This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/i2lGff9itk-e3fHsEU46PpWkCCI.roa File: i2lGff9itk-e3fHsEU46PpWkCCI.roa (raw, json) Hash identifier: HcZLhxwYanEmhLUgxjx5A+JdQeVtH/FKZbnN0UkpalM= Subject key identifier: 8B:69:46:7D:FF:62:B6:4F:9E:DD:F1:EC:11:4E:3A:3E:95:A4:08:22 Certificate issuer: /CN=d5b6a5ca37ead31fd2a350b0b412d77d95320928 Certificate serial: 019B7EA7403B901AEDEBFD1AACA8ACF65141 Authority key identifier: D5:B6:A5:CA:37:EA:D3:1F:D2:A3:50:B0:B4:12:D7:7D:95:32:09:28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1balyjfq0x_So1CwtBLXfZUyCSg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/i2lGff9itk-e3fHsEU46PpWkCCI.roa Signing time: Fri 02 Jan 2026 12:20:48 +0000 ROA not before: Fri 02 Jan 2026 12:20:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5405 IP address blocks: 5.183.211.0/24 maxlen: 24 45.153.81.0/24 maxlen: 24 45.153.82.0/23 maxlen: 23 81.27.68.0/24 maxlen: 24 81.27.69.0/24 maxlen: 24 94.103.180.0/24 maxlen: 24 185.134.66.0/24 maxlen: 24 185.134.67.0/24 maxlen: 24 2a11:4140::/29 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/1balyjfq0x_So1CwtBLXfZUyCSg.crl rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/1balyjfq0x_So1CwtBLXfZUyCSg.mft rsync://rpki.ripe.net/repository/DEFAULT/1balyjfq0x_So1CwtBLXfZUyCSg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 07:52:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:40:3b:90:1a:ed:eb:fd:1a:ac:a8:ac:f6:51:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5b6a5ca37ead31fd2a350b0b412d77d95320928 Validity Not Before: Jan 2 12:20:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8b69467dff62b64f9eddf1ec114e3a3e95a40822 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:19:aa:dd:3b:32:de:1c:fb:d7:fe:9e:22:5a: 9b:b4:86:71:c0:b5:fa:6f:2a:75:84:ab:d3:3c:bc: b3:a7:60:03:b6:6c:27:99:a9:1c:b0:78:8b:84:df: be:5b:37:66:5d:a7:41:d5:14:07:8e:e3:ae:ba:66: 9c:1d:14:9f:74:02:90:6a:77:23:e1:3d:b1:ef:f6: 88:15:ca:70:74:e3:5f:fb:3f:8e:28:5d:3b:d2:5a: 18:23:b8:b4:7a:1e:ea:fd:ea:46:5a:e8:b2:57:18: 70:2a:2d:be:3c:5e:58:7a:86:5b:02:70:1d:54:47: 92:a1:42:96:90:e2:76:83:8b:11:7a:c1:ac:7f:0f: e0:bc:8f:66:93:7c:0e:99:a7:28:8e:18:fd:27:48: a9:61:ea:fd:43:f0:ed:6c:78:6a:d2:9e:b4:ac:71: f1:38:03:f7:20:28:f3:92:18:58:f4:88:01:ef:e5: 31:27:c7:d2:70:f1:2e:76:8d:d7:a3:fc:c4:22:71: 99:a9:0b:9c:e2:dc:fa:47:10:50:d8:08:a5:c0:7a: 76:2f:db:5b:57:92:70:0c:8c:6f:a5:62:05:ac:ca: c2:92:cd:13:48:c4:21:bd:0f:0c:5e:25:8d:31:a9: e8:b4:ad:a4:e0:a9:27:d1:dd:d7:b4:f7:93:88:44: 02:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:69:46:7D:FF:62:B6:4F:9E:DD:F1:EC:11:4E:3A:3E:95:A4:08:22 X509v3 Authority Key Identifier: keyid:D5:B6:A5:CA:37:EA:D3:1F:D2:A3:50:B0:B4:12:D7:7D:95:32:09:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1balyjfq0x_So1CwtBLXfZUyCSg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/i2lGff9itk-e3fHsEU46PpWkCCI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/1balyjfq0x_So1CwtBLXfZUyCSg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.183.211.0/24 