This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/IKjez_Jm_DroxNL6eA8oXbFCAr0.roa File: IKjez_Jm_DroxNL6eA8oXbFCAr0.roa (raw, json) Hash identifier: mQpdrbrtX9b+4ISzQxTZgRdXAFDBgRhT/V1RvJ33ORU= Subject key identifier: 20:A8:DE:CF:F2:66:FC:3A:E8:C4:D2:FA:78:0F:28:5D:B1:42:02:BD Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec Certificate serial: 019B7A5AB570C8E8447887A92106EEB51ADF Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/IKjez_Jm_DroxNL6eA8oXbFCAr0.roa Signing time: Thu 01 Jan 2026 16:18:43 +0000 ROA not before: Thu 01 Jan 2026 16:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62454 IP address blocks: 176.100.38.0/24 maxlen: 24 176.100.39.0/24 maxlen: 24 185.14.92.0/24 maxlen: 24 185.14.93.0/24 maxlen: 24 2a00:ccc7::/32 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.mft rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 19:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:b5:70:c8:e8:44:78:87:a9:21:06:ee:b5:1a:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec Validity Not Before: Jan 1 16:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=20a8decff266fc3ae8c4d2fa780f285db14202bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:a9:66:ea:68:11:d0:d9:df:7d:0e:1f:04:75: 86:bf:aa:5b:c6:75:72:04:60:cf:46:7e:01:8e:6d: 78:6d:02:cb:ff:35:74:69:ac:56:12:42:00:47:de: ed:2f:5a:cb:e8:a8:ec:80:5f:f4:47:af:e2:89:02: 6c:63:d3:3c:73:30:3a:23:41:4c:be:4c:9a:d8:b1: e5:6d:32:96:19:ae:59:d7:1d:e2:58:4c:51:04:a1: 3b:32:c6:2e:cd:e6:94:9d:d2:84:0a:da:e8:fc:e3: 82:13:c5:99:5c:88:a4:cf:76:24:ec:83:19:64:f0: 59:4f:43:d4:9d:36:23:c7:9f:c8:da:4b:88:19:e7: ac:0f:af:d6:69:5e:40:ed:b2:49:e1:da:79:4f:ee: a6:35:df:d4:62:4c:d7:83:da:f9:79:d9:c3:3e:ca: a3:cc:38:17:ea:0c:52:8c:bd:6f:50:92:92:3d:e2: 0c:27:26:2f:e0:84:8a:e6:40:c2:3a:3f:f8:72:9f: bb:bf:44:c3:1e:49:ae:d8:d1:40:db:4d:27:a2:bd: 97:04:d1:30:e6:1d:71:b6:83:f7:ee:29:59:34:ab: f8:25:47:e1:4b:1e:c9:00:4f:bd:6a:7a:18:4b:26: f8:24:e1:b1:e1:0c:cd:e3:d6:1b:3e:aa:af:ba:0d: 23:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:A8:DE:CF:F2:66:FC:3A:E8:C4:D2:FA:78:0F:28:5D:B1:42:02:BD X509v3 Authority Key Identifier: keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/IKjez_Jm_DroxNL6eA8oXbFCAr0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.100.38.0/23 185.14.92.0/23 IPv6: 2a00:ccc7::/32 Signature Algorithm: sha256WithRSAEncryption 9c:17:39:27:49:5d:3a:8f:4a:d9:a4:bc:77:4a:96:07:54:9a: f2:4a:3c:50:44:54:0e:a8:94:78:f0:9f:db:87:5f:81:5a:f9: 0d:94:c8:52:12:38:18:0c:bd:ba:47:e6:f4:e8:7f:87:17:de: 1f:3e:a2:8c:fa:46:05:c6:df:1a:2b:ed:4a:d6:33:3d:5a:cb: 41:31:30:3c:db:34:c8:53:52:be:b0:ad:0c:70:3f:53:b2:63: 4c:78:83:43:1d:97:85:7a:b9:a1:92:76:63:c7:28:8b:0c:5e: 6b:93:ed:2b:a3:77:22:73:c9:88:ef:43:5a:89:86:a8:36:9f: f3:10:5c:ef:8e:66:4c:78:a2:03:6a:86:9a:29:3b:30:22:93: 3a:94:42:1f:e1:ff:ca:64:84:09:bc:66:f0:6b:d4:fe:b3:9a: f4:b4:26:f8:22:3c:af:ac:f5:cd:a8:ed:73:3b:12:36:c5:17: d6:e8:38:0b:13:90:fc:30:ee:69:03:50:01:f2:75:66:15:34: 01:4e:ce:e1:6a:1b:4c:10:70:38:63:77:e4:9f:73:21:5f:19: f1:c8:6c:6b:cb:8a:1f:51:c4:dc:bb:cd:db:54:fc:b9:7a:99: 22:fc:94:f6:f1:0b:34:8e:1a:f4:2b:0b:75:e8:f4:da:c7:39: fb:65:e6:83 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6WrVwyOhEeIepIQbutRrfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj YmU3ZWMwHhcNMjYwMTAxMTYxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMGE4ZGVjZmYyNjZmYzNhZThjNGQyZmE3ODBmMjg1ZGIxNDIwMmJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqalm6mgR0NnffQ4fBHWGv6pbxnVy BGDPRn4Bjm14bQLL/zV0aaxWEkIAR97tL1rL6KjsgF/0R6/iiQJsY9M8czA6I0FM vkya2LHlbTKWGa5Z1x3iWExRBKE7MsYuzeaUndKECtro/OOCE8WZXIikz3Yk7IMZ ZPBZT0PUnTYjx5/I2kuIGeesD6/WaV5A7bJJ4dp5T+6mNd/UYkzXg9r5ednDPsqj zDgX6gxSjL1vUJKSPeIMJyYv4ISK5kDCOj/4cp+7v0TDHkmu2NFA200nor2XBNEw 5h1xtoP37ilZNKv4JUfhSx7JAE+9anoYSyb4JOGx4QzN49YbPqqvug0j1QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFCCo3s/yZvw66MTS+ngPKF2xQgK9MB8GA1UdIwQY MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt MWI3Y2JiMDhkNzNmLzEvSUtqZXpfSm1fRHJveE5MNmVBOG9YYkZDQXIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBsGQmAwQB uQ5cMA0EAgACMAcDBQAqAMzHMA0GCSqGSIb3DQEBCwUAA4IBAQCcFzknSV06j0rZ pLx3SpYHVJrySjxQRFQOqJR48J/bh1+BWvkNlMhSEjgYDL26R+b06H+HF94fPqKM +kYFxt8aK+1K1jM9WstBMTA82zTIU1K+sK0McD9TsmNMeINDHZeFermhknZjxyiL DF5rk+0ro3cic8mI70NaiYaoNp/zEFzvjmZMeKIDaoaaKTswIpM6lEIf4f/KZIQJ vGbwa9T+s5r0tCb4IjyvrPXNqO1zOxI2xRfW6DgLE5D8MO5pA1AB8nVmFTQBTs7h ahtMEHA4Y3fkn3MhXxnxyGxry4ofUcTcu83bVPy5epki/JT28Qs0jhr0Kwt16PTa xzn7ZeaD -----END CERTIFICATE-----Generated at Wed Jan 21 06:06:37 2026 by rpki-client