This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/3c634a-0cd9-4765-bd09-5663de16d66f/1/I-sXuwtEcITmgnvZanC5hRWQbdA.roa File: I-sXuwtEcITmgnvZanC5hRWQbdA.roa (raw, json) Hash identifier: dw1mUItwtqi8VkSL6GcnsYfa7bo73GyWptZqIgXTIXU= Subject key identifier: 23:EB:17:BB:0B:44:70:84:E6:82:7B:D9:6A:70:B9:85:15:90:6D:D0 Certificate issuer: /CN=696c67b25d2f225d972cfdf3b4eaff22e37900a8 Certificate serial: 019B78A27A82E256303B57CEF2AE3217C983 Authority key identifier: 69:6C:67:B2:5D:2F:22:5D:97:2C:FD:F3:B4:EA:FF:22:E3:79:00:A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aWxnsl0vIl2XLP3ztOr_IuN5AKg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/3c634a-0cd9-4765-bd09-5663de16d66f/1/I-sXuwtEcITmgnvZanC5hRWQbdA.roa Signing time: Thu 01 Jan 2026 08:17:52 +0000 ROA not before: Thu 01 Jan 2026 08:17:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 14618 IP address blocks: 193.93.64.0/24 maxlen: 24 193.93.65.0/24 maxlen: 24 193.93.66.0/24 maxlen: 24 193.93.67.0/24 maxlen: 24 2001:678:890::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/3c634a-0cd9-4765-bd09-5663de16d66f/1/aWxnsl0vIl2XLP3ztOr_IuN5AKg.crl rsync://rpki.ripe.net/repository/DEFAULT/89/3c634a-0cd9-4765-bd09-5663de16d66f/1/aWxnsl0vIl2XLP3ztOr_IuN5AKg.mft rsync://rpki.ripe.net/repository/DEFAULT/aWxnsl0vIl2XLP3ztOr_IuN5AKg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:7a:82:e2:56:30:3b:57:ce:f2:ae:32:17:c9:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=696c67b25d2f225d972cfdf3b4eaff22e37900a8 Validity Not Before: Jan 1 08:17:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=23eb17bb0b447084e6827bd96a70b98515906dd0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:34:84:1a:b2:02:ce:68:88:00:11:6b:76:19: d3:78:a5:57:07:57:49:0c:f9:3b:30:11:28:12:31: 5b:57:15:47:f0:f9:a9:8a:98:89:7e:50:be:eb:3b: a2:86:14:78:d7:5c:10:4d:51:0b:78:4a:1e:c6:62: f2:a6:ee:59:85:d8:1d:d7:a0:2a:9f:4e:33:de:ef: 63:f2:f9:16:d7:57:c7:e2:35:8c:72:04:17:82:b5: 57:71:71:d6:fa:d9:42:b4:83:eb:ae:8b:97:44:0d: 73:c5:b5:1c:11:fd:5f:fa:78:d9:ea:27:7f:87:4b: 98:90:b9:d6:c2:c1:c4:5d:f4:b8:20:73:8c:77:35: 93:d3:49:1a:83:02:d8:ab:3c:b9:82:95:e4:f7:b0: 46:41:81:a6:b9:85:90:cd:9c:45:b7:87:38:7a:97: 90:aa:12:46:d1:d5:c4:a4:bb:25:de:29:55:ea:eb: ec:d9:3c:56:d2:69:a1:72:92:09:c0:1b:ba:c3:ab: b9:77:9a:cc:6a:33:a7:49:41:cc:30:d7:73:1e:f1: 5a:ee:f0:94:fa:82:4d:54:0d:3d:1f:70:86:cb:cb: 67:59:37:0d:88:06:cf:67:02:1b:05:52:ac:90:bd: c4:84:26:80:b4:44:82:9c:9c:aa:16:6e:e4:f7:00: 02:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:EB:17:BB:0B:44:70:84:E6:82:7B:D9:6A:70:B9:85:15:90:6D:D0 X509v3 Authority Key Identifier: keyid:69:6C:67:B2:5D:2F:22:5D:97:2C:FD:F3:B4:EA:FF:22:E3:79:00:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aWxnsl0vIl2XLP3ztOr_IuN5AKg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3c634a-0cd9-4765-bd09-5663de16d66f/1/I-sXuwtEcITmgnvZanC5hRWQbdA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3c634a-0cd9-4765-bd09-5663de16d66f/1/aWxnsl0vIl2XLP3ztOr_IuN5AKg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.93.64.0/22 IPv6: 2001:678:890::/48 Signature Algorithm: sha256WithRSAEncryption 1c:85:0d:36:a5:82:46:fa:e3:46:45:ad:16:4f:b0:62:39:34: 55:1c:6c:86:a5:70:32:57:c8:ce:b1:7a:a7:d8:77:ea:52:f7: d3:c4:b3:9f:05:fd:c1:04:42:88:c6:69:a3:4c:ff:cb:45:18: d4:d0:76:f1:4a:3a:53:9c:68:19:a2:3c:d8:53:a0:79:dc:42: 3c:32:8f:53:b1:66:d7:f1:50:4e:a7:fc:48:96:29:ff:e8:d9: 5e:3b:b2:bd:82:14:dc:77:48:dd:3e:97:4a:23:27:8d:b4:8a: ef:c6:00:f1:a8:86:c9:1e:68:af:f5:33:32:e9:2a:4c:e6:e2: a0:71:3e:3f:7c:b1:86:a7:c5:30:ea:61:ca:ab:82:60:01:be: a7:f4:e3:5f:9a:2d:06:ed:c0:be:d9:79:de:f0:22:1e:0e:93: 1d:04:ed:2b:cd:f9:19:30:db:5d:23:d6:36:29:3e:8b:4d:37: f2:a1:23:ef:72:59:66:71:9e:2f:d9:a2:a4:29:65:f4:72:4a: a1:0b:91:0d:5c:d9:47:7d:02:d7:8b:8a:78:1d:3c:5d:c2:31: 3f:b5:19:63:71:3d:a7:ef:9d:4f:df:e0:ee:e2:39:51:47:3a: 1c:6d:58:92:ea:0a:98:c7:57:e0:bb:2e:70:21:df:01:fa:f7: 7b:30:6b:fd -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt4onqC4lYwO1fO8q4yF8mDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5NmM2N2IyNWQyZjIyNWQ5NzJjZmRmM2I0ZWFmZjIyZTM3 OTAwYTgwHhcNMjYwMTAxMDgxNzUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyM2ViMTdiYjBiNDQ3MDg0ZTY4MjdiZDk2YTcwYjk4NTE1OTA2ZGQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzSEGrICzmiIABFrdhnTeKVXB1dJ DPk7MBEoEjFbVxVH8PmpipiJflC+6zuihhR411wQTVELeEoexmLypu5Zhdgd16Aq n04z3u9j8vkW11fH4jWMcgQXgrVXcXHW+tlCtIPrrouXRA1zxbUcEf1f+njZ6id/ h0uYkLnWwsHEXfS4IHOMdzWT00kagwLYqzy5gpXk97BGQYGmuYWQzZxFt4c4epeQ qhJG0dXEpLsl3ilV6uvs2TxW0mmhcpIJwBu6w6u5d5rMajOnSUHMMNdzHvFa7vCU +oJNVA09H3CGy8tnWTcNiAbPZwIbBVKskL3EhCaAtESCnJyqFm7k9wACQQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFCPrF7sLRHCE5oJ72WpwuYUVkG3QMB8GA1UdIwQY MBaAFGlsZ7JdLyJdlyz987Tq/yLjeQCoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVd4bnNsMHZJbDJYTFAzenRPcl9JdU41QUtnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zYzYzNGEtMGNkOS00NzY1LWJkMDkt NTY2M2RlMTZkNjZmLzEvSS1zWHV3dEVjSVRtZ252WmFuQzVoUldRYmRBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS8zYzYzNGEtMGNkOS00NzY1LWJkMDktNTY2M2RlMTZkNjZm LzEvYVd4bnNsMHZJbDJYTFAzenRPcl9JdU41QUtnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwV1AMA8E AgACMAkDBwAgAQZ4CJAwDQYJKoZIhvcNAQELBQADggEBAByFDTalgkb640ZFrRZP sGI5NFUcbIalcDJXyM6xeqfYd+pS99PEs58F/cEEQojGaaNM/8tFGNTQdvFKOlOc aBmiPNhToHncQjwyj1OxZtfxUE6n/EiWKf/o2V47sr2CFNx3SN0+l0ojJ420iu/G APGohskeaK/1MzLpKkzm4qBxPj98sYanxTDqYcqrgmABvqf041+aLQbtwL7Zed7w Ih4Okx0E7SvN+Rkw210j1jYpPotNN/KhI+9yWWZxni/ZoqQpZfRySqELkQ1c2Ud9 AteLingdPF3CMT+1GWNxPafvnU/f4O7iOVFHOhxtWJLqCpjHV+C7LnAh3wH693sw a/0= -----END CERTIFICATE-----Generated at Wed Jan 7 23:47:42 2026 by rpki-client