This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/iMk3HvfoFjbrrCDOJi9o-QLWaXg.roa File: iMk3HvfoFjbrrCDOJi9o-QLWaXg.roa (raw, json) Hash identifier: x1aVCyoSBnNaV6+HeePVFORNNsxxKkBRGfgcSrqwWlI= Subject key identifier: 88:C9:37:1E:F7:E8:16:36:EB:AC:20:CE:26:2F:68:F9:02:D6:69:78 Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839 Certificate serial: 019B7C808B4E6960C0373809AE0AAE4CA4F1 Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/iMk3HvfoFjbrrCDOJi9o-QLWaXg.roa Signing time: Fri 02 Jan 2026 02:19:17 +0000 ROA not before: Fri 02 Jan 2026 02:19:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213999 IP address blocks: 109.69.61.0/24 maxlen: 24 194.31.73.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:8b:4e:69:60:c0:37:38:09:ae:0a:ae:4c:a4:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839 Validity Not Before: Jan 2 02:19:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=88c9371ef7e81636ebac20ce262f68f902d66978 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:cf:b4:c7:61:a0:d2:80:c6:ae:9f:30:13:e7: 3a:55:0b:b3:df:a5:c0:dd:6e:5b:50:15:7e:07:31: 2b:e7:ad:1e:13:2d:33:12:ce:6c:1d:ed:46:a5:3a: cf:de:14:88:db:36:c4:bf:56:5d:da:1b:8f:0a:d8: b3:a0:e9:ba:a9:db:66:81:b2:ef:87:f0:47:1e:17: 33:b6:1a:49:33:2c:1c:15:34:41:ab:0d:ba:c6:21: b3:a8:51:f3:7b:75:f9:2a:44:ae:7f:f0:0d:f0:47: 9d:e8:84:85:97:6a:f0:fc:78:d2:c4:e6:dc:08:b5: 1e:bc:47:ae:2a:c8:51:a1:b3:1c:d5:12:45:e0:9f: 28:76:cd:9e:3e:40:7b:85:da:24:19:7b:a4:f2:55: 0d:46:4a:5e:43:95:9c:b9:6b:8e:46:d3:19:ba:e3: ca:e9:c9:de:76:da:8f:30:d8:e1:b5:42:24:5d:ca: b5:e6:12:be:84:8b:51:1f:95:ad:a4:3a:38:8c:4d: 20:2c:8c:af:e6:bd:f0:fb:3f:66:dc:f2:ad:36:4a: 28:3f:1a:6f:e3:04:fa:b7:12:b4:b8:f4:17:3a:8a: a8:e7:48:f5:5d:c3:28:ef:8c:e0:f6:0f:fa:4c:27: 39:94:c2:05:2f:09:3c:6f:c3:c0:7f:33:f2:cc:62: a3:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:C9:37:1E:F7:E8:16:36:EB:AC:20:CE:26:2F:68:F9:02:D6:69:78 X509v3 Authority Key Identifier: keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/iMk3HvfoFjbrrCDOJi9o-QLWaXg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.69.61.0/24 194.31.73.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:f0:f1:4f:b9:54:b7:b2:0d:11:49:58:02:52:9f:ba:22:5d: 32:0c:c8:8d:cb:f5:3e:a7:bf:f0:cb:14:06:3d:7d:71:53:de: 82:fa:6a:b1:4c:9d:30:95:bf:ae:f8:35:e5:ee:1b:b0:ac:ab: b9:6b:e4:cc:fc:b1:56:75:e4:4d:92:97:1a:cf:b6:62:fa:bd: 3c:1a:6a:e2:f5:9b:1c:92:f5:52:79:9c:00:9a:52:47:a1:81: 1b:49:6f:14:e5:19:24:16:d8:52:91:d2:30:ae:67:97:49:d6: 49:2b:6d:8e:b7:98:63:e2:22:16:58:70:62:20:1e:37:c4:00: 57:31:38:59:70:37:0f:2e:64:ee:d4:9b:d7:de:ef:5d:60:31: 66:ec:df:cc:b2:3a:b3:96:c6:9d:2e:7e:69:b2:51:b9:f3:4e: b7:06:d9:0c:4e:58:c1:3c:b5:8b:f2:12:ac:db:78:d3:f5:38: fe:2e:7c:56:ee:bb:35:43:40:de:d3:a4:b1:87:e7:e2:c4:6f: 26:aa:7e:96:12:d9:56:45:7f:5a:38:24:eb:17:3a:fd:94:9c: 90:b1:bd:8f:ea:d7:09:25:9e:a7:11:25:d4:0e:72:52:a9:41: 6a:91:83:1e:13:06:12:79:a2:c0:a6:b9:f9:aa:07:0f:63:3e: 9d:35:c1:c4 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8gItOaWDANzgJrgquTKTxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx ZmE4MzkwHhcNMjYwMTAyMDIxOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OGM5MzcxZWY3ZTgxNjM2ZWJhYzIwY2UyNjJmNjhmOTAyZDY2OTc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss+0x2Gg0oDGrp8wE+c6VQuz36XA 3W5bUBV+BzEr560eEy0zEs5sHe1GpTrP3hSI2zbEv1Zd2huPCtizoOm6qdtmgbLv h/BHHhczthpJMywcFTRBqw26xiGzqFHze3X5KkSuf/AN8Eed6ISFl2rw/HjSxObc CLUevEeuKshRobMc1RJF4J8ods2ePkB7hdokGXuk8lUNRkpeQ5WcuWuORtMZuuPK 6cnedtqPMNjhtUIkXcq15hK+hItRH5WtpDo4jE0gLIyv5r3w+z9m3PKtNkooPxpv 4wT6txK0uPQXOoqo50j1XcMo74zg9g/6TCc5lMIFLwk8b8PAfzPyzGKjDQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIjJNx736BY266wgziYvaPkC1ml4MB8GA1UdIwQY MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt MzA0OTVmNDAzNzg0LzEvaU1rM0h2Zm9GamJyckNET0ppOW8tUUxXYVhnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0 LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbUU9AwQA wh9JMA0GCSqGSIb3DQEBCwUAA4IBAQA68PFPuVS3sg0RSVgCUp+6Il0yDMiNy/U+ p7/wyxQGPX1xU96C+mqxTJ0wlb+u+DXl7huwrKu5a+TM/LFWdeRNkpcaz7Zi+r08 Gmri9ZsckvVSeZwAmlJHoYEbSW8U5RkkFthSkdIwrmeXSdZJK22Ot5hj4iIWWHBi IB43xABXMThZcDcPLmTu1JvX3u9dYDFm7N/MsjqzlsadLn5pslG58063BtkMTljB PLWL8hKs23jT9Tj+LnxW7rs1Q0De06Sxh+fixG8mqn6WEtlWRX9aOCTrFzr9lJyQ sb2P6tcJJZ6nESXUDnJSqUFqkYMeEwYSeaLAprn5qgcPYz6dNcHE -----END CERTIFICATE-----Generated at Wed Jan 21 08:04:12 2026 by rpki-client