This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/idlfM82Fr2iEqgL287mHH4YJ-lQ.roa File: idlfM82Fr2iEqgL287mHH4YJ-lQ.roa (raw, json) Hash identifier: 6/kHnBFkLmp/AmtwB9+ufAhbInQWwbrbDZVYs37nBqE= Subject key identifier: 89:D9:5F:33:CD:85:AF:68:84:AA:02:F6:F3:B9:87:1F:86:09:FA:54 Certificate issuer: /CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Certificate serial: 019B7910B3B746B49E90A76B6253847D67E2 Authority key identifier: B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/idlfM82Fr2iEqgL287mHH4YJ-lQ.roa Signing time: Thu 01 Jan 2026 10:18:16 +0000 ROA not before: Thu 01 Jan 2026 10:18:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214481 IP address blocks: 2a12:bec4:12a2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.mft rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:b3:b7:46:b4:9e:90:a7:6b:62:53:84:7d:67:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b37e215a415ed7b5de4b6dc12f2f7b7750c3d66f Validity Not Before: Jan 1 10:18:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=89d95f33cd85af6884aa02f6f3b9871f8609fa54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:03:df:a8:e4:29:2c:be:e5:be:f6:26:df:16: 2d:bb:b3:64:c3:d6:97:5d:5c:04:60:2e:97:52:08: 9d:3b:1f:6b:d5:14:3f:81:2b:ff:c7:36:fe:f2:89: 8a:36:51:67:e3:45:ac:5c:90:84:ae:a8:8c:21:5d: 76:d3:d1:2d:6e:f9:d4:68:00:e4:53:e0:c1:66:6d: 1b:7d:cf:2a:85:1f:ff:17:fe:16:76:06:0e:81:65: 30:e9:2b:63:78:ed:bc:09:0a:a6:01:6f:cd:22:60: 7a:95:22:41:46:74:e3:d0:6b:88:4b:fd:6c:c6:69: 4c:13:c8:be:a2:ba:00:14:e4:94:36:c6:8d:78:10: 3a:a9:33:75:63:21:8c:66:38:14:bc:1d:46:fb:b5: f5:b1:4a:4f:63:40:f4:8e:bc:58:84:89:c5:fc:6d: ac:f7:5d:49:47:0b:00:e6:65:37:2b:35:47:fd:ce: 65:42:eb:04:07:8f:4d:fb:78:9d:a1:58:5b:ae:25: f1:a9:74:e3:dd:c4:0f:1f:9b:62:93:de:cd:77:47: 73:dd:26:60:da:6c:5a:f7:48:7a:7c:19:80:d3:10: bc:46:a2:0f:ae:21:21:09:03:0e:d0:f3:29:ee:dc: ce:8c:19:13:e5:19:4e:6a:f2:ac:b5:a3:a4:02:94: 55:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:D9:5F:33:CD:85:AF:68:84:AA:02:F6:F3:B9:87:1F:86:09:FA:54 X509v3 Authority Key Identifier: keyid:B3:7E:21:5A:41:5E:D7:B5:DE:4B:6D:C1:2F:2F:7B:77:50:C3:D6:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s34hWkFe17XeS23BLy97d1DD1m8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/idlfM82Fr2iEqgL287mHH4YJ-lQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/97f49a-7a95-4dd5-8c74-55369cf507ee/1/s34hWkFe17XeS23BLy97d1DD1m8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a12:bec4:12a2::/48 