This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IEsPPuDOCuCKqPfKYAf4RzDmYlY.roa File: IEsPPuDOCuCKqPfKYAf4RzDmYlY.roa (raw, json) Hash identifier: 8gSzrvwNjSeLtIJX2dv1wRL989PUMnY3qQ4nb8PF6KQ= Subject key identifier: 20:4B:0F:3E:E0:CE:0A:E0:8A:A8:F7:CA:60:07:F8:47:30:E6:62:56 Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Certificate serial: 019C090F91496A021F9D2C61B94F0723355E Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IEsPPuDOCuCKqPfKYAf4RzDmYlY.roa Signing time: Thu 29 Jan 2026 09:22:21 +0000 ROA not before: Thu 29 Jan 2026 09:22:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57043 IP address blocks: 62.76.236.0/24 maxlen: 24 62.76.237.0/24 maxlen: 24 193.124.17.0/24 maxlen: 24 193.124.206.0/24 maxlen: 24 194.58.56.0/24 maxlen: 24 194.58.154.0/24 maxlen: 24 194.58.155.0/24 maxlen: 24 194.87.51.0/24 maxlen: 24 194.87.54.0/24 maxlen: 24 194.87.55.0/24 maxlen: 24 194.87.125.0/24 maxlen: 24 194.87.233.0/24 maxlen: 24 194.87.255.0/24 maxlen: 24 195.133.9.0/24 maxlen: 24 212.193.20.0/24 maxlen: 24 212.193.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 31 Jan 2026 03:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:09:0f:91:49:6a:02:1f:9d:2c:61:b9:4f:07:23:35:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7 Validity Not Before: Jan 29 09:22:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=204b0f3ee0ce0ae08aa8f7ca6007f84730e66256 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:73:0f:96:0c:9b:0a:32:ec:22:dc:43:af:75: 3c:94:c8:73:f4:a4:bd:ba:75:1c:29:83:46:d5:a7: 7d:a2:98:cb:f8:53:9b:47:30:d7:86:f5:92:e5:54: 2d:c4:41:6d:33:2d:bc:44:59:96:ae:c0:ef:90:ad: 2e:fe:94:81:36:08:e1:14:6d:6f:97:11:fa:2e:78: 98:f6:19:bb:96:73:50:17:76:a9:29:e5:fe:85:46: 98:4f:28:15:91:1b:92:3c:76:43:1d:6d:c3:35:5c: d2:29:8b:30:21:e0:55:bc:8f:7a:76:21:a4:4d:b7: a8:a8:8f:34:cc:e8:01:19:e2:8c:45:fc:5e:bf:82: aa:50:55:cb:03:dc:39:c5:35:84:04:1f:c4:1b:5b: ae:a2:65:a3:0f:fc:e7:ae:7c:67:b9:6d:09:43:2e: 47:ed:94:64:10:e7:06:7a:e5:6b:8f:b7:df:e7:cf: 4a:ea:86:8d:c3:b5:fe:06:be:55:c0:6f:68:b3:0c: fb:ca:dc:b6:e0:40:a4:c5:72:f2:28:61:73:e9:87: 21:54:18:59:97:eb:ff:c5:b5:c7:c0:39:4e:19:bd: 00:d1:d8:1d:82:2b:2d:e6:d2:c6:c4:00:ab:e5:3a: 80:98:f5:06:ff:33:37:78:23:99:9b:13:58:af:1f: 49:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:4B:0F:3E:E0:CE:0A:E0:8A:A8:F7:CA:60:07:F8:47:30:E6:62:56 X509v3 Authority Key Identifier: keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/IEsPPuDOCuCKqPfKYAf4RzDmYlY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.76.236.0/23 