This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/IdpTao3ATxFLpLKZsyUB_imgWAo.roa File: IdpTao3ATxFLpLKZsyUB_imgWAo.roa (raw, json) Hash identifier: 0j6Upko5mn5sECt1nad7rnGDN3WkXCx5FzmWtvfGPKw= Subject key identifier: 21:DA:53:6A:8D:C0:4F:11:4B:A4:B2:99:B3:25:01:FE:29:A0:58:0A Certificate issuer: /CN=9b759ec9ff54de03a7ff3a65edbb2e0758e6878c Certificate serial: 019B7C127F2A039081613FBD611BBDC68B83 Authority key identifier: 9B:75:9E:C9:FF:54:DE:03:A7:FF:3A:65:ED:BB:2E:07:58:E6:87:8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m3Weyf9U3gOn_zpl7bsuB1jmh4w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/IdpTao3ATxFLpLKZsyUB_imgWAo.roa Signing time: Fri 02 Jan 2026 00:19:05 +0000 ROA not before: Fri 02 Jan 2026 00:19:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 164.153.132.0/24 maxlen: 24 164.153.133.0/24 maxlen: 24 164.153.134.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/m3Weyf9U3gOn_zpl7bsuB1jmh4w.crl rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/m3Weyf9U3gOn_zpl7bsuB1jmh4w.mft rsync://rpki.ripe.net/repository/DEFAULT/m3Weyf9U3gOn_zpl7bsuB1jmh4w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 09:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:7f:2a:03:90:81:61:3f:bd:61:1b:bd:c6:8b:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9b759ec9ff54de03a7ff3a65edbb2e0758e6878c Validity Not Before: Jan 2 00:19:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21da536a8dc04f114ba4b299b32501fe29a0580a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:f8:a0:80:0e:c9:26:fe:aa:5c:44:c4:3e:22: ba:94:f2:64:d9:39:4e:ab:3e:f5:1c:62:d4:2a:9e: e5:fd:cf:91:8c:27:b3:66:56:2f:f2:32:6f:23:25: ec:58:55:03:aa:91:ec:42:27:ee:b2:28:b7:54:fc: 63:fc:e7:29:bb:3e:30:30:55:fa:c6:3e:2b:53:0b: 4d:91:6b:d5:75:ba:96:ec:34:99:3f:b1:02:69:f3: c3:dc:4e:ab:0c:b0:aa:4c:80:3f:cd:a7:5e:f9:fe: 1d:0d:de:44:0b:34:e7:c1:a2:4c:60:56:35:39:a5: 90:e7:da:8d:7b:41:8e:fd:10:5f:8e:06:cd:18:02: 06:49:32:53:98:90:ca:c3:68:c0:fc:60:92:d3:03: cd:97:bb:30:0c:72:c2:2c:57:c8:6c:10:40:f5:19: 7f:50:63:19:e0:5d:c7:38:10:f8:30:29:30:72:e6: 54:38:ce:6d:78:44:2f:5a:5d:c2:5c:92:fa:72:53: ef:54:57:ad:ff:e4:01:70:f6:39:d9:cb:9b:23:b6: cd:97:d3:a2:43:07:ca:29:3a:4c:dc:dc:e5:74:fb: 05:dd:b3:d0:97:8b:95:97:c6:56:95:1a:f3:02:92: d7:29:0b:53:ca:8f:1f:f9:3f:08:bf:8a:e2:d3:73: 3a:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:DA:53:6A:8D:C0:4F:11:4B:A4:B2:99:B3:25:01:FE:29:A0:58:0A X509v3 Authority Key Identifier: keyid:9B:75:9E:C9:FF:54:DE:03:A7:FF:3A:65:ED:BB:2E:07:58:E6:87:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m3Weyf9U3gOn_zpl7bsuB1jmh4w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/IdpTao3ATxFLpLKZsyUB_imgWAo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/m3Weyf9U3gOn_zpl7bsuB1jmh4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 