This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/IF-dQIrNICfVhG9zO_nJPALR-dQ.roa File: IF-dQIrNICfVhG9zO_nJPALR-dQ.roa (raw, json) Hash identifier: 28voGBv/WZH5Cfsgew8XwJMKo8y9ShAkKaFAqMfu7Q4= Subject key identifier: 20:5F:9D:40:8A:CD:20:27:D5:84:6F:73:3B:F9:C9:3C:02:D1:F9:D4 Certificate issuer: /CN=bbd84bc44dbda5babfc4940bccc1635e153b24b6 Certificate serial: 019B77C70F6EC0BDF8410FFED3A1ED902208 Authority key identifier: BB:D8:4B:C4:4D:BD:A5:BA:BF:C4:94:0B:CC:C1:63:5E:15:3B:24:B6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9hLxE29pbq_xJQLzMFjXhU7JLY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/IF-dQIrNICfVhG9zO_nJPALR-dQ.roa Signing time: Thu 01 Jan 2026 04:18:12 +0000 ROA not before: Thu 01 Jan 2026 04:18:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200017 IP address blocks: 185.240.132.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/u9hLxE29pbq_xJQLzMFjXhU7JLY.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/u9hLxE29pbq_xJQLzMFjXhU7JLY.mft rsync://rpki.ripe.net/repository/DEFAULT/u9hLxE29pbq_xJQLzMFjXhU7JLY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:0f:6e:c0:bd:f8:41:0f:fe:d3:a1:ed:90:22:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bbd84bc44dbda5babfc4940bccc1635e153b24b6 Validity Not Before: Jan 1 04:18:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=205f9d408acd2027d5846f733bf9c93c02d1f9d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:5c:b5:bb:3d:23:84:cc:c3:b0:1d:4a:63:4a: cf:dd:21:5c:8a:ee:7d:5d:b8:25:e0:f2:90:d7:1d: 86:be:cb:30:43:d4:08:2b:b1:c1:19:65:24:6c:e4: 92:52:63:f7:6f:66:7a:b7:d9:e8:8e:d2:3b:ac:4e: da:fe:bb:19:c4:b8:43:a7:fb:b7:ad:ab:33:c8:5b: 60:e1:ff:d0:34:85:06:f1:86:67:7a:31:57:f6:94: a7:32:9f:0f:9d:20:a6:ac:49:ae:ce:93:7e:05:b0: 59:92:52:fd:b6:2d:b1:53:21:f6:94:72:3d:98:e3: 49:39:2b:76:2e:01:f8:02:09:3e:e7:3b:7e:40:95: 14:65:cb:5f:52:87:d3:84:29:8f:e0:ae:c0:66:a2: 03:81:58:4c:b0:1e:43:c6:fb:11:1d:80:d5:52:1c: 81:a7:1e:f9:dc:78:5c:fd:73:1c:9a:64:ae:ab:b4: 6c:9a:09:f3:45:03:af:a3:8d:3f:98:94:87:77:1c: b6:92:7b:2e:70:3b:5c:54:e6:de:da:d2:43:f1:0e: a9:aa:9e:08:5f:b9:4a:90:01:a9:db:12:ee:d2:d7: c2:82:ea:c9:86:55:a2:fe:f2:e4:d2:05:a9:fb:82: de:25:40:98:0b:4d:06:3c:cf:85:a5:a9:fd:87:54: 5b:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:5F:9D:40:8A:CD:20:27:D5:84:6F:73:3B:F9:C9:3C:02:D1:F9:D4 X509v3 Authority Key Identifier: keyid:BB:D8:4B:C4:4D:BD:A5:BA:BF:C4:94:0B:CC:C1:63:5E:15:3B:24:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9hLxE29pbq_xJQLzMFjXhU7JLY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/IF-dQIrNICfVhG9zO_nJPALR-dQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/639be4-93e6-4183-ab6f-dfddb1364363/1/u9hLxE29pbq_xJQLzMFjXhU7JLY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.240.132.0/24 