This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/ead6c4-9fe1-4fee-9760-047cbc310ccb/1/7Z6ojelPseFZngCaUR_CY78Fb5I.roa File: 7Z6ojelPseFZngCaUR_CY78Fb5I.roa (raw, json) Hash identifier: HGlBrDAdLj79PeTsI9ZoARQIK801VBLKm1hbPGS+ChQ= Subject key identifier: ED:9E:A8:8D:E9:4F:B1:E1:59:9E:00:9A:51:1F:C2:63:BF:05:6F:92 Certificate issuer: /CN=2f6f07cead06a4f811547600bac02faf0cc084c9 Certificate serial: 019B78A2BF61484AEA8968CB8CA56309A585 Authority key identifier: 2F:6F:07:CE:AD:06:A4:F8:11:54:76:00:BA:C0:2F:AF:0C:C0:84:C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L28Hzq0GpPgRVHYAusAvrwzAhMk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/ead6c4-9fe1-4fee-9760-047cbc310ccb/1/7Z6ojelPseFZngCaUR_CY78Fb5I.roa Signing time: Thu 01 Jan 2026 08:18:10 +0000 ROA not before: Thu 01 Jan 2026 08:18:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203 IP address blocks: 149.3.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/ead6c4-9fe1-4fee-9760-047cbc310ccb/1/L28Hzq0GpPgRVHYAusAvrwzAhMk.crl rsync://rpki.ripe.net/repository/DEFAULT/91/ead6c4-9fe1-4fee-9760-047cbc310ccb/1/L28Hzq0GpPgRVHYAusAvrwzAhMk.mft rsync://rpki.ripe.net/repository/DEFAULT/L28Hzq0GpPgRVHYAusAvrwzAhMk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:bf:61:48:4a:ea:89:68:cb:8c:a5:63:09:a5:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f6f07cead06a4f811547600bac02faf0cc084c9 Validity Not Before: Jan 1 08:18:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ed9ea88de94fb1e1599e009a511fc263bf056f92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:93:44:2b:73:86:e5:11:9f:0a:18:70:c6:a8: 5a:91:f2:d7:dd:43:ef:d1:0e:f5:fc:57:10:54:63: 42:e5:14:0d:d1:6a:c9:03:b9:82:5c:5a:5d:31:0a: 4b:fb:06:fb:f3:80:ee:39:6c:e0:a1:e6:c6:dc:be: cc:8c:f2:69:04:62:59:75:b3:74:d4:55:e6:06:f6: e1:ab:e7:81:c7:15:97:1d:a6:07:d8:5a:b4:38:23: 59:e6:4d:fe:c1:8e:c1:45:f1:02:00:c4:3a:a9:d2: e8:c0:a7:c7:10:76:a2:c1:a4:36:79:6d:e2:b8:40: d6:3e:cf:8b:df:a0:f8:4d:2c:18:9c:11:3f:68:8e: b7:23:da:3c:2d:5f:05:eb:36:fa:3b:3e:1a:8d:03: 17:8a:1e:e1:b7:0e:85:3d:26:fa:2c:92:ac:91:8f: 1c:df:61:47:a8:b0:cd:b9:3f:46:6b:e7:a9:48:6d: 03:b2:70:58:0e:d6:ce:f9:89:b2:a0:f0:a8:96:2d: f9:09:92:05:f9:85:15:2a:85:46:84:77:02:1e:24: e8:58:84:7a:c7:7c:cf:e0:c0:98:a4:1e:4f:01:61: 0f:1c:f2:f3:77:57:be:8c:7e:9e:2c:31:34:e6:8e: 8f:7a:0b:8e:a2:e2:e8:e9:d1:3d:42:f8:2d:bd:04: 91:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:9E:A8:8D:E9:4F:B1:E1:59:9E:00:9A:51:1F:C2:63:BF:05:6F:92 X509v3 Authority Key Identifier: keyid:2F:6F:07:CE:AD:06:A4:F8:11:54:76:00:BA:C0:2F:AF:0C:C0:84:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L28Hzq0GpPgRVHYAusAvrwzAhMk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ead6c4-9fe1-4fee-9760-047cbc310ccb/1/7Z6ojelPseFZngCaUR_CY78Fb5I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/91/ead6c4-9fe1-4fee-9760-047cbc310ccb/1/L28Hzq0GpPgRVHYAusAvrwzAhMk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 