This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/Iy-fgALALz7shq-7VeACuB3oDEw.roa File: Iy-fgALALz7shq-7VeACuB3oDEw.roa (raw, json) Hash identifier: /ZLR7Dr5uoDlsEeoz+iCL0uuXTI/ziU5PN5IasP3K4Y= Subject key identifier: 23:2F:9F:80:02:C0:2F:3E:EC:86:AF:BB:55:E0:02:B8:1D:E8:0C:4C Certificate issuer: /CN=94948e5f2fa04b222a6e96883b840f7124531556 Certificate serial: 019B79ECF9A0E5A41DED8743554B61273F92 Authority key identifier: 94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/Iy-fgALALz7shq-7VeACuB3oDEw.roa Signing time: Thu 01 Jan 2026 14:18:52 +0000 ROA not before: Thu 01 Jan 2026 14:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60117 IP address blocks: 185.45.192.0/24 maxlen: 24 185.45.194.0/24 maxlen: 24 185.45.195.0/24 maxlen: 24 185.82.200.0/24 maxlen: 24 185.82.202.0/24 maxlen: 24 185.106.120.0/24 maxlen: 24 185.106.122.0/24 maxlen: 24 185.106.123.0/24 maxlen: 24 185.117.72.0/24 maxlen: 24 185.117.73.0/24 maxlen: 24 185.141.24.0/24 maxlen: 24 185.141.27.0/24 maxlen: 24 185.183.97.0/24 maxlen: 24 185.183.98.0/24 maxlen: 24 185.198.56.0/24 maxlen: 24 185.198.58.0/24 maxlen: 24 185.198.59.0/24 maxlen: 24 185.244.148.0/24 maxlen: 24 185.244.149.0/24 maxlen: 24 185.244.151.0/24 maxlen: 24 188.116.36.0/24 maxlen: 24 194.36.188.0/24 maxlen: 24 194.36.190.0/24 maxlen: 24 194.36.191.0/24 maxlen: 24 212.8.251.0/24 maxlen: 24 2a03:660::/32 maxlen: 32 2a04:dd00::/29 maxlen: 29 2a04:dd00::/32 maxlen: 32 2a04:dd01::/32 maxlen: 32 2a04:dd02::/32 maxlen: 32 2a05:9340::/29 maxlen: 29 2a05:9340::/32 maxlen: 32 2a05:9341::/32 maxlen: 32 2a05:9342::/32 maxlen: 32 2a06:3d80::/29 maxlen: 29 2a0e:df40::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.mft rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 02:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:f9:a0:e5:a4:1d:ed:87:43:55:4b:61:27:3f:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=94948e5f2fa04b222a6e96883b840f7124531556 Validity Not Before: Jan 1 14:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=232f9f8002c02f3eec86afbb55e002b81de80c4c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:9b:63:cb:5f:ef:4b:2b:ab:f4:15:2e:4c:69: e1:e8:2a:19:e0:16:ba:58:e7:7c:d2:ef:7a:31:7b: 2e:44:cf:b8:93:ef:b4:02:f7:c0:78:5d:c9:2c:b1: 80:c3:0c:8b:e8:6c:f7:72:1c:db:56:b3:19:fa:64: af:f2:cd:ce:e1:4c:65:44:61:91:8a:3c:6c:88:5c: a7:91:dd:74:4f:dc:d7:0c:81:24:82:b0:48:16:f1: c1:26:87:c8:3f:fe:e3:9d:c9:d7:b8:95:0d:5e:e3: f1:31:1d:a8:16:6c:eb:02:8b:93:f6:41:55:23:43: 9b:01:8b:2e:5a:b3:f6:bd:e5:a8:52:21:99:e4:70: 75:d7:3a:d7:f9:5e:6a:59:98:ce:3b:96:68:5a:1c: eb:40:97:97:51:90:65:92:cc:02:b8:b9:ff:91:92: 7c:6e:b3:5b:11:c8:67:40:15:17:4b:87:e5:ae:66: 7f:ff:bd:aa:14:e1:8a:92:e0:2b:96:94:da:c1:3c: ad:63:56:90:34:17:ea:cd:d9:dc:b5:f5:91:dd:a4: cc:22:88:51:67:d8:fb:76:ea:dc:8a:37:34:a6:76: f8:1a:41:aa:b7:72:ab:3c:76:4f:fc:dc:dc:21:1d: d2:89:cb:2f:ed:ba:4c:82:24:3e:7c:ef:35:90:55: ad:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:2F:9F:80:02:C0:2F:3E:EC:86:AF:BB:55:E0:02:B8:1D:E8:0C:4C X509v3 Authority Key Identifier: