This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/Ifvi8Rkz_RCT_kQAOoUbVtgRD7U.roa File: Ifvi8Rkz_RCT_kQAOoUbVtgRD7U.roa (raw, json) Hash identifier: GmJT3KMSt6Tc17lIuj5c/Jso9piZJloJhb9qCB+XTkU= Subject key identifier: 21:FB:E2:F1:19:33:FD:10:93:FE:44:00:3A:85:1B:56:D8:11:0F:B5 Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb Certificate serial: 019B7E38FFA769E8357C43CC043DD0675BBA Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/Ifvi8Rkz_RCT_kQAOoUbVtgRD7U.roa Signing time: Fri 02 Jan 2026 10:20:23 +0000 ROA not before: Fri 02 Jan 2026 10:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202 IP address blocks: 91.205.116.0/22 maxlen: 24 109.234.0.0/21 maxlen: 24 185.148.224.0/22 maxlen: 24 193.242.174.0/23 maxlen: 24 2a07:6200:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.mft rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 15:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:ff:a7:69:e8:35:7c:43:cc:04:3d:d0:67:5b:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb Validity Not Before: Jan 2 10:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21fbe2f11933fd1093fe44003a851b56d8110fb5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:aa:77:29:4c:89:79:29:de:a3:68:09:87:7c: b7:5d:41:90:9b:c7:ba:f8:7b:51:b8:1b:d2:75:3a: 91:94:5e:49:76:9f:af:f2:86:d7:76:68:75:0f:67: 75:ae:19:c7:55:87:f2:84:1d:6d:68:f0:8c:5e:1f: e1:3b:a7:3d:09:0f:47:27:18:4d:db:13:53:eb:1c: d3:43:83:a3:9f:5a:75:29:e8:67:2b:d7:68:7f:7b: 65:84:30:58:3f:70:41:b8:6e:70:c0:7b:f1:8a:2e: fe:17:9e:5c:d1:db:fc:be:a2:49:97:a5:16:f3:ae: 0a:a6:a8:a9:e2:e7:9d:07:ca:66:e2:46:aa:32:5e: 66:00:cd:bd:95:b9:8a:c5:83:f7:cd:49:72:f6:2b: 0c:1c:cc:f3:95:bc:de:aa:8e:60:d8:03:44:8f:49: b1:53:d3:c6:38:0a:84:67:bf:c6:c8:97:87:c1:08: 95:49:39:66:f6:1a:b7:0e:3f:2c:15:5f:e5:ba:30: 06:72:aa:ce:c4:63:17:cf:10:fc:0c:e6:a3:21:5d: 1c:ca:2c:28:9b:05:54:df:dc:1e:69:fa:b1:8a:90: 12:13:65:53:a1:88:a0:81:44:5f:b5:72:27:18:92: db:eb:b1:48:3b:9e:6a:be:5d:31:1c:b3:cf:e0:a2: 47:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:FB:E2:F1:19:33:FD:10:93:FE:44:00:3A:85:1B:56:D8:11:0F:B5 X509v3 Authority Key Identifier: keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/Ifvi8Rkz_RCT_kQAOoUbVtgRD7U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.205.116.0/22 109.234.0.0/21 185.148.224.0/22 193.242.174.0/23 IPv6: 2a07:6200:1::/48 Signature Algorithm: sha256WithRSAEncryption 71:79:77:e1:ab:b5:cf:2d:7b:a0:74:9f:82:7c:a8:ba:f4:b2: 3f:82:fd:cf:ca:6f:4f:91:4c:bf:2b:16:eb:0f:d1:65:76:ea: 36:d3:2c:c7:8f:30:92:f4:38:ad:1b:f6:dd:52:7d:6e:f1:77: b9:54:d9:f6:8a:fd:b6:4f:0f:7d:3d:b1:3b:c7:b0:fa:99:0a: b8:da:f0:ad:e6:2d:76:2a:24:7f:e7:05:b1:e8:d2:ec:16:ae: 46:e9:09:34:e5:ca:27:7b:7f:21:9c:2d:f1:f1:f6:f2:85:b4: 39:f5:fb:8f:65:04:c6:18:89:26:a2:fd:75:3f:3d:22:b2:5b: e3:13:0f:5a:5e:c5:39:f9:7e:a1:40:62:10:5a:28:df:70:11: ba:5a:e7:30:91:d0:f5:17:43:cb:7e:33:59:b8:5e:c0:9d:42: 92:4f:46:65:08:a4:30:70:37:c0:e5:d2:11:80:10:92:c5:72: aa:e3:e3:56:e2:cf:db:22:89:6f:69:3f:f3:ba:f5:b8:ac:6b: 2d:be:af:a8:df:b4:ef:41:e4:a1:ab:ab:e9:b8:0a:9d:50:b9: e1:a2:fa:4e:7e:bf:53:b6:8f:38:f2:80:de:c0:43:c0:c8:52: 7e:d8:81:e3:66:f5:8f:d8:a0:d3:ba:40:4f:c8:fb:cf:07:f4: 89:4b:44:6e -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZt+OP+naeg1fEPMBD3QZ1u6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0 NTBhZWIwHhcNMjYwMTAyMTAyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWZiZTJmMTE5MzNmZDEwOTNmZTQ0MDAzYTg1MWI1NmQ4MTEwZmI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqp3KUyJeSneo2gJh3y3XUGQm8e6 +HtRuBvSdTqRlF5Jdp+v8obXdmh1D2d1rhnHVYfyhB1taPCMXh/hO6c9CQ9HJxhN 2xNT6xzTQ4Ojn1p1KehnK9dof3tlhDBYP3BBuG5wwHvxii7+F55c0dv8vqJJl6UW 864Kpqip4uedB8pm4kaqMl5mAM29lbmKxYP3zUly9isMHMzzlbzeqo5g2ANEj0mx U9PGOAqEZ7/GyJeHwQiVSTlm9hq3Dj8sFV/lujAGcqrOxGMXzxD8DOajIV0cyiwo mwVU39weafqxipASE2VToYiggURftXInGJLb67FIO55qvl0xHLPP4KJHAwIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFCH74vEZM/0Qk/5EADqFG1bYEQ+1MB8GA1UdIwQY MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt YTRkYjM5NmM4OTg3LzEvSWZ2aThSa3pfUkNUX2tRQU9vVWJWdGdSRDdVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3 LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCW810AwQD beoAAwQCuZTgAwQBwfKuMA8EAgACMAkDBwAqB2IAAAEwDQYJKoZIhvcNAQELBQAD ggEBAHF5d+Grtc8te6B0n4J8qLr0sj+C/c/Kb0+RTL8rFusP0WV26jbTLMePMJL0 OK0b9t1SfW7xd7lU2faK/bZPD309sTvHsPqZCrja8K3mLXYqJH/nBbHo0uwWrkbp CTTlyid7fyGcLfHx9vKFtDn1+49lBMYYiSai/XU/PSKyW+MTD1pexTn5fqFAYhBa KN9wEbpa5zCR0PUXQ8t+M1m4XsCdQpJPRmUIpDBwN8Dl0hGAEJLFcqrj41biz9si iW9pP/O69bisay2+r6jftO9B5KGrq+m4Cp1QueGi+k5+v1O2jzjygN7AQ8DIUn7Y geNm9Y/YoNO6QE/I+88H9IlLRG4= -----END CERTIFICATE-----Generated at Tue Jan 20 23:14:24 2026 by rpki-client