149.3.172.0/22 Signature Algorithm: sha256WithRSAEncryption 2f:96:d6:55:2c:c9:23:07:4b:2b:22:34:d0:90:cb:31:4a:60: 47:ec:50:81:16:26:ff:e0:ce:28:b6:92:c1:05:67:07:1b:03: fa:66:62:8b:fe:cd:3b:8d:e5:7b:6d:d1:7e:c9:5d:91:b1:82: ad:06:44:b5:72:63:06:c0:2a:d0:ad:8d:16:d7:20:c5:0c:56: 7d:79:be:4e:84:e4:a5:d5:b5:72:9b:39:c1:f2:8f:8c:04:98: 0a:7e:1d:84:1a:0b:bb:f8:4d:3b:96:0e:31:26:19:07:09:50: d6:97:ee:86:c0:dd:fa:95:50:1d:fe:ea:9a:d6:ad:73:0c:9b: 67:68:a9:0c:35:60:6e:99:0a:ff:45:df:5a:34:e2:d7:65:66: 3e:ae:f2:a0:3e:13:53:40:d5:a7:84:7b:7c:eb:7c:ec:11:46: c3:51:9b:a3:e1:5e:9f:8b:0a:4a:f7:e3:ad:47:63:9c:85:63: f2:5d:15:e5:d7:e8:00:39:6e:50:ef:76:ef:c7:ac:39:86:74: 5e:fa:4c:71:05:91:02:b1:85:88:1b:e3:11:0e:34:2c:c1:d0: 87:d8:3c:ec:ab:dd:d6:d4:c8:eb:0f:e9:79:d5:e7:8d:f2:4b: 6e:eb:00:bb:6c:f5:e8:3d:a9:c0:1c:e7:12:05:88:df:a7:c6: 85:ac:32:db -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4or9hSErqiWjLjKVjCaWFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmNmYwN2NlYWQwNmE0ZjgxMTU0NzYwMGJhYzAyZmFmMGNj MDg0YzkwHhcNMjYwMTAxMDgxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlZDllYTg4ZGU5NGZiMWUxNTk5ZTAwOWE1MTFmYzI2M2JmMDU2ZjkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5NEK3OG5RGfChhwxqhakfLX3UPv 0Q71/FcQVGNC5RQN0WrJA7mCXFpdMQpL+wb784DuOWzgoebG3L7MjPJpBGJZdbN0 1FXmBvbhq+eBxxWXHaYH2Fq0OCNZ5k3+wY7BRfECAMQ6qdLowKfHEHaiwaQ2eW3i uEDWPs+L36D4TSwYnBE/aI63I9o8LV8F6zb6Oz4ajQMXih7htw6FPSb6LJKskY8c 32FHqLDNuT9Ga+epSG0DsnBYDtbO+YmyoPColi35CZIF+YUVKoVGhHcCHiToWIR6 x3zP4MCYpB5PAWEPHPLzd1e+jH6eLDE05o6PeguOouLo6dE9QvgtvQSRvQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFO2eqI3pT7HhWZ4AmlEfwmO/BW+SMB8GA1UdIwQY MBaAFC9vB86tBqT4EVR2ALrAL68MwITJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTDI4SHpxMEdwUGdSVkhZQXVzQXZyd3pBaE1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9lYWQ2YzQtOWZlMS00ZmVlLTk3NjAt MDQ3Y2JjMzEwY2NiLzEvN1o2b2plbFBzZUZabmdDYVVSX0NZNzhGYjVJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MS9lYWQ2YzQtOWZlMS00ZmVlLTk3NjAtMDQ3Y2JjMzEwY2Ni LzEvTDI4SHpxMEdwUGdSVkhZQXVzQXZyd3pBaE1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQClQOsMA0G CSqGSIb3DQEBCwUAA4IBAQAvltZVLMkjB0srIjTQkMsxSmBH7FCBFib/4M4otpLB BWcHGwP6ZmKL/s07jeV7bdF+yV2RsYKtBkS1cmMGwCrQrY0W1yDFDFZ9eb5OhOSl 1bVymznB8o+MBJgKfh2EGgu7+E07lg4xJhkHCVDWl+6GwN36lVAd/uqa1q1zDJtn aKkMNWBumQr/Rd9aNOLXZWY+rvKgPhNTQNWnhHt863zsEUbDUZuj4V6fiwpK9+Ot R2OchWPyXRXl1+gAOW5Q73bvx6w5hnRe+kxxBZECsYWIG+MRDjQswdCH2Dzsq93W 1MjrD+l51eeN8ktu6wC7bPXoPanAHOcSBYjfp8aFrDLb -----END CERTIFICATE-----Generated at Thu Jan 22 09:48:33 2026 by rpki-client