This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/ciaQlUvorb3T9kkBE9Xu1IsgvKc.roa File: ciaQlUvorb3T9kkBE9Xu1IsgvKc.roa (raw, json) Hash identifier: VNJdzz/72lS34u2DkpWU+3GufkDP0XEWhrdhfaj5reI= Subject key identifier: 72:26:90:95:4B:E8:AD:BD:D3:F6:49:01:13:D5:EE:D4:8B:20:BC:A7 Certificate issuer: /CN=ffa3e55141c1a1f9f2e28811ed7e77fad378a579 Certificate serial: 019B7E38ECFB7F46902751D04807D23FA8AE Authority key identifier: FF:A3:E5:51:41:C1:A1:F9:F2:E2:88:11:ED:7E:77:FA:D3:78:A5:79 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/ciaQlUvorb3T9kkBE9Xu1IsgvKc.roa Signing time: Fri 02 Jan 2026 10:20:18 +0000 ROA not before: Fri 02 Jan 2026 10:20:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202736 IP address blocks: 109.122.26.0/24 maxlen: 24 109.122.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.crl rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.mft rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:ec:fb:7f:46:90:27:51:d0:48:07:d2:3f:a8:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ffa3e55141c1a1f9f2e28811ed7e77fad378a579 Validity Not Before: Jan 2 10:20:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=722690954be8adbdd3f6490113d5eed48b20bca7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:e1:b8:37:64:aa:57:66:0a:cc:11:93:e1:a1: 14:c5:b7:c7:9a:27:cf:35:0d:f9:c7:1a:75:d0:fb: 86:c7:48:82:c1:34:7a:18:ba:a0:a4:0c:2f:65:ed: 8f:74:ca:7c:54:ad:21:91:9d:43:db:75:a1:05:0a: be:90:d1:80:e9:d1:06:dd:1a:44:fb:40:ae:73:94: cb:27:e4:28:d1:2a:fc:0a:dc:ec:25:ac:b0:e8:e8: 7d:fc:76:99:0f:f4:dc:45:ab:6f:93:ac:db:7a:87: 63:71:46:46:21:d1:73:69:c8:fc:42:89:67:72:a5: 23:60:80:e4:2d:c7:8a:42:b1:53:5e:fb:76:68:d7: 8d:d0:71:2f:d9:53:52:3e:fc:66:c2:d5:c0:72:45: 55:ab:25:96:97:8e:ce:b0:ce:a4:5c:0e:71:a8:7c: e1:47:78:b3:b4:dc:e3:ca:e6:04:b6:3f:60:3f:06: 4b:be:8d:b6:d6:e6:dd:6a:f3:26:09:88:0d:43:2a: 25:ba:eb:9f:69:0e:86:d8:4d:8b:cf:31:c8:88:59: 9b:73:49:fe:d9:dc:4a:bc:84:25:80:a1:b1:a5:b8: 1b:90:80:5e:ec:63:b6:53:20:72:89:53:c9:9d:a2: b4:ad:06:e1:44:ef:6c:3a:0e:91:f5:07:10:a1:7e: e3:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:26:90:95:4B:E8:AD:BD:D3:F6:49:01:13:D5:EE:D4:8B:20:BC:A7 X509v3 Authority Key Identifier: keyid:FF:A3:E5:51:41:C1:A1:F9:F2:E2:88:11:ED:7E:77:FA:D3:78:A5:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/ciaQlUvorb3T9kkBE9Xu1IsgvKc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.122.26.0/24 109.122.29.0/24 Signature Algorithm: sha256WithRSAEncryption 