193.124.17.0/24 193.124.206.0/24 194.58.56.0/24 194.58.154.0/23 194.87.51.0/24 194.87.54.0/23 194.87.125.0/24 194.87.233.0/24 194.87.255.0/24 195.133.9.0/24 212.193.20.0/24 212.193.23.0/24 Signature Algorithm: sha256WithRSAEncryption 36:c8:df:9d:f6:ab:31:48:9e:80:83:c1:69:2a:0c:6f:4e:fc: a4:5f:d1:47:70:8b:06:dc:80:45:ec:2d:cc:d8:4f:71:e2:c5: 69:ad:70:31:5e:bb:dd:84:3d:81:2e:6d:3c:ae:f7:73:92:c4: 7a:ae:26:f2:fe:7a:e0:db:ae:bb:c9:0b:04:45:7b:fd:2f:f9: 54:38:d7:43:99:6d:0d:d2:39:46:75:d2:ee:44:4d:74:a2:2d: f3:1a:61:d4:50:53:ed:ac:7c:43:6d:a4:e4:e9:7d:ee:3b:84: 67:6c:ed:b6:7e:d4:d8:a9:e2:7a:8e:c6:6e:45:94:7a:5f:48: d8:25:2e:cd:bb:2d:e8:18:03:d6:d5:c8:cb:83:1f:3e:de:ae: ed:87:c5:d1:51:64:a3:42:83:6e:92:41:0c:a1:d1:55:67:ca: 21:ef:95:c7:f0:0a:5f:e2:8e:73:78:21:6f:10:ec:54:79:d8: 42:91:4a:20:4e:a6:eb:ea:51:d9:bc:f0:5b:0a:1b:65:29:2f: 53:02:55:ca:01:32:5f:79:6d:12:81:46:5f:46:b0:fd:a5:31: cd:d5:01:e4:0a:93:8e:b9:bb:69:79:7d:a4:af:80:74:56:60: 93:b7:de:78:9f:d8:4e:ed:a5:58:fe:6d:c6:32:c0:de:c7:33: b0:3d:36:69 -----BEGIN CERTIFICATE----- MIIFRTCCBC2gAwIBAgISAZwJD5FJagIfnSxhuU8HIzVeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw ZTFhYzcwHhcNMjYwMTI5MDkyMjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMDRiMGYzZWUwY2UwYWUwOGFhOGY3Y2E2MDA3Zjg0NzMwZTY2MjU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnMPlgybCjLsItxDr3U8lMhz9KS9 unUcKYNG1ad9opjL+FObRzDXhvWS5VQtxEFtMy28RFmWrsDvkK0u/pSBNgjhFG1v lxH6LniY9hm7lnNQF3apKeX+hUaYTygVkRuSPHZDHW3DNVzSKYswIeBVvI96diGk TbeoqI80zOgBGeKMRfxev4KqUFXLA9w5xTWEBB/EG1uuomWjD/znrnxnuW0JQy5H 7ZRkEOcGeuVrj7ff589K6oaNw7X+Br5VwG9oswz7yty24ECkxXLyKGFz6YchVBhZ l+v/xbXHwDlOGb0A0dgdgist5tLGxACr5TqAmPUG/zM3eCOZmxNYrx9JwQIDAQAB o4ICUTCCAk0wHQYDVR0OBBYEFCBLDz7gzgrgiqj3ymAH+Ecw5mJWMB8GA1UdIwQY MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt NWE0MjQyOGYxMTQzLzEvSUVzUFB1RE9DdUNLcVBmS1lBZjRSekRtWWxZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBPkzsAwQA wXwRAwQAwXzOAwQAwjo4AwQBwjqaAwQAwlczAwQBwlc2AwQAwld9AwQAwlfpAwQA wlf/AwQAw4UJAwQA1MEUAwQA1MEXMA0GCSqGSIb3DQEBCwUAA4IBAQA2yN+d9qsx SJ6Ag8FpKgxvTvykX9FHcIsG3IBF7C3M2E9x4sVprXAxXrvdhD2BLm08rvdzksR6 riby/nrg2667yQsERXv9L/lUONdDmW0N0jlGddLuRE10oi3zGmHUUFPtrHxDbaTk 6X3uO4RnbO22ftTYqeJ6jsZuRZR6X0jYJS7Nuy3oGAPW1cjLgx8+3q7th8XRUWSj QoNukkEModFVZ8oh75XH8Apf4o5zeCFvEOxUedhCkUogTqbr6lHZvPBbChtlKS9T AlXKATJfeW0SgUZfRrD9pTHN1QHkCpOOubtpeX2kr4B0VmCTt954n9hO7aVY/m3G MsDexzOwPTZp -----END CERTIFICATE-----Generated at Fri Jan 30 08:43:34 2026 by rpki-client