164.153.132.0-164.153.134.255 Signature Algorithm: sha256WithRSAEncryption aa:65:42:9b:17:5d:fd:14:d9:83:43:7a:af:cd:23:0d:ca:f8: eb:20:19:66:37:bd:13:7f:ed:de:f7:7c:e3:68:12:c6:92:67: 7b:44:c4:13:09:40:f1:af:9a:bc:a7:e4:d1:3b:2a:f5:1a:f5: 92:21:56:6e:6c:b1:a3:c0:89:37:c0:f4:61:66:93:71:be:79: 02:ca:fa:00:b1:e8:c7:2b:5a:a2:07:3a:91:bd:b6:54:96:64: 39:23:cd:11:1e:74:ee:53:ac:5d:e3:6f:c6:ca:03:0b:91:00: d0:73:2d:57:3e:f8:bd:0e:39:eb:4c:bb:6e:94:2f:29:14:b1: 61:87:e5:db:d3:a8:82:8e:38:53:04:d4:9a:51:8d:72:d9:d6: 93:60:22:5b:f6:a6:d6:11:38:cb:45:70:a2:68:1e:c1:82:87: 62:13:23:f8:07:0e:db:6c:87:64:70:4d:bb:08:34:a5:5c:fb: 12:3f:77:53:68:ec:29:cd:db:4f:3f:4c:a9:42:c9:3d:d9:81: 50:8b:ed:4a:81:d7:6e:a3:72:ef:c7:bd:04:73:69:46:2a:40: 73:37:2c:f1:27:41:67:ff:72:ca:78:c7:a4:61:e4:14:4a:fe: 3a:26:e2:32:33:60:41:55:26:4c:73:89:0b:e6:b3:75:4c:f3: fb:f4:b6:f2 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt8En8qA5CBYT+9YRu9xouDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDliNzU5ZWM5ZmY1NGRlMDNhN2ZmM2E2NWVkYmIyZTA3NThl Njg3OGMwHhcNMjYwMTAyMDAxOTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWRhNTM2YThkYzA0ZjExNGJhNGIyOTliMzI1MDFmZTI5YTA1ODBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/iggA7JJv6qXETEPiK6lPJk2TlO qz71HGLUKp7l/c+RjCezZlYv8jJvIyXsWFUDqpHsQifusii3VPxj/Ocpuz4wMFX6 xj4rUwtNkWvVdbqW7DSZP7ECafPD3E6rDLCqTIA/zade+f4dDd5ECzTnwaJMYFY1 OaWQ59qNe0GO/RBfjgbNGAIGSTJTmJDKw2jA/GCS0wPNl7swDHLCLFfIbBBA9Rl/ UGMZ4F3HOBD4MCkwcuZUOM5teEQvWl3CXJL6clPvVFet/+QBcPY52cubI7bNl9Oi QwfKKTpM3NzldPsF3bPQl4uVl8ZWlRrzApLXKQtTyo8f+T8Iv4ri03M69wIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFCHaU2qNwE8RS6SymbMlAf4poFgKMB8GA1UdIwQY MBaAFJt1nsn/VN4Dp/86Ze27LgdY5oeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbTNXZXlmOVUzZ09uX3pwbDdic3VCMWptaDR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS81YWQ3M2ItZGIxNy00MzIyLWFkZTUt YjlhOWQ4YWU5NDIxLzEvSWRwVGFvM0FUeEZMcExLWnN5VUJfaW1nV0FvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS81YWQ3M2ItZGIxNy00MzIyLWFkZTUtYjlhOWQ4YWU5NDIx LzEvbTNXZXlmOVUzZ09uX3pwbDdic3VCMWptaDR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKkmYQD BACkmYYwDQYJKoZIhvcNAQELBQADggEBAKplQpsXXf0U2YNDeq/NIw3K+OsgGWY3 vRN/7d73fONoEsaSZ3tExBMJQPGvmryn5NE7KvUa9ZIhVm5ssaPAiTfA9GFmk3G+ eQLK+gCx6McrWqIHOpG9tlSWZDkjzREedO5TrF3jb8bKAwuRANBzLVc++L0OOetM u26ULykUsWGH5dvTqIKOOFME1JpRjXLZ1pNgIlv2ptYROMtFcKJoHsGCh2ITI/gH Dttsh2RwTbsINKVc+xI/d1No7CnN208/TKlCyT3ZgVCL7UqB126jcu/HvQRzaUYq QHM3LPEnQWf/csp4x6Rh5BRK/jom4jIzYEFVJkxziQvms3VM8/v0tvI= -----END CERTIFICATE-----Generated at Fri Jan 2 14:22:11 2026 by rpki-client