This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/Im1hsaO2oTHkZ-z1x6BH4qOQeiA.roa File: Im1hsaO2oTHkZ-z1x6BH4qOQeiA.roa (raw, json) Hash identifier: rtKkHZhMW9ixPsD8Afo3cijSYyrzXMxXcNv91q8fepc= Subject key identifier: 22:6D:61:B1:A3:B6:A1:31:E4:67:EC:F5:C7:A0:47:E2:A3:90:7A:20 Certificate issuer: /CN=10721ead6a4575643cb703062c0968755e8281eb Certificate serial: 019B77C6A2DACCADD3BA0009BF0B40BAE9FE Authority key identifier: 10:72:1E:AD:6A:45:75:64:3C:B7:03:06:2C:09:68:75:5E:82:81:EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHIerWpFdWQ8twMGLAlodV6Cges.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/Im1hsaO2oTHkZ-z1x6BH4qOQeiA.roa Signing time: Thu 01 Jan 2026 04:17:44 +0000 ROA not before: Thu 01 Jan 2026 04:17:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2856 IP address blocks: 45.112.172.0/22 maxlen: 22 91.236.216.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/EHIerWpFdWQ8twMGLAlodV6Cges.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/EHIerWpFdWQ8twMGLAlodV6Cges.mft rsync://rpki.ripe.net/repository/DEFAULT/EHIerWpFdWQ8twMGLAlodV6Cges.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 07:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:a2:da:cc:ad:d3:ba:00:09:bf:0b:40:ba:e9:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=10721ead6a4575643cb703062c0968755e8281eb Validity Not Before: Jan 1 04:17:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=226d61b1a3b6a131e467ecf5c7a047e2a3907a20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:56:b3:48:a4:e6:d5:1f:96:55:10:71:de:4e: 66:e9:2d:d9:68:d1:aa:e8:c6:bc:ad:cb:a1:30:05: e1:7e:dd:83:e3:ee:09:b4:f4:dd:b5:3d:2e:df:12: 07:ab:54:3e:b5:fa:7a:85:ff:c5:ea:20:d0:91:75: 90:18:85:b2:63:02:b7:f9:ed:47:dc:a9:89:bf:cb: 37:0b:82:5b:9d:4c:24:b2:4d:27:c7:eb:d2:5e:40: 1b:49:76:4d:9d:fc:d6:f3:6f:cd:69:fc:90:aa:3e: c5:a3:9c:ed:59:ea:20:26:c7:55:21:27:b4:a6:b6: b4:d6:d4:d0:5c:8b:c0:65:3d:e2:ed:d2:9f:aa:5f: b6:c4:ce:f0:65:b3:a1:c2:13:b0:52:da:30:26:de: b5:f6:40:2f:d7:ed:34:1b:eb:47:a0:92:43:05:14: 7e:51:fd:8e:04:6e:a2:ee:4e:33:9a:4f:4e:0e:4d: 94:0b:e1:ce:cf:75:93:61:82:85:e7:42:30:fa:d8: 94:14:a7:f7:b0:5c:10:13:68:3e:af:69:3f:ad:ca: 1b:6e:2d:2f:cd:04:bf:b2:97:2c:24:4d:3d:84:fb: 7c:9f:17:95:5b:eb:bb:57:91:f1:d3:05:d5:38:f8: bd:11:98:f1:c5:ee:53:1d:a1:a2:36:f4:de:c7:79: 99:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:6D:61:B1:A3:B6:A1:31:E4:67:EC:F5:C7:A0:47:E2:A3:90:7A:20 X509v3 Authority Key Identifier: keyid:10:72:1E:AD:6A:45:75:64:3C:B7:03:06:2C:09:68:75:5E:82:81:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHIerWpFdWQ8twMGLAlodV6Cges.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/Im1hsaO2oTHkZ-z1x6BH4qOQeiA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/ca935b-2484-4020-b814-3d4ae80fc45d/1/EHIerWpFdWQ8twMGLAlodV6Cges.