This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/dIqmIrGGl8FI-sOwGOw90e9FkJY.roa File: dIqmIrGGl8FI-sOwGOw90e9FkJY.roa (raw, json) Hash identifier: ux/S4urJBgHoaCGluZkTkGPr6Fq78RqIkr3zENS3Pqk= Subject key identifier: 74:8A:A6:22:B1:86:97:C1:48:FA:C3:B0:18:EC:3D:D1:EF:45:90:96 Certificate issuer: /CN=b5ccdd883f6dd114ecf6f72716a84634f67ac977 Certificate serial: 019B7DCA4233CAD2DF190ECFD298584E0017 Authority key identifier: B5:CC:DD:88:3F:6D:D1:14:EC:F6:F7:27:16:A8:46:34:F6:7A:C9:77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/dIqmIrGGl8FI-sOwGOw90e9FkJY.roa Signing time: Fri 02 Jan 2026 08:19:25 +0000 ROA not before: Fri 02 Jan 2026 08:19:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39756 IP address blocks: 91.209.102.0/24 maxlen: 24 193.223.101.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:42:33:ca:d2:df:19:0e:cf:d2:98:58:4e:00:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5ccdd883f6dd114ecf6f72716a84634f67ac977 Validity Not Before: Jan 2 08:19:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=748aa622b18697c148fac3b018ec3dd1ef459096 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:e6:bc:c4:8a:a5:1e:f1:3f:84:42:d2:0a:40: d3:a3:50:71:84:33:26:91:28:13:5e:5c:95:99:60: c6:76:d7:dd:68:be:ee:6e:20:a9:43:f1:f2:6a:86: 6a:50:cd:e9:32:69:b0:62:0d:ec:1e:0d:56:a9:12: 4d:19:37:74:72:8e:ed:89:9d:5b:3b:14:d5:c6:69: 8f:c5:69:2b:1e:83:8c:90:92:ac:7c:fa:2b:b2:53: 84:c3:56:fa:ca:66:d6:e1:1e:be:fc:cd:2e:4a:27: aa:eb:c7:d2:33:b8:b3:5f:97:2a:76:32:64:a0:fc: b4:51:17:6e:33:bf:f6:45:f7:9b:c8:78:20:e6:99: 36:e3:68:42:84:bd:47:f4:80:3c:6d:77:53:97:60: f1:ce:7f:d4:6b:15:0b:19:8a:30:e8:9a:81:da:b0: da:20:cc:7d:6a:3f:e0:5f:08:f2:71:10:5d:b2:7e: 16:5c:e9:89:df:8b:33:62:c0:a4:78:cd:7d:e3:45: d9:9c:b0:9a:3d:2b:01:c2:1e:41:0f:9a:95:ac:ab: e1:ff:92:d7:0f:12:70:bd:47:34:3e:65:45:ac:c9: c4:d6:99:b6:7c:f9:8f:fa:30:83:83:c9:5a:c4:4a: 2b:f6:9b:bf:79:82:6d:7d:e9:e1:5e:28:06:70:4d: 2c:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:8A:A6:22:B1:86:97:C1:48:FA:C3:B0:18:EC:3D:D1:EF:45:90:96 X509v3 Authority Key Identifier: keyid:B5:CC:DD:88:3F:6D:D1:14:EC:F6:F7:27:16:A8:46:34:F6:7A:C9:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/dIqmIrGGl8FI-sOwGOw90e9FkJY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.209.102.0/24 193.223.101.0/24 Signature Algorithm: sha256WithRSAEncryption 