This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/ih8GcxAhVwfWwQlPUzpQuVOLe-c.roa File: ih8GcxAhVwfWwQlPUzpQuVOLe-c.roa (raw, json) Hash identifier: 3wfNubXgjKJ1/TUZb+D2ubigUZwrjebFGAnwYbZd+Zg= Subject key identifier: 8A:1F:06:73:10:21:57:07:D6:C1:09:4F:53:3A:50:B9:53:8B:7B:E7 Certificate issuer: /CN=aa5212958d8e1baa144a82a821f93a890dcba49a Certificate serial: 019C0D8475E83D7CDCA96CD2E06D1657207B Authority key identifier: AA:52:12:95:8D:8E:1B:AA:14:4A:82:A8:21:F9:3A:89:0D:CB:A4:9A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlISlY2OG6oUSoKoIfk6iQ3LpJo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/ih8GcxAhVwfWwQlPUzpQuVOLe-c.roa Signing time: Fri 30 Jan 2026 06:08:30 +0000 ROA not before: Fri 30 Jan 2026 06:08:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29802 IP address blocks: 43.226.225.0/24 maxlen: 24 43.226.227.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/qlISlY2OG6oUSoKoIfk6iQ3LpJo.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/qlISlY2OG6oUSoKoIfk6iQ3LpJo.mft rsync://rpki.ripe.net/repository/DEFAULT/qlISlY2OG6oUSoKoIfk6iQ3LpJo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 31 Jan 2026 06:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:0d:84:75:e8:3d:7c:dc:a9:6c:d2:e0:6d:16:57:20:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa5212958d8e1baa144a82a821f93a890dcba49a Validity Not Before: Jan 30 06:08:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8a1f067310215707d6c1094f533a50b9538b7be7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:20:6d:23:bd:7a:ba:c4:b8:27:53:43:16:2d: e4:2d:df:47:2c:1e:2b:55:a2:94:d9:a9:2b:01:19: 18:c6:56:fd:26:5e:08:cf:44:e8:81:48:d0:d4:09: e7:15:d2:e0:47:98:d3:9d:0c:d3:6f:07:75:29:4b: de:d7:31:99:ca:64:ef:fe:92:07:09:f4:f6:c6:f0: 79:20:0f:ce:7f:8a:f5:a3:bb:68:32:e6:c6:ff:ec: 3e:ef:21:5b:a3:e2:d4:49:89:43:2f:e1:dd:20:f3: a7:1b:cc:38:11:c9:77:39:73:57:ad:a2:e5:e6:ab: fd:82:13:cf:4c:cf:ca:d5:98:c0:23:6f:6e:1c:f2: b7:98:23:be:0c:f6:1b:c4:b8:70:46:f9:d6:ea:6a: 9a:a0:4c:3a:a5:b4:16:fd:72:f3:6b:d2:0f:63:3b: 9f:26:9e:9e:78:c4:eb:1f:02:05:85:64:54:37:55: 58:90:ac:02:2a:5b:66:38:3b:91:76:0a:0c:3a:84: 6d:3c:eb:60:2f:b9:18:b6:dd:34:e1:55:f4:c9:1c: 27:00:c4:83:1e:04:e0:4f:60:23:c8:b0:c3:03:63: 5f:65:26:4a:54:85:89:fa:f2:c7:73:ce:96:01:9c: 55:cd:f1:e2:e2:0f:5d:90:3d:58:09:45:a7:4f:69: 90:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:1F:06:73:10:21:57:07:D6:C1:09:4F:53:3A:50:B9:53:8B:7B:E7 X509v3 Authority Key Identifier: keyid:AA:52:12:95:8D:8E:1B:AA:14:4A:82:A8:21:F9:3A:89:0D:CB:A4:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlISlY2OG6oUSoKoIfk6iQ3LpJo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/ih8GcxAhVwfWwQlPUzpQuVOLe-c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/qlISlY2OG6oUSoKoIfk6iQ3LpJo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.226.225.0/24 