This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/iZvlW3KPvCnSHXa74PO9QAePZE4.roa File: iZvlW3KPvCnSHXa74PO9QAePZE4.roa (raw, json) Hash identifier: YP4N2voVIGl4Ht+q26EMPE95Er0VYxJFeUrNogLISjE= Subject key identifier: 89:9B:E5:5B:72:8F:BC:29:D2:1D:76:BB:E0:F3:BD:40:07:8F:64:4E Certificate issuer: /CN=38b78c8eef9ad257d690d77dc9ae3fe9a624b28d Certificate serial: 019B7EA6B30EA66503B15387A7BA165A632C Authority key identifier: 38:B7:8C:8E:EF:9A:D2:57:D6:90:D7:7D:C9:AE:3F:E9:A6:24:B2:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLeMju-a0lfWkNd9ya4_6aYkso0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/iZvlW3KPvCnSHXa74PO9QAePZE4.roa Signing time: Fri 02 Jan 2026 12:20:12 +0000 ROA not before: Fri 02 Jan 2026 12:20:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44133 IP address blocks: 37.252.184.0/21 maxlen: 21 89.39.64.0/23 maxlen: 23 93.189.24.0/21 maxlen: 21 185.119.116.0/22 maxlen: 22 2a00:63c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/OLeMju-a0lfWkNd9ya4_6aYkso0.crl rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/OLeMju-a0lfWkNd9ya4_6aYkso0.mft rsync://rpki.ripe.net/repository/DEFAULT/OLeMju-a0lfWkNd9ya4_6aYkso0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:b3:0e:a6:65:03:b1:53:87:a7:ba:16:5a:63:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38b78c8eef9ad257d690d77dc9ae3fe9a624b28d Validity Not Before: Jan 2 12:20:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=899be55b728fbc29d21d76bbe0f3bd40078f644e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:df:ae:82:7d:d4:91:a2:ba:b5:e6:7b:58:9f: b5:73:f3:8f:c0:1e:55:96:05:27:d8:39:58:c6:b3: d0:24:7f:08:ab:6e:d8:b6:8c:35:bb:02:44:07:02: c1:a8:4a:19:55:77:67:bd:c2:3b:6a:4a:67:36:33: bf:53:5e:dc:42:ed:22:37:92:9b:52:aa:d7:a6:eb: 57:27:73:fb:26:f0:61:56:2b:5d:58:23:bb:2c:e1: db:b3:b5:fd:29:8c:35:23:54:74:53:0b:53:98:60: 81:34:cc:06:3e:0e:e1:7c:9e:27:8d:1c:85:94:6f: 6b:8b:28:fa:2d:61:06:4c:af:fc:40:6d:76:7f:0e: 14:68:f2:fa:d5:d6:a8:54:e7:c4:35:25:a5:74:ef: 7b:50:f4:7e:0a:b4:db:97:32:50:c7:58:b6:b5:77: 22:60:3d:6c:20:3a:ea:a2:1b:ab:7d:ef:4a:0a:64: 5d:eb:97:af:66:ab:fe:cb:99:98:82:f0:34:7c:5f: bb:9c:ab:ac:ff:1c:48:c7:0e:21:e9:ff:ff:fb:40: 4e:c7:3a:8e:84:41:8f:25:b9:d0:59:83:a8:15:e4: c9:6b:03:4f:36:b0:ca:fc:ac:db:25:d9:0b:fb:a2: 28:69:e4:33:cd:a4:78:00:88:0a:df:f8:b6:8f:6e: c1:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:9B:E5:5B:72:8F:BC:29:D2:1D:76:BB:E0:F3:BD:40:07:8F:64:4E X509v3 Authority Key Identifier: keyid:38:B7:8C:8E:EF:9A:D2:57:D6:90:D7:7D:C9:AE:3F:E9:A6:24:B2:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLeMju-a0lfWkNd9ya4_6aYkso0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/iZvlW3KPvCnSHXa74PO9QAePZE4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/OLeMju-a0lfWkNd9ya4_6aYkso0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.252.184.0/21 