5c:52:14:3c:dd:0f:fe:a1:d3:60:ca:50:5f:f2:0f:24:9b:5d: f1:fe:a0:38:c5:d3:16:fd:8a:2e:cc:f5:75:20:45:f7:4f:b9: 88:3b:bd:c4:25:74:f6:92:60:3f:be:bd:13:d5:41:44:16:01: 12:72:10:8d:a3:ec:25:70:fe:e3:76:e0:45:43:d0:a4:44:73: b9:d8:7d:a5:db:1f:cd:c3:ef:f1:1d:15:18:93:bd:e1:42:18: dd:8d:11:61:f8:dc:31:33:0b:aa:88:22:af:9e:ae:a8:7d:53: c6:b5:9c:d0:d1:fe:04:c8:40:62:a3:e7:df:6f:33:8d:ee:da: 25:30:bf:8c:32:35:43:57:cd:79:e5:50:2d:6a:be:1e:1b:4f: 09:2d:11:19:4c:10:01:ba:80:42:6e:ae:1d:2d:d8:16:cf:cf: 26:e3:58:f8:1c:3a:97:9b:67:e6:d0:c6:fe:45:99:fe:1a:0c: 84:20:57:ed:dc:9a:9a:c0:53:3f:9c:6b:83:f8:80:70:4f:e9: 01:f3:9d:75:81:17:ff:30:32:df:33:88:21:6e:e3:db:40:ce: a6:a8:6d:f4:a1:11:f7:dd:10:38:cd:f3:5b:68:e8:91:d0:41: 18:a6:3b:c9:68:e1:4e:7e:68:ee:63:8c:b9:13:b4:a0:a5:fb: c1:6b:05:fb -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9ykIzytLfGQ7P0phYTgAXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1Y2NkZDg4M2Y2ZGQxMTRlY2Y2ZjcyNzE2YTg0NjM0ZjY3 YWM5NzcwHhcNMjYwMTAyMDgxOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3NDhhYTYyMmIxODY5N2MxNDhmYWMzYjAxOGVjM2RkMWVmNDU5MDk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvea8xIqlHvE/hELSCkDTo1BxhDMm kSgTXlyVmWDGdtfdaL7ubiCpQ/HyaoZqUM3pMmmwYg3sHg1WqRJNGTd0co7tiZ1b OxTVxmmPxWkrHoOMkJKsfPorslOEw1b6ymbW4R6+/M0uSieq68fSM7izX5cqdjJk oPy0URduM7/2RfebyHgg5pk242hChL1H9IA8bXdTl2Dxzn/UaxULGYow6JqB2rDa IMx9aj/gXwjycRBdsn4WXOmJ34szYsCkeM1940XZnLCaPSsBwh5BD5qVrKvh/5LX DxJwvUc0PmVFrMnE1pm2fPmP+jCDg8laxEor9pu/eYJtfenhXigGcE0sDwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFHSKpiKxhpfBSPrDsBjsPdHvRZCWMB8GA1UdIwQY MBaAFLXM3Yg/bdEU7Pb3JxaoRjT2esl3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iYTc4NGQtNzQ2ZS00OWU3LWE0MDgt NGFiYWY1M2E1MGFmLzEvZElxbUlyR0dsOEZJLXNPd0dPdzkwZTlGa0pZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9iYTc4NGQtNzQ2ZS00OWU3LWE0MDgtNGFiYWY1M2E1MGFm LzEvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9FmAwQA wd9lMA0GCSqGSIb3DQEBCwUAA4IBAQBcUhQ83Q/+odNgylBf8g8km13x/qA4xdMW /YouzPV1IEX3T7mIO73EJXT2kmA/vr0T1UFEFgESchCNo+wlcP7jduBFQ9CkRHO5 2H2l2x/Nw+/xHRUYk73hQhjdjRFh+NwxMwuqiCKvnq6ofVPGtZzQ0f4EyEBio+ff bzON7tolML+MMjVDV8155VAtar4eG08JLREZTBABuoBCbq4dLdgWz88m41j4HDqX m2fm0Mb+RZn+GgyEIFft3JqawFM/nGuD+IBwT+kB8511gRf/MDLfM4ghbuPbQM6m qG30oRH33RA4zfNbaOiR0EEYpjvJaOFOfmjuY4y5E7SgpfvBawX7 -----END CERTIFICATE-----Generated at Tue Feb 10 03:11:19 2026 by rpki-client