This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/I61e7xKM0b3HBMfOem1GkjpTt5g.roa File: I61e7xKM0b3HBMfOem1GkjpTt5g.roa (raw, json) Hash identifier: FaXgX3Dd98HNPMZ5o0IJyCmUY3cwUhM+A2iDauz1zgs= Subject key identifier: 23:AD:5E:EF:12:8C:D1:BD:C7:04:C7:CE:7A:6D:46:92:3A:53:B7:98 Certificate issuer: /CN=7b48945b9d716cd47fbde2860d8100fcda987496 Certificate serial: 019B7EA68D1D046314015C8463DB5366A2AB Authority key identifier: 7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/I61e7xKM0b3HBMfOem1GkjpTt5g.roa Signing time: Fri 02 Jan 2026 12:20:02 +0000 ROA not before: Fri 02 Jan 2026 12:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 5.22.145.0/24 maxlen: 24 2a00:18e0:5::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/e0iUW51xbNR_veKGDYEA_NqYdJY.crl rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/e0iUW51xbNR_veKGDYEA_NqYdJY.mft rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 02:03:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:8d:1d:04:63:14:01:5c:84:63:db:53:66:a2:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7b48945b9d716cd47fbde2860d8100fcda987496 Validity Not Before: Jan 2 12:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=23ad5eef128cd1bdc704c7ce7a6d46923a53b798 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:2a:be:77:06:56:df:70:e3:04:ae:75:e9:1d: 9b:2a:41:99:6d:87:c2:8c:f5:bf:2e:45:85:cb:de: 5c:a8:9e:9d:3c:1f:41:47:64:11:f3:62:d6:60:5b: d5:52:95:98:97:7d:d0:a4:65:d9:50:f9:0d:23:bc: fa:69:6f:a9:08:7c:d6:88:62:4b:a2:2e:fd:60:e5: 4f:5c:66:ae:b7:4e:c6:38:ae:1e:e8:81:71:30:e8: ea:1a:11:3e:ad:66:71:b5:6e:a5:64:60:05:97:16: 81:86:24:38:3a:4a:69:7c:2e:76:23:9a:a4:4a:4e: bf:3f:f0:3c:d5:e4:08:ab:b5:3a:69:07:c9:13:0a: 55:3f:ad:db:55:06:a5:1e:83:c9:0d:b5:26:a9:b8: 6a:a5:aa:52:b4:8b:6b:73:8b:4b:00:ef:03:25:b3: fd:9d:c9:87:dc:2c:07:2a:d5:a1:14:e0:dc:a5:20: 35:e7:cb:11:30:6c:59:93:dd:47:d0:a2:62:87:51: 3f:80:49:30:51:91:17:d8:9b:b1:3f:8a:a2:70:8f: 44:b3:b3:cb:db:a6:84:f2:1b:37:f5:57:c3:57:c5: a1:d2:93:ca:d6:cf:01:82:8e:9b:e8:e3:a3:d5:aa: 46:9f:c8:c3:04:e7:92:0e:b0:4b:8d:14:d6:76:e2: 79:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:AD:5E:EF:12:8C:D1:BD:C7:04:C7:CE:7A:6D:46:92:3A:53:B7:98 X509v3 Authority Key Identifier: keyid:7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/I61e7xKM0b3HBMfOem1GkjpTt5g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/e0iUW51xbNR_veKGDYEA_NqYdJY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.22.145.0/24 