This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ioECjT17G0_6OLgmor7_dptRVdE.roa File: ioECjT17G0_6OLgmor7_dptRVdE.roa (raw, json) Hash identifier: 4GHJcy1NEQdNT4tM6/0vR+b78HpLI+Kdh82ajfi8C4w= Subject key identifier: 8A:81:02:8D:3D:7B:1B:4F:FA:38:B8:26:A2:BE:FF:76:9B:51:55:D1 Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c Certificate serial: 019B9D54BA87015C3034D739FDC51FBF66A1 Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ioECjT17G0_6OLgmor7_dptRVdE.roa Signing time: Thu 08 Jan 2026 11:18:54 +0000 ROA not before: Thu 08 Jan 2026 11:18:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200223 IP address blocks: 185.114.156.0/24 maxlen: 24 185.229.32.0/24 maxlen: 24 2a03:3a61::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.mft rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 17:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:9d:54:ba:87:01:5c:30:34:d7:39:fd:c5:1f:bf:66:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c Validity Not Before: Jan 8 11:18:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8a81028d3d7b1b4ffa38b826a2beff769b5155d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:67:d1:70:56:9e:f8:7b:e9:04:f5:33:2a:a7: b9:c9:83:27:2f:cb:7c:23:f4:e5:09:21:b3:bf:81: 61:62:1f:e0:9a:0e:a9:fb:0f:5b:dd:59:cc:49:8d: b0:17:22:bb:d4:e1:cb:cb:ff:fb:33:24:2e:a4:e7: 03:83:68:67:10:9b:d3:17:6c:72:bb:e8:ae:cf:bd: 99:19:dc:3d:28:78:53:f2:d1:10:2a:b6:7b:e4:af: 42:a9:ac:7c:fb:5d:c2:f6:0f:24:bd:41:f4:6f:1b: bc:e4:5e:6b:9e:5f:dd:84:a1:4a:53:69:ea:ad:6d: 47:45:50:ba:7a:c0:42:37:a3:bd:bc:e7:7c:32:49: 39:fe:54:d4:e7:a0:2b:60:61:ff:28:76:c1:ad:d6: ce:34:8c:90:3b:ee:9d:46:95:2b:6b:4c:35:78:fe: 79:c4:d5:9f:8e:da:39:ef:9f:34:1c:87:bd:84:c1: f4:86:cf:a6:b7:48:0a:24:08:60:82:be:7a:af:5c: 98:ee:72:2e:b9:0f:d1:ac:26:27:9c:ae:61:5e:a9: 57:f1:ae:0a:b4:fb:0a:f5:c9:93:8f:56:57:c8:a9: 36:24:48:bb:9b:c1:39:f3:4e:99:cf:27:ba:36:74: 48:08:2b:55:10:12:b6:b1:81:99:e6:65:96:58:52: 24:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:81:02:8D:3D:7B:1B:4F:FA:38:B8:26:A2:BE:FF:76:9B:51:55:D1 X509v3 Authority Key Identifier: keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ioECjT17G0_6OLgmor7_dptRVdE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.114.156.0/24 185.229.32.0/24 IPv6: 2a03:3a61::/32 Signature Algorithm: sha256WithRSAEncryption 2b:ac:19:b6:5b:00:ee:b3:3b:e9:ec:a1:15:c2:0a:66:98:03: f3:b4:6d:c7:d8:de:11:9b:6f:95:6d:3c:da:da:50:eb:39:97: e5:ba:d2:18:30:b4:d4:de:87:34:0c:22:93:79:4a:6b:cb:02: 07:3e:82:4f:f4:fa:d7:aa:11:d6:0f:63:ad:96:3b:bb:3b:27: 49:c3:29:cb:37:5b:68:0a:fc:21:77:0c:da:2c:c1:07:73:4f: fc:46:49:26:a3:7c:ea:60:c4:26:3c:5e:f3:f6:58:33:f5:d6: 90:7c:26:44:3b:15:da:4f:f8:47:e4:57:c3:14:0c:5f:8a:c5: d7:1e:22:46:03:57:fe:22:5b:c3:b1:8a:53:7a:5a:d0:82:db: 37:f7:5a:07:c3:12:29:0a:78:2b:bd:c6:37:e1:82:16:85:65: 26:b4:2e:87:6f:64:db:c3:b2:4a:2d:ea:93:7d:04:4f:b5:2c: f6:c0:7d:b8:34:2f:9b:38:ac:ff:07:78:54:a0:85:59:bd:1b: ac:ce:77:b0:67:d4:a3:f9:a4:d1:e0:8c:c3:8c:fc:f7:75:b9: 5a:9c:bf:8a:ec:ff:89:43:08:dc:45:42:ee:42:b3:aa:b0:07: 67:f4:39:06:19:40:f2:d4:99:42:86:ea:55:01:94:e6:2f:2c: 90:71:16:32 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZudVLqHAVwwNNc5/cUfv2ahMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm MGIwNWMwHhcNMjYwMTA4MTExODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YTgxMDI4ZDNkN2IxYjRmZmEzOGI4MjZhMmJlZmY3NjliNTE1NWQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGfRcFae+HvpBPUzKqe5yYMnL8t8 I/TlCSGzv4FhYh/gmg6p+w9b3VnMSY2wFyK71OHLy//7MyQupOcDg2hnEJvTF2xy u+iuz72ZGdw9KHhT8tEQKrZ75K9Cqax8+13C9g8kvUH0bxu85F5rnl/dhKFKU2nq rW1HRVC6esBCN6O9vOd8Mkk5/lTU56ArYGH/KHbBrdbONIyQO+6dRpUra0w1eP55 xNWfjto57580HIe9hMH0hs+mt0gKJAhggr56r1yY7nIuuQ/RrCYnnK5hXqlX8a4K tPsK9cmTj1ZXyKk2JEi7m8E5806Zzye6NnRICCtVEBK2sYGZ5mWWWFIkcwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFIqBAo09extP+ji4JqK+/3abUVXRMB8GA1UdIwQY MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt YmJmZDQ1Yzg0YmVhLzEvaW9FQ2pUMTdHMF82T0xnbW9yN19kcHRSVmRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuXKcAwQA ueUgMA0EAgACMAcDBQAqAzphMA0GCSqGSIb3DQEBCwUAA4IBAQArrBm2WwDuszvp 7KEVwgpmmAPztG3H2N4Rm2+VbTza2lDrOZflutIYMLTU3oc0DCKTeUprywIHPoJP 9PrXqhHWD2Otlju7OydJwynLN1toCvwhdwzaLMEHc0/8Rkkmo3zqYMQmPF7z9lgz 9daQfCZEOxXaT/hH5FfDFAxfisXXHiJGA1f+IlvDsYpTelrQgts391oHwxIpCngr vcY34YIWhWUmtC6Hb2Tbw7JKLeqTfQRPtSz2wH24NC+bOKz/B3hUoIVZvRusznew Z9Sj+aTR4IzDjPz3dblanL+K7P+JQwjcRULuQrOqsAdn9DkGGUDy1JlChupVAZTm LyyQcRYy -----END CERTIFICATE-----Generated at Mon Jan 19 23:20:29 2026 by rpki-client