This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/iqfYh6TWEKRMm2X8uwDgshG8YAo.roa File: iqfYh6TWEKRMm2X8uwDgshG8YAo.roa (raw, json) Hash identifier: Rp9rm6s4nYpBwp0JQHKchZiw07TIdLo9SUvRe9CCaMQ= Subject key identifier: 8A:A7:D8:87:A4:D6:10:A4:4C:9B:65:FC:BB:00:E0:B2:11:BC:60:0A Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Certificate serial: 019B7BA52CDD6221DCFA6D3E775D0404E3A1 Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/iqfYh6TWEKRMm2X8uwDgshG8YAo.roa Signing time: Thu 01 Jan 2026 22:19:41 +0000 ROA not before: Thu 01 Jan 2026 22:19:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25374 IP address blocks: 90.154.225.0/24 maxlen: 24 213.16.41.0/24 maxlen: 24 213.91.189.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 16:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:2c:dd:62:21:dc:fa:6d:3e:77:5d:04:04:e3:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Validity Not Before: Jan 1 22:19:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8aa7d887a4d610a44c9b65fcbb00e0b211bc600a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:7a:41:0b:0f:e8:49:43:67:73:d2:44:08:46: 3e:e3:6f:7a:6f:15:98:92:86:f7:2a:3a:78:01:88: f0:ee:cb:1c:6f:62:85:ed:37:73:5d:40:f9:bf:5e: f1:59:d6:02:b4:c1:85:d6:22:47:73:1d:6b:31:8c: e2:fb:a5:a2:46:01:c1:96:72:cb:ea:a9:1f:92:49: c6:53:a8:84:a8:a4:1f:e4:b4:15:38:69:b2:d9:a0: 77:ae:fb:f3:90:9e:bf:dd:4c:1c:da:bd:be:51:2c: ef:9d:2d:bb:8e:30:67:75:d3:e0:d8:36:4e:fe:06: 13:f3:a2:7c:cd:87:bf:67:92:c7:96:11:37:c7:b4: b6:dc:b5:f4:b6:6a:e1:c1:f0:e3:0d:1e:c8:e1:21: 86:3b:6c:37:f8:04:c6:b1:9a:68:59:a5:c4:21:0f: 0f:90:b2:31:a7:5a:7c:37:b1:35:d7:08:17:8a:61: 74:ea:96:70:05:f0:6f:f9:7c:68:74:23:de:eb:5f: 88:c4:b9:e0:b5:27:b6:eb:18:6e:1b:aa:f9:a8:f6: 3b:cc:34:ad:08:8d:38:f4:66:9e:9e:9b:0f:39:53: f7:31:72:b1:b4:aa:c5:58:cd:0a:61:b3:47:1d:49: a8:1d:72:96:80:cd:c7:76:cb:de:59:a5:39:50:39: 90:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:A7:D8:87:A4:D6:10:A4:4C:9B:65:FC:BB:00:E0:B2:11:BC:60:0A X509v3 Authority Key Identifier: keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/iqfYh6TWEKRMm2X8uwDgshG8YAo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 90.154.225.0/24 213.16.41.0/24 213.91.189.0/24 Signature Algorithm: sha256WithRSAEncryption 52:b8:1b:c6:2f:68:ce:81:9e:2e:92:51:76:7f:36:e6:e8:19: 40:cc:ce:ff:a4:57:e5:87:8c:f1:ae:9a:3d:55:d5:a2:04:fd: 32:1a:d5:66:27:00:2e:5f:ab:06:43:4d:dc:6f:f9:26:a4:68: a5:61:ea:7e:8a:ac:34:ca:61:f6:a6:bb:99:ab:66:ed:37:88: f7:75:e9:d5:ac:af:0c:73:41:1c:da:0d:7a:9d:95:b3:42:4e: 59:d8:ed:03:76:ec:74:4d:ad:ef:68:e5:03:4d:ef:e1:24:25: 18:f2:af:bd:3e:8d:f9:f9:13:8f:27:f5:1f:56:9b:20:91:95: 45:4f:96:95:39:d0:74:51:81:bc:12:06:d7:e9:3a:12:a0:14: e2:f4:a7:06:5e:10:6f:3c:a6:82:92:2c:6c:86:ba:4a:91:40: 48:64:4f:e4:ea:07:eb:1c:a3:f8:89:e7:38:5b:33:25:64:8d: 23:c2:e1:be:4f:06:be:d9:79:12:73:69:3a:39:53:01:ed:3c: 02:a3:56:45:1d:5d:29:c8:a3:f6:6d:6f:79:7a:7b:d1:e0:00: 3d:24:61:9e:1e:c5:6e:b7:78:4a:de:ee:e4:c8:49:1f:6d:2c: b6:72:4c:b0:0d:7d:32:a8:b0:e9:d6:bd:73:ac:10:97:4d:6b: f4:c4:3b:cd -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt7pSzdYiHc+m0+d10EBOOhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4 ZmI0YzQwHhcNMjYwMTAxMjIxOTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YWE3ZDg4N2E0ZDYxMGE0NGM5YjY1ZmNiYjAwZTBiMjExYmM2MDBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnpBCw/oSUNnc9JECEY+4296bxWY kob3Kjp4AYjw7sscb2KF7TdzXUD5v17xWdYCtMGF1iJHcx1rMYzi+6WiRgHBlnLL 6qkfkknGU6iEqKQf5LQVOGmy2aB3rvvzkJ6/3Uwc2r2+USzvnS27jjBnddPg2DZO /gYT86J8zYe/Z5LHlhE3x7S23LX0tmrhwfDjDR7I4SGGO2w3+ATGsZpoWaXEIQ8P kLIxp1p8N7E11wgXimF06pZwBfBv+XxodCPe61+IxLngtSe26xhuG6r5qPY7zDSt CI049GaenpsPOVP3MXKxtKrFWM0KYbNHHUmoHXKWgM3HdsveWaU5UDmQ1QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFIqn2Iek1hCkTJtl/LsA4LIRvGAKMB8GA1UdIwQY MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct ODcyYmEyZDlmNDRjLzEvaXFmWWg2VFdFS1JNbTJYOHV3RGdzaEc4WUFvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWprhAwQA 1RApAwQA1Vu9MA0GCSqGSIb3DQEBCwUAA4IBAQBSuBvGL2jOgZ4uklF2fzbm6BlA zM7/pFflh4zxrpo9VdWiBP0yGtVmJwAuX6sGQ03cb/kmpGilYep+iqw0ymH2pruZ q2btN4j3denVrK8Mc0Ec2g16nZWzQk5Z2O0Ddux0Ta3vaOUDTe/hJCUY8q+9Po35 +ROPJ/UfVpsgkZVFT5aVOdB0UYG8EgbX6ToSoBTi9KcGXhBvPKaCkixshrpKkUBI ZE/k6gfrHKP4iec4WzMlZI0jwuG+Twa+2XkSc2k6OVMB7TwCo1ZFHV0pyKP2bW95 envR4AA9JGGeHsVut3hK3u7kyEkfbSy2ckywDX0yqLDp1r1zrBCXTWv0xDvN -----END CERTIFICATE-----Generated at Fri Jan 23 21:34:10 2026 by rpki-client