This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/IkpqFJlNa2437VP_tcxeJyVAPMM.roa File: IkpqFJlNa2437VP_tcxeJyVAPMM.roa (raw, json) Hash identifier: mlTIEBNdJZbIbhX3NLDEQ4pnepBeofaptKU6NdPs/uI= Subject key identifier: 22:4A:6A:14:99:4D:6B:6E:37:ED:53:FF:B5:CC:5E:27:25:40:3C:C3 Certificate issuer: /CN=fce25aca434feeb6f573aa463a12c6940bc4d198 Certificate serial: 019B7E377C99F1973F7E8C38967B9EB45A25 Authority key identifier: FC:E2:5A:CA:43:4F:EE:B6:F5:73:AA:46:3A:12:C6:94:0B:C4:D1:98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_OJaykNP7rb1c6pGOhLGlAvE0Zg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/IkpqFJlNa2437VP_tcxeJyVAPMM.roa Signing time: Fri 02 Jan 2026 10:18:43 +0000 ROA not before: Fri 02 Jan 2026 10:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21351 IP address blocks: 5.187.96.0/19 maxlen: 24 46.238.128.0/18 maxlen: 24 93.121.128.0/17 maxlen: 24 95.138.0.0/17 maxlen: 24 185.29.48.0/22 maxlen: 24 213.16.0.0/19 maxlen: 24 213.188.160.0/19 maxlen: 24 2a02:1390::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/_OJaykNP7rb1c6pGOhLGlAvE0Zg.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/_OJaykNP7rb1c6pGOhLGlAvE0Zg.mft rsync://rpki.ripe.net/repository/DEFAULT/_OJaykNP7rb1c6pGOhLGlAvE0Zg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:7c:99:f1:97:3f:7e:8c:38:96:7b:9e:b4:5a:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fce25aca434feeb6f573aa463a12c6940bc4d198 Validity Not Before: Jan 2 10:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=224a6a14994d6b6e37ed53ffb5cc5e2725403cc3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:9b:db:9f:c6:9b:2c:9e:72:df:82:db:5b:95: 33:f0:b8:b5:8f:e1:02:c7:f6:20:7e:33:50:c6:88: 74:d1:2b:eb:a9:f5:e7:18:c0:85:02:f5:be:3b:6f: e7:a4:6c:78:5a:52:d6:59:95:84:a0:11:d5:97:a0: 88:1f:52:0a:cb:f2:94:d6:87:f0:2d:d5:af:8c:be: a2:b9:bb:de:a4:79:5b:60:1a:06:98:47:35:c7:fa: 5c:bd:6e:a0:96:f6:1f:77:3e:06:6c:5e:ec:fe:30: 36:5f:7e:2b:d8:d8:e9:97:fb:50:32:fd:91:14:bf: 56:5d:09:e0:ff:0e:11:62:6b:82:c7:a2:ba:4a:64: db:98:d7:9d:d8:30:31:ab:90:a1:b9:2d:65:ef:85: c5:53:83:d9:97:f9:62:e0:ec:20:6d:a3:10:67:8d: 3a:e4:0a:90:7b:01:fd:6e:70:c1:6f:26:49:42:6c: 9b:de:6e:d2:5c:aa:4f:17:ef:f3:51:e8:f6:5e:be: 24:0d:a9:77:6d:54:94:b1:9f:e6:f2:1e:4e:78:a8: ba:7a:81:f4:d0:c5:b4:22:8e:22:cb:2b:16:96:35: 06:28:b5:54:3f:c2:78:bf:57:a2:0b:19:9c:ff:44: 11:b0:ad:33:db:d4:97:d2:99:22:0d:d5:51:ee:e4: 5e:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:4A:6A:14:99:4D:6B:6E:37:ED:53:FF:B5:CC:5E:27:25:40:3C:C3 X509v3 Authority Key Identifier: keyid:FC:E2:5A:CA:43:4F:EE:B6:F5:73:AA:46:3A:12:C6:94:0B:C4:D1:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_OJaykNP7rb1c6pGOhLGlAvE0Zg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/IkpqFJlNa2437VP_tcxeJyVAPMM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/0c9dbb-f2ef-4f15-8b2e-643e447444d6/1/_OJaykNP7rb1c6pGOhLGlAvE0Zg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.187.96.0/19 