keyid:94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/Iy-fgALALz7shq-7VeACuB3oDEw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.45.192.0/24 185.45.194.0/23 185.82.200.0/24 185.82.202.0/24 185.106.120.0/24 185.106.122.0/23 185.117.72.0/23 185.141.24.0/24 185.141.27.0/24 185.183.97.0-185.183.98.255 185.198.56.0/24 185.198.58.0/23 185.244.148.0/23 185.244.151.0/24 188.116.36.0/24 194.36.188.0/24 194.36.190.0/23 212.8.251.0/24 IPv6: 2a03:660::/32 2a04:dd00::/29 2a05:9340::/29 2a06:3d80::/29 2a0e:df40::/32 Signature Algorithm: sha256WithRSAEncryption 4d:95:99:43:08:ea:49:a7:c2:20:f2:e9:0b:4e:13:e4:b3:18: 22:b6:17:8e:3c:ca:bc:32:81:40:5c:d6:7a:3c:5b:c8:78:b5: 96:a3:c7:d2:ed:59:5c:68:60:f9:29:b8:8d:21:a0:97:19:5f: c7:40:15:22:ba:9e:19:5c:8d:fa:f3:e1:ef:4e:05:51:4f:ec: 7d:74:57:49:db:1a:34:ab:63:b4:fc:05:6b:83:96:60:67:94: fe:07:66:4a:16:61:60:31:9a:92:61:67:86:7b:7a:c1:bd:fa: 7b:48:5e:9e:75:97:fb:a9:76:d3:13:c5:5f:94:9e:9f:4c:2d: 56:d9:0b:91:a1:17:59:16:a5:47:3d:f4:5f:92:4a:b5:59:3e: 31:ca:1e:ae:f8:ee:0c:2f:6a:7a:4c:ed:49:41:98:d0:a0:cc: 31:df:1c:14:d9:14:a9:dc:87:8f:68:73:d0:90:86:aa:70:aa: 83:59:a9:52:ab:e7:8c:b0:be:a7:7f:99:3b:fb:7f:b2:73:1a: e0:2e:54:8a:49:32:76:21:3b:31:9b:2c:40:a7:b1:e6:d9:a3: 35:7b:e5:d5:fd:84:f3:3f:86:82:d8:c8:09:dc:52:04:33:1e: 57:4c:1d:10:40:be:a1:70:68:ae:61:fb:3d:9b:2f:28:5d:74: e2:65:d1:19 -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgISAZt57Pmg5aQd7YdDVUthJz+SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk0OTQ4ZTVmMmZhMDRiMjIyYTZlOTY4ODNiODQwZjcxMjQ1 MzE1NTYwHhcNMjYwMTAxMTQxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMzJmOWY4MDAyYzAyZjNlZWM4NmFmYmI1NWUwMDJiODFkZTgwYzRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZtjy1/vSyur9BUuTGnh6CoZ4Ba6 WOd80u96MXsuRM+4k++0AvfAeF3JLLGAwwyL6Gz3chzbVrMZ+mSv8s3O4UxlRGGR ijxsiFynkd10T9zXDIEkgrBIFvHBJofIP/7jncnXuJUNXuPxMR2oFmzrAouT9kFV I0ObAYsuWrP2veWoUiGZ5HB11zrX+V5qWZjOO5ZoWhzrQJeXUZBlkswCuLn/kZJ8 brNbEchnQBUXS4flrmZ//72qFOGKkuArlpTawTytY1aQNBfqzdnctfWR3aTMIohR Z9j7durcijc0pnb4GkGqt3KrPHZP/NzcIR3Sicsv7bpMgiQ+fO81kFWtiwIDAQAB o4ICpTCCAqEwHQYDVR0OBBYEFCMvn4ACwC8+7Iavu1XgArgd6AxMMB8GA1UdIwQY MBaAFJSUjl8voEsiKm6WiDuED3EkUxVWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODct NjQxYjhlNjBkM2UyLzEvSXktZmdBTEFMejdzaHEtN1ZlQUN1QjNvREV3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODctNjQxYjhlNjBkM2Uy LzEvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzB6BAIAATB0AwQAuS3A AwQBuS3CAwQAuVLIAwQAuVLKAwQAuWp4AwQBuWp6AwQBuXVIAwQAuY0YAwQAuY0b MAwDBAC5t2EDBAC5t2IDBAC5xjgDBAG5xjoDBAG59JQDBAC59JcDBAC8dCQDBADC JLwDBAHCJL4DBADUCPswKQQCAAIwIwMFACoDBmADBQMqBN0AAwUDKgWTQAMFAyoG PYADBQAqDt9AMA0GCSqGSIb3DQEBCwUAA4IBAQBNlZlDCOpJp8Ig8ukLThPksxgi theOPMq8MoFAXNZ6PFvIeLWWo8fS7VlcaGD5KbiNIaCXGV/HQBUiup4ZXI368+Hv TgVRT+x9dFdJ2xo0q2O0/AVrg5ZgZ5T+B2ZKFmFgMZqSYWeGe3rBvfp7SF6edZf7 qXbTE8VflJ6fTC1W2QuRoRdZFqVHPfRfkkq1WT4xyh6u+O4ML2p6TO1JQZjQoMwx 3xwU2RSp3IePaHPQkIaqcKqDWalSq+eMsL6nf5k7+3+ycxrgLlSKSTJ2ITsxmyxA p7Hm2aM1e+XV/YTzP4aC2MgJ3FIEMx5XTB0QQL6hcGiuYfs9my8oXXTiZdEZ -----END CERTIFICATE-----Generated at Wed Jan 21 11:44:30 2026 by rpki-client