5b00::/29 Signature Algorithm: sha256WithRSAEncryption 0c:bc:92:d7:49:fb:a4:d7:d4:16:99:fe:14:15:60:87:77:cb: 36:b9:89:3d:59:fa:46:d2:2b:1c:5a:7b:65:57:94:0e:56:42: 00:77:47:88:7e:39:f6:d6:31:a2:5f:b7:53:74:5c:49:20:18: f0:8b:c0:45:81:7e:01:85:04:37:c0:e7:d6:cd:07:4b:de:ef: 0b:a3:03:0e:42:30:af:90:74:21:34:7f:0a:16:12:0a:a7:22: 42:39:fd:bc:e9:3e:3d:cf:23:84:f6:c8:e9:89:2f:70:38:86: e3:f3:35:24:30:b2:66:0b:dd:e6:cf:ba:d2:19:1f:06:ad:bb: bd:2a:eb:c9:97:7e:1b:ca:16:95:91:25:d3:b9:0d:f5:b1:03: 4c:f9:d9:cb:3e:44:9c:ca:7d:f0:8d:48:71:a4:20:a7:09:4d: 2a:da:30:b0:bc:f5:30:64:c3:81:7b:68:96:fc:3f:bb:79:b1: 0b:fb:30:3a:3d:6b:60:04:c2:25:53:44:05:b1:26:31:ef:15: d6:a5:fe:91:a6:d6:1f:ad:0c:c4:0f:00:c0:4a:ea:13:a8:9a: 58:74:96:af:8e:11:73:87:2e:ba:f7:17:5e:ae:1d:f6:06:0c: 0d:de:b7:52:88:4c:cc:11:ab:74:94:6c:27:f8:33:e7:a7:f8: 67:2a:c8:ee -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt/8eSsPSXTge6KELXPD2LGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxMmYyMjY5ZDE1NjMzYmRiYzcxZDhjZDNmNDU4Y2JkMDNm ZTAzMWYwHhcNMjYwMTAyMTgyMTU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OWE3ZDgzMzAwMzUwODI4NDhkYzIxNzdjYmNlYWJiODIwM2JhM2EyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbhlfOsopcHqLihVRL8B4CGP44Dt lcANd5aEVeNEycF0Mp+Kk8B0bQBs4BQ+pSG+j6ApRUZG8JtnDPSQ0oYFlQES3Amb MsXwE9aSerG0R041m1+SId2+IPkYgA5b0bumC3OtOEkJ78wHEb5IRHolWMf1D9BI bHak9bJml1ZIH/KMudYAKZW9CUUEe//QnjZqVVrx9KKoPrug8WuUvyxjqzLIOB76 gMV4XsOCLTMtBGWDMjHs1yzM7jaT+blHIsjpj7htsVrxnXQuz2KnkRYvak3NzysW ABEhHT7Yg2Lo/0oi2eiH09ILVPGOeIdAu7G3wLrhBty3JT73SFfhuHThhwIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFImn2DMANQgoSNwhd8vOq7ggO6OiMB8GA1UdIwQY MBaAFHEvImnRVjO9vHHYzT9FjL0D/gMfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY1M4aWFkRldNNzI4Y2RqTlAwV012UVAtQXg4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lNjM3M2MtNTNjZC00ZmQ1LWE0MzUt ZDE4YmFiOTUxNWJmLzEvaWFmWU13QTFDQ2hJM0NGM3k4NnJ1Q0E3bzZJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC9lNjM3M2MtNTNjZC00ZmQ1LWE0MzUtZDE4YmFiOTUxNWJm LzEvY1M4aWFkRldNNzI4Y2RqTlAwV012UVAtQXg4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+YwAwQF Xa8gAwQAsGHWMA0EAgACMAcDBQMqDlsAMA0GCSqGSIb3DQEBCwUAA4IBAQAMvJLX Sfuk19QWmf4UFWCHd8s2uYk9WfpG0iscWntlV5QOVkIAd0eIfjn21jGiX7dTdFxJ IBjwi8BFgX4BhQQ3wOfWzQdL3u8LowMOQjCvkHQhNH8KFhIKpyJCOf286T49zyOE 9sjpiS9wOIbj8zUkMLJmC93mz7rSGR8Grbu9KuvJl34byhaVkSXTuQ31sQNM+dnL PkScyn3wjUhxpCCnCU0q2jCwvPUwZMOBe2iW/D+7ebEL+zA6PWtgBMIlU0QFsSYx 7xXWpf6RptYfrQzEDwDASuoTqJpYdJavjhFzhy669xderh32BgwN3rdSiEzMEat0 lGwn+DPnp/hnKsju -----END CERTIFICATE-----Generated at Mon Jan 26 03:06:01 2026 by rpki-client