This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/8b5f88-3071-4a44-9f0c-242a294594e0/1/il7H5XRLlPOMcGmUaTO99BZFn2I.roa File: il7H5XRLlPOMcGmUaTO99BZFn2I.roa (raw, json) Hash identifier: Df3NCzCkDFx+xfWB8WmONNlOHJhDormcIJSvLVXSXWw= Subject key identifier: 8A:5E:C7:E5:74:4B:94:F3:8C:70:69:94:69:33:BD:F4:16:45:9F:62 Certificate issuer: /CN=f9b16868f322ab679aec733702bf068e9637fc4f Certificate serial: 019B77C6C0E66884965170EC8DF19C9A8419 Authority key identifier: F9:B1:68:68:F3:22:AB:67:9A:EC:73:37:02:BF:06:8E:96:37:FC:4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-bFoaPMiq2ea7HM3Ar8GjpY3_E8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/8b5f88-3071-4a44-9f0c-242a294594e0/1/il7H5XRLlPOMcGmUaTO99BZFn2I.roa Signing time: Thu 01 Jan 2026 04:17:52 +0000 ROA not before: Thu 01 Jan 2026 04:17:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208772 IP address blocks: 2001:67c:d78::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/8b5f88-3071-4a44-9f0c-242a294594e0/1/1-bFoaPMiq2ea7HM3Ar8GjpY3_E8.crl rsync://rpki.ripe.net/repository/DEFAULT/24/8b5f88-3071-4a44-9f0c-242a294594e0/1/1-bFoaPMiq2ea7HM3Ar8GjpY3_E8.mft rsync://rpki.ripe.net/repository/DEFAULT/1-bFoaPMiq2ea7HM3Ar8GjpY3_E8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:c0:e6:68:84:96:51:70:ec:8d:f1:9c:9a:84:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f9b16868f322ab679aec733702bf068e9637fc4f Validity Not Before: Jan 1 04:17:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8a5ec7e5744b94f38c7069946933bdf416459f62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ac:cc:a9:6a:df:a5:55:82:20:57:8d:a7:cc: 32:da:8c:1e:f0:a9:cf:8b:37:e5:d6:30:94:e7:c6: a3:84:66:90:dd:c2:79:4f:a1:f0:e9:94:08:6d:15: e7:b5:c6:67:37:52:50:7f:9e:a7:8b:7d:23:9f:37: 89:67:1f:44:a7:62:3f:a3:f4:36:d1:74:14:d5:0d: cc:95:79:31:77:d8:e6:c5:03:c6:9e:62:27:ac:fd: d3:cb:99:82:c8:7e:1c:53:1a:e5:b0:32:0b:1f:5d: 08:a4:36:f7:70:ad:2a:3f:90:19:5a:52:15:d1:1d: 8e:35:f3:d3:c8:5b:01:d6:be:01:a6:0f:89:d4:d2: 01:34:5f:cb:fc:78:d5:6b:2d:8e:48:83:77:0d:3c: d0:e0:e1:7c:02:0c:57:03:32:14:ba:72:09:bd:59: a1:f7:e7:1e:45:d3:f3:08:29:64:e7:18:1e:eb:e6: 3c:04:ec:bd:3c:8e:0e:cb:ab:a5:fc:8c:24:77:54: 56:67:d6:ca:81:c3:e8:ae:85:0b:17:22:64:91:4a: 53:e9:80:f9:3f:5a:94:11:fd:fc:f0:9b:c1:9f:2e: 1a:0f:96:fb:70:78:86:87:cd:de:8c:13:c7:f0:b3: 93:4b:db:21:5a:0e:15:7d:b4:fb:c6:1a:54:bf:a9: 60:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:5E:C7:E5:74:4B:94:F3:8C:70:69:94:69:33:BD:F4:16:45:9F:62 X509v3 Authority Key Identifier: keyid:F9:B1:68:68:F3:22:AB:67:9A:EC:73:37:02:BF:06:8E:96:37:FC:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-bFoaPMiq2ea7HM3Ar8GjpY3_E8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/8b5f88-3071-4a44-9f0c-242a294594e0/1/il7H5XRLlPOMcGmUaTO99BZFn2I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/8b5f88-3071-4a44-9f0c-242a294594e0/1/1-bFoaPMiq2ea7HM3Ar8GjpY3_E8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:d78::/48 