This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/18bb5f-9076-42fa-9f8f-33b8c1f7d127/1/jkMi5Y3UFgCK0cn1sZkX8r-KP9c.roa File: jkMi5Y3UFgCK0cn1sZkX8r-KP9c.roa (raw, json) Hash identifier: EXEli+Wg6YA+EC4JraUO/Ed+rqcKD/n9lm13wWOUAkY= Subject key identifier: 8E:43:22:E5:8D:D4:16:00:8A:D1:C9:F5:B1:99:17:F2:BF:8A:3F:D7 Certificate issuer: /CN=9f5e4ff2cee4db7a95bcf2a3ad11c947575bb1a6 Certificate serial: 019B7B36956796F5883AB76F077B51D820C1 Authority key identifier: 9F:5E:4F:F2:CE:E4:DB:7A:95:BC:F2:A3:AD:11:C9:47:57:5B:B1:A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n15P8s7k23qVvPKjrRHJR1dbsaY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/18bb5f-9076-42fa-9f8f-33b8c1f7d127/1/jkMi5Y3UFgCK0cn1sZkX8r-KP9c.roa Signing time: Thu 01 Jan 2026 20:18:53 +0000 ROA not before: Thu 01 Jan 2026 20:18:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 213.156.160.0/24 maxlen: 24 213.156.161.0/24 maxlen: 24 213.156.162.0/24 maxlen: 24 213.156.163.0/24 maxlen: 24 213.156.164.0/24 maxlen: 24 213.156.165.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/18bb5f-9076-42fa-9f8f-33b8c1f7d127/1/n15P8s7k23qVvPKjrRHJR1dbsaY.crl rsync://rpki.ripe.net/repository/DEFAULT/70/18bb5f-9076-42fa-9f8f-33b8c1f7d127/1/n15P8s7k23qVvPKjrRHJR1dbsaY.mft rsync://rpki.ripe.net/repository/DEFAULT/n15P8s7k23qVvPKjrRHJR1dbsaY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 12:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:95:67:96:f5:88:3a:b7:6f:07:7b:51:d8:20:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f5e4ff2cee4db7a95bcf2a3ad11c947575bb1a6 Validity Not Before: Jan 1 20:18:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8e4322e58dd416008ad1c9f5b19917f2bf8a3fd7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a0:1a:47:71:73:1c:b5:7c:ae:79:9d:ea:3d: ad:0e:b4:49:ba:33:f3:14:24:fd:d4:45:ce:63:46: 31:f6:2a:fb:da:57:68:15:fe:59:b2:26:0f:b1:95: 60:87:40:f2:a3:34:f9:eb:93:bf:2b:f1:89:26:a1: de:1b:3a:c0:02:9c:01:36:e1:ba:6f:3f:31:ad:e7: b7:b7:22:1a:ae:62:03:29:5f:13:cc:5a:f5:5b:cd: 51:fe:92:71:77:f2:57:b3:2a:64:94:2b:1b:01:32: fd:0b:12:87:46:fe:fd:55:01:24:a9:6c:1c:44:0c: e4:2e:35:9b:c8:8d:6c:c0:d6:92:5c:0d:54:66:83: 35:d0:c0:ad:5b:a5:41:de:2f:85:77:e1:8e:bc:f9: 6f:f3:be:aa:71:9b:f6:36:49:c1:ad:b9:20:bc:44: 77:f3:67:3f:a8:a6:d2:74:89:ca:f5:c1:87:f1:94: 63:f8:ca:8a:56:e1:1f:9b:c2:9f:1c:e2:76:82:1f: fb:6a:cc:32:9b:4d:be:77:86:1d:5b:bb:9c:ff:63: 99:07:67:74:da:11:00:a0:9c:74:7b:5f:b1:e8:65: f6:f4:cf:f7:2c:c4:8b:a2:d2:7d:10:fb:53:1a:98: fa:0a:05:81:98:fe:fe:a3:a1:53:8a:0b:f4:84:5b: 69:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:43:22:E5:8D:D4:16:00:8A:D1:C9:F5:B1:99:17:F2:BF:8A:3F:D7 X509v3 Authority Key Identifier: keyid:9F:5E:4F:F2:CE:E4:DB:7A:95:BC:F2:A3:AD:11:C9:47:57:5B:B1:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n15P8s7k23qVvPKjrRHJR1dbsaY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/18bb5f-9076-42fa-9f8f-33b8c1f7d127/1/jkMi5Y3UFgCK0cn1sZkX8r-KP9c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/18bb5f-9076-42fa-9f8f-33b8c1f7d127/1/n15P8s7k23qVvPKjrRHJR1dbsaY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.156.160.0-213.156.165.255 Signature Algorithm: sha256WithRSAEncryption 02:a4:6d:e2:a4:44:b4:a6:32:12:fd:80:ec:2a:d1:73:99:90: 56:97:b6:37:42:9b:41:ba:73:b7:81:35:ce:94:f1:23:3d:ad: d5:c2:0b:ba:fa:39:4a:91:a0:ce:c7:d7:e3:89:9f:7f:20:ac: 6c:89:66:54:06:ec:fd:4f:b9:7e:21:05:03:95:5c:56:e0:f0: 3d:bd:f6:5a:4b:d6:6d:bd:eb:0e:a4:c9:41:15:ef:fc:07:ca: 35:80:a9:57:12:c7:90:b3:6c:33:ee:db:2c:b9:01:eb:e6:3f: d5:a4:89:01:f4:da:c5:16:fa:0b:a8:d2:4e:28:54:7f:38:84: b4:fe:e2:33:45:c9:07:cf:62:bc:e5:ee:be:1a:97:20:33:80: b3:7f:6b:38:a6:da:a8:4a:36:9a:37:f8:e6:d7:49:78:36:b0: 1b:5e:d4:42:d5:77:49:1a:a8:db:ea:db:bc:bd:de:ee:ed:c0: 41:fb:59:a6:2f:3e:3a:b3:c0:18:53:18:a1:83:cb:2a:e3:9f: de:5f:8e:61:ab:55:cb:e6:7d:49:a6:22:30:27:bc:81:e6:41: 29:97:e4:06:af:98:1c:7d:cc:7e:ae:ef:85:a3:1d:17:1e:ce: 8c:5a:32:d5:c4:b8:b2:81:2b:d7:25:a4:ab:84:15:5a:23:b6: c2:2d:2b:98 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt7NpVnlvWIOrdvB3tR2CDBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmNWU0ZmYyY2VlNGRiN2E5NWJjZjJhM2FkMTFjOTQ3NTc1 YmIxYTYwHhcNMjYwMTAxMjAxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZTQzMjJlNThkZDQxNjAwOGFkMWM5ZjViMTk5MTdmMmJmOGEzZmQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6AaR3FzHLV8rnmd6j2tDrRJujPz FCT91EXOY0Yx9ir72ldoFf5ZsiYPsZVgh0DyozT565O/K/GJJqHeGzrAApwBNuG6 bz8xree3tyIarmIDKV8TzFr1W81R/pJxd/JXsypklCsbATL9CxKHRv79VQEkqWwc RAzkLjWbyI1swNaSXA1UZoM10MCtW6VB3i+Fd+GOvPlv876qcZv2NknBrbkgvER3 82c/qKbSdInK9cGH8ZRj+MqKVuEfm8KfHOJ2gh/7aswym02+d4YdW7uc/2OZB2d0 2hEAoJx0e1+x6GX29M/3LMSLotJ9EPtTGpj6CgWBmP7+o6FTigv0hFtpLwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFI5DIuWN1BYAitHJ9bGZF/K/ij/XMB8GA1UdIwQY MBaAFJ9eT/LO5Nt6lbzyo60RyUdXW7GmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbjE1UDhzN2syM3FWdlBLanJSSEpSMWRic2FZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8xOGJiNWYtOTA3Ni00MmZhLTlmOGYt MzNiOGMxZjdkMTI3LzEvamtNaTVZM1VGZ0NLMGNuMXNaa1g4ci1LUDljLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC8xOGJiNWYtOTA3Ni00MmZhLTlmOGYtMzNiOGMxZjdkMTI3 LzEvbjE1UDhzN2syM3FWdlBLanJSSEpSMWRic2FZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAXVnKAD BAHVnKQwDQYJKoZIhvcNAQELBQADggEBAAKkbeKkRLSmMhL9gOwq0XOZkFaXtjdC m0G6c7eBNc6U8SM9rdXCC7r6OUqRoM7H1+OJn38grGyJZlQG7P1PuX4hBQOVXFbg 8D299lpL1m296w6kyUEV7/wHyjWAqVcSx5CzbDPu2yy5AevmP9WkiQH02sUW+guo 0k4oVH84hLT+4jNFyQfPYrzl7r4alyAzgLN/azim2qhKNpo3+ObXSXg2sBte1ELV d0kaqNvq27y93u7twEH7WaYvPjqzwBhTGKGDyyrjn95fjmGrVcvmfUmmIjAnvIHm QSmX5AavmBx9zH6u74WjHRcezoxaMtXEuLKBK9clpKuEFVojtsItK5g= -----END CERTIFICATE-----Generated at Fri Jan 2 16:08:11 2026 by rpki-client