This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Iw1Ke2s-IkIzDnj0YIlFl6nenwM.roa File: Iw1Ke2s-IkIzDnj0YIlFl6nenwM.roa (raw, json) Hash identifier: EnSrSFHA/0HgCr6JqA8shqMTt/GwtcqhPX7FIfssrCA= Subject key identifier: 23:0D:4A:7B:6B:3E:22:42:33:0E:78:F4:60:89:45:97:A9:DE:9F:03 Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Certificate serial: 019B7EA76FAB3A0067A734EAB8614B1A6003 Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Iw1Ke2s-IkIzDnj0YIlFl6nenwM.roa Signing time: Fri 02 Jan 2026 12:21:00 +0000 ROA not before: Fri 02 Jan 2026 12:21:00 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35177 IP address blocks: 5.139.192.0/21 maxlen: 21 5.139.204.0/23 maxlen: 23 5.139.207.0/24 maxlen: 24 5.139.208.0/20 maxlen: 20 62.183.100.0/22 maxlen: 22 62.183.104.0/21 maxlen: 21 62.183.112.0/22 maxlen: 22 85.173.136.0/21 maxlen: 21 94.233.128.0/21 maxlen: 21 178.35.192.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:6f:ab:3a:00:67:a7:34:ea:b8:61:4b:1a:60:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Validity Not Before: Jan 2 12:21:00 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=230d4a7b6b3e2242330e78f460894597a9de9f03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:e7:87:dd:0e:ec:3f:d7:bc:09:f6:4b:f8:8a: 01:05:a9:cc:94:a0:94:77:2c:66:d7:78:e9:d4:cc: ce:1c:1e:48:70:25:10:9c:a7:32:19:33:03:a0:32: 73:76:87:24:e6:5d:fd:a8:20:91:18:04:f7:c7:5e: 04:c1:5c:16:b0:4a:79:3a:b6:a8:06:67:5e:dd:93: 39:0f:06:b7:25:1a:a3:eb:5e:8e:c4:70:61:2d:0a: ff:c3:4c:f0:d0:d5:a4:b6:f4:18:40:ca:62:a8:7a: b9:c6:3a:29:75:f9:82:ad:6d:dc:52:d8:3e:1d:25: f6:58:06:06:be:c3:cd:b0:76:0c:12:de:08:28:d6: 93:f1:93:d9:59:a8:a5:ed:97:a9:93:6c:1f:2b:48: 72:ed:7c:54:67:73:9d:40:ca:ca:a9:02:ec:2d:a3: 8a:11:d0:89:d3:95:82:c4:97:37:32:de:b9:76:ad: 0b:f3:14:19:e5:be:7e:e8:fb:57:04:15:e2:fc:3b: f9:d0:ce:b8:2e:91:c5:eb:39:bd:cd:5c:a4:39:2c: ff:0d:d4:9c:15:df:e9:e1:15:7a:2b:5f:1d:9f:24: de:28:19:b5:1e:d9:f7:50:55:1a:41:fc:07:86:fe: b9:ba:52:34:aa:d9:5c:8e:6a:30:04:69:6a:19:2c: 64:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:0D:4A:7B:6B:3E:22:42:33:0E:78:F4:60:89:45:97:A9:DE:9F:03 X509v3 Authority Key Identifier: keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Iw1Ke2s-IkIzDnj0YIlFl6nenwM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.139.192.0/21 5.139.204.0/23 5.139.207.0-5.139.223.255 