IPv6: 2a00:18e0:5::/48 Signature Algorithm: sha256WithRSAEncryption 34:ab:c3:6f:85:6e:3f:c4:cb:35:34:77:89:08:01:f1:70:aa: 9a:b5:99:04:a5:ad:bc:e5:a6:ef:0e:27:9a:04:0c:8f:2f:23: 55:20:e7:08:13:b8:d8:a6:b8:48:a6:97:51:c4:93:7d:20:3d: 8a:0a:ec:31:8c:3d:c0:7f:93:ef:ce:21:2f:1d:d4:15:54:67: 53:3a:58:41:83:6c:c8:12:c2:09:40:a0:28:35:0d:b7:ad:b6: 98:57:66:40:26:e6:b4:88:96:a7:83:61:d9:23:05:59:0c:dd: d6:30:44:f7:39:25:e3:99:c3:27:0a:af:b8:33:7c:c4:10:ae: 10:af:28:fb:e5:75:6c:ff:08:9d:58:0d:db:76:42:10:8f:c6: 3b:9d:51:be:75:35:43:9b:65:95:e9:02:d8:12:1e:e1:b5:1e: 2b:36:d0:ec:30:d1:02:b4:f8:e8:2d:ff:4c:40:d7:33:5f:18: 5a:04:80:55:75:11:40:b8:62:ad:78:67:66:24:35:57:73:f1: 29:2d:4c:68:3c:91:41:80:b8:f7:e8:a5:0c:39:89:2b:17:89: 06:7c:a6:c5:94:eb:fd:08:88:98:cb:f6:6a:46:5d:a3:02:4c: c6:8a:a1:7c:70:df:5e:c4:53:b0:a9:ea:70:a8:b9:a5:47:24: c2:16:79:24 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+po0dBGMUAVyEY9tTZqKrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdiNDg5NDViOWQ3MTZjZDQ3ZmJkZTI4NjBkODEwMGZjZGE5 ODc0OTYwHhcNMjYwMTAyMTIyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyM2FkNWVlZjEyOGNkMWJkYzcwNGM3Y2U3YTZkNDY5MjNhNTNiNzk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCq+dwZW33DjBK516R2bKkGZbYfC jPW/LkWFy95cqJ6dPB9BR2QR82LWYFvVUpWYl33QpGXZUPkNI7z6aW+pCHzWiGJL oi79YOVPXGaut07GOK4e6IFxMOjqGhE+rWZxtW6lZGAFlxaBhiQ4OkppfC52I5qk Sk6/P/A81eQIq7U6aQfJEwpVP63bVQalHoPJDbUmqbhqpapStItrc4tLAO8DJbP9 ncmH3CwHKtWhFODcpSA158sRMGxZk91H0KJih1E/gEkwUZEX2JuxP4qicI9Es7PL 26aE8hs39VfDV8Wh0pPK1s8Bgo6b6OOj1apGn8jDBOeSDrBLjRTWduJ5xwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFCOtXu8SjNG9xwTHznptRpI6U7eYMB8GA1UdIwQY MBaAFHtIlFudcWzUf73ihg2BAPzamHSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2Mt NGU4NTg5N2YzMDljLzEvSTYxZTd4S00wYjNIQk1mT2VtMUdranBUdDVnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2MtNGU4NTg5N2YzMDlj LzEvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABRaRMA8E AgACMAkDBwAqABjgAAUwDQYJKoZIhvcNAQELBQADggEBADSrw2+Fbj/EyzU0d4kI AfFwqpq1mQSlrbzlpu8OJ5oEDI8vI1Ug5wgTuNimuEiml1HEk30gPYoK7DGMPcB/ k+/OIS8d1BVUZ1M6WEGDbMgSwglAoCg1DbettphXZkAm5rSIlqeDYdkjBVkM3dYw RPc5JeOZwycKr7gzfMQQrhCvKPvldWz/CJ1YDdt2QhCPxjudUb51NUObZZXpAtgS HuG1His20Oww0QK0+Ogt/0xA1zNfGFoEgFV1EUC4Yq14Z2YkNVdz8SktTGg8kUGA uPfopQw5iSsXiQZ8psWU6/0IiJjL9mpGXaMCTMaKoXxw317EU7Cp6nCouaVHJMIW eSQ= -----END CERTIFICATE-----Generated at Sat Jan 17 08:24:50 2026 by rpki-client