This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/IaKIVCDKuhJxaj4O-dg-QPpbIr0.roa File: IaKIVCDKuhJxaj4O-dg-QPpbIr0.roa (raw, json) Hash identifier: 93wMMFAPtcvPRkh6aMKeJrGEYYipy1behu24kK1fUGA= Subject key identifier: 21:A2:88:54:20:CA:BA:12:71:6A:3E:0E:F9:D8:3E:40:FA:5B:22:BD Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec Certificate serial: 019B797ECC63056B3959EDABCDA20AF878CB Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/IaKIVCDKuhJxaj4O-dg-QPpbIr0.roa Signing time: Thu 01 Jan 2026 12:18:31 +0000 ROA not before: Thu 01 Jan 2026 12:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198576 IP address blocks: 84.242.132.0/24 maxlen: 24 212.95.175.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:cc:63:05:6b:39:59:ed:ab:cd:a2:0a:f8:78:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec Validity Not Before: Jan 1 12:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21a2885420caba12716a3e0ef9d83e40fa5b22bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:c2:a7:12:9f:d5:b6:0c:b8:28:b5:e7:bb:84: 43:c1:9c:50:e0:6c:69:fe:a8:e2:4b:a7:53:66:b6: b8:ed:2d:15:e9:3e:30:8f:2e:8e:91:5d:05:78:36: 99:f2:45:17:cf:5e:dc:e1:17:90:89:93:eb:ac:4a: 32:9d:ae:f0:25:93:2c:ae:b9:2b:49:29:73:63:8d: a8:8f:da:c2:f5:35:b9:39:93:a2:b2:a2:1f:ab:47: 38:ec:c0:17:11:ac:1a:c8:0e:9e:e6:fd:a5:f7:79: a5:3b:3a:86:a1:19:48:0e:bd:16:77:4d:82:05:46: 32:e5:67:a6:8d:d0:80:9c:ee:cd:66:fd:b5:1b:77: 39:e1:88:60:8e:03:9a:14:48:de:24:90:82:1b:c6: a6:df:94:76:c9:95:c2:d3:75:ac:7b:a5:91:a3:ec: 3e:ef:f9:79:d9:56:12:10:3a:eb:0f:df:d9:0b:0e: e5:50:b0:b3:a0:76:50:8b:45:42:26:9e:4d:e1:a5: 49:ec:c9:85:8a:46:1e:25:a5:26:02:52:3f:0f:d3: e5:22:48:e2:59:12:66:dd:af:10:42:71:77:a9:d7: 1a:3d:5f:3d:03:48:a7:1b:e6:b8:9b:c6:36:1a:99: 4f:d5:6c:6a:d3:96:c7:5f:16:1b:84:7d:ac:be:b2: af:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:A2:88:54:20:CA:BA:12:71:6A:3E:0E:F9:D8:3E:40:FA:5B:22:BD X509v3 Authority Key Identifier: keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/IaKIVCDKuhJxaj4O-dg-QPpbIr0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.242.132.0/24 212.95.175.0/24 Signature Algorithm: sha256WithRSAEncryption 63:48:b2:99:ac:57:b5:b7:5d:97:80:5d:f7:a1:89:24:fa:a0: c4:ba:68:25:36:d3:49:8c:7b:5b:e1:2d:8c:67:69:72:0b:d3: bc:3a:f1:ca:20:39:8f:33:ef:95:a3:91:41:39:60:ac:9a:7f: 11:50:11:d2:5e:33:7d:c2:40:cb:15:80:cb:98:9c:57:5f:37: 6a:82:30:ab:d8:16:cc:68:99:e5:5f:ea:de:84:ae:e5:3d:c7: 08:55:cc:72:da:49:6c:74:57:b0:57:12:c9:b4:d9:2b:aa:de: ef:12:35:0e:ac:02:f8:d8:64:4b:e7:43:7c:c9:6d:35:47:c5: fd:e6:42:1c:2a:79:4f:b6:62:ec:29:3e:ad:dc:16:a0:29:44: 1c:73:0d:bc:a0:54:a7:57:a1:c8:d1:e9:c8:50:47:ed:28:4c: 05:b3:b2:c1:5b:3f:60:a5:4a:b0:1d:9b:30:57:5a:9b:68:59: 62:07:c3:ca:ca:fb:21:f5:0b:8d:d3:f9:9e:7c:a4:78:63:f8: 15:09:ad:97:bb:ed:e7:56:a1:03:7c:56:55:cd:ed:ca:71:55: 40:8f:12:be:36:ee:cd:d3:74:8a:2d:a7:32:f6:9d:1c:ad:df: 3a:42:5c:76:9c:9d:04:89:d1:8b:c9:90:e5:04:a8:c5:9d:fb: e7:0f:c6:8b -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5fsxjBWs5We2rzaIK+HjLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj ZDgyZWMwHhcNMjYwMTAxMTIxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWEyODg1NDIwY2FiYTEyNzE2YTNlMGVmOWQ4M2U0MGZhNWIyMmJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MKnEp/Vtgy4KLXnu4RDwZxQ4Gxp /qjiS6dTZra47S0V6T4wjy6OkV0FeDaZ8kUXz17c4ReQiZPrrEoyna7wJZMsrrkr SSlzY42oj9rC9TW5OZOisqIfq0c47MAXEawayA6e5v2l93mlOzqGoRlIDr0Wd02C BUYy5WemjdCAnO7NZv21G3c54YhgjgOaFEjeJJCCG8am35R2yZXC03Wse6WRo+w+ 7/l52VYSEDrrD9/ZCw7lULCzoHZQi0VCJp5N4aVJ7MmFikYeJaUmAlI/D9PlIkji WRJm3a8QQnF3qdcaPV89A0inG+a4m8Y2GplP1Wxq05bHXxYbhH2svrKvIQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCGiiFQgyroScWo+DvnYPkD6WyK9MB8GA1UdIwQY MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt N2ZiYmFlNmY5NDM3LzEvSWFLSVZDREt1aEp4YWo0Ty1kZy1RUHBiSXIwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3 LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVPKEAwQA 1F+vMA0GCSqGSIb3DQEBCwUAA4IBAQBjSLKZrFe1t12XgF33oYkk+qDEumglNtNJ jHtb4S2MZ2lyC9O8OvHKIDmPM++Vo5FBOWCsmn8RUBHSXjN9wkDLFYDLmJxXXzdq gjCr2BbMaJnlX+rehK7lPccIVcxy2klsdFewVxLJtNkrqt7vEjUOrAL42GRL50N8 yW01R8X95kIcKnlPtmLsKT6t3BagKUQccw28oFSnV6HI0enIUEftKEwFs7LBWz9g pUqwHZswV1qbaFliB8PKyvsh9QuN0/mefKR4Y/gVCa2Xu+3nVqEDfFZVze3KcVVA jxK+Nu7N03SKLacy9p0crd86Qlx2nJ0EidGLyZDlBKjFnfvnD8aL -----END CERTIFICATE-----Generated at Mon Jan 26 17:24:31 2026 by rpki-client