62.183.100.0-62.183.115.255 85.173.136.0/21 94.233.128.0/21 178.35.192.0/19 Signature Algorithm: sha256WithRSAEncryption 25:54:c4:c4:23:0f:03:8b:dd:b3:fe:d7:fc:e9:94:a8:2a:b7: 85:20:94:9b:75:5b:c6:b7:0a:fe:b5:dd:41:00:74:07:65:b6: 73:8b:20:04:0d:61:e1:50:e9:44:f8:62:2c:41:e7:de:28:8f: a7:db:d3:94:ec:a2:d3:ee:fa:72:eb:5f:0b:cb:9d:69:27:bc: ab:57:45:4a:6e:21:d0:ef:59:a6:13:02:75:8a:89:ff:5a:26: cf:d0:63:af:02:23:d9:4f:43:9c:cb:ea:4f:8b:47:fa:93:46: 82:ac:c2:83:73:a8:9e:6b:b1:2f:d2:38:aa:f2:fc:5a:d1:09: 14:5e:91:41:a8:e7:f6:40:ce:17:5d:2d:b7:29:fc:0d:a4:38: 8d:4a:9c:93:bc:c1:6e:c5:6c:3f:1a:af:15:21:5e:67:6e:e8: 2f:ec:2b:80:16:34:04:50:35:d9:4c:41:74:07:01:be:d8:07: 8b:60:f5:bd:2b:5c:b3:bc:d9:79:4c:cd:94:af:16:0d:c1:41: 74:05:b0:3d:f8:41:d7:fc:00:d7:61:98:cd:97:71:63:d0:d2: e5:b8:98:a1:a2:0b:79:9b:75:01:26:a1:85:23:af:1f:99:6e: 91:13:38:07:b7:33:11:f9:91:aa:35:c5:57:14:0a:34:80:fe: f5:7c:dd:9e -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgISAZt+p2+rOgBnpzTquGFLGmADMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx ZTZjMDkwHhcNMjYwMTAyMTIyMTAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMzBkNGE3YjZiM2UyMjQyMzMwZTc4ZjQ2MDg5NDU5N2E5ZGU5ZjAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseeH3Q7sP9e8CfZL+IoBBanMlKCU dyxm13jp1MzOHB5IcCUQnKcyGTMDoDJzdock5l39qCCRGAT3x14EwVwWsEp5Orao Bmde3ZM5Dwa3JRqj616OxHBhLQr/w0zw0NWktvQYQMpiqHq5xjopdfmCrW3cUtg+ HSX2WAYGvsPNsHYMEt4IKNaT8ZPZWail7Zepk2wfK0hy7XxUZ3OdQMrKqQLsLaOK EdCJ05WCxJc3Mt65dq0L8xQZ5b5+6PtXBBXi/Dv50M64LpHF6zm9zVykOSz/DdSc Fd/p4RV6K18dnyTeKBm1Htn3UFUaQfwHhv65ulI0qtlcjmowBGlqGSxkHQIDAQAB o4ICPTCCAjkwHQYDVR0OBBYEFCMNSntrPiJCMw549GCJRZep3p8DMB8GA1UdIwQY MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt NWE4NmMyNzU3YzFlLzEvSXcxS2Uycy1Ja0l6RG5qMFlJbEZsNm5lbndNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQDBYvAAwQB BYvMMAwDBAAFi88DBAUFi8AwDAMEAj63ZAMEAj63cAMEA1WtiAMEA17pgAMEBbIj wDANBgkqhkiG9w0BAQsFAAOCAQEAJVTExCMPA4vds/7X/OmUqCq3hSCUm3VbxrcK /rXdQQB0B2W2c4sgBA1h4VDpRPhiLEHn3iiPp9vTlOyi0+76cutfC8udaSe8q1dF Sm4h0O9ZphMCdYqJ/1omz9BjrwIj2U9DnMvqT4tH+pNGgqzCg3OonmuxL9I4qvL8 WtEJFF6RQajn9kDOF10ttyn8DaQ4jUqck7zBbsVsPxqvFSFeZ27oL+wrgBY0BFA1 2UxBdAcBvtgHi2D1vStcs7zZeUzNlK8WDcFBdAWwPfhB1/wA12GYzZdxY9DS5biY oaILeZt1ASahhSOvH5lukRM4B7czEfmRqjXFVxQKNID+9Xzdng== -----END CERTIFICATE-----Generated at Mon Jan 26 04:40:51 2026 by rpki-client