This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/a3fd8b-686b-4e6c-8b7b-4310c39b1f44/1/I_i8axcztRmQYBKxo7LufShIxc0.roa File: I_i8axcztRmQYBKxo7LufShIxc0.roa (raw, json) Hash identifier: 2/unXqyBT639RbP4a6kb5aLTC3tSiKOPrQbrbpRMwdE= Subject key identifier: 23:F8:BC:6B:17:33:B5:19:90:60:12:B1:A3:B2:EE:7D:28:48:C5:CD Certificate issuer: /CN=f8525e412c6ae2b16cac39ecf288c2e2e6a75de2 Certificate serial: 019B7F839174F896E7EC93E6B91BE435125C Authority key identifier: F8:52:5E:41:2C:6A:E2:B1:6C:AC:39:EC:F2:88:C2:E2:E6:A7:5D:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-FJeQSxq4rFsrDns8ojC4uanXeI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/a3fd8b-686b-4e6c-8b7b-4310c39b1f44/1/I_i8axcztRmQYBKxo7LufShIxc0.roa Signing time: Fri 02 Jan 2026 16:21:27 +0000 ROA not before: Fri 02 Jan 2026 16:21:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213966 IP address blocks: 86.107.108.0/23 maxlen: 23 2a01:fcc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/a3fd8b-686b-4e6c-8b7b-4310c39b1f44/1/1-FJeQSxq4rFsrDns8ojC4uanXeI.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/a3fd8b-686b-4e6c-8b7b-4310c39b1f44/1/1-FJeQSxq4rFsrDns8ojC4uanXeI.mft rsync://rpki.ripe.net/repository/DEFAULT/1-FJeQSxq4rFsrDns8ojC4uanXeI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:91:74:f8:96:e7:ec:93:e6:b9:1b:e4:35:12:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f8525e412c6ae2b16cac39ecf288c2e2e6a75de2 Validity Not Before: Jan 2 16:21:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=23f8bc6b1733b519906012b1a3b2ee7d2848c5cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:6b:d7:b0:b9:ce:14:2d:c2:af:31:bc:f8:40: af:e6:f3:10:ba:9b:92:c1:76:08:18:0c:ca:69:93: 02:52:2b:c2:89:b7:57:40:71:f3:4e:99:30:fe:14: 6f:21:52:83:65:a4:1f:09:74:1d:40:59:12:c0:5f: d0:66:26:66:78:21:84:94:d7:d9:c4:7e:10:8a:67: 68:0d:ca:eb:fb:70:d7:d3:ce:68:c1:92:45:7a:27: a4:86:3a:a8:07:2d:c3:a8:eb:3b:93:fa:22:b0:ef: 75:ab:78:3e:64:43:e5:70:04:55:e5:d5:8f:81:e0: d2:93:de:51:22:4c:7e:68:23:a0:6d:5f:7e:d1:3b: 3c:f3:6d:cc:8b:7a:17:37:b0:38:d1:35:f2:eb:7a: 00:5c:af:f4:5b:e8:3b:b9:c8:dd:6a:30:c0:12:8a: 9e:de:51:84:a2:6f:3b:b5:a2:4c:5f:5b:44:90:10: 11:7a:62:15:cc:17:86:7e:4b:9f:df:70:cd:2e:97: 73:be:17:75:74:61:5b:3c:54:eb:0c:89:08:58:2b: 3d:a8:0a:c1:ff:94:c4:6a:71:83:77:4b:e3:8d:9e: 21:ce:98:44:f6:c1:04:d1:be:06:6d:06:07:4a:b5: 41:9d:20:5d:cc:45:c1:30:b5:59:75:24:b9:2b:c3: 43:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:F8:BC:6B:17:33:B5:19:90:60:12:B1:A3:B2:EE:7D:28:48:C5:CD X509v3 Authority Key Identifier: keyid:F8:52:5E:41:2C:6A:E2:B1:6C:AC:39:EC:F2:88:C2:E2:E6:A7:5D:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-FJeQSxq4rFsrDns8ojC4uanXeI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a3fd8b-686b-4e6c-8b7b-4310c39b1f44/1/I_i8axcztRmQYBKxo7LufShIxc0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/a3fd8b-686b-4e6c-8b7b-4310c39b1f44/1/1-FJeQSxq4rFsrDns8ojC4uanXeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.107.108.0/23 