This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/iarmlWK_D1F2Y519OMWB6VCc31g.roa File: iarmlWK_D1F2Y519OMWB6VCc31g.roa (raw, json) Hash identifier: WFVbmq4d03vzZGnbmXlce/4IUJO9Lw5GHMqxL1YbJaE= Subject key identifier: 89:AA:E6:95:62:BF:0F:51:76:63:9D:7D:38:C5:81:E9:50:9C:DF:58 Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019B7F84E8CF1037815F8292CD3131044886 Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/iarmlWK_D1F2Y519OMWB6VCc31g.roa Signing time: Fri 02 Jan 2026 16:22:55 +0000 ROA not before: Fri 02 Jan 2026 16:22:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200017 IP address blocks: 88.209.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 15:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:e8:cf:10:37:81:5f:82:92:cd:31:31:04:48:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Jan 2 16:22:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=89aae69562bf0f5176639d7d38c581e9509cdf58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:53:70:bb:db:57:8e:c0:06:41:91:c2:d9:55: 5f:13:4e:33:0b:66:92:55:6a:dd:0f:58:0d:09:4e: 71:2e:43:a6:1f:a7:e2:ae:dd:5a:44:dd:2b:56:fa: 7a:3c:00:69:d5:1d:b7:3c:0b:1b:d4:e6:c1:6c:ff: 65:3e:97:92:b0:9b:f9:95:a7:56:5c:bb:f0:b3:db: ef:31:98:b0:3b:63:5d:b7:fa:06:7d:da:30:69:08: c0:d2:bb:a0:c4:4f:bf:40:21:1f:a5:ab:a9:da:fe: c5:0b:20:4f:93:cc:90:c5:c0:ca:2a:2d:21:0b:1e: 48:fc:08:78:50:ed:eb:49:f1:c1:a2:77:38:1b:24: c6:eb:11:54:cb:2e:15:bf:03:91:f3:61:02:d6:38: d9:ff:4b:55:65:70:d1:b6:90:3f:fd:e9:e6:0d:17: 35:c1:bf:f4:1c:31:4f:bf:f2:84:ee:a0:55:2c:29: ab:b8:8b:e3:ed:91:ba:2b:63:6f:0d:db:1c:b4:b0: 78:8f:64:42:ac:ab:01:0c:8c:ee:32:a5:b1:b9:1e: 37:20:6b:2b:ba:64:f4:74:b9:c8:f0:79:cb:ee:89: 03:55:33:45:ae:7c:46:bf:49:eb:4c:94:53:a0:53: 60:7e:33:50:b6:2c:ed:ac:b3:04:c2:98:fe:db:a3: 99:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:AA:E6:95:62:BF:0F:51:76:63:9D:7D:38:C5:81:E9:50:9C:DF:58 X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/iarmlWK_D1F2Y519OMWB6VCc31g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.209.223.0/24 Signature Algorithm: sha256WithRSAEncryption a4:57:c0:65:d9:2b:b3:38:61:66:ba:fd:1e:5a:ed:61:e7:89: 94:04:2e:8a:2d:49:d5:6a:1c:41:2e:e6:0c:2c:73:33:41:d3: 52:c2:fd:4f:8e:18:bf:82:36:fb:a8:c6:ec:13:56:e2:75:3b: fc:6a:31:7a:63:48:17:32:f5:e6:97:57:c5:6c:bc:06:28:5b: 6e:70:fc:de:cb:1c:58:94:a6:0d:03:4b:d9:7c:7d:51:53:66: d9:8d:ca:82:c9:c4:6e:99:e6:5e:6c:9c:37:b3:b5:52:70:79: 2e:ef:4d:89:9d:63:cc:2e:29:13:87:1d:0d:19:e5:90:3c:c4: d9:73:dc:34:0d:db:85:4a:0c:f1:84:74:f7:b2:44:4f:73:3c: b7:eb:0a:51:52:d7:de:bb:00:65:2f:86:84:dc:57:06:0a:5d: 13:1f:8c:79:7f:23:4c:59:7f:f2:90:79:3f:df:e4:2f:07:1a: 4f:b8:19:cc:01:19:fe:d4:65:f2:a7:b6:28:7c:16:0f:fc:41: 39:61:eb:95:6b:97:d3:7a:97:c2:a8:46:73:d4:55:07:82:81: 30:fd:6d:5c:dc:b6:b1:77:86:62:b8:5e:b0:c8:b2:36:0f:6d: 43:14:7e:c2:23:3e:9c:d7:d0:6a:f9:b1:35:0b:4e:b0:46:a1: c8:eb:10:27 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hOjPEDeBX4KSzTExBEiGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjYwMTAyMTYyMjU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OWFhZTY5NTYyYmYwZjUxNzY2MzlkN2QzOGM1ODFlOTUwOWNkZjU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVNwu9tXjsAGQZHC2VVfE04zC2aS VWrdD1gNCU5xLkOmH6firt1aRN0rVvp6PABp1R23PAsb1ObBbP9lPpeSsJv5ladW XLvws9vvMZiwO2Ndt/oGfdowaQjA0rugxE+/QCEfpaup2v7FCyBPk8yQxcDKKi0h Cx5I/Ah4UO3rSfHBonc4GyTG6xFUyy4VvwOR82EC1jjZ/0tVZXDRtpA//enmDRc1 wb/0HDFPv/KE7qBVLCmruIvj7ZG6K2NvDdsctLB4j2RCrKsBDIzuMqWxuR43IGsr umT0dLnI8HnL7okDVTNFrnxGv0nrTJRToFNgfjNQtiztrLMEwpj+26OZ0wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFImq5pVivw9RdmOdfTjFgelQnN9YMB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEvaWFybWxXS19EMUYyWTUxOU9NV0I2VkNjMzFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHfMA0G CSqGSIb3DQEBCwUAA4IBAQCkV8Bl2SuzOGFmuv0eWu1h54mUBC6KLUnVahxBLuYM LHMzQdNSwv1Pjhi/gjb7qMbsE1bidTv8ajF6Y0gXMvXml1fFbLwGKFtucPzeyxxY lKYNA0vZfH1RU2bZjcqCycRumeZebJw3s7VScHku702JnWPMLikThx0NGeWQPMTZ c9w0DduFSgzxhHT3skRPczy36wpRUtfeuwBlL4aE3FcGCl0TH4x5fyNMWX/ykHk/ 3+QvBxpPuBnMARn+1GXyp7YofBYP/EE5YeuVa5fTepfCqEZz1FUHgoEw/W1c3Lax d4ZiuF6wyLI2D21DFH7CIz6c19Bq+bE1C06wRqHI6xAn -----END CERTIFICATE-----Generated at Mon Jan 19 19:59:31 2026 by rpki-client