This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/A1eZJtUjyKv06WHyf8x4k743RtQ.roa File: A1eZJtUjyKv06WHyf8x4k743RtQ.roa (raw, json) Hash identifier: IeB93IhtURuwSeN4r6cloy6OZlvE056RzukwMrpz52Q= Subject key identifier: 03:57:99:26:D5:23:C8:AB:F4:E9:61:F2:7F:CC:78:93:BE:37:46:D4 Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4 Certificate serial: 019B77C69E290F584F1DB10EF00D39F6BD84 Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/A1eZJtUjyKv06WHyf8x4k743RtQ.roa Signing time: Thu 01 Jan 2026 04:17:43 +0000 ROA not before: Thu 01 Jan 2026 04:17:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49478 IP address blocks: 109.248.252.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.mft rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:9e:29:0f:58:4f:1d:b1:0e:f0:0d:39:f6:bd:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4 Validity Not Before: Jan 1 04:17:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=03579926d523c8abf4e961f27fcc7893be3746d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:94:71:34:81:cf:5f:a8:0d:91:09:c9:92:33: c7:c3:c0:d2:9e:7a:ea:f4:a3:91:a7:61:50:d6:08: 80:4b:a3:b6:1b:82:7f:e9:6f:95:80:b8:91:9d:78: 4e:be:7a:1d:78:73:ab:ca:4e:b1:2a:53:41:c6:1a: 86:9c:e7:a5:d9:30:38:fc:46:2b:3a:81:3d:d4:6f: 5e:31:50:fc:68:24:3f:b5:ae:c5:19:88:1a:b4:23: 23:2d:7b:01:6a:b4:61:da:85:2b:f9:83:e1:bd:b5: a1:65:c5:7f:65:6a:d9:7a:0c:62:0c:c0:12:ec:ad: cc:80:1b:85:0d:f3:fc:5d:06:94:0f:f5:ad:c1:dd: 5c:0f:ed:00:29:6d:ae:88:af:27:83:2b:23:4e:03: b7:7a:54:d8:65:3c:01:00:14:3b:ec:28:cd:62:7d: 2e:86:3b:64:ce:bd:83:58:f3:af:14:68:62:8a:3b: 3a:19:ef:06:a6:9b:cc:0b:e5:75:b5:b2:93:0d:97: 5b:45:6a:e3:77:2f:1c:05:66:7f:db:61:96:32:f0: 82:4e:0f:41:af:c2:1e:21:03:3c:9d:e6:8f:d7:17: 60:1c:bd:ce:65:8f:b7:fe:c9:24:d7:28:fe:f7:0b: 65:ef:9f:1a:e2:75:35:92:2e:df:3d:e8:c9:0a:9a: 09:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:57:99:26:D5:23:C8:AB:F4:E9:61:F2:7F:CC:78:93:BE:37:46:D4 X509v3 Authority Key Identifier: keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/A1eZJtUjyKv06WHyf8x4k743RtQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.248.252.0/23 Signature Algorithm: sha256WithRSAEncryption 35:aa:c1:d6:e2:9a:96:57:bd:61:0b:aa:9b:0c:ea:96:76:64: b0:f6:c1:7f:ee:f8:9d:b8:bb:5a:36:56:52:49:51:5f:20:82: e5:25:a9:c2:0a:c5:3c:70:cf:4b:7e:aa:d6:ea:42:d2:d4:16: 83:27:b4:38:4b:a3:5b:55:b9:02:df:b9:5f:69:d0:87:34:57: d8:a7:9d:92:ce:1a:4f:0d:59:27:aa:85:33:86:97:2a:56:66: 83:da:98:d1:46:05:2e:ba:41:02:f6:66:b3:cf:29:5a:4b:33: 26:de:79:64:4c:34:e8:ab:83:70:16:7b:14:dc:1e:00:70:18: 33:26:28:90:0d:18:15:db:58:d8:b4:4f:ad:95:3a:b3:32:72: c5:c1:30:63:bc:11:e9:a0:73:9b:4c:a1:52:43:97:a7:02:52: 58:b4:89:81:6d:77:df:0f:0e:fc:2a:68:b4:f4:f3:4c:5c:bd: 03:f2:59:4c:66:8b:05:a7:b5:40:7d:5e:21:c3:e3:7f:ef:ad: 52:2e:eb:53:2e:3e:8b:42:03:39:b4:fa:8c:3a:f2:6f:11:5d: 0e:8d:4e:e5:ba:f2:fd:ec:a9:3f:2f:73:ae:47:52:44:da:cc: 96:db:88:dc:c7:0d:3b:4c:96:74:f8:5a:af:26:96:cc:5f:de: 8c:b7:7b:2e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3xp4pD1hPHbEO8A059r2EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0 MjAzYjQwHhcNMjYwMTAxMDQxNzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMzU3OTkyNmQ1MjNjOGFiZjRlOTYxZjI3ZmNjNzg5M2JlMzc0NmQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JRxNIHPX6gNkQnJkjPHw8DSnnrq 9KORp2FQ1giAS6O2G4J/6W+VgLiRnXhOvnodeHOryk6xKlNBxhqGnOel2TA4/EYr OoE91G9eMVD8aCQ/ta7FGYgatCMjLXsBarRh2oUr+YPhvbWhZcV/ZWrZegxiDMAS 7K3MgBuFDfP8XQaUD/Wtwd1cD+0AKW2uiK8ngysjTgO3elTYZTwBABQ77CjNYn0u hjtkzr2DWPOvFGhiijs6Ge8GppvMC+V1tbKTDZdbRWrjdy8cBWZ/22GWMvCCTg9B r8IeIQM8neaP1xdgHL3OZY+3/skk1yj+9wtl758a4nU1ki7fPejJCpoJhwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFANXmSbVI8ir9Olh8n/MeJO+N0bUMB8GA1UdIwQY MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt MTY2OTljOTZkZDVlLzEvQTFlWkp0VWp5S3YwNldIeWY4eDRrNzQzUnRRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbfj8MA0G CSqGSIb3DQEBCwUAA4IBAQA1qsHW4pqWV71hC6qbDOqWdmSw9sF/7viduLtaNlZS SVFfIILlJanCCsU8cM9LfqrW6kLS1BaDJ7Q4S6NbVbkC37lfadCHNFfYp52SzhpP DVknqoUzhpcqVmaD2pjRRgUuukEC9mazzylaSzMm3nlkTDToq4NwFnsU3B4AcBgz JiiQDRgV21jYtE+tlTqzMnLFwTBjvBHpoHObTKFSQ5enAlJYtImBbXffDw78Kmi0 9PNMXL0D8llMZosFp7VAfV4hw+N/761SLutTLj6LQgM5tPqMOvJvEV0OjU7luvL9 7Kk/L3OuR1JE2syW24jcxw07TJZ0+FqvJpbMX96Mt3su -----END CERTIFICATE-----Generated at Sun Jan 25 22:42:15 2026 by rpki-client