This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/iHtWDMb9r1DLFVD9CQ_abwIpjww.roa File: iHtWDMb9r1DLFVD9CQ_abwIpjww.roa (raw, json) Hash identifier: Ch/199clFDSsSh0DicdMjw6dlTBwCCD0XOg4ggtW9eE= Subject key identifier: 88:7B:56:0C:C6:FD:AF:50:CB:15:50:FD:09:0F:DA:6F:02:29:8F:0C Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e Certificate serial: 019AFF830BC1A3101B243E1C6BCBC22FABD8 Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/iHtWDMb9r1DLFVD9CQ_abwIpjww.roa Signing time: Mon 08 Dec 2025 19:49:29 +0000 ROA not before: Mon 08 Dec 2025 19:49:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 206728 IP address blocks: 109.120.136.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.mft rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:ff:83:0b:c1:a3:10:1b:24:3e:1c:6b:cb:c2:2f:ab:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e Validity Not Before: Dec 8 19:49:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=887b560cc6fdaf50cb1550fd090fda6f02298f0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:f4:db:68:b7:b8:32:aa:84:ce:90:f9:f1:d5: f6:58:49:7f:78:f4:2e:34:69:94:04:c1:ea:0b:8a: 3c:63:d4:2e:77:bd:69:03:1c:80:b0:aa:43:ea:63: 67:b6:7e:5e:9a:b0:47:ad:11:55:96:40:e3:0b:f4: 1f:37:c5:f9:ff:4b:06:a1:a5:de:69:fa:64:a2:2f: 7a:f5:21:4f:58:61:f3:81:30:9a:86:48:d0:52:e1: e4:dc:81:42:51:56:9e:ee:b1:cf:bf:e8:6f:4d:64: 63:4c:37:b4:4d:a6:ac:12:20:80:14:c1:6b:35:3d: 63:da:5e:02:4c:78:be:c8:f7:f3:a8:df:e7:94:45: d9:20:17:01:ca:a6:6c:44:6c:f2:00:fc:b5:26:57: 58:3b:20:2a:e3:db:98:4b:30:e3:65:4c:eb:11:a8: 6f:34:22:51:3e:98:0d:70:c3:dc:84:fb:c1:18:f9: 1b:00:0a:d5:24:c6:41:0e:06:ad:f9:8d:7e:a7:a1: ac:c4:3c:29:eb:8e:c4:0e:4c:16:44:9f:20:ef:d6: de:bc:2a:af:ca:e7:cf:b0:a5:74:d7:bb:94:7b:c5: 6f:84:2c:0c:c8:01:c6:85:ce:d0:e6:02:0a:5a:da: 1f:60:03:27:97:88:0f:97:f3:79:32:a7:e8:03:b3: 4e:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:7B:56:0C:C6:FD:AF:50:CB:15:50:FD:09:0F:DA:6F:02:29:8F:0C X509v3 Authority Key Identifier: keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/iHtWDMb9r1DLFVD9CQ_abwIpjww.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.120.136.0/24 Signature Algorithm: sha256WithRSAEncryption 90:f2:b4:dc:8c:3e:9a:14:66:33:59:c9:31:05:0a:f4:1f:5e: 17:c8:a8:54:05:46:40:ae:09:bf:aa:4f:05:dc:7d:ef:18:d9: ae:54:16:a9:52:c2:e9:5b:9e:6d:53:34:a0:64:7f:2d:b4:fd: 1b:de:36:d2:d1:7c:72:c8:8b:a4:5e:58:cf:b0:1f:db:f5:b7: be:59:a6:b6:ba:30:14:8b:88:e2:f1:48:cf:eb:76:57:43:11: a0:3a:c6:bd:cd:e6:ce:07:51:5f:5e:18:9f:17:dc:63:7e:01: 32:63:75:81:3d:5f:f1:4f:67:5c:d1:84:a0:fc:55:32:97:1b: 4d:a3:7a:48:87:07:0f:f1:78:16:f4:bd:3b:88:c0:f8:29:84: 0f:b8:b1:f3:c5:62:db:e1:bb:ba:8e:04:9e:6e:c1:01:82:2e: 69:a8:2c:49:cd:86:b6:3b:08:70:83:b6:a1:e8:45:c3:13:f2: a3:4a:ba:42:ea:e0:5d:b3:a7:a7:66:b8:eb:be:b3:18:3a:7e: 55:c2:0a:e2:08:56:42:97:cc:ef:e5:35:65:bc:90:b2:e4:b3: 01:67:8f:08:9b:c6:1b:76:fd:05:66:4a:1d:e8:40:20:6a:cf: 8b:ea:82:e8:ef:6d:af:e3:de:eb:5d:5a:24:52:85:d8:53:d1: 5d:5b:a2:ea -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZr/gwvBoxAbJD4ca8vCL6vYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl NmRlNWUwHhcNMjUxMjA4MTk0OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ODdiNTYwY2M2ZmRhZjUwY2IxNTUwZmQwOTBmZGE2ZjAyMjk4ZjBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PTbaLe4MqqEzpD58dX2WEl/ePQu NGmUBMHqC4o8Y9Qud71pAxyAsKpD6mNntn5emrBHrRFVlkDjC/QfN8X5/0sGoaXe afpkoi969SFPWGHzgTCahkjQUuHk3IFCUVae7rHPv+hvTWRjTDe0TaasEiCAFMFr NT1j2l4CTHi+yPfzqN/nlEXZIBcByqZsRGzyAPy1JldYOyAq49uYSzDjZUzrEahv NCJRPpgNcMPchPvBGPkbAArVJMZBDgat+Y1+p6GsxDwp647EDkwWRJ8g79bevCqv yufPsKV017uUe8VvhCwMyAHGhc7Q5gIKWtofYAMnl4gPl/N5MqfoA7NOiwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIh7VgzG/a9QyxVQ/QkP2m8CKY8MMB8GA1UdIwQY MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt OTJjODFmMjJlNzEyLzEvaUh0V0RNYjlyMURMRlZEOUNRX2Fid0lwand3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXiIMA0G CSqGSIb3DQEBCwUAA4IBAQCQ8rTcjD6aFGYzWckxBQr0H14XyKhUBUZArgm/qk8F 3H3vGNmuVBapUsLpW55tUzSgZH8ttP0b3jbS0XxyyIukXljPsB/b9be+Waa2ujAU i4ji8UjP63ZXQxGgOsa9zebOB1FfXhifF9xjfgEyY3WBPV/xT2dc0YSg/FUylxtN o3pIhwcP8XgW9L07iMD4KYQPuLHzxWLb4bu6jgSebsEBgi5pqCxJzYa2Owhwg7ah 6EXDE/KjSrpC6uBds6enZrjrvrMYOn5VwgriCFZCl8zv5TVlvJCy5LMBZ48Im8Yb dv0FZkod6EAgas+L6oLo722v497rXVokUoXYU9FdW6Lq -----END CERTIFICATE-----Generated at Sun Dec 14 01:01:42 2025 by rpki-client