43.226.227.0/24 Signature Algorithm: sha256WithRSAEncryption a0:0e:a6:86:ff:e9:15:2d:55:2c:cb:21:84:19:5a:0b:11:74: a3:d5:55:13:45:50:17:6e:24:ef:1d:26:79:d4:6b:25:3e:0e: 8e:fe:17:b5:7d:10:a3:08:80:2f:41:37:24:aa:1e:db:a6:c8: 09:46:09:c8:1f:21:a0:f8:79:de:18:12:44:9b:98:aa:c8:13: 98:22:e2:20:42:70:5d:3f:f1:43:45:49:0b:9c:bb:f9:e2:e6: f7:71:a9:77:35:03:32:2b:60:67:1f:a7:7d:58:b7:c4:43:98: b6:b6:1f:05:8c:62:83:09:2a:01:dc:c2:e7:d6:9d:41:e1:54: fb:e0:55:41:1c:ba:34:bb:d4:18:57:16:eb:a8:2a:e0:c1:8f: 16:0d:76:f2:d9:f1:2f:e2:d7:b7:41:36:7d:6d:51:e4:0b:62: 8c:09:c6:cc:5a:5b:50:8f:cc:1d:54:1f:e1:0a:51:ae:27:4f: 9e:a4:72:8b:1a:6f:65:60:40:30:0b:4c:79:62:2b:bc:c3:f2: 92:7e:75:d8:d9:c4:22:ee:52:63:64:e1:de:b4:a8:02:fa:e3: a3:22:c7:4d:89:dd:fd:cf:1d:a1:ce:de:74:1c:64:5f:de:d1: 01:38:e7:1c:13:4f:f7:c9:b5:a5:6e:58:f0:2a:87:bd:3f:71: dd:85:07:51 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZwNhHXoPXzcqWzS4G0WVyB7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhNTIxMjk1OGQ4ZTFiYWExNDRhODJhODIxZjkzYTg5MGRj YmE0OWEwHhcNMjYwMTMwMDYwODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YTFmMDY3MzEwMjE1NzA3ZDZjMTA5NGY1MzNhNTBiOTUzOGI3YmU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviBtI716usS4J1NDFi3kLd9HLB4r VaKU2akrARkYxlb9Jl4Iz0TogUjQ1AnnFdLgR5jTnQzTbwd1KUve1zGZymTv/pIH CfT2xvB5IA/Of4r1o7toMubG/+w+7yFbo+LUSYlDL+HdIPOnG8w4Ecl3OXNXraLl 5qv9ghPPTM/K1ZjAI29uHPK3mCO+DPYbxLhwRvnW6mqaoEw6pbQW/XLza9IPYzuf Jp6eeMTrHwIFhWRUN1VYkKwCKltmODuRdgoMOoRtPOtgL7kYtt004VX0yRwnAMSD HgTgT2AjyLDDA2NfZSZKVIWJ+vLHc86WAZxVzfHi4g9dkD1YCUWnT2mQ5QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIofBnMQIVcH1sEJT1M6ULlTi3vnMB8GA1UdIwQY MBaAFKpSEpWNjhuqFEqCqCH5OokNy6SaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWxJU2xZMk9HNm9VU29Lb0lmazZpUTNMcEpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kOGU1ZTMtZjg5Ny00ZGEyLTlkZjYt YjQwMWE0YTA0NDkyLzEvaWg4R2N4QWhWd2ZXd1FsUFV6cFF1Vk9MZS1jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9kOGU1ZTMtZjg5Ny00ZGEyLTlkZjYtYjQwMWE0YTA0NDky LzEvcWxJU2xZMk9HNm9VU29Lb0lmazZpUTNMcEpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAK+LhAwQA K+LjMA0GCSqGSIb3DQEBCwUAA4IBAQCgDqaG/+kVLVUsyyGEGVoLEXSj1VUTRVAX biTvHSZ51GslPg6O/he1fRCjCIAvQTckqh7bpsgJRgnIHyGg+HneGBJEm5iqyBOY IuIgQnBdP/FDRUkLnLv54ub3cal3NQMyK2BnH6d9WLfEQ5i2th8FjGKDCSoB3MLn 1p1B4VT74FVBHLo0u9QYVxbrqCrgwY8WDXby2fEv4te3QTZ9bVHkC2KMCcbMWltQ j8wdVB/hClGuJ0+epHKLGm9lYEAwC0x5Yiu8w/KSfnXY2cQi7lJjZOHetKgC+uOj IsdNid39zx2hzt50HGRf3tEBOOccE0/3ybWlbljwKoe9P3HdhQdR -----END CERTIFICATE-----Generated at Fri Jan 30 12:19:28 2026 by rpki-client