46.238.128.0/18 93.121.128.0/17 95.138.0.0/17 185.29.48.0/22 213.16.0.0/19 213.188.160.0/19 IPv6: 2a02:1390::/29 Signature Algorithm: sha256WithRSAEncryption 8f:c2:4f:d0:2a:df:18:f1:08:f7:86:4a:ee:81:05:c9:9a:f6: 04:b4:8f:64:ce:3c:45:cb:03:87:e8:ba:ad:a5:be:9f:01:78: 22:f5:3c:2a:95:01:1b:75:b0:55:b2:0d:c2:3c:fc:dd:92:d4: 4e:30:bc:59:75:14:8a:25:ad:fb:65:09:ed:e4:b3:67:59:c6: 36:ca:a3:db:ed:d4:88:47:cd:fb:1e:d9:19:46:75:46:6e:40: 2b:43:ca:d2:78:89:30:14:84:60:9d:8b:11:a3:47:c3:d3:a7: 21:68:79:37:e5:e8:b7:04:34:b0:ec:da:11:4f:52:a3:c7:a3: 55:42:53:66:17:d8:f8:9c:54:47:b3:fc:47:3c:10:2d:1b:3e: 71:d9:03:80:10:a9:41:cb:13:e7:b4:0f:9c:54:2e:14:09:52: 7e:06:e3:9e:4a:05:be:c6:bb:73:cc:3e:07:71:34:cc:d4:80: 0a:fc:d7:15:2b:2d:c2:5a:02:d7:c8:41:f1:17:09:ee:00:04: 45:8b:21:72:4c:ac:08:df:1b:f9:7d:be:19:76:24:77:95:9b: 8c:8a:0f:82:bc:9b:4a:d9:b6:ca:96:4d:7a:12:0b:41:7b:c1: 13:3d:ed:d1:48:e3:52:9a:9c:1d:5f:e8:e4:e2:ef:5b:8d:e4: 00:1d:20:02 -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgISAZt+N3yZ8Zc/fow4lnuetFolMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZjZTI1YWNhNDM0ZmVlYjZmNTczYWE0NjNhMTJjNjk0MGJj NGQxOTgwHhcNMjYwMTAyMTAxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMjRhNmExNDk5NGQ2YjZlMzdlZDUzZmZiNWNjNWUyNzI1NDAzY2MzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJvbn8abLJ5y34LbW5Uz8Li1j+EC x/YgfjNQxoh00SvrqfXnGMCFAvW+O2/npGx4WlLWWZWEoBHVl6CIH1IKy/KU1ofw LdWvjL6iubvepHlbYBoGmEc1x/pcvW6glvYfdz4GbF7s/jA2X34r2Njpl/tQMv2R FL9WXQng/w4RYmuCx6K6SmTbmNed2DAxq5ChuS1l74XFU4PZl/li4OwgbaMQZ406 5AqQewH9bnDBbyZJQmyb3m7SXKpPF+/zUej2Xr4kDal3bVSUsZ/m8h5OeKi6eoH0 0MW0Io4iyysWljUGKLVUP8J4v1eiCxmc/0QRsK0z29SX0pkiDdVR7uRe/wIDAQAB o4ICPDCCAjgwHQYDVR0OBBYEFCJKahSZTWtuN+1T/7XMXiclQDzDMB8GA1UdIwQY MBaAFPziWspDT+629XOqRjoSxpQLxNGYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX09KYXlrTlA3cmIxYzZwR09oTEdsQXZFMFpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8wYzlkYmItZjJlZi00ZjE1LThiMmUt NjQzZTQ0NzQ0NGQ2LzEvSWtwcUZKbE5hMjQzN1ZQX3RjeGVKeVZBUE1NLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy8wYzlkYmItZjJlZi00ZjE1LThiMmUtNjQzZTQ0NzQ0NGQ2 LzEvX09KYXlrTlA3cmIxYzZwR09oTEdsQXZFMFpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFBbtgAwQG Lu6AAwQHXXmAAwQHX4oAAwQCuR0wAwQF1RAAAwQF1bygMA0EAgACMAcDBQMqAhOQ MA0GCSqGSIb3DQEBCwUAA4IBAQCPwk/QKt8Y8Qj3hkrugQXJmvYEtI9kzjxFywOH 6Lqtpb6fAXgi9TwqlQEbdbBVsg3CPPzdktROMLxZdRSKJa37ZQnt5LNnWcY2yqPb 7dSIR837HtkZRnVGbkArQ8rSeIkwFIRgnYsRo0fD06chaHk35ei3BDSw7NoRT1Kj x6NVQlNmF9j4nFRHs/xHPBAtGz5x2QOAEKlByxPntA+cVC4UCVJ+BuOeSgW+xrtz zD4HcTTM1IAK/NcVKy3CWgLXyEHxFwnuAARFiyFyTKwI3xv5fb4ZdiR3lZuMig+C vJtK2bbKlk16EgtBe8ETPe3RSONSmpwdX+jk4u9bjeQAHSAC -----END CERTIFICATE-----Generated at Sun Jan 25 19:59:33 2026 by rpki-client