This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/J3IUrppUQEJ9AlNcJD-MFxypKxI.roa File: J3IUrppUQEJ9AlNcJD-MFxypKxI.roa (raw, json) Hash identifier: uezq13xnHYoK43g5cZL4HFTwsYHZzWtKo0PDmpYGYzc= Subject key identifier: 27:72:14:AE:9A:54:40:42:7D:02:53:5C:24:3F:8C:17:1C:A9:2B:12 Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954 Certificate serial: 019B7E392C47F8C571BB3010E47F3ABD5849 Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/J3IUrppUQEJ9AlNcJD-MFxypKxI.roa Signing time: Fri 02 Jan 2026 10:20:34 +0000 ROA not before: Fri 02 Jan 2026 10:20:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 396362 IP address blocks: 152.163.40.0/22 maxlen: 22 152.163.68.0/22 maxlen: 22 152.163.92.0/22 maxlen: 22 152.163.144.0/22 maxlen: 22 152.163.168.0/22 maxlen: 22 152.163.196.0/22 maxlen: 22 152.163.220.0/22 maxlen: 22 152.163.244.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:2c:47:f8:c5:71:bb:30:10:e4:7f:3a:bd:58:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954 Validity Not Before: Jan 2 10:20:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=277214ae9a5440427d02535c243f8c171ca92b12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:41:0a:64:1f:84:b4:9a:67:19:17:b6:dd:0d: 20:59:1b:29:59:03:39:de:b0:37:a4:3b:b3:8d:f5: 5b:80:d9:3b:4e:3c:ea:6f:23:ab:0b:0c:a1:be:52: b6:16:5a:ff:eb:54:bc:1b:50:67:af:4c:24:87:02: 6e:28:c0:6c:1f:08:c1:41:fa:99:e3:23:31:06:35: 95:c6:c9:b1:bf:85:4d:e7:4c:45:f7:91:65:58:d6: 54:65:dc:88:dd:87:3b:66:6d:26:cf:c9:45:f8:6b: 22:9b:c1:23:d7:9e:1f:47:11:74:b1:c0:13:f0:74: 2a:35:be:c5:11:af:65:3b:1f:2c:fc:9a:7b:b6:57: 79:ed:44:0d:4a:0b:5d:b2:73:e8:17:65:e8:82:e1: 3e:bb:45:47:28:df:e4:44:ea:4d:34:00:c1:2d:e5: 57:da:34:0d:5f:90:8a:6f:40:f3:31:3f:4d:e1:0c: b0:06:14:0d:08:97:32:15:94:e5:f7:3b:cb:0d:db: c7:95:a2:6c:11:c5:f0:42:a6:06:de:2c:05:3b:45: 21:b4:ae:60:d5:a5:a8:cd:71:68:3d:81:84:76:03: 65:37:7f:e9:6b:5a:c6:c3:49:d3:aa:78:03:2f:9b: f7:f4:73:41:ae:c1:1a:fb:65:55:e8:a8:d8:13:f7: a3:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:72:14:AE:9A:54:40:42:7D:02:53:5C:24:3F:8C:17:1C:A9:2B:12 X509v3 Authority Key Identifier: keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/J3IUrppUQEJ9AlNcJD-MFxypKxI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.163.40.0/22 152.163.68.0/22 152.163.92.0/22 152.163.144.0/22 152.163.168.0/22 152.163.196.0/22 152.163.220.0/22 152.163.244.0/22 Signature Algorithm: sha256WithRSAEncryption 6f:73:a3:a2:1e:3c:4e:a2:58:b2:a9:73:bb:c1:b9:cd:e1:25: 00:8b:8c:dd:1e:f4:3e:a1:92:ab:af:dd:34:da:2d:62:1a:21: 9c:96:4b:75:2b:bf:fd:c3:83:70:e3:d6:88:62:b2:3c:3b:00: 4f:7b:cf:7d:a8:5f:e9:9a:87:81:57:04:e9:8a:45:1a:c2:59: bf:4a:bc:96:b5:72:15:d8:6f:c1:16:cf:e1:73:e9:c2:f5:64: e6:97:31:ac:2d:95:f3:88:39:00:fd:0d:df:48:68:b0:22:2a: f6:40:d2:b4:1c:2b:9a:31:09:ac:fa:3c:84:84:2c:95:5e:13: c2:41:30:37:71:7c:4c:a7:61:0b:f2:bb:5c:79:cd:c6:29:da: 5b:81:a2:c7:a7:7a:8a:a1:0a:9e:2c:bf:79:54:26:b6:4f:91: 9f:88:2c:1b:0f:ea:ce:0c:ae:d9:03:42:5c:db:1c:d3:75:f7: 79:f8:9e:66:e3:86:2e:0b:8c:76:d7:cf:5e:10:19:ba:58:3b: de:6a:01:08:4f:10:4d:fd:75:2f:9b:15:73:52:7a:36:79:93: e3:c5:c2:a0:59:85:9a:01:d0:27:f0:e1:67:ff:98:b9:b0:87: 56:25:6f:bd:52:00:0d:43:2c:85:40:12:8f:fa:39:2a:63:40: b8:ab:93:38 -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZt+OSxH+MVxuzAQ5H86vVhJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw Njc5NTQwHhcNMjYwMTAyMTAyMDM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNzcyMTRhZTlhNTQ0MDQyN2QwMjUzNWMyNDNmOGMxNzFjYTkyYjEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEEKZB+EtJpnGRe23Q0gWRspWQM5 3rA3pDuzjfVbgNk7TjzqbyOrCwyhvlK2Flr/61S8G1Bnr0wkhwJuKMBsHwjBQfqZ 4yMxBjWVxsmxv4VN50xF95FlWNZUZdyI3Yc7Zm0mz8lF+Gsim8Ej154fRxF0scAT 8HQqNb7FEa9lOx8s/Jp7tld57UQNSgtdsnPoF2XoguE+u0VHKN/kROpNNADBLeVX 2jQNX5CKb0DzMT9N4QywBhQNCJcyFZTl9zvLDdvHlaJsEcXwQqYG3iwFO0UhtK5g 1aWozXFoPYGEdgNlN3/pa1rGw0nTqngDL5v39HNBrsEa+2VV6KjYE/ejFwIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFCdyFK6aVEBCfQJTXCQ/jBccqSsSMB8GA1UdIwQY MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt NmVhYzYyZTYwZGY3LzEvSjNJVXJwcFVRRUo5QWxOY0pELU1GeHlwS3hJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3 LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCmKMoAwQC mKNEAwQCmKNcAwQCmKOQAwQCmKOoAwQCmKPEAwQCmKPcAwQCmKP0MA0GCSqGSIb3 DQEBCwUAA4IBAQBvc6OiHjxOoliyqXO7wbnN4SUAi4zdHvQ+oZKrr9002i1iGiGc lkt1K7/9w4Nw49aIYrI8OwBPe899qF/pmoeBVwTpikUawlm/SryWtXIV2G/BFs/h c+nC9WTmlzGsLZXziDkA/Q3fSGiwIir2QNK0HCuaMQms+jyEhCyVXhPCQTA3cXxM p2EL8rtcec3GKdpbgaLHp3qKoQqeLL95VCa2T5GfiCwbD+rODK7ZA0Jc2xzTdfd5 +J5m44YuC4x2189eEBm6WDveagEITxBN/XUvmxVzUno2eZPjxcKgWYWaAdAn8OFn /5i5sIdWJW+9UgANQyyFQBKP+jkqY0C4q5M4 -----END CERTIFICATE-----Generated at Sun Jan 25 03:16:39 2026 by rpki-client