45.153.81.0-45.153.83.255 81.27.68.0/23 94.103.180.0/24 185.134.66.0/23 IPv6: 2a11:4140::/29 Signature Algorithm: sha256WithRSAEncryption 2d:ec:71:ca:ae:b7:90:9b:d9:f8:9c:89:f2:09:24:04:29:a5: f2:fb:e0:3f:92:30:42:16:13:3f:78:5f:41:bd:36:14:34:9a: f5:1e:09:6d:8f:af:e7:ab:d4:08:93:98:2f:52:a2:2b:a3:26: ea:13:7c:fe:8a:6a:2f:46:93:aa:61:3e:54:0f:e5:42:d1:36: 8d:52:b7:3f:47:3e:78:4a:d6:9d:73:37:f8:d1:4f:4b:29:16: ee:df:ad:ec:ce:16:ad:76:e0:e4:a0:a8:a1:9d:a9:b9:2b:2d: 35:e1:d0:38:66:88:ce:47:f0:8d:37:b7:51:0b:ef:65:74:41: d4:1f:53:f5:0f:58:5e:e5:da:ad:65:b3:f9:3b:b2:5e:05:40: a2:9f:a0:ef:28:eb:59:41:58:18:a5:ad:c6:a3:13:e6:a9:5b: fd:77:55:46:4c:3c:6c:e9:38:0f:80:f1:0d:45:53:79:f7:20: 27:13:32:f9:79:cc:33:76:68:03:e7:79:a1:40:96:fc:d7:41: 1d:da:44:ef:f7:13:e3:b6:0a:6a:bc:16:1f:1d:27:0a:02:36: cf:ab:43:9e:dc:3a:e4:98:1d:f2:9d:41:89:1c:7f:9b:77:5f: 14:11:16:50:63:67:c9:8c:be:8a:46:0d:ac:4d:1d:c3:f1:56: 58:75:b3:bf -----BEGIN CERTIFICATE----- MIIFLDCCBBSgAwIBAgISAZt+p0A7kBrt6/0arKis9lFBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1YjZhNWNhMzdlYWQzMWZkMmEzNTBiMGI0MTJkNzdkOTUz MjA5MjgwHhcNMjYwMTAyMTIyMDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YjY5NDY3ZGZmNjJiNjRmOWVkZGYxZWMxMTRlM2EzZTk1YTQwODIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxmq3Tsy3hz71/6eIlqbtIZxwLX6 byp1hKvTPLyzp2ADtmwnmakcsHiLhN++WzdmXadB1RQHjuOuumacHRSfdAKQancj 4T2x7/aIFcpwdONf+z+OKF070loYI7i0eh7q/epGWuiyVxhwKi2+PF5YeoZbAnAd VEeSoUKWkOJ2g4sResGsfw/gvI9mk3wOmacojhj9J0ipYer9Q/DtbHhq0p60rHHx OAP3ICjzkhhY9IgB7+UxJ8fScPEudo3Xo/zEInGZqQuc4tz6RxBQ2AilwHp2L9tb V5JwDIxvpWIFrMrCks0TSMQhvQ8MXiWNManotK2k4Kkn0d3XtPeTiEQCkQIDAQAB o4ICODCCAjQwHQYDVR0OBBYEFItpRn3/YrZPnt3x7BFOOj6VpAgiMB8GA1UdIwQY MBaAFNW2pco36tMf0qNQsLQS132VMgkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWJhbHlqZnEweF9TbzFDd3RCTFhmWlV5Q1NnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zZmE5M2YtYTM0Zi00MWNmLTg4NzUt ZDRlODgyMDgzZTRmLzEvaTJsR2ZmOWl0ay1lM2ZIc0VVNDZQcFdrQ0NJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi8zZmE5M2YtYTM0Zi00MWNmLTg4NzUtZDRlODgyMDgzZTRm LzEvMWJhbHlqZnEweF9TbzFDd3RCTFhmWlV5Q1NnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQABbfTMAwD BAAtmVEDBAItmVADBAFRG0QDBABeZ7QDBAG5hkIwDQQCAAIwBwMFAyoRQUAwDQYJ KoZIhvcNAQELBQADggEBAC3sccqut5Cb2ficifIJJAQppfL74D+SMEIWEz94X0G9 NhQ0mvUeCW2Pr+er1AiTmC9SoiujJuoTfP6Kai9Gk6phPlQP5ULRNo1Stz9HPnhK 1p1zN/jRT0spFu7frezOFq124OSgqKGdqbkrLTXh0DhmiM5H8I03t1EL72V0QdQf U/UPWF7l2q1ls/k7sl4FQKKfoO8o61lBWBilrcajE+apW/13VUZMPGzpOA+A8Q1F U3n3ICcTMvl5zDN2aAPneaFAlvzXQR3aRO/3E+O2Cmq8Fh8dJwoCNs+rQ57cOuSY HfKdQYkcf5t3XxQRFlBjZ8mMvopGDaxNHcPxVlh1s78= -----END CERTIFICATE-----Generated at Sun Jan 11 15:07:48 2026 by rpki-client