Signature Algorithm: sha256WithRSAEncryption 18:44:87:c7:fd:98:39:0c:fd:54:0a:0f:b2:63:ef:c8:32:b0: ef:14:4b:9a:68:ef:f8:0b:72:d4:e4:28:78:1e:de:00:96:ff: b6:28:eb:89:22:ae:dc:23:2b:31:e7:0a:18:a7:76:7f:79:a8: 49:8b:8c:c3:94:75:5b:b8:2d:1f:7f:83:d9:a4:bd:be:f9:dc: 31:e1:10:46:11:d0:7d:17:a1:94:81:a7:ea:aa:04:05:f2:37: 07:9f:07:e9:ee:49:3f:10:f2:64:bd:7d:8e:0a:5b:c8:55:c8: 08:68:c0:5b:2c:24:2e:c1:84:d9:2f:4b:da:90:5e:6f:4b:43: 1c:33:5e:7a:b2:ac:b3:7c:92:cb:d3:4a:d6:63:1f:f6:82:63: ff:1e:d6:51:50:0c:d5:85:4c:c8:a4:32:2b:df:1f:4b:86:9f: b1:4f:a6:50:77:f7:34:37:2e:28:1f:77:e7:c2:92:38:79:87: 28:14:d0:04:98:0e:15:0e:f2:38:49:b5:a2:87:32:95:a5:77: 7d:e8:3f:0e:d4:eb:25:72:f6:dd:2d:60:d4:a8:23:ae:e3:d9: d5:bc:ee:05:e4:0b:a7:7b:aa:ff:83:09:a1:93:e6:c7:58:eb: 3d:ed:89:bb:ae:da:15:3f:35:d7:17:fb:f5:73:d1:b5:17:3b: fd:c7:82:b6 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgISAZt3xsDmaISWUXDsjfGcmoQZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY5YjE2ODY4ZjMyMmFiNjc5YWVjNzMzNzAyYmYwNjhlOTYz N2ZjNGYwHhcNMjYwMTAxMDQxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YTVlYzdlNTc0NGI5NGYzOGM3MDY5OTQ2OTMzYmRmNDE2NDU5ZjYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6zMqWrfpVWCIFeNp8wy2owe8KnP izfl1jCU58ajhGaQ3cJ5T6Hw6ZQIbRXntcZnN1JQf56ni30jnzeJZx9Ep2I/o/Q2 0XQU1Q3MlXkxd9jmxQPGnmInrP3Ty5mCyH4cUxrlsDILH10IpDb3cK0qP5AZWlIV 0R2ONfPTyFsB1r4Bpg+J1NIBNF/L/HjVay2OSIN3DTzQ4OF8AgxXAzIUunIJvVmh 9+ceRdPzCClk5xge6+Y8BOy9PI4Oy6ul/Iwkd1RWZ9bKgcPoroULFyJkkUpT6YD5 P1qUEf388JvBny4aD5b7cHiGh83ejBPH8LOTS9shWg4VfbT7xhpUv6lgrwIDAQAB o4ICDjCCAgowHQYDVR0OBBYEFIpex+V0S5TzjHBplGkzvfQWRZ9iMB8GA1UdIwQY MBaAFPmxaGjzIqtnmuxzNwK/Bo6WN/xPMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1iRm9hUE1pcTJlYTdITTNBcjhHanBZM19FOC5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQvOGI1Zjg4LTMwNzEtNGE0NC05ZjBj LTI0MmEyOTQ1OTRlMC8xL2lsN0g1WFJMbFBPTWNHbVVhVE85OUJaRm4ySS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMjQvOGI1Zjg4LTMwNzEtNGE0NC05ZjBjLTI0MmEyOTQ1OTRl MC8xLzEtYkZvYVBNaXEyZWE3SE0zQXI4R2pwWTNfRTguY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAgAQZ8 DXgwDQYJKoZIhvcNAQELBQADggEBABhEh8f9mDkM/VQKD7Jj78gysO8US5po7/gL ctTkKHge3gCW/7Yo64kirtwjKzHnChindn95qEmLjMOUdVu4LR9/g9mkvb753DHh EEYR0H0XoZSBp+qqBAXyNwefB+nuST8Q8mS9fY4KW8hVyAhowFssJC7BhNkvS9qQ Xm9LQxwzXnqyrLN8ksvTStZjH/aCY/8e1lFQDNWFTMikMivfH0uGn7FPplB39zQ3 Ligfd+fCkjh5hygU0ASYDhUO8jhJtaKHMpWld33oPw7U6yVy9t0tYNSoI67j2dW8 7gXkC6d7qv+DCaGT5sdY6z3tibuu2hU/NdcX+/Vz0bUXO/3HgrY= -----END CERTIFICATE-----Generated at Tue Feb 10 04:15:35 2026 by rpki-client