This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/aKfQ-5lMgYP0JI0A9n1qEYkxhDQ.roa File: aKfQ-5lMgYP0JI0A9n1qEYkxhDQ.roa (raw, json) Hash identifier: r2Wo2GFq531NFIKM8VlPd5aTqIW84E3DIi1eqRZI5bQ= Subject key identifier: 68:A7:D0:FB:99:4C:81:83:F4:24:8D:00:F6:7D:6A:11:89:31:84:34 Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6 Certificate serial: 019B7CED9B8200AC71EC70DFE817ED40B29D Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/aKfQ-5lMgYP0JI0A9n1qEYkxhDQ.roa Signing time: Fri 02 Jan 2026 04:18:25 +0000 ROA not before: Fri 02 Jan 2026 04:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202320 IP address blocks: 147.234.21.0/24 maxlen: 24 147.234.21.0/25 maxlen: 25 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.mft rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:9b:82:00:ac:71:ec:70:df:e8:17:ed:40:b2:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6 Validity Not Before: Jan 2 04:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=68a7d0fb994c8183f4248d00f67d6a1189318434 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:e0:e7:07:ab:07:98:5d:af:7b:0f:6f:8b:84: 9d:63:b3:a2:4e:1f:57:f0:48:65:2c:84:5d:c6:e4: fd:a2:ea:c0:f9:72:56:73:50:ce:70:59:80:80:ac: 25:bb:db:2e:3b:b9:f0:96:e3:c5:36:28:58:c7:ec: 8f:4b:bc:e6:6f:54:b2:98:24:e7:a0:36:05:d8:c8: b6:40:ff:4a:1b:60:35:23:2e:77:35:36:6d:5a:8e: 5d:80:4e:e0:fe:bd:25:91:32:e5:04:f7:ca:28:f8: dd:56:69:ea:d7:41:43:94:63:ad:12:eb:9d:64:fb: 5b:e8:25:74:64:c4:41:45:64:f0:57:65:23:37:56: d1:aa:90:03:06:c8:b2:62:37:7d:6c:5c:1e:07:b5: e1:6c:13:d9:25:d7:b9:ed:47:14:84:b1:fc:6e:2b: 5b:9b:01:6b:7c:eb:06:16:5b:7b:12:d8:01:a0:31: 24:ca:5d:0f:f3:5e:5f:95:ab:a4:88:38:92:60:a5: 01:cb:c5:6d:98:62:a9:fc:00:aa:cf:23:8a:c1:8b: 15:7f:b5:9a:0a:63:6d:35:53:38:18:8b:a0:e4:7a: ad:d3:50:6c:99:88:35:ca:c0:65:d6:d5:f9:74:5e: 35:33:00:44:e9:52:66:23:a9:81:e2:6f:1c:b7:6b: ff:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:A7:D0:FB:99:4C:81:83:F4:24:8D:00:F6:7D:6A:11:89:31:84:34 X509v3 Authority Key Identifier: keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/aKfQ-5lMgYP0JI0A9n1qEYkxhDQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 147.234.21.0/24 Signature Algorithm: sha256WithRSAEncryption 0e:41:41:69:51:c7:a0:02:75:8b:ff:36:0c:cd:fd:99:de:60: 7a:fe:f4:82:8a:64:91:8f:25:6d:fa:4c:68:de:29:f8:2a:91: 13:08:c5:c3:52:11:cc:ea:9d:a5:c3:50:77:d8:de:22:ff:b6: bd:68:1c:37:f0:9f:a1:a1:24:0e:88:c1:7e:56:f5:65:fa:f3: 51:fc:8d:52:50:10:3c:4d:09:b4:a5:9d:a6:af:59:5d:8d:8a: bb:0c:f1:7b:ba:a8:9d:a6:77:b6:72:a3:f0:61:21:7f:b0:87: 1c:c1:3c:2c:4d:67:ea:cd:b1:bb:18:71:da:52:77:00:48:35: 70:c1:38:bc:29:6e:8b:bb:1f:9c:32:be:93:48:34:d9:51:d7: 62:eb:3c:7e:3d:af:69:09:ad:74:e6:db:a4:d8:8b:4e:cf:c0: 9b:9d:a5:c7:d1:66:27:08:03:f3:6b:57:3b:0d:49:49:6d:d3: eb:ee:4c:07:09:93:47:96:60:9a:9c:54:9c:2e:e5:b1:1c:8f: 6b:6e:bb:61:cb:e6:d9:ed:3b:e9:d7:ec:83:6a:1a:ab:d3:c0: 75:df:c7:d7:fc:b7:af:23:ca:c9:ab:6d:30:70:21:58:c4:5d: 3d:ef:24:a6:76:88:9b:a5:c9:0d:36:71:5a:bd:ec:93:67:04: c8:44:8a:f5 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87ZuCAKxx7HDf6BftQLKdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi NDUwZTYwHhcNMjYwMTAyMDQxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OGE3ZDBmYjk5NGM4MTgzZjQyNDhkMDBmNjdkNmExMTg5MzE4NDM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteDnB6sHmF2vew9vi4SdY7OiTh9X 8EhlLIRdxuT9ourA+XJWc1DOcFmAgKwlu9suO7nwluPFNihYx+yPS7zmb1SymCTn oDYF2Mi2QP9KG2A1Iy53NTZtWo5dgE7g/r0lkTLlBPfKKPjdVmnq10FDlGOtEuud ZPtb6CV0ZMRBRWTwV2UjN1bRqpADBsiyYjd9bFweB7XhbBPZJde57UcUhLH8bitb mwFrfOsGFlt7EtgBoDEkyl0P815flaukiDiSYKUBy8VtmGKp/ACqzyOKwYsVf7Wa CmNtNVM4GIug5Hqt01BsmYg1ysBl1tX5dF41MwBE6VJmI6mB4m8ct2v/9wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGin0PuZTIGD9CSNAPZ9ahGJMYQ0MB8GA1UdIwQY MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt NDQzMzIyOWE4NDczLzEvYUtmUS01bE1nWVAwSkkwQTluMXFFWWt4aERRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk+oVMA0G CSqGSIb3DQEBCwUAA4IBAQAOQUFpUcegAnWL/zYMzf2Z3mB6/vSCimSRjyVt+kxo 3in4KpETCMXDUhHM6p2lw1B32N4i/7a9aBw38J+hoSQOiMF+VvVl+vNR/I1SUBA8 TQm0pZ2mr1ldjYq7DPF7uqidpne2cqPwYSF/sIccwTwsTWfqzbG7GHHaUncASDVw wTi8KW6Lux+cMr6TSDTZUddi6zx+Pa9pCa105tuk2ItOz8CbnaXH0WYnCAPza1c7 DUlJbdPr7kwHCZNHlmCanFScLuWxHI9rbrthy+bZ7Tvp1+yDahqr08B138fX/Lev I8rJq20wcCFYxF097ySmdoibpckNNnFaveyTZwTIRIr1 -----END CERTIFICATE-----Generated at Mon Jan 26 23:46:06 2026 by rpki-client