This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/IjU4DCvco1H_BuxEmdM0i3N9AiY.roa File: IjU4DCvco1H_BuxEmdM0i3N9AiY.roa (raw, json) Hash identifier: IcI+UuAYue3QiGRJF1n3ivgYYn4aRUMwuNTnE3mK5xc= Subject key identifier: 22:35:38:0C:2B:DC:A3:51:FF:06:EC:44:99:D3:34:8B:73:7D:02:26 Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a Certificate serial: 019B7EA5375081DB65AB1FA501244830E939 Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/IjU4DCvco1H_BuxEmdM0i3N9AiY.roa Signing time: Fri 02 Jan 2026 12:18:35 +0000 ROA not before: Fri 02 Jan 2026 12:18:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207388 IP address blocks: 109.160.38.0/24 maxlen: 24 109.160.39.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:37:50:81:db:65:ab:1f:a5:01:24:48:30:e9:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a Validity Not Before: Jan 2 12:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2235380c2bdca351ff06ec4499d3348b737d0226 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:33:fc:01:73:7d:27:0b:ed:93:54:5d:69:8c: 08:26:aa:01:0f:df:82:d4:9d:f5:c9:9f:93:be:a6: c2:2d:32:39:21:67:41:ea:29:9e:36:1d:f8:2f:ac: cd:ff:d5:f3:ed:08:fd:e5:a7:23:45:4f:5a:f5:b7: f0:b9:26:03:07:05:39:7e:7d:2b:62:de:7b:ce:57: 10:6f:32:e0:36:71:3d:56:c4:c8:a7:d8:ec:83:6b: 9f:dd:bd:3e:3c:b1:60:c8:e2:be:01:20:dc:6f:38: a8:64:5e:a0:54:63:01:9b:5a:27:8b:c5:51:7e:76: 6e:69:1a:f3:a4:7a:73:2d:34:4f:38:f5:a0:a7:5c: 32:b7:f4:6d:24:e1:77:e7:8b:ac:b4:a8:62:a8:43: 40:b2:d3:fe:c0:c4:6b:32:f6:29:b6:17:c9:74:27: 9b:e8:5b:2d:4b:73:20:6b:f1:7e:a8:c0:91:1e:e0: 25:4f:ce:b1:9a:9a:11:94:55:39:fb:66:a8:69:5e: 7f:c2:ad:5a:a2:15:2b:4f:e2:20:01:c9:ad:39:9a: a1:2d:3a:3a:83:8d:53:0f:86:28:ab:fa:9a:bf:89: 1c:49:c7:ad:95:fe:46:10:c9:a1:4c:98:e5:67:6f: 18:09:f5:db:a3:1a:f2:57:b2:ed:f9:33:23:3c:b5: de:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:35:38:0C:2B:DC:A3:51:FF:06:EC:44:99:D3:34:8B:73:7D:02:26 X509v3 Authority Key Identifier: keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/IjU4DCvco1H_BuxEmdM0i3N9AiY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.160.38.0/23 Signature Algorithm: sha256WithRSAEncryption 30:07:61:cc:c3:f4:17:f8:ac:38:76:7f:02:36:f9:21:93:8f: 46:cf:53:0d:dd:fc:1c:66:e2:d6:64:d3:be:eb:76:a2:fb:d2: 9d:b0:a3:62:f8:8b:37:ed:9a:80:50:f8:e0:de:38:ff:bb:ce: 2f:11:69:c7:cd:0e:04:81:bc:e7:99:56:27:77:d6:7d:b7:52: 5c:ce:4d:7e:c6:31:b7:aa:99:5b:c9:95:2b:e6:a1:14:2e:9a: b9:b3:4a:01:d8:a6:7b:33:ce:41:62:96:56:61:68:aa:11:1d: 83:fc:2f:a6:7c:94:03:5f:bf:0e:85:38:2c:55:f7:1f:de:13: 3f:6b:65:04:54:dd:dd:5b:3c:92:47:44:10:44:c1:d2:62:c6: b0:cd:08:74:d8:d2:7f:8b:2a:d0:4e:73:86:61:b7:81:13:04: b7:42:6f:e9:92:0e:f2:8e:12:d5:3d:dd:5b:3b:2e:08:7b:aa: c7:9a:6b:0f:ca:10:22:ac:f3:57:95:ad:68:82:6b:95:fb:91: 47:ff:c1:40:ea:de:c5:cf:3d:05:84:34:7f:99:b4:62:32:b6: 60:4b:e2:00:76:b8:17:77:27:17:25:e5:64:9b:96:6a:e3:a7: 70:83:b4:7f:1b:d4:de:0a:bd:60:31:7b:6c:bb:6e:59:6f:8a: c9:58:a4:c1 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pTdQgdtlqx+lASRIMOk5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My ODc3M2EwHhcNMjYwMTAyMTIxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMjM1MzgwYzJiZGNhMzUxZmYwNmVjNDQ5OWQzMzQ4YjczN2QwMjI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjP8AXN9Jwvtk1RdaYwIJqoBD9+C 1J31yZ+TvqbCLTI5IWdB6imeNh34L6zN/9Xz7Qj95acjRU9a9bfwuSYDBwU5fn0r Yt57zlcQbzLgNnE9VsTIp9jsg2uf3b0+PLFgyOK+ASDcbzioZF6gVGMBm1oni8VR fnZuaRrzpHpzLTRPOPWgp1wyt/RtJOF354ustKhiqENAstP+wMRrMvYpthfJdCeb 6FstS3Mga/F+qMCRHuAlT86xmpoRlFU5+2aoaV5/wq1aohUrT+IgAcmtOZqhLTo6 g41TD4Yoq/qav4kcScetlf5GEMmhTJjlZ28YCfXboxryV7Lt+TMjPLXe9QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCI1OAwr3KNR/wbsRJnTNItzfQImMB8GA1UdIwQY MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt YTU1OGVlNjU0MzFmLzEvSWpVNERDdmNvMUhfQnV4RW1kTTBpM045QWlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbaAmMA0G CSqGSIb3DQEBCwUAA4IBAQAwB2HMw/QX+Kw4dn8CNvkhk49Gz1MN3fwcZuLWZNO+ 63ai+9KdsKNi+Is37ZqAUPjg3jj/u84vEWnHzQ4EgbznmVYnd9Z9t1Jczk1+xjG3 qplbyZUr5qEULpq5s0oB2KZ7M85BYpZWYWiqER2D/C+mfJQDX78OhTgsVfcf3hM/ a2UEVN3dWzySR0QQRMHSYsawzQh02NJ/iyrQTnOGYbeBEwS3Qm/pkg7yjhLVPd1b Oy4Ie6rHmmsPyhAirPNXla1ogmuV+5FH/8FA6t7Fzz0FhDR/mbRiMrZgS+IAdrgX dycXJeVkm5Zq46dwg7R/G9TeCr1gMXtsu25Zb4rJWKTB -----END CERTIFICATE-----Generated at Tue Jan 20 03:35:39 2026 by rpki-client