This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/f4d345-5ff3-4b0a-8dd9-7a4e3340a491/1/ISoN8Hz1Tt-g6dokZBe32zhY29I.roa File: ISoN8Hz1Tt-g6dokZBe32zhY29I.roa (raw, json) Hash identifier: jqVnvsymB8ypbwPu5QGw3Kqpgjs5LT+P+1zvgA/xIZg= Subject key identifier: 21:2A:0D:F0:7C:F5:4E:DF:A0:E9:DA:24:64:17:B7:DB:38:58:DB:D2 Certificate issuer: /CN=59138e3db77640beadf1da5b15194b9384a1444e Certificate serial: 019B7F15EE0B368E8B0F1D821433425FE311 Authority key identifier: 59:13:8E:3D:B7:76:40:BE:AD:F1:DA:5B:15:19:4B:93:84:A1:44:4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WROOPbd2QL6t8dpbFRlLk4ShRE4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/f4d345-5ff3-4b0a-8dd9-7a4e3340a491/1/ISoN8Hz1Tt-g6dokZBe32zhY29I.roa Signing time: Fri 02 Jan 2026 14:21:42 +0000 ROA not before: Fri 02 Jan 2026 14:21:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41878 IP address blocks: 217.29.224.0/24 maxlen: 24 217.29.225.0/24 maxlen: 24 217.29.226.0/24 maxlen: 24 217.29.227.0/24 maxlen: 24 217.29.228.0/24 maxlen: 24 217.29.229.0/24 maxlen: 24 217.29.230.0/24 maxlen: 24 217.29.231.0/24 maxlen: 24 217.29.232.0/24 maxlen: 24 217.29.233.0/24 maxlen: 24 217.29.234.0/24 maxlen: 24 217.29.235.0/24 maxlen: 24 217.29.236.0/24 maxlen: 24 217.29.237.0/24 maxlen: 24 217.29.238.0/24 maxlen: 24 217.29.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/f4d345-5ff3-4b0a-8dd9-7a4e3340a491/1/WROOPbd2QL6t8dpbFRlLk4ShRE4.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/f4d345-5ff3-4b0a-8dd9-7a4e3340a491/1/WROOPbd2QL6t8dpbFRlLk4ShRE4.mft rsync://rpki.ripe.net/repository/DEFAULT/WROOPbd2QL6t8dpbFRlLk4ShRE4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:ee:0b:36:8e:8b:0f:1d:82:14:33:42:5f:e3:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=59138e3db77640beadf1da5b15194b9384a1444e Validity Not Before: Jan 2 14:21:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=212a0df07cf54edfa0e9da246417b7db3858dbd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:fd:6b:09:a0:24:de:5c:4c:8c:82:1f:5c:08: 6a:c1:94:46:f3:34:fa:87:5c:e9:2e:37:f5:62:2b: 80:d5:de:60:2c:89:90:da:c4:83:44:f6:60:a9:f2: 2f:56:dc:5d:10:0c:23:ad:7a:a4:fb:33:dd:36:5c: b9:28:9e:bb:64:0f:81:e9:79:5c:49:db:38:89:02: b5:c6:a0:61:94:36:e2:7f:9f:70:5d:a0:54:a5:2e: 36:d9:39:d7:f4:c5:c7:8c:31:2a:03:40:db:a7:95: a0:2a:c1:cd:2d:19:bd:08:d2:3d:9b:c7:34:87:8b: 4e:bf:b0:26:db:c6:6a:b8:08:3f:b9:bc:cc:49:4f: a1:e8:71:87:27:28:b7:24:0d:04:0e:59:8b:da:7b: 53:6e:6e:61:28:88:d1:b5:05:9b:32:6c:1d:be:04: 95:21:41:56:0e:48:a3:d0:2f:07:1e:82:9b:f1:a5: ac:74:9d:1b:08:32:de:34:c4:53:e2:91:31:f8:02: 52:27:2c:f7:71:9d:5a:d3:73:03:b4:cc:2f:f2:8e: 12:14:36:02:cf:02:a8:7c:dc:71:aa:a2:ee:e5:5b: 0c:96:72:ad:19:55:5b:c3:31:63:14:54:99:ec:c2: c2:2c:db:ad:30:30:80:2b:ab:5f:71:ad:a8:0b:8f: 52:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:2A:0D:F0:7C:F5:4E:DF:A0:E9:DA:24:64:17:B7:DB:38:58:DB:D2 X509v3 Authority Key Identifier: keyid:59:13:8E:3D:B7:76:40:BE:AD:F1:DA:5B:15:19:4B:93:84:A1:44:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WROOPbd2QL6t8dpbFRlLk4ShRE4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f4d345-5ff3-4b0a-8dd9-7a4e3340a491/1/ISoN8Hz1Tt-g6dokZBe32zhY29I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f4d345-5ff3-4b0a-8dd9-7a4e3340a491/1/WROOPbd2QL6t8dpbFRlLk4ShRE4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.29.224.0/20 Signature Algorithm: sha256WithRSAEncryption b2:15:0f:85:04:a9:62:36:3b:9f:88:00:ef:42:55:a9:ab:d2: ff:3a:aa:2f:66:69:c3:e5:c4:e8:7a:78:a8:f3:e1:6b:d7:69: 19:03:c2:d8:d8:5f:f5:d1:ce:72:5a:a4:56:7a:e8:ce:7d:d3: c5:17:e9:ed:b5:9b:9c:f7:b8:7a:9b:94:44:80:c4:85:2c:e2: 4e:ec:81:9d:a2:e8:70:4b:d3:5d:e0:b2:39:a1:8c:75:80:69: c4:8d:a9:9d:d4:63:7b:5c:4f:f0:8e:aa:af:63:2d:9d:3c:7a: 20:74:c2:bf:27:ba:f9:ff:f8:f2:1e:ae:34:bf:af:73:87:d7: bd:94:32:d2:69:0f:ff:ce:9d:ec:62:e5:45:02:c5:e0:c6:2a: 71:ec:d6:b7:2c:17:37:2e:61:9e:30:a2:27:83:90:67:8e:2f: ef:1e:ef:ad:9a:50:92:9e:ae:09:ce:5d:06:ad:c9:d0:6a:9c: e2:46:19:cc:8a:c4:33:42:79:53:e6:11:33:e5:00:1f:8d:60: a9:51:91:df:eb:75:c9:ce:89:98:d3:d6:9f:1c:7d:af:9e:c3: 3d:89:c9:6f:19:61:df:4f:96:2f:84:7b:da:ad:58:4e:66:d8: 42:64:b9:1a:dd:5e:c2:30:c0:3a:68:85:13:4d:97:75:2d:19: 01:86:52:2a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/Fe4LNo6LDx2CFDNCX+MRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU5MTM4ZTNkYjc3NjQwYmVhZGYxZGE1YjE1MTk0YjkzODRh MTQ0NGUwHhcNMjYwMTAyMTQyMTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMTJhMGRmMDdjZjU0ZWRmYTBlOWRhMjQ2NDE3YjdkYjM4NThkYmQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyP1rCaAk3lxMjIIfXAhqwZRG8zT6 h1zpLjf1YiuA1d5gLImQ2sSDRPZgqfIvVtxdEAwjrXqk+zPdNly5KJ67ZA+B6Xlc Sds4iQK1xqBhlDbif59wXaBUpS422TnX9MXHjDEqA0Dbp5WgKsHNLRm9CNI9m8c0 h4tOv7Am28ZquAg/ubzMSU+h6HGHJyi3JA0EDlmL2ntTbm5hKIjRtQWbMmwdvgSV IUFWDkij0C8HHoKb8aWsdJ0bCDLeNMRT4pEx+AJSJyz3cZ1a03MDtMwv8o4SFDYC zwKofNxxqqLu5VsMlnKtGVVbwzFjFFSZ7MLCLNutMDCAK6tfca2oC49SDwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCEqDfB89U7foOnaJGQXt9s4WNvSMB8GA1UdIwQY MBaAFFkTjj23dkC+rfHaWxUZS5OEoUROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV1JPT1BiZDJRTDZ0OGRwYkZSbExrNFNoUkU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9mNGQzNDUtNWZmMy00YjBhLThkZDkt N2E0ZTMzNDBhNDkxLzEvSVNvTjhIejFUdC1nNmRva1pCZTMyemhZMjlJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS9mNGQzNDUtNWZmMy00YjBhLThkZDktN2E0ZTMzNDBhNDkx LzEvV1JPT1BiZDJRTDZ0OGRwYkZSbExrNFNoUkU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2R3gMA0G CSqGSIb3DQEBCwUAA4IBAQCyFQ+FBKliNjufiADvQlWpq9L/OqovZmnD5cToenio 8+Fr12kZA8LY2F/10c5yWqRWeujOfdPFF+nttZuc97h6m5REgMSFLOJO7IGdouhw S9Nd4LI5oYx1gGnEjamd1GN7XE/wjqqvYy2dPHogdMK/J7r5//jyHq40v69zh9e9 lDLSaQ//zp3sYuVFAsXgxipx7Na3LBc3LmGeMKIng5Bnji/vHu+tmlCSnq4Jzl0G rcnQapziRhnMisQzQnlT5hEz5QAfjWCpUZHf63XJzomY09afHH2vnsM9iclvGWHf T5YvhHvarVhOZthCZLka3V7CMMA6aIUTTZd1LRkBhlIq -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:41 2026 by rpki-client