5b:2e:34:83:e2:af:35:dc:a8:40:0f:41:0d:07:27:07:94:54: 23:87:e4:21:33:28:94:01:e6:59:e9:4d:72:01:e4:63:de:c3: 94:5d:56:cf:63:19:00:8d:f3:e9:22:2b:e5:06:8e:18:c2:1c: 91:40:15:c4:85:f4:13:df:8e:5e:1e:33:9b:4c:87:1f:67:0c: a2:7d:ed:36:ef:a6:e6:78:b1:80:b3:53:f8:a4:8c:99:41:2b: c0:73:b8:d6:f9:59:b8:8e:ea:8e:77:e4:c2:08:f7:52:3f:32: 78:c5:4f:36:a4:1f:b5:99:bd:eb:0e:9d:21:c0:7d:9c:e2:a0: 5c:11:fc:c6:95:ce:60:36:c2:62:ca:81:96:37:bc:ec:e9:bd: 79:82:0e:68:fd:1c:bb:50:50:4c:26:e9:46:85:1b:95:b4:f9: 75:fe:c5:6c:8a:1f:88:64:3b:12:47:49:f5:16:9f:57:97:71: 04:5e:da:7d:04:c0:02:43:e1:9f:0d:e9:f3:dc:25:70:c3:8f: 7e:90:7f:b0:8b:4c:82:39:dc:39:d5:8f:cd:dc:0a:32:54:c9: 8f:eb:85:f0:f1:82:61:93:25:1e:79:d0:c1:82:8b:b6:ec:6b: f4:45:05:a8:c3:d9:1f:8f:fa:b3:de:57:ce:88:73:51:10:10: 12:3e:92:a9 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+OOz7f0aQJ1HQSAfSP6iuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmYTNlNTUxNDFjMWExZjlmMmUyODgxMWVkN2U3N2ZhZDM3 OGE1NzkwHhcNMjYwMTAyMTAyMDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MjI2OTA5NTRiZThhZGJkZDNmNjQ5MDExM2Q1ZWVkNDhiMjBiY2E3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeG4N2SqV2YKzBGT4aEUxbfHmifP NQ35xxp10PuGx0iCwTR6GLqgpAwvZe2PdMp8VK0hkZ1D23WhBQq+kNGA6dEG3RpE +0Cuc5TLJ+Qo0Sr8CtzsJayw6Oh9/HaZD/TcRatvk6zbeodjcUZGIdFzacj8Qoln cqUjYIDkLceKQrFTXvt2aNeN0HEv2VNSPvxmwtXAckVVqyWWl47OsM6kXA5xqHzh R3iztNzjyuYEtj9gPwZLvo221ubdavMmCYgNQyoluuufaQ6G2E2LzzHIiFmbc0n+ 2dxKvIQlgKGxpbgbkIBe7GO2UyByiVPJnaK0rQbhRO9sOg6R9QcQoX7jYQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHImkJVL6K290/ZJARPV7tSLILynMB8GA1UdIwQY MBaAFP+j5VFBwaH58uKIEe1+d/rTeKV5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzZQbFVVSEJvZm55NG9nUjdYNTMtdE40cFhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iMjYzYTItMGY2Zi00ZjVkLWFmOWUt YTM5YWMyNTM5ZmM1LzEvY2lhUWxVdm9yYjNUOWtrQkU5WHUxSXNndktjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS9iMjYzYTItMGY2Zi00ZjVkLWFmOWUtYTM5YWMyNTM5ZmM1 LzEvXzZQbFVVSEJvZm55NG9nUjdYNTMtdE40cFhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXoaAwQA bXodMA0GCSqGSIb3DQEBCwUAA4IBAQBbLjSD4q813KhAD0ENBycHlFQjh+QhMyiU AeZZ6U1yAeRj3sOUXVbPYxkAjfPpIivlBo4YwhyRQBXEhfQT345eHjObTIcfZwyi fe0276bmeLGAs1P4pIyZQSvAc7jW+Vm4juqOd+TCCPdSPzJ4xU82pB+1mb3rDp0h wH2c4qBcEfzGlc5gNsJiyoGWN7zs6b15gg5o/Ry7UFBMJulGhRuVtPl1/sVsih+I ZDsSR0n1Fp9Xl3EEXtp9BMACQ+GfDenz3CVww49+kH+wi0yCOdw51Y/N3AoyVMmP 64Xw8YJhkyUeedDBgou27Gv0RQWow9kfj/qz3lfOiHNREBASPpKp -----END CERTIFICATE-----Generated at Sun Jan 11 07:31:44 2026 by rpki-client