89.39.64.0/23 93.189.24.0/21 185.119.116.0/22 IPv6: 2a00:63c0::/29 Signature Algorithm: sha256WithRSAEncryption 69:a5:38:ee:ab:61:a1:cb:26:26:14:42:73:f8:63:3f:f8:20: 60:bd:cf:81:77:9c:a6:85:70:3e:f3:7e:a7:08:34:11:9f:73: 10:3b:30:bc:47:c7:88:e3:62:62:4e:76:8a:33:82:cc:ea:f8: 24:f4:f3:4d:0e:26:a0:72:e5:da:d6:2b:b5:2e:5a:5c:e2:51: f9:6d:bf:6e:32:76:37:c9:71:b6:e7:8f:85:1d:0b:d3:32:2b: 6d:00:a9:d6:c1:f9:bd:4a:29:77:23:2d:6c:30:60:98:aa:70: b0:51:e3:77:28:52:4c:86:67:6f:d3:7d:96:8d:d5:f5:43:eb: b5:d1:20:cf:0e:66:b1:f9:2c:07:73:3f:fd:1c:fc:38:06:61: c0:a1:c0:77:90:c7:8c:68:e1:c8:cc:ec:4d:e1:f0:91:2a:3f: 79:38:40:b8:7a:a8:56:42:e9:28:14:25:13:6d:ac:7a:25:e0: 2d:c3:3c:c3:7f:96:07:17:fd:4a:d4:fe:dd:53:c4:57:a8:e1: c1:e3:d4:8c:59:33:2d:57:de:eb:fd:bd:91:6d:d0:7c:2c:aa: 7a:15:29:42:8c:3c:f7:b9:2d:ec:eb:25:29:66:3b:ba:88:db: 78:d0:85:24:28:4e:79:f6:59:79:ed:a8:6c:73:8e:96:d5:f5: b5:03:aa:aa -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt+prMOpmUDsVOHp7oWWmMsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM4Yjc4YzhlZWY5YWQyNTdkNjkwZDc3ZGM5YWUzZmU5YTYy NGIyOGQwHhcNMjYwMTAyMTIyMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OTliZTU1YjcyOGZiYzI5ZDIxZDc2YmJlMGYzYmQ0MDA3OGY2NDRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4t+ugn3UkaK6teZ7WJ+1c/OPwB5V lgUn2DlYxrPQJH8Iq27Ytow1uwJEBwLBqEoZVXdnvcI7akpnNjO/U17cQu0iN5Kb UqrXputXJ3P7JvBhVitdWCO7LOHbs7X9KYw1I1R0UwtTmGCBNMwGPg7hfJ4njRyF lG9riyj6LWEGTK/8QG12fw4UaPL61daoVOfENSWldO97UPR+CrTblzJQx1i2tXci YD1sIDrqohurfe9KCmRd65evZqv+y5mYgvA0fF+7nKus/xxIxw4h6f//+0BOxzqO hEGPJbnQWYOoFeTJawNPNrDK/KzbJdkL+6IoaeQzzaR4AIgK3/i2j27BYQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFImb5Vtyj7wp0h12u+DzvUAHj2ROMB8GA1UdIwQY MBaAFDi3jI7vmtJX1pDXfcmuP+mmJLKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT0xlTWp1LWEwbGZXa05kOXlhNF82YVlrc28wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMjVmZDYtY2FmMy00Y2FmLWIzMTEt ZjUxOGE5Zjc5NzkwLzEvaVp2bFczS1B2Q25TSFhhNzRQTzlRQWVQWkU0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi8yMjVmZDYtY2FmMy00Y2FmLWIzMTEtZjUxOGE5Zjc5Nzkw LzEvT0xlTWp1LWEwbGZXa05kOXlhNF82YVlrc28wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJfy4AwQB WSdAAwQDXb0YAwQCuXd0MA0EAgACMAcDBQMqAGPAMA0GCSqGSIb3DQEBCwUAA4IB AQBppTjuq2GhyyYmFEJz+GM/+CBgvc+Bd5ymhXA+836nCDQRn3MQOzC8R8eI42Ji TnaKM4LM6vgk9PNNDiagcuXa1iu1Llpc4lH5bb9uMnY3yXG254+FHQvTMittAKnW wfm9Sil3Iy1sMGCYqnCwUeN3KFJMhmdv032WjdX1Q+u10SDPDmax+SwHcz/9HPw4 BmHAocB3kMeMaOHIzOxN4fCRKj95OEC4eqhWQukoFCUTbax6JeAtwzzDf5YHF/1K 1P7dU8RXqOHB49SMWTMtV97r/b2RbdB8LKp6FSlCjDz3uS3s6yUpZju6iNt40IUk KE559ll57ahsc46W1fW1A6qq -----END CERTIFICATE-----Generated at Mon Jan 12 02:17:12 2026 by rpki-client