IPv6: 2a01:fcc0::/29 Signature Algorithm: sha256WithRSAEncryption 03:bc:d6:5e:e5:9d:15:98:82:b5:2a:0c:96:57:53:36:0e:f6: 76:13:f4:e6:2a:86:c0:ca:0c:8e:81:4d:76:4c:d2:94:14:30: 82:9d:62:67:24:d2:c2:1a:37:66:e1:c5:0f:10:53:3b:f6:0d: 57:26:4e:6d:bb:de:07:25:31:cb:83:16:f8:44:7f:f6:66:d0: 5c:e6:cf:53:29:58:c7:e5:cc:61:e0:25:4c:14:36:00:30:40: 77:aa:6a:56:89:48:50:25:84:5a:68:3d:d2:26:f5:68:43:b9: dd:42:60:0e:9b:97:5d:ee:cc:8c:d0:04:7c:32:0d:92:c5:f1: 74:59:11:25:c6:15:e3:b2:ab:69:ba:93:fa:c2:3e:ae:69:be: 52:7d:15:69:37:99:7b:6c:19:46:93:d2:4d:5a:19:86:61:2a: d7:c3:c4:bc:60:f0:48:5d:1e:1f:68:d0:0a:5a:9c:bc:33:4f: 73:a1:c2:fc:ff:59:e4:8b:1a:a4:59:9d:11:5d:3c:87:af:f2: 83:4b:88:c2:d5:a1:e7:16:3f:ee:68:73:3e:64:7d:0d:e0:07: 00:71:fe:10:6f:09:04:d3:84:ec:d6:6a:e8:56:70:9c:34:f7: 14:2f:c0:ba:ce:6f:44:ec:cd:4f:69:21:f6:cd:9e:3d:8c:1a: 6e:56:ff:2c -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/g5F0+Jbn7JPmuRvkNRJcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4NTI1ZTQxMmM2YWUyYjE2Y2FjMzllY2YyODhjMmUyZTZh NzVkZTIwHhcNMjYwMTAyMTYyMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyM2Y4YmM2YjE3MzNiNTE5OTA2MDEyYjFhM2IyZWU3ZDI4NDhjNWNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2vXsLnOFC3CrzG8+ECv5vMQupuS wXYIGAzKaZMCUivCibdXQHHzTpkw/hRvIVKDZaQfCXQdQFkSwF/QZiZmeCGElNfZ xH4QimdoDcrr+3DX085owZJFeiekhjqoBy3DqOs7k/oisO91q3g+ZEPlcARV5dWP geDSk95RIkx+aCOgbV9+0Ts8823Mi3oXN7A40TXy63oAXK/0W+g7ucjdajDAEoqe 3lGEom87taJMX1tEkBARemIVzBeGfkuf33DNLpdzvhd1dGFbPFTrDIkIWCs9qArB /5TEanGDd0vjjZ4hzphE9sEE0b4GbQYHSrVBnSBdzEXBMLVZdSS5K8NDVQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFCP4vGsXM7UZkGASsaOy7n0oSMXNMB8GA1UdIwQY MBaAFPhSXkEsauKxbKw57PKIwuLmp13iMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1GSmVRU3hxNHJGc3JEbnM4b2pDNHVhblhlSS5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMvYTNmZDhiLTY4NmItNGU2Yy04Yjdi LTQzMTBjMzliMWY0NC8xL0lfaThheGN6dFJtUVlCS3hvN0x1ZlNoSXhjMC5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvYTMvYTNmZDhiLTY4NmItNGU2Yy04YjdiLTQzMTBjMzliMWY0 NC8xLzEtRkplUVN4cTRyRnNyRG5zOG9qQzR1YW5YZUkuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAFWa2ww DQQCAAIwBwMFAyoB/MAwDQYJKoZIhvcNAQELBQADggEBAAO81l7lnRWYgrUqDJZX UzYO9nYT9OYqhsDKDI6BTXZM0pQUMIKdYmck0sIaN2bhxQ8QUzv2DVcmTm273gcl McuDFvhEf/Zm0Fzmz1MpWMflzGHgJUwUNgAwQHeqalaJSFAlhFpoPdIm9WhDud1C YA6bl13uzIzQBHwyDZLF8XRZESXGFeOyq2m6k/rCPq5pvlJ9FWk3mXtsGUaT0k1a GYZhKtfDxLxg8EhdHh9o0ApanLwzT3Ohwvz/WeSLGqRZnRFdPIev8oNLiMLVoecW P+5ocz5kfQ3gBwBx/hBvCQTThOzWauhWcJw09xQvwLrOb0TszU9pIfbNnj2MGm5W /yw= -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:20 2026 by rpki-client