Signature Algorithm: sha256WithRSAEncryption 4f:95:74:bd:c6:a2:9a:b3:eb:38:15:d8:9d:8a:7b:9e:88:90: 92:81:32:fa:5c:73:9f:38:86:9e:59:f3:f8:9c:34:b0:fc:13: a9:6e:eb:21:15:80:3b:af:bc:3e:a2:7a:ec:4e:a2:00:af:58: ad:c7:3a:a6:7c:5a:27:c7:a6:be:1e:77:d8:19:bd:b8:49:6a: 19:36:96:7f:65:3c:a2:81:7d:91:22:81:69:d7:67:6d:d6:91: d9:8b:96:53:ad:3b:ac:c2:20:4a:5b:20:c5:3c:74:5e:00:f6: 64:6c:ad:99:61:2e:56:b3:10:14:69:4b:55:8c:db:36:90:12: 31:36:be:20:a0:71:9c:7b:c1:81:ed:79:ac:22:92:e0:df:1f: 92:d3:de:9a:2c:40:9c:7b:ad:c7:7d:8d:c4:73:8c:80:8b:b4: 4a:4a:8d:47:5c:86:2d:12:63:2d:3e:4e:02:be:a4:53:84:44: 3e:7f:d1:9a:04:4d:a0:45:af:42:9e:26:0e:45:b0:c9:92:4f: e4:7d:7c:ea:81:95:54:c9:ab:18:c3:7b:98:42:a5:5f:b5:b3: d3:38:65:f4:07:70:29:d2:55:dc:bc:b7:cd:33:be:87:b7:32: d2:38:5b:ed:7f:f0:02:4c:30:3e:c7:cd:2a:a1:a9:f7:ee:74: bb:1c:67:cb -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3xw9uwL34QQ/+06HtkCIIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJiZDg0YmM0NGRiZGE1YmFiZmM0OTQwYmNjYzE2MzVlMTUz YjI0YjYwHhcNMjYwMTAxMDQxODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMDVmOWQ0MDhhY2QyMDI3ZDU4NDZmNzMzYmY5YzkzYzAyZDFmOWQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1y1uz0jhMzDsB1KY0rP3SFciu59 Xbgl4PKQ1x2GvsswQ9QIK7HBGWUkbOSSUmP3b2Z6t9nojtI7rE7a/rsZxLhDp/u3 raszyFtg4f/QNIUG8YZnejFX9pSnMp8PnSCmrEmuzpN+BbBZklL9ti2xUyH2lHI9 mONJOSt2LgH4Agk+5zt+QJUUZctfUofThCmP4K7AZqIDgVhMsB5DxvsRHYDVUhyB px753Hhc/XMcmmSuq7RsmgnzRQOvo40/mJSHdxy2knsucDtcVObe2tJD8Q6pqp4I X7lKkAGp2xLu0tfCgurJhlWi/vLk0gWp+4LeJUCYC00GPM+Fpan9h1RbNwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCBfnUCKzSAn1YRvczv5yTwC0fnUMB8GA1UdIwQY MBaAFLvYS8RNvaW6v8SUC8zBY14VOyS2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdTloTHhFMjlwYnFfeEpRTHpNRmpYaFU3SkxZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS82MzliZTQtOTNlNi00MTgzLWFiNmYt ZGZkZGIxMzY0MzYzLzEvSUYtZFFJck5JQ2ZWaEc5ek9fbkpQQUxSLWRRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS82MzliZTQtOTNlNi00MTgzLWFiNmYtZGZkZGIxMzY0MzYz LzEvdTloTHhFMjlwYnFfeEpRTHpNRmpYaFU3SkxZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufCEMA0G CSqGSIb3DQEBCwUAA4IBAQBPlXS9xqKas+s4FdidinueiJCSgTL6XHOfOIaeWfP4 nDSw/BOpbushFYA7r7w+onrsTqIAr1itxzqmfFonx6a+HnfYGb24SWoZNpZ/ZTyi gX2RIoFp12dt1pHZi5ZTrTuswiBKWyDFPHReAPZkbK2ZYS5WsxAUaUtVjNs2kBIx Nr4goHGce8GB7XmsIpLg3x+S096aLECce63HfY3Ec4yAi7RKSo1HXIYtEmMtPk4C vqRThEQ+f9GaBE2gRa9CniYORbDJkk/kfXzqgZVUyasYw3uYQqVftbPTOGX0B3Ap 0lXcvLfNM76HtzLSOFvtf/ACTDA+x80qoan37nS7HGfL -----END CERTIFICATE-----Generated at Mon Jan 19 23:22:02 2026 by rpki-client