This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ife1GFN1PkpYk9XyQvM11JFA25U.roa File: ife1GFN1PkpYk9XyQvM11JFA25U.roa (raw, json) Hash identifier: Nv8Sy+s7ueQRS3Bar+VI7vF4RBJcNhahlyhZqkdtS3s= Subject key identifier: 89:F7:B5:18:53:75:3E:4A:58:93:D5:F2:42:F3:35:D4:91:40:DB:95 Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058 Certificate serial: 019B7E393BF7C4F3A6352AD858AFFA32577A Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ife1GFN1PkpYk9XyQvM11JFA25U.roa Signing time: Fri 02 Jan 2026 10:20:38 +0000 ROA not before: Fri 02 Jan 2026 10:20:38 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205591 IP address blocks: 2a0c:b642::/36 maxlen: 48 2a0c:b642:1a09::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:3b:f7:c4:f3:a6:35:2a:d8:58:af:fa:32:57:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=05976801363d375786152e4d061e75c8beb35058 Validity Not Before: Jan 2 10:20:38 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=89f7b51853753e4a5893d5f242f335d49140db95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:50:87:d5:a6:16:76:a5:02:ed:97:8e:66:d0: 0a:be:2f:fa:f6:fd:3d:c1:07:82:87:df:01:f0:ad: c4:c7:ac:19:9d:44:36:4a:f1:b5:18:fa:ec:28:67: 8c:35:2c:23:5e:86:14:83:80:53:f3:64:33:7d:38: 55:07:2b:b0:6a:7a:be:bc:fd:fe:5a:2b:bc:cd:61: d1:f5:53:5d:a6:63:b1:c3:2e:03:6c:03:47:16:84: 0c:8c:19:5c:be:e7:3d:cb:8f:e5:cb:1c:18:85:20: bd:a2:b4:ea:e0:f6:11:ab:fa:ad:2b:0e:32:fb:f6: 81:76:6a:4e:78:7f:33:25:cc:80:08:af:36:a8:c0: 8c:ca:d9:0a:44:08:89:7a:a1:0a:17:b5:60:ab:a8: 87:a4:6b:57:42:5e:17:ff:cd:40:69:51:8b:c4:5d: 65:32:68:2a:8b:32:a9:a9:07:a5:44:49:de:e1:dd: 1d:51:93:54:6a:b0:62:86:5b:03:f3:f3:7d:09:5d: 22:40:ed:54:9c:bf:34:35:90:cf:29:50:d4:d1:e9: 8b:95:af:7f:d7:af:15:0c:ae:8d:c3:98:33:ce:9b: f5:4b:b4:4a:1b:35:6c:fa:dd:98:52:40:8d:09:30: 73:47:49:7d:47:c4:32:04:57:8d:7b:c3:61:96:e9: 80:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:F7:B5:18:53:75:3E:4A:58:93:D5:F2:42:F3:35:D4:91:40:DB:95 X509v3 Authority Key Identifier: keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/ife1GFN1PkpYk9XyQvM11JFA25U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:b642::/36 2a0c:b642:1a09::/48 Signature Algorithm: sha256WithRSAEncryption 7f:c7:3e:01:53:46:7b:b1:ef:17:fc:90:6f:f5:38:56:ab:e0: 7b:1e:dc:11:73:03:f3:15:04:05:72:60:8d:29:69:16:73:d4: c3:2d:39:f9:e1:cf:a0:8f:72:36:c9:ab:57:a4:c4:8f:23:6b: 26:f9:c6:09:a2:23:75:60:3f:11:b5:f0:13:e5:c0:2c:53:4f: 8e:fa:79:54:b7:c4:c0:0e:61:a5:27:97:cd:ca:cd:b7:a2:50: 95:9f:71:3e:b1:98:6d:2f:c3:fe:5c:cf:21:c1:b8:6d:45:8c: 9a:c4:58:80:ec:f4:97:64:dc:6f:db:dc:7b:1a:cd:f5:58:3d: 70:da:2f:e0:a8:fb:e2:96:d2:3a:58:61:26:64:c6:95:45:d2: 1d:d7:4d:84:ee:63:75:16:e3:3a:a5:2c:00:28:16:90:71:88: 7b:74:ea:a7:6e:c4:e6:7e:b1:d2:5f:1f:53:fb:bd:ae:cc:15: 8b:b9:12:13:4d:00:f1:1b:e6:a5:5e:c1:f6:e4:44:5f:8e:13: e9:9b:55:bb:d9:8a:8c:75:aa:13:da:5d:ce:fd:0d:2e:5d:be: 3f:90:8d:df:00:c7:1b:f6:7c:8d:6a:f4:ff:6a:10:b8:76:0a: 44:58:74:8a:4b:a7:41:fe:00:fc:9a:71:17:89:bd:cd:c0:41: 10:a5:63:78 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgISAZt+OTv3xPOmNSrYWK/6Mld6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi MzUwNTgwHhcNMjYwMTAyMTAyMDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OWY3YjUxODUzNzUzZTRhNTg5M2Q1ZjI0MmYzMzVkNDkxNDBkYjk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFCH1aYWdqUC7ZeOZtAKvi/69v09 wQeCh98B8K3Ex6wZnUQ2SvG1GPrsKGeMNSwjXoYUg4BT82QzfThVByuwanq+vP3+ Wiu8zWHR9VNdpmOxwy4DbANHFoQMjBlcvuc9y4/lyxwYhSC9orTq4PYRq/qtKw4y +/aBdmpOeH8zJcyACK82qMCMytkKRAiJeqEKF7Vgq6iHpGtXQl4X/81AaVGLxF1l MmgqizKpqQelREne4d0dUZNUarBihlsD8/N9CV0iQO1UnL80NZDPKVDU0emLla9/ 168VDK6Nw5gzzpv1S7RKGzVs+t2YUkCNCTBzR0l9R8QyBFeNe8NhlumAgQIDAQAB o4ICFDCCAhAwHQYDVR0OBBYEFIn3tRhTdT5KWJPV8kLzNdSRQNuVMB8GA1UdIwQY MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et NWVjOGM4ZWQ2MGZkLzEvaWZlMUdGTjFQa3BZazlYeVF2TTExSkZBMjVVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYEKgy2QgAD BwAqDLZCGgkwDQYJKoZIhvcNAQELBQADggEBAH/HPgFTRnux7xf8kG/1OFar4Hse 3BFzA/MVBAVyYI0paRZz1MMtOfnhz6CPcjbJq1ekxI8jayb5xgmiI3VgPxG18BPl wCxTT476eVS3xMAOYaUnl83KzbeiUJWfcT6xmG0vw/5czyHBuG1FjJrEWIDs9Jdk 3G/b3HsazfVYPXDaL+Co++KW0jpYYSZkxpVF0h3XTYTuY3UW4zqlLAAoFpBxiHt0 6qduxOZ+sdJfH1P7va7MFYu5EhNNAPEb5qVewfbkRF+OE+mbVbvZiox1qhPaXc79 DS5dvj+Qjd8Axxv2fI1q9P9qELh2CkRYdIpLp0H+APyacReJvc3AQRClY3g= -----END CERTIFICATE-----Generated at Tue Jan 20 02:46:27 2026 by rpki-client