This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ivG7FB0OuHZtaPx3ueruCQJm-VI.roa File: ivG7FB0OuHZtaPx3ueruCQJm-VI.roa (raw, json) Hash identifier: 5+fSISaJZ6MVlJNLKKnuDnQodZYydtzTRLt+3siDb90= Subject key identifier: 8A:F1:BB:14:1D:0E:B8:76:6D:68:FC:77:B9:EA:EE:09:02:66:F9:52 Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664 Certificate serial: 019B7A5B34B8EE3A114C3350F75D14A6FD25 Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ivG7FB0OuHZtaPx3ueruCQJm-VI.roa Signing time: Thu 01 Jan 2026 16:19:16 +0000 ROA not before: Thu 01 Jan 2026 16:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206150 IP address blocks: 2a0e:d781::/32 maxlen: 48 2a0e:d782::/32 maxlen: 48 2a0e:d783::/32 maxlen: 48 2a11:f883::/32 maxlen: 48 2a11:f884::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:34:b8:ee:3a:11:4c:33:50:f7:5d:14:a6:fd:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664 Validity Not Before: Jan 1 16:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8af1bb141d0eb8766d68fc77b9eaee090266f952 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:18:73:90:18:8b:19:0b:8c:60:9e:bd:2d:f5: 2c:63:d2:ba:94:7e:99:bf:56:5b:e8:35:db:32:10: 61:b2:52:0a:f6:fe:0d:1d:73:0e:0c:d6:10:cb:dc: d9:34:37:64:81:aa:2c:e9:ca:c9:bb:e0:63:ee:9c: cf:b7:f3:e8:4a:9e:b9:d3:85:43:bc:55:a6:d1:36: 96:40:fc:b9:79:0d:34:f5:55:78:f8:85:8b:29:02: f4:3c:73:28:a9:cf:37:43:63:0e:f0:9c:d2:77:ad: c5:b9:ab:43:17:95:d2:fe:03:e4:f1:ba:99:f8:f6: d2:ff:06:51:cb:28:34:dc:f7:2a:7b:12:89:1a:d6: 39:25:85:a7:53:44:ce:81:e4:aa:81:f4:7f:08:19: 24:4c:b7:c5:7b:a9:58:69:bb:f6:15:c2:00:30:cc: 50:4e:87:f4:b4:01:4b:c8:9e:f2:db:21:32:51:8b: eb:f4:54:33:15:0e:ad:76:2a:ae:b6:d6:da:a9:9a: ef:33:b4:79:1d:b3:c9:56:67:76:90:f4:cc:b3:f8: 50:d1:21:b5:43:13:c5:2d:64:ec:95:b2:d8:b2:48: 3a:88:2e:38:62:e4:2d:1e:4b:d7:12:21:95:7f:9b: 7c:cd:d0:ff:6d:7b:23:88:f6:e5:5a:8f:26:da:6b: a7:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:F1:BB:14:1D:0E:B8:76:6D:68:FC:77:B9:EA:EE:09:02:66:F9:52 X509v3 Authority Key Identifier: keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/ivG7FB0OuHZtaPx3ueruCQJm-VI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:d781::-2a0e:d783:ffff:ffff:ffff:ffff:ffff:ffff 2a11:f883::-2a11:f884:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 2b:3a:01:22:79:4c:47:73:d2:51:2b:c0:fd:32:d5:b9:b2:bc: 93:c6:4e:82:ce:41:15:c1:5f:a9:28:44:f3:e1:39:25:b1:e3: 3a:5e:30:09:71:04:01:69:34:2b:80:fd:1c:e9:47:8e:1a:18: ad:62:eb:89:6c:d0:b2:5b:2c:e6:7c:77:7e:be:2d:17:9c:e4: 72:60:0e:97:08:7c:a8:76:57:5f:07:05:12:b2:f6:90:62:2b: 78:e0:de:dd:0b:2a:83:b1:8f:cf:0d:04:b7:e5:44:52:c0:42: aa:15:26:12:bc:3b:f5:53:c1:54:c2:eb:b7:7d:a4:6a:5b:ed: 28:09:aa:87:52:b8:f7:39:34:63:0e:e4:19:c4:7c:5a:9f:5a: 86:37:b8:0e:55:d5:61:d3:8c:ce:25:3f:ab:b5:cc:d5:d7:f7: 01:9b:dc:42:d8:2b:b4:46:12:61:88:bd:98:f1:b7:57:94:0d: 4c:6b:d2:67:42:be:0a:d3:8d:41:04:39:f0:66:3a:e8:ed:37: 37:11:9a:ce:31:31:cf:b1:18:1e:8e:c3:fa:61:3a:1f:06:1e: 27:b4:4d:04:fa:ab:df:9e:0b:73:13:88:66:4c:a6:25:a0:ff: 64:3c:e5:46:3b:58:12:35:33:dc:d9:a8:02:0f:14:b2:47:35: e5:81:59:ee -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt6WzS47joRTDNQ910Upv0lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl NzM2NjQwHhcNMjYwMTAxMTYxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YWYxYmIxNDFkMGViODc2NmQ2OGZjNzdiOWVhZWUwOTAyNjZmOTUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBhzkBiLGQuMYJ69LfUsY9K6lH6Z v1Zb6DXbMhBhslIK9v4NHXMODNYQy9zZNDdkgaos6crJu+Bj7pzPt/PoSp6504VD vFWm0TaWQPy5eQ009VV4+IWLKQL0PHMoqc83Q2MO8JzSd63FuatDF5XS/gPk8bqZ +PbS/wZRyyg03PcqexKJGtY5JYWnU0TOgeSqgfR/CBkkTLfFe6lYabv2FcIAMMxQ Tof0tAFLyJ7y2yEyUYvr9FQzFQ6tdiquttbaqZrvM7R5HbPJVmd2kPTMs/hQ0SG1 QxPFLWTslbLYskg6iC44YuQtHkvXEiGVf5t8zdD/bXsjiPblWo8m2mun+wIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFIrxuxQdDrh2bWj8d7nq7gkCZvlSMB8GA1UdIwQY MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt OGMxNTM5NjViYWM5LzEvaXZHN0ZCME91SFp0YVB4M3VlcnVDUUptLVZJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5 LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgMA4DBQAqDteB AwUCKg7XgDAOAwUAKhH4gwMFACoR+IQwDQYJKoZIhvcNAQELBQADggEBACs6ASJ5 TEdz0lErwP0y1bmyvJPGToLOQRXBX6koRPPhOSWx4zpeMAlxBAFpNCuA/RzpR44a GK1i64ls0LJbLOZ8d36+LRec5HJgDpcIfKh2V18HBRKy9pBiK3jg3t0LKoOxj88N BLflRFLAQqoVJhK8O/VTwVTC67d9pGpb7SgJqodSuPc5NGMO5BnEfFqfWoY3uA5V 1WHTjM4lP6u1zNXX9wGb3ELYK7RGEmGIvZjxt1eUDUxr0mdCvgrTjUEEOfBmOujt NzcRms4xMc+xGB6Ow/phOh8GHie0TQT6q9+eC3MTiGZMpiWg/2Q85UY7WBI1M9zZ qAIPFLJHNeWBWe4= -----END CERTIFICATE-----Generated at Mon Jan 19 20:01:05 2026 by rpki-client