This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/16Y1yxGLE6UIufa5rH9U3RXAvAs.roa File: 16Y1yxGLE6UIufa5rH9U3RXAvAs.roa (raw, json) Hash identifier: hVmSptnLaPbenQ9xb8iMn2l1+6sGRbct+J+Pmp6z9tk= Subject key identifier: D7:A6:35:CB:11:8B:13:A5:08:B9:F6:B9:AC:7F:54:DD:15:C0:BC:0B Certificate issuer: /CN=22a44566764ebb511683cb6228fa91997b559379 Certificate serial: 019B7F8363ED5FF4529EB634F6E2E745B900 Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/16Y1yxGLE6UIufa5rH9U3RXAvAs.roa Signing time: Fri 02 Jan 2026 16:21:15 +0000 ROA not before: Fri 02 Jan 2026 16:21:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210644 IP address blocks: 78.153.136.0/24 maxlen: 24 109.237.98.0/24 maxlen: 24 109.237.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.mft rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:63:ed:5f:f4:52:9e:b6:34:f6:e2:e7:45:b9:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22a44566764ebb511683cb6228fa91997b559379 Validity Not Before: Jan 2 16:21:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d7a635cb118b13a508b9f6b9ac7f54dd15c0bc0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:00:e9:b7:06:1d:ca:00:a8:70:1f:df:da:6b: f6:77:b0:9a:b0:e5:29:5f:ce:88:fa:0d:2f:d1:5d: aa:9f:df:8b:19:2c:35:9f:ce:68:ed:02:98:26:88: 94:e2:45:44:d4:80:ca:36:e5:8d:62:13:86:7d:1b: 5a:dc:9d:e4:7c:12:36:24:d8:28:e5:a0:6c:94:bf: 23:0e:52:3e:0c:52:b7:a2:eb:7a:2a:f6:d4:03:08: 0c:f8:a5:1e:d9:53:19:1d:b7:05:2f:2b:17:1e:4f: 29:43:de:ce:49:10:5b:35:e8:ba:04:33:96:b3:0a: 95:9e:71:48:57:5b:e9:ef:99:73:c6:c8:01:98:97: 0c:8f:0b:25:9f:41:67:64:34:0d:6b:1d:78:39:47: 58:f6:14:e3:d6:39:0b:69:4e:cc:3f:8e:94:57:b0: d7:ec:46:0b:f0:8e:4d:b8:89:a6:82:ba:c9:a8:44: 0a:2c:92:d4:c3:c5:72:e0:38:5e:67:38:04:ce:e0: 47:3c:f3:e7:ed:7d:cc:37:af:1a:eb:19:d6:09:81: f9:ac:94:f9:c6:80:fc:9e:13:b2:9a:ef:f4:26:93: e4:e9:a6:f9:fb:09:a0:9b:8a:73:17:26:97:4c:50: 70:d9:d5:1f:6a:34:20:f1:f3:9d:60:82:31:da:93: 15:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:A6:35:CB:11:8B:13:A5:08:B9:F6:B9:AC:7F:54:DD:15:C0:BC:0B X509v3 Authority Key Identifier: keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/16Y1yxGLE6UIufa5rH9U3RXAvAs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.153.136.0/24 109.237.98.0/23 Signature Algorithm: sha256WithRSAEncryption 2b:0f:42:e9:94:da:8e:6c:03:ba:f6:22:f6:de:c0:99:69:73: c1:e2:05:0f:e4:55:c5:08:29:08:ad:a1:f6:51:78:f0:07:9f: 12:47:eb:02:5a:25:4f:58:89:e9:c5:bf:04:27:b8:4e:6a:2e: 37:8a:63:c0:6f:97:8c:a6:7a:27:24:e2:c2:96:25:20:6f:7f: b4:20:b2:85:4e:be:75:d3:52:08:c5:35:37:24:9d:cd:6f:19: 80:f9:0b:36:aa:8d:6b:20:23:62:c0:f0:0f:46:ff:19:4b:28: dc:67:f4:e8:4b:71:6e:90:a3:41:80:a8:ea:5d:d9:86:c5:36: 38:59:b1:d7:ce:bc:89:41:10:32:05:d9:6b:a2:a6:bb:ae:b6: f8:e6:a6:ba:e8:0d:bf:40:e9:cf:36:2d:17:b9:6f:d9:2d:1c: 19:1e:3e:7a:ce:78:6b:6a:60:09:f8:4a:a7:c2:f3:ee:d2:d5: 13:a0:ab:15:fc:c0:9a:a5:12:cc:f8:7d:1b:4a:bd:c5:49:a6: 18:77:c2:2e:c8:33:33:12:3a:ae:3c:49:3e:e8:ad:44:db:ef: b4:3b:00:35:cb:dc:00:08:59:0e:fa:50:b9:c0:27:9a:73:26: 71:70:a6:10:5b:39:5b:bd:64:29:fd:1c:03:3e:48:1b:68:82: 74:a9:12:8e -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/g2PtX/RSnrY09uLnRbkAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1 NTkzNzkwHhcNMjYwMTAyMTYyMTE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkN2E2MzVjYjExOGIxM2E1MDhiOWY2YjlhYzdmNTRkZDE1YzBiYzBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgDptwYdygCocB/f2mv2d7CasOUp X86I+g0v0V2qn9+LGSw1n85o7QKYJoiU4kVE1IDKNuWNYhOGfRta3J3kfBI2JNgo 5aBslL8jDlI+DFK3out6KvbUAwgM+KUe2VMZHbcFLysXHk8pQ97OSRBbNei6BDOW swqVnnFIV1vp75lzxsgBmJcMjwsln0FnZDQNax14OUdY9hTj1jkLaU7MP46UV7DX 7EYL8I5NuImmgrrJqEQKLJLUw8Vy4DheZzgEzuBHPPPn7X3MN68a6xnWCYH5rJT5 xoD8nhOymu/0JpPk6ab5+wmgm4pzFyaXTFBw2dUfajQg8fOdYIIx2pMVgwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNemNcsRixOlCLn2uax/VN0VwLwLMB8GA1UdIwQY MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt MTZiODBhYTI4ZGQ2LzEvMTZZMXl4R0xFNlVJdWZhNXJIOVUzUlhBdkFzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2 LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATpmIAwQB be1iMA0GCSqGSIb3DQEBCwUAA4IBAQArD0LplNqObAO69iL23sCZaXPB4gUP5FXF CCkIraH2UXjwB58SR+sCWiVPWInpxb8EJ7hOai43imPAb5eMpnonJOLCliUgb3+0 ILKFTr5101IIxTU3JJ3NbxmA+Qs2qo1rICNiwPAPRv8ZSyjcZ/ToS3FukKNBgKjq XdmGxTY4WbHXzryJQRAyBdlroqa7rrb45qa66A2/QOnPNi0XuW/ZLRwZHj56znhr amAJ+EqnwvPu0tUToKsV/MCapRLM+H0bSr3FSaYYd8IuyDMzEjquPEk+6K1E2++0 OwA1y9wACFkO+lC5wCeacyZxcKYQWzlbvWQp/RwDPkgbaIJ0qRKO -----END CERTIFICATE-----Generated at Tue Jan 20 06:02:41 2026 by rpki-client