This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/IcvWLfVUU_qQmUluK1ZJPZKwDUE.roa File: IcvWLfVUU_qQmUluK1ZJPZKwDUE.roa (raw, json) Hash identifier: 5KtWCkiCc0spLueO4XERS0KkPgjFXkSMZZzwBDaPptQ= Subject key identifier: 21:CB:D6:2D:F5:54:53:FA:90:99:49:6E:2B:56:49:3D:92:B0:0D:41 Certificate issuer: /CN=5d370a48b59fb811495f11c49734482f22b1a392 Certificate serial: 019B79ECA8F08FFD3DF18FED4BADF64D26E8 Authority key identifier: 5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/IcvWLfVUU_qQmUluK1ZJPZKwDUE.roa Signing time: Thu 01 Jan 2026 14:18:31 +0000 ROA not before: Thu 01 Jan 2026 14:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56388 IP address blocks: 185.156.200.0/24 maxlen: 24 185.156.201.0/24 maxlen: 24 185.156.202.0/24 maxlen: 24 185.156.203.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.mft rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 20:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:a8:f0:8f:fd:3d:f1:8f:ed:4b:ad:f6:4d:26:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d370a48b59fb811495f11c49734482f22b1a392 Validity Not Before: Jan 1 14:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21cbd62df55453fa9099496e2b56493d92b00d41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:9e:99:9a:df:f1:cd:38:f5:eb:25:de:2e:03: 38:02:44:0d:d6:21:2d:a6:90:e0:8c:e8:94:28:c9: f5:78:aa:72:75:5c:cd:b4:62:37:10:6e:cf:8c:1f: ce:68:8b:49:4d:cd:cb:38:15:1c:5b:28:29:34:34: 0d:ff:7d:c2:01:cf:fc:bf:99:93:17:0d:80:f6:99: be:64:2a:c2:f5:1e:65:be:39:44:1f:65:63:74:9d: 01:b9:e8:31:b4:e5:d5:df:f8:27:85:31:2b:8b:2e: df:93:46:b4:b9:72:0a:4e:48:46:43:4f:59:2b:50: a8:bf:c1:05:43:be:3c:01:ea:94:e6:ce:2b:68:64: c7:cd:20:b7:f3:80:c8:b7:35:58:6c:a0:69:28:6c: 24:f7:9b:3f:23:6b:96:e0:27:4f:5d:c1:31:07:94: b7:96:4e:50:08:64:96:4e:29:bf:74:a1:fd:35:f9: a1:c3:9f:b2:1c:cc:f5:ff:4b:9b:bd:47:d3:ee:5c: e5:63:87:c5:c6:e8:f4:3a:13:37:e8:49:96:cd:72: 01:ee:84:28:cf:d3:42:75:a8:4e:80:a6:03:c6:33: 3c:64:36:bd:d7:47:01:b7:9d:3f:50:62:e1:90:07: 1e:fb:44:3e:b2:cf:f7:d2:49:c1:18:c9:0f:dd:6e: e8:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:CB:D6:2D:F5:54:53:FA:90:99:49:6E:2B:56:49:3D:92:B0:0D:41 X509v3 Authority Key Identifier: keyid:5D:37:0A:48:B5:9F:B8:11:49:5F:11:C4:97:34:48:2F:22:B1:A3:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTcKSLWfuBFJXxHElzRILyKxo5I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/IcvWLfVUU_qQmUluK1ZJPZKwDUE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/70858a-6395-402d-9ace-e272013026b4/1/XTcKSLWfuBFJXxHElzRILyKxo5I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.156.200.0/22 