This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/Iaz4zqq_llyLpRhBzA5TNXCOONQ.roa File: Iaz4zqq_llyLpRhBzA5TNXCOONQ.roa (raw, json) Hash identifier: aAUK9k/Qnep7LDB2SrE+2J3gmHhJ6n0R8P7t3Hv3ssQ= Subject key identifier: 21:AC:F8:CE:AA:BF:96:5C:8B:A5:18:41:CC:0E:53:35:70:8E:38:D4 Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e Certificate serial: 019B7F83BBA7969EE8CFA3ACBDFABD1569E6 Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/Iaz4zqq_llyLpRhBzA5TNXCOONQ.roa Signing time: Fri 02 Jan 2026 16:21:38 +0000 ROA not before: Fri 02 Jan 2026 16:21:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209026 IP address blocks: 188.72.120.0/22 maxlen: 22 188.72.120.0/24 maxlen: 24 188.72.121.0/24 maxlen: 24 188.72.122.0/24 maxlen: 24 188.72.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:bb:a7:96:9e:e8:cf:a3:ac:bd:fa:bd:15:69:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e Validity Not Before: Jan 2 16:21:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21acf8ceaabf965c8ba51841cc0e5335708e38d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:7f:db:47:b8:81:63:7e:7e:39:1a:ae:45:d9: d4:c8:bb:47:3c:69:e3:7f:b5:05:e5:a4:8e:8b:70: 5c:d8:02:57:db:71:46:71:e7:2b:eb:b4:32:dc:7d: c6:4d:37:bc:9e:a5:1e:0e:cc:21:da:18:76:55:a0: 0b:f0:d5:6a:a0:e2:b8:51:de:5a:8a:8a:07:a3:7e: 1c:ed:70:73:ff:34:be:5e:b7:1f:dd:5a:b8:58:3d: b1:e7:e0:9e:d4:c7:6a:b5:5d:4c:82:ff:0a:f3:ea: f7:55:1b:21:54:ff:66:dc:69:54:00:79:6f:fa:41: e5:da:e6:56:10:f1:f9:f8:a2:ac:cd:02:6d:3d:95: ee:3c:40:37:76:52:e3:2b:b8:0e:e1:de:c5:4a:c0: f7:06:64:ac:8f:d9:4f:d9:bc:7e:23:4f:fa:a2:ab: 75:94:b8:d1:4e:ac:8f:ad:08:20:7d:94:77:3d:56: b1:3c:f5:a2:78:a6:df:24:1e:5a:75:da:fe:a2:d8: f1:53:1d:6a:59:cd:e5:dc:c6:3a:7e:e6:d1:3e:e9: 5f:78:f1:27:1e:db:8a:09:ce:30:20:6c:18:d1:7f: ee:82:f4:50:dd:14:b5:53:36:49:9d:9f:3c:6c:94: 5a:cd:75:cb:b8:51:5b:3d:9b:d1:2d:45:c9:4d:80: 28:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:AC:F8:CE:AA:BF:96:5C:8B:A5:18:41:CC:0E:53:35:70:8E:38:D4 X509v3 Authority Key Identifier: keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/Iaz4zqq_llyLpRhBzA5TNXCOONQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.72.120.0/22 Signature Algorithm: sha256WithRSAEncryption 82:2c:2d:8d:a1:d8:9f:42:8b:a2:97:03:af:b5:ae:1c:65:4c: f6:54:d1:f9:57:10:95:1f:f9:9b:10:3e:08:6a:16:3e:7b:26: 3a:8c:c1:d4:14:f6:35:9c:b3:bd:60:61:9d:02:2f:5d:f8:69: d0:3b:0a:6b:f0:7b:7f:20:fb:91:12:fe:2b:af:ae:98:f4:7f: 50:86:7f:bb:ae:4d:f3:12:a8:8f:d4:3a:84:ba:c1:dc:94:99: 30:17:b3:78:96:e2:eb:ca:de:8e:cd:bc:6a:3c:12:92:c5:cd: c0:c9:15:5d:cb:5a:3c:63:81:2a:5b:7b:f6:fc:a2:43:de:c6: 85:f5:fa:ba:21:8a:f4:ba:72:03:db:f6:4b:58:38:d3:10:36: bd:b1:db:ba:92:34:1f:92:1c:27:4f:4c:85:97:e2:96:18:6a: d8:12:68:ab:13:07:69:2f:fb:09:8f:27:82:90:ff:50:87:62: ee:43:43:70:58:83:f1:7e:e7:13:bd:a1:e9:48:ea:34:3d:8f: ba:6e:60:62:a8:5a:a5:16:2d:6b:13:7d:d2:0a:45:85:fe:c4: 5c:4b:4e:0a:34:c2:69:f8:50:14:85:b3:db:05:53:9b:67:ef: a2:66:2e:08:54:ba:15:a8:ba:ce:ab:4e:75:a7:6d:58:6a:b7: 06:f1:f0:16 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/g7unlp7oz6Osvfq9FWnmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0 NzA2N2UwHhcNMjYwMTAyMTYyMTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWFjZjhjZWFhYmY5NjVjOGJhNTE4NDFjYzBlNTMzNTcwOGUzOGQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX/bR7iBY35+ORquRdnUyLtHPGnj f7UF5aSOi3Bc2AJX23FGcecr67Qy3H3GTTe8nqUeDswh2hh2VaAL8NVqoOK4Ud5a iooHo34c7XBz/zS+Xrcf3Vq4WD2x5+Ce1MdqtV1Mgv8K8+r3VRshVP9m3GlUAHlv +kHl2uZWEPH5+KKszQJtPZXuPEA3dlLjK7gO4d7FSsD3BmSsj9lP2bx+I0/6oqt1 lLjRTqyPrQggfZR3PVaxPPWieKbfJB5addr+otjxUx1qWc3l3MY6fubRPulfePEn HtuKCc4wIGwY0X/ugvRQ3RS1UzZJnZ88bJRazXXLuFFbPZvRLUXJTYAoTQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCGs+M6qv5Zci6UYQcwOUzVwjjjUMB8GA1UdIwQY MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt OGM5NTgxZDk2ZDhmLzEvSWF6NHpxcV9sbHlMcFJoQnpBNVROWENPT05RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvEh4MA0G CSqGSIb3DQEBCwUAA4IBAQCCLC2NodifQouilwOvta4cZUz2VNH5VxCVH/mbED4I ahY+eyY6jMHUFPY1nLO9YGGdAi9d+GnQOwpr8Ht/IPuREv4rr66Y9H9Qhn+7rk3z EqiP1DqEusHclJkwF7N4luLryt6OzbxqPBKSxc3AyRVdy1o8Y4EqW3v2/KJD3saF 9fq6IYr0unID2/ZLWDjTEDa9sdu6kjQfkhwnT0yFl+KWGGrYEmirEwdpL/sJjyeC kP9Qh2LuQ0NwWIPxfucTvaHpSOo0PY+6bmBiqFqlFi1rE33SCkWF/sRcS04KNMJp +FAUhbPbBVObZ++iZi4IVLoVqLrOq051p21YarcG8fAW -----END CERTIFICATE-----Generated at Mon Jan 26 04:51:37 2026 by rpki-client