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.112.172.0/22 91.236.216.0/23 Signature Algorithm: sha256WithRSAEncryption 19:99:e3:91:d7:84:77:63:7b:62:65:10:6c:32:9a:02:a0:3f: 6d:71:5a:99:7a:c7:71:9f:27:54:df:26:f5:aa:e0:8c:3c:be: 6c:64:44:9e:4f:5e:22:88:2b:4e:6b:ed:bc:bd:3b:9d:64:67: 7c:29:d6:a8:46:ca:ed:67:9c:5c:16:b2:85:46:24:6f:46:80: 9e:0f:71:70:41:18:f3:8b:91:0d:d1:15:44:b3:d5:bf:66:7d: 91:ff:5d:4f:4a:b4:9d:16:0a:17:84:6b:a0:36:aa:c1:96:6e: 41:7b:c6:85:85:57:c0:5d:cc:06:d6:15:b8:6c:2d:84:38:c0: 62:74:b6:78:c0:1e:0c:63:b9:c3:7a:1c:a1:5e:f9:aa:e0:d4: 52:76:48:a1:aa:03:23:e2:66:ec:96:25:1c:67:1a:8a:61:3b: 0f:dc:22:95:55:b6:ec:a7:64:14:fb:c4:78:31:f8:1a:e4:ad: ab:99:92:48:ca:cc:3e:e5:08:6f:06:53:c5:2a:da:5c:c5:ab: 63:a3:28:f4:8a:df:71:5d:4c:32:15:95:20:b4:58:b3:51:5f: b7:9d:92:24:15:58:b4:39:1f:ae:c6:00:49:f7:05:bb:0c:a4: 3c:f6:36:0f:7d:0f:cf:10:d2:cd:44:68:c5:26:21:18:66:5f: 68:24:49:04 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3xqLazK3TugAJvwtAuun+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEwNzIxZWFkNmE0NTc1NjQzY2I3MDMwNjJjMDk2ODc1NWU4 MjgxZWIwHhcNMjYwMTAxMDQxNzQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMjZkNjFiMWEzYjZhMTMxZTQ2N2VjZjVjN2EwNDdlMmEzOTA3YTIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlazSKTm1R+WVRBx3k5m6S3ZaNGq 6Ma8rcuhMAXhft2D4+4JtPTdtT0u3xIHq1Q+tfp6hf/F6iDQkXWQGIWyYwK3+e1H 3KmJv8s3C4JbnUwksk0nx+vSXkAbSXZNnfzW82/NafyQqj7Fo5ztWeogJsdVISe0 pra01tTQXIvAZT3i7dKfql+2xM7wZbOhwhOwUtowJt619kAv1+00G+tHoJJDBRR+ Uf2OBG6i7k4zmk9ODk2UC+HOz3WTYYKF50Iw+tiUFKf3sFwQE2g+r2k/rcobbi0v zQS/spcsJE09hPt8nxeVW+u7V5Hx0wXVOPi9EZjxxe5THaGiNvTex3mZWwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCJtYbGjtqEx5Gfs9cegR+KjkHogMB8GA1UdIwQY MBaAFBByHq1qRXVkPLcDBiwJaHVegoHrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRUhJZXJXcEZkV1E4dHdNR0xBbG9kVjZDZ2VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9jYTkzNWItMjQ4NC00MDIwLWI4MTQt M2Q0YWU4MGZjNDVkLzEvSW0xaHNhTzJvVEhrWi16MXg2Qkg0cU9RZWlBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi9jYTkzNWItMjQ4NC00MDIwLWI4MTQtM2Q0YWU4MGZjNDVk LzEvRUhJZXJXcEZkV1E4dHdNR0xBbG9kVjZDZ2VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLXCsAwQB W+zYMA0GCSqGSIb3DQEBCwUAA4IBAQAZmeOR14R3Y3tiZRBsMpoCoD9tcVqZesdx nydU3yb1quCMPL5sZESeT14iiCtOa+28vTudZGd8KdaoRsrtZ5xcFrKFRiRvRoCe D3FwQRjzi5EN0RVEs9W/Zn2R/11PSrSdFgoXhGugNqrBlm5Be8aFhVfAXcwG1hW4 bC2EOMBidLZ4wB4MY7nDehyhXvmq4NRSdkihqgMj4mbsliUcZxqKYTsP3CKVVbbs p2QU+8R4Mfga5K2rmZJIysw+5QhvBlPFKtpcxatjoyj0it9xXUwyFZUgtFizUV+3 nZIkFVi0OR+uxgBJ9wW7DKQ89jYPfQ/PENLNRGjFJiEYZl9oJEkE -----END CERTIFICATE-----Generated at Thu Jan 8 17:32:23 2026 by rpki-client