This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/01b5af-b777-4b59-a5b2-5e97f4a512e5/1/iZokYiXVlyx5GvNo1Dzn4LTps70.roa File: iZokYiXVlyx5GvNo1Dzn4LTps70.roa (raw, json) Hash identifier: qi0aecrIUgmskCKuXu+osfwffjV8gg8iqbSuDQ82uKM= Subject key identifier: 89:9A:24:62:25:D5:97:2C:79:1A:F3:68:D4:3C:E7:E0:B4:E9:B3:BD Certificate issuer: /CN=d23708099f7a205564b5f8e05d217bd2fae4de88 Certificate serial: 019B7A5B71F7C7AA39DDCFF407ED2BE46638 Authority key identifier: D2:37:08:09:9F:7A:20:55:64:B5:F8:E0:5D:21:7B:D2:FA:E4:DE:88 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0jcICZ96IFVktfjgXSF70vrk3og.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/01b5af-b777-4b59-a5b2-5e97f4a512e5/1/iZokYiXVlyx5GvNo1Dzn4LTps70.roa Signing time: Thu 01 Jan 2026 16:19:31 +0000 ROA not before: Thu 01 Jan 2026 16:19:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58132 IP address blocks: 2001:678:594::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/01b5af-b777-4b59-a5b2-5e97f4a512e5/1/0jcICZ96IFVktfjgXSF70vrk3og.crl rsync://rpki.ripe.net/repository/DEFAULT/58/01b5af-b777-4b59-a5b2-5e97f4a512e5/1/0jcICZ96IFVktfjgXSF70vrk3og.mft rsync://rpki.ripe.net/repository/DEFAULT/0jcICZ96IFVktfjgXSF70vrk3og.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 13:16:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:71:f7:c7:aa:39:dd:cf:f4:07:ed:2b:e4:66:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d23708099f7a205564b5f8e05d217bd2fae4de88 Validity Not Before: Jan 1 16:19:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=899a246225d5972c791af368d43ce7e0b4e9b3bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:3a:4f:2d:6f:16:de:7d:8d:4c:ea:a5:65:25: 15:fb:d2:bb:cf:03:ab:25:b0:36:10:40:af:84:9b: a1:96:b6:86:8a:1c:8d:ce:bc:52:08:2f:7d:3d:ac: 7b:d7:c3:e6:e3:39:c3:e7:6d:6b:39:18:02:8a:92: 7d:52:c5:19:c7:0e:29:3b:ac:ab:0a:32:78:09:00: f3:8b:73:70:71:2f:21:e9:b6:50:26:9a:d3:25:1d: 27:9d:a4:25:3f:97:bc:96:17:4f:70:ad:02:ee:8c: 22:bf:eb:4c:bb:bc:50:de:be:47:e5:3d:37:a8:42: 39:2b:32:15:7f:6d:4a:ed:ce:8e:70:54:a6:18:66: d7:87:68:9f:a0:8f:c0:43:b2:e9:86:fb:fb:3d:0b: f7:79:e0:15:9a:8d:4d:80:cb:6c:ce:c7:7d:8c:6a: 80:62:47:4c:dc:d9:65:c3:28:22:94:4b:9c:54:cb: de:52:92:75:c1:c3:77:8f:98:6d:27:81:36:16:4c: 80:5b:0f:56:fd:34:fb:0a:70:35:a1:f4:70:7a:46: c7:1f:59:9c:cb:e6:f0:f6:9b:d4:91:80:25:7a:ca: 85:8f:87:29:97:8c:21:4a:03:e5:42:45:c8:2b:e7: 47:34:e3:a8:8f:0f:e1:7f:6a:1f:f1:d5:1b:ad:08: 38:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:9A:24:62:25:D5:97:2C:79:1A:F3:68:D4:3C:E7:E0:B4:E9:B3:BD X509v3 Authority Key Identifier: keyid:D2:37:08:09:9F:7A:20:55:64:B5:F8:E0:5D:21:7B:D2:FA:E4:DE:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0jcICZ96IFVktfjgXSF70vrk3og.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/01b5af-b777-4b59-a5b2-5e97f4a512e5/1/iZokYiXVlyx5GvNo1Dzn4LTps70.