This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ImmbVFU24aTZMeWTQ3JVyKm85Qs.roa File: ImmbVFU24aTZMeWTQ3JVyKm85Qs.roa (raw, json) Hash identifier: Er8Hc0Xs5FfGy8RqEH3TreKAzU52jegv5u7SIi55X74= Subject key identifier: 22:69:9B:54:55:36:E1:A4:D9:31:E5:93:43:72:55:C8:A9:BC:E5:0B Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467 Certificate serial: 019B7C132235D49DFD06A8FCEB61E64D97BD Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ImmbVFU24aTZMeWTQ3JVyKm85Qs.roa Signing time: Fri 02 Jan 2026 00:19:47 +0000 ROA not before: Fri 02 Jan 2026 00:19:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39640 IP address blocks: 167.160.31.0/24 maxlen: 24 178.19.32.0/23 maxlen: 23 201.49.188.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 11:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:22:35:d4:9d:fd:06:a8:fc:eb:61:e6:4d:97:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467 Validity Not Before: Jan 2 00:19:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=22699b545536e1a4d931e593437255c8a9bce50b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:d3:7f:f0:0e:65:1a:aa:5d:78:7a:05:b6:61: 0f:e4:8c:2f:f8:df:38:3a:86:1a:24:e5:96:5d:93: e4:3f:8b:00:58:92:62:dc:59:02:fb:9b:cb:53:f7: 0a:12:fc:e7:2c:23:b5:48:49:51:11:5b:02:ea:1c: 23:0d:f7:86:1d:f8:07:25:12:8f:58:a7:59:d8:50: c6:ff:17:d0:d0:12:38:38:b5:a0:dc:99:4c:7f:a1: 86:df:6f:a3:b3:5e:34:77:66:04:05:ce:3d:f5:48: 35:ad:a2:27:16:ef:53:b5:00:82:3a:a1:10:71:f0: 27:81:a3:f9:5c:8a:15:2c:ac:57:3f:6a:21:0e:52: cc:1b:b0:bd:28:b7:0f:75:ce:24:d8:39:1e:76:b5: 3d:29:0e:b8:08:c3:e7:b2:6d:81:83:5a:23:a4:41: 9b:60:3e:4f:ac:26:36:63:2f:d0:1c:3b:a7:f5:80: 2a:f0:0f:ed:98:b2:5d:ca:2b:df:2d:ed:eb:af:93: 52:90:5b:55:b8:2e:27:9e:44:7d:9d:86:61:61:bb: 4e:a2:24:9c:d2:47:f8:e8:c1:bc:10:41:ba:32:df: a5:3b:34:3c:51:62:f5:4f:57:a5:88:05:04:7e:e8: bb:f5:47:99:80:69:c5:b9:af:03:d3:06:8a:e5:1e: d5:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:69:9B:54:55:36:E1:A4:D9:31:E5:93:43:72:55:C8:A9:BC:E5:0B X509v3 Authority Key Identifier: keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/ImmbVFU24aTZMeWTQ3JVyKm85Qs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 167.160.31.0/24 178.19.32.0/23 201.49.188.0/22 Signature Algorithm: sha256WithRSAEncryption 60:a8:bf:38:89:20:a2:18:91:6a:36:a8:93:96:b2:d2:fe:d9: 17:c3:bc:c4:7e:f2:08:f2:37:35:59:cd:f5:4e:93:e9:72:b1: 9e:35:e7:16:5e:82:08:41:03:c2:12:ef:42:0d:83:20:2c:dd: 1c:e9:1c:ce:c0:d0:c7:67:59:ed:14:99:5a:ac:de:91:1d:91: 15:83:00:24:77:21:3e:2c:8a:62:0c:2a:78:5d:0c:bb:a8:f5: 7a:f5:cd:22:d6:01:ab:27:bb:b4:01:55:63:d7:8f:7b:94:3f: 66:3e:60:34:3f:a2:77:8b:82:73:54:52:21:c5:8b:06:96:3f: 27:a8:87:3c:b4:92:86:fa:f9:ce:89:af:f4:12:32:df:7e:b1: 6f:cb:fe:b6:58:aa:58:c8:93:82:6c:da:8c:af:45:d1:a6:2d: 53:64:97:61:ec:e1:e4:0c:b7:b4:9a:c9:cb:fc:3d:45:18:2d: 84:a3:79:4a:78:c8:dc:21:9d:5b:a7:11:68:f1:d6:0e:e7:3c: fe:0b:b9:db:fd:81:4d:40:af:71:20:91:d3:d0:bb:33:2f:3b: 9d:b8:54:c8:6e:3f:ee:c2:82:8e:20:c4:f6:61:fa:17:4e:b0: aa:89:57:4d:e0:78:3a:05:0b:31:90:f0:a3:55:f6:02:b8:8b: 38:54:a3:2d -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt8EyI11J39Bqj862HmTZe9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy N2E0NjcwHhcNMjYwMTAyMDAxOTQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMjY5OWI1NDU1MzZlMWE0ZDkzMWU1OTM0MzcyNTVjOGE5YmNlNTBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tN/8A5lGqpdeHoFtmEP5Iwv+N84 OoYaJOWWXZPkP4sAWJJi3FkC+5vLU/cKEvznLCO1SElREVsC6hwjDfeGHfgHJRKP WKdZ2FDG/xfQ0BI4OLWg3JlMf6GG32+js140d2YEBc499Ug1raInFu9TtQCCOqEQ cfAngaP5XIoVLKxXP2ohDlLMG7C9KLcPdc4k2DkedrU9KQ64CMPnsm2Bg1ojpEGb YD5PrCY2Yy/QHDun9YAq8A/tmLJdyivfLe3rr5NSkFtVuC4nnkR9nYZhYbtOoiSc 0kf46MG8EEG6Mt+lOzQ8UWL1T1eliAUEfui79UeZgGnFua8D0waK5R7VMQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFCJpm1RVNuGk2THlk0NyVcipvOULMB8GA1UdIwQY MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt Y2Q3ZTA2Y2JiNTMxLzEvSW1tYlZGVTI0YVRaTWVXVFEzSlZ5S204NVFzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAp6AfAwQB shMgAwQCyTG8MA0GCSqGSIb3DQEBCwUAA4IBAQBgqL84iSCiGJFqNqiTlrLS/tkX w7zEfvII8jc1Wc31TpPpcrGeNecWXoIIQQPCEu9CDYMgLN0c6RzOwNDHZ1ntFJla rN6RHZEVgwAkdyE+LIpiDCp4XQy7qPV69c0i1gGrJ7u0AVVj1497lD9mPmA0P6J3 i4JzVFIhxYsGlj8nqIc8tJKG+vnOia/0EjLffrFvy/62WKpYyJOCbNqMr0XRpi1T ZJdh7OHkDLe0msnL/D1FGC2Eo3lKeMjcIZ1bpxFo8dYO5zz+C7nb/YFNQK9xIJHT 0LszLzuduFTIbj/uwoKOIMT2YfoXTrCqiVdN4Hg6BQsxkPCjVfYCuIs4VKMt -----END CERTIFICATE-----Generated at Fri Jan 23 21:36:22 2026 by rpki-client