Signature Algorithm: sha256WithRSAEncryption 39:fe:4c:e4:47:07:28:02:75:8a:73:0e:2a:5b:a8:e7:15:34: 5d:ae:e1:0d:89:1c:ba:49:04:d8:33:3b:c8:d5:04:1f:9d:23: 07:b6:c4:ac:bb:9e:ee:44:07:0c:cc:cf:57:2d:b9:b6:54:c6: e0:43:26:58:e8:62:ab:37:4e:e7:e3:0b:70:9d:c0:3c:76:14: cb:de:7b:fb:a7:e1:fe:e6:1b:48:e4:f5:2c:17:f7:fe:42:35: 61:06:9a:76:0e:ff:27:14:fc:d9:e6:bc:3a:46:6a:98:d8:80: 6a:17:ec:41:19:72:91:87:73:d7:b5:f7:03:89:f2:c5:df:fe: 2f:0d:0c:64:86:d4:f9:de:00:c2:9d:12:31:4e:d7:34:1d:31: d7:41:72:44:9a:e9:28:c4:0a:5e:3b:cc:ab:db:6e:ec:8d:cc: ff:43:f1:79:2d:ed:7f:69:4b:70:67:10:08:08:7f:3d:35:d7: d0:c9:83:c0:6c:a3:f0:5f:a5:2f:55:f3:cf:87:26:29:d0:67: 97:ff:2d:69:7f:98:c9:1b:e0:d6:82:ee:2d:b8:7a:17:02:cf: 02:5b:53:ed:6b:1c:10:3e:d4:bd:c8:9f:15:59:3c:04:de:48: 18:fb:f3:46:ba:4e:91:b2:26:a1:35:70:95:55:8c:08:ab:87: 94:88:e6:72 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt57Kjwj/098Y/tS632TSboMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMzcwYTQ4YjU5ZmI4MTE0OTVmMTFjNDk3MzQ0ODJmMjJi MWEzOTIwHhcNMjYwMTAxMTQxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWNiZDYyZGY1NTQ1M2ZhOTA5OTQ5NmUyYjU2NDkzZDkyYjAwZDQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs56Zmt/xzTj16yXeLgM4AkQN1iEt ppDgjOiUKMn1eKpydVzNtGI3EG7PjB/OaItJTc3LOBUcWygpNDQN/33CAc/8v5mT Fw2A9pm+ZCrC9R5lvjlEH2VjdJ0BuegxtOXV3/gnhTEriy7fk0a0uXIKTkhGQ09Z K1Cov8EFQ748AeqU5s4raGTHzSC384DItzVYbKBpKGwk95s/I2uW4CdPXcExB5S3 lk5QCGSWTim/dKH9Nfmhw5+yHMz1/0ubvUfT7lzlY4fFxuj0OhM36EmWzXIB7oQo z9NCdahOgKYDxjM8ZDa910cBt50/UGLhkAce+0Q+ss/30knBGMkP3W7onQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCHL1i31VFP6kJlJbitWST2SsA1BMB8GA1UdIwQY MBaAFF03Cki1n7gRSV8RxJc0SC8isaOSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2Ut ZTI3MjAxMzAyNmI0LzEvSWN2V0xmVlVVX3FRbVVsdUsxWkpQWkt3RFVFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS83MDg1OGEtNjM5NS00MDJkLTlhY2UtZTI3MjAxMzAyNmI0 LzEvWFRjS1NMV2Z1QkZKWHhIRWx6UklMeUt4bzVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZzIMA0G CSqGSIb3DQEBCwUAA4IBAQA5/kzkRwcoAnWKcw4qW6jnFTRdruENiRy6SQTYMzvI 1QQfnSMHtsSsu57uRAcMzM9XLbm2VMbgQyZY6GKrN07n4wtwncA8dhTL3nv7p+H+ 5htI5PUsF/f+QjVhBpp2Dv8nFPzZ5rw6RmqY2IBqF+xBGXKRh3PXtfcDifLF3/4v DQxkhtT53gDCnRIxTtc0HTHXQXJEmukoxApeO8yr227sjcz/Q/F5Le1/aUtwZxAI CH89NdfQyYPAbKPwX6UvVfPPhyYp0GeX/y1pf5jJG+DWgu4tuHoXAs8CW1PtaxwQ PtS9yJ8VWTwE3kgY+/NGuk6RsiahNXCVVYwIq4eUiOZy -----END CERTIFICATE-----Generated at Thu Jan 22 01:59:51 2026 by rpki-client