This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/aiPzn30z8uRtnVIiE-rB4p5bdh0.roa File: aiPzn30z8uRtnVIiE-rB4p5bdh0.roa (raw, json) Hash identifier: EZucPC41uNM6mTBi577LLrthBHshOmKnhhCzkUMwbdA= Subject key identifier: 6A:23:F3:9F:7D:33:F2:E4:6D:9D:52:22:13:EA:C1:E2:9E:5B:76:1D Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003 Certificate serial: 019BAB15D9DE140BFDB6DE04DF78E06C647F Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/aiPzn30z8uRtnVIiE-rB4p5bdh0.roa Signing time: Sun 11 Jan 2026 03:24:54 +0000 ROA not before: Sun 11 Jan 2026 03:24:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58212 IP address blocks: 144.31.126.0/24 maxlen: 24 144.31.127.0/24 maxlen: 24 144.31.226.0/24 maxlen: 24 144.31.227.0/24 maxlen: 24 144.31.230.0/24 maxlen: 24 144.31.234.0/24 maxlen: 24 144.31.236.0/24 maxlen: 24 144.31.239.0/24 maxlen: 24 144.31.240.0/24 maxlen: 24 144.31.241.0/24 maxlen: 24 144.31.242.0/24 maxlen: 24 144.31.243.0/24 maxlen: 24 144.31.249.0/24 maxlen: 24 150.241.64.0/24 maxlen: 24 150.241.65.0/24 maxlen: 24 150.241.68.0/24 maxlen: 24 150.241.69.0/24 maxlen: 24 150.241.70.0/24 maxlen: 24 150.241.71.0/24 maxlen: 24 150.241.72.0/24 maxlen: 24 150.241.73.0/24 maxlen: 24 150.241.74.0/24 maxlen: 24 150.241.75.0/24 maxlen: 24 150.241.85.0/24 maxlen: 24 150.241.86.0/24 maxlen: 24 193.23.194.0/24 maxlen: 24 193.23.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:ab:15:d9:de:14:0b:fd:b6:de:04:df:78:e0:6c:64:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003 Validity Not Before: Jan 11 03:24:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6a23f39f7d33f2e46d9d522213eac1e29e5b761d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:9b:50:64:a7:5e:06:c9:63:4b:fb:59:97:71: f7:14:8d:b2:12:98:97:ea:54:46:42:a6:d9:71:b9: 52:ab:85:0c:fd:a5:1f:95:cb:4a:6a:5c:91:5c:8f: bb:77:25:83:41:79:fc:86:8d:90:61:a6:da:52:3b: 7a:51:d5:c8:3c:cd:6a:88:73:eb:8a:c2:4e:98:6e: 86:72:d4:e4:4b:f0:72:79:6c:46:85:9b:48:86:da: 35:e5:2b:89:96:ff:86:bc:ac:e1:79:ef:8c:0b:3a: 2d:56:11:cc:3c:ef:51:fb:c3:83:6b:d0:da:bb:8f: f0:ea:8f:e1:05:6c:6f:c8:09:52:49:ee:26:9e:12: 7f:f9:d7:72:09:97:1a:4e:84:77:f7:48:c9:ad:bf: eb:5e:67:01:1a:9b:77:c0:8d:79:38:07:45:2d:a2: 41:f0:f7:d0:7e:d5:11:a2:e7:46:8a:d3:8b:96:dd: c7:7a:e4:43:60:a7:8d:56:68:9a:2d:c8:74:35:11: 96:0e:8a:12:d2:7f:7a:eb:69:19:15:b9:84:f2:13: 91:3d:65:57:72:a8:46:19:d2:4b:8d:17:c6:67:4e: 1e:f2:73:17:5f:89:a2:7f:13:1e:f4:33:8a:9e:5c: cf:54:77:66:8e:a6:df:c4:a9:fa:70:98:c2:7e:83: ab:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:23:F3:9F:7D:33:F2:E4:6D:9D:52:22:13:EA:C1:E2:9E:5B:76:1D X509v3 Authority Key Identifier: keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/aiPzn30z8uRtnVIiE-rB4p5bdh0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 144.31.126.0/23 144.31.226.0/23 144.31.230.0/24 144.31.234.0/24 144.31.236.0/24 144.31.239.0-144.31.243.255 144.31.249.0/24 150.241.64.0/23 150.241.68.0-150.241.75.255 150.241.85.0-150.241.86.255 193.23.194.0/24 193.23.222.0/24 Signature Algorithm: sha256WithRSAEncryption 1a:23:84:d3:7c:68:21:57:90:1a:a4:05:ee:f0:26:6c:d9:7d: f2:a4:26:4e:45:0e:f0:01:04:ab:ca:ce:b0:e2:74:80:99:b8: 34:27:b0:a8:c7:d0:f4:cf:04:7d:fc:0e:9e:4c:0e:25:43:4e: 86:7c:e8:30:ff:44:dd:33:9c:9e:82:d0:22:be:84:c7:12:19: 45:1a:09:76:17:5d:7f:3a:ce:99:5d:5d:81:04:2c:12:d3:7d: 6e:56:01:19:a6:b1:12:5d:9c:ad:14:3c:90:73:22:9e:54:81: 21:24:84:5a:8e:ad:5e:73:02:e2:c5:79:77:cb:ba:b1:f6:c9: 73:cb:94:19:50:7d:e4:86:47:36:90:bf:33:5c:1b:f0:57:ea: 70:62:d7:e6:5d:0a:fd:6b:f2:50:d6:3a:64:93:c3:52:a1:ba: b1:e9:fb:12:22:29:60:79:4c:d0:39:22:a1:22:1f:c9:c9:c0: 1d:47:7e:40:b4:6b:28:c7:21:fc:fb:95:13:a2:ad:0b:bb:6e: 2c:9d:2e:c7:a6:ac:75:41:61:a7:3d:b6:d4:9d:83:a8:bc:e3: 79:cb:0d:f7:32:df:fc:21:34:57:00:09:de:c7:60:33:d2:76: 2e:29:b0:0e:d8:3d:36:46:30:12:3b:5b:3d:d9:bc:20:a3:66: 7b:89:75:69 -----BEGIN CERTIFICATE----- MIIFVzCCBD+gAwIBAgISAZurFdneFAv9tt4E33jgbGR/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4 NDAwMDMwHhcNMjYwMTExMDMyNDU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YTIzZjM5ZjdkMzNmMmU0NmQ5ZDUyMjIxM2VhYzFlMjllNWI3NjFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqptQZKdeBsljS/tZl3H3FI2yEpiX 6lRGQqbZcblSq4UM/aUflctKalyRXI+7dyWDQXn8ho2QYabaUjt6UdXIPM1qiHPr isJOmG6GctTkS/ByeWxGhZtIhto15SuJlv+GvKzhee+MCzotVhHMPO9R+8ODa9Da u4/w6o/hBWxvyAlSSe4mnhJ/+ddyCZcaToR390jJrb/rXmcBGpt3wI15OAdFLaJB 8PfQftURoudGitOLlt3HeuRDYKeNVmiaLch0NRGWDooS0n9662kZFbmE8hORPWVX cqhGGdJLjRfGZ04e8nMXX4mifxMe9DOKnlzPVHdmjqbfxKn6cJjCfoOrdQIDAQAB o4ICYzCCAl8wHQYDVR0OBBYEFGoj8599M/LkbZ1SIhPqweKeW3YdMB8GA1UdIwQY MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt MTQzOTY3YThmZTA4LzEvYWlQem4zMHo4dVJ0blZJaUUtckI0cDViZGgwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4 LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQBkB9+AwQB kB/iAwQAkB/mAwQAkB/qAwQAkB/sMAwDBACQH+8DBAKQH/ADBACQH/kDBAGW8UAw DAMEApbxRAMEApbxSDAMAwQAlvFVAwQAlvFWAwQAwRfCAwQAwRfeMA0GCSqGSIb3 DQEBCwUAA4IBAQAaI4TTfGghV5AapAXu8CZs2X3ypCZORQ7wAQSrys6w4nSAmbg0 J7Cox9D0zwR9/A6eTA4lQ06GfOgw/0TdM5yegtAivoTHEhlFGgl2F11/Os6ZXV2B BCwS031uVgEZprESXZytFDyQcyKeVIEhJIRajq1ecwLixXl3y7qx9slzy5QZUH3k hkc2kL8zXBvwV+pwYtfmXQr9a/JQ1jpkk8NSobqx6fsSIilgeUzQOSKhIh/JycAd R35AtGsoxyH8+5UToq0Lu24snS7Hpqx1QWGnPbbUnYOovON5yw33Mt/8ITRXAAne x2Az0nYuKbAO2D02RjASO1s92bwgo2Z7iXVp -----END CERTIFICATE-----Generated at Mon Jan 19 17:34:10 2026 by rpki-client