Signature Algorithm: sha256WithRSAEncryption 06:20:09:76:49:ee:68:65:d8:2d:1d:32:00:b6:53:03:1f:8f: bc:cc:d0:2b:d8:5f:33:aa:8b:e5:e3:92:e1:56:04:c2:0d:82: f8:23:d1:11:d7:b3:33:cf:5a:85:4c:3b:0a:62:10:88:4c:c5: 5e:c7:6e:b4:0f:a9:ba:d5:ce:79:22:3f:27:81:0d:c5:9c:34: 37:e8:47:69:a4:7e:94:8e:b4:7a:a6:63:2f:55:94:b2:57:08: f4:59:42:fd:f1:ac:41:e0:a2:00:50:fe:c0:d2:de:70:a0:f5: 61:2a:49:53:ab:78:69:94:c7:fa:22:70:1b:30:5a:5a:d8:4f: 0c:8c:80:d6:25:0a:1d:5b:15:50:00:53:49:54:e2:6f:37:9b: 62:d1:df:e2:92:a1:52:74:2f:3d:f9:21:b0:ff:93:30:55:0b: 51:8c:d2:54:4b:0a:ce:23:8c:63:7f:90:95:7e:1c:cc:3a:b1: a8:7e:b0:4c:36:db:fb:99:c9:ed:5a:fe:30:a2:4d:ab:6a:2c: 8f:3a:85:6e:75:1f:54:d8:ea:4e:bd:c3:f1:51:45:e0:d2:09: df:4b:7e:0e:53:c2:f9:e3:38:fd:a0:61:24:3b:e1:7c:d5:4d: 8b:57:a9:79:02:df:f6:a2:a1:0c:15:68:8b:4b:6f:60:5b:28: fc:3b:43:7b -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5ELO3RrSekKdrYlOEfWfiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzN2UyMTVhNDE1ZWQ3YjVkZTRiNmRjMTJmMmY3Yjc3NTBj M2Q2NmYwHhcNMjYwMTAxMTAxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OWQ5NWYzM2NkODVhZjY4ODRhYTAyZjZmM2I5ODcxZjg2MDlmYTU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6QPfqOQpLL7lvvYm3xYtu7Nkw9aX XVwEYC6XUgidOx9r1RQ/gSv/xzb+8omKNlFn40WsXJCErqiMIV1209EtbvnUaADk U+DBZm0bfc8qhR//F/4WdgYOgWUw6StjeO28CQqmAW/NImB6lSJBRnTj0GuIS/1s xmlME8i+oroAFOSUNsaNeBA6qTN1YyGMZjgUvB1G+7X1sUpPY0D0jrxYhInF/G2s 911JRwsA5mU3KzVH/c5lQusEB49N+3idoVhbriXxqXTj3cQPH5tik97Nd0dz3SZg 2mxa90h6fBmA0xC8RqIPriEhCQMO0PMp7tzOjBkT5RlOavKstaOkApRVeQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFInZXzPNha9ohKoC9vO5hx+GCfpUMB8GA1UdIwQY MBaAFLN+IVpBXte13kttwS8ve3dQw9ZvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQt NTUzNjljZjUwN2VlLzEvaWRsZk04MkZyMmlFcWdMMjg3bUhINFlKLWxRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85N2Y0OWEtN2E5NS00ZGQ1LThjNzQtNTUzNjljZjUwN2Vl LzEvczM0aFdrRmUxN1hlUzIzQkx5OTdkMUREMW04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhK+xBKi MA0GCSqGSIb3DQEBCwUAA4IBAQAGIAl2Se5oZdgtHTIAtlMDH4+8zNAr2F8zqovl 45LhVgTCDYL4I9ER17Mzz1qFTDsKYhCITMVex260D6m61c55Ij8ngQ3FnDQ36Edp pH6UjrR6pmMvVZSyVwj0WUL98axB4KIAUP7A0t5woPVhKklTq3hplMf6InAbMFpa 2E8MjIDWJQodWxVQAFNJVOJvN5ti0d/ikqFSdC89+SGw/5MwVQtRjNJUSwrOI4xj f5CVfhzMOrGofrBMNtv7mcntWv4wok2raiyPOoVudR9U2OpOvcPxUUXg0gnfS34O U8L54zj9oGEkO+F81U2LV6l5At/2oqEMFWiLS29gWyj8O0N7 -----END CERTIFICATE-----Generated at Tue Jan 20 00:56:01 2026 by rpki-client