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/01b5af-b777-4b59-a5b2-5e97f4a512e5/1/0jcICZ96IFVktfjgXSF70vrk3og.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:594::/48 Signature Algorithm: sha256WithRSAEncryption f2:8e:28:a5:c1:b7:e0:f6:5f:47:ca:89:b9:94:8f:63:5e:1b: e2:c5:82:4b:f0:d0:da:06:d9:c3:82:56:12:ae:5b:58:30:9d: 0e:ad:e5:d0:db:32:4f:3c:ca:0f:cd:98:a7:7f:df:16:70:b2: 8c:58:c7:d7:cd:55:a1:4c:9e:2f:47:0c:de:38:ff:18:2c:7e: 30:d3:d7:d8:2d:0a:a5:79:86:4a:4d:7d:ff:9b:fc:a7:23:5c: 79:8a:fa:d0:77:17:3a:d0:52:ce:d0:15:b7:57:17:a5:57:a1: 07:13:78:f7:82:fe:7f:f8:c6:18:19:1a:4a:2e:1c:3b:f6:c6: 69:35:b7:ef:b3:2e:9e:55:c4:e7:83:82:24:34:8a:8d:f2:ea: d5:ef:49:78:07:b8:0a:09:21:26:23:57:b3:59:8e:6a:e1:0d: a0:89:25:bc:fc:44:a2:63:9b:0d:10:24:69:af:e8:0a:13:50: 91:cf:8e:14:fb:75:b6:23:6f:4f:4a:d5:ea:c7:d7:28:9e:e0: 86:24:a6:10:c4:b9:58:f8:0e:15:ec:83:d6:a6:9c:c5:40:5b: 21:44:d3:1a:cb:f5:41:21:19:60:ad:ad:88:72:a3:b0:68:08: f1:22:fb:61:e0:ae:5e:65:c3:61:c6:e5:e0:a3:87:a1:63:d4: 1e:ca:19:2a -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt6W3H3x6o53c/0B+0r5GY4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyMzcwODA5OWY3YTIwNTU2NGI1ZjhlMDVkMjE3YmQyZmFl NGRlODgwHhcNMjYwMTAxMTYxOTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OTlhMjQ2MjI1ZDU5NzJjNzkxYWYzNjhkNDNjZTdlMGI0ZTliM2JkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTpPLW8W3n2NTOqlZSUV+9K7zwOr JbA2EECvhJuhlraGihyNzrxSCC99Pax718Pm4znD521rORgCipJ9UsUZxw4pO6yr CjJ4CQDzi3NwcS8h6bZQJprTJR0nnaQlP5e8lhdPcK0C7owiv+tMu7xQ3r5H5T03 qEI5KzIVf21K7c6OcFSmGGbXh2ifoI/AQ7Lphvv7PQv3eeAVmo1NgMtszsd9jGqA YkdM3NllwygilEucVMveUpJ1wcN3j5htJ4E2FkyAWw9W/TT7CnA1ofRwekbHH1mc y+bw9pvUkYAlesqFj4cpl4whSgPlQkXIK+dHNOOojw/hf2of8dUbrQg4eQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFImaJGIl1ZcseRrzaNQ85+C06bO9MB8GA1UdIwQY MBaAFNI3CAmfeiBVZLX44F0he9L65N6IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGpjSUNaOTZJRlZrdGZqZ1hTRjcwdnJrM29nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8wMWI1YWYtYjc3Ny00YjU5LWE1YjIt NWU5N2Y0YTUxMmU1LzEvaVpva1lpWFZseXg1R3ZObzFEem40TFRwczcwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC8wMWI1YWYtYjc3Ny00YjU5LWE1YjItNWU5N2Y0YTUxMmU1 LzEvMGpjSUNaOTZJRlZrdGZqZ1hTRjcwdnJrM29nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAWU MA0GCSqGSIb3DQEBCwUAA4IBAQDyjiilwbfg9l9Hyom5lI9jXhvixYJL8NDaBtnD glYSrltYMJ0OreXQ2zJPPMoPzZinf98WcLKMWMfXzVWhTJ4vRwzeOP8YLH4w09fY LQqleYZKTX3/m/ynI1x5ivrQdxc60FLO0BW3VxelV6EHE3j3gv5/+MYYGRpKLhw7 9sZpNbfvsy6eVcTng4IkNIqN8urV70l4B7gKCSEmI1ezWY5q4Q2giSW8/ESiY5sN ECRpr+gKE1CRz44U+3W2I29PStXqx9conuCGJKYQxLlY+A4V7IPWppzFQFshRNMa y/VBIRlgra2IcqOwaAjxIvth4K5eZcNhxuXgo4ehY9Qeyhkq -----END CERTIFICATE-----Generated at Sat Jan 10 22:07:07 2026 by rpki-client