This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/c68ae4-9724-4975-8bd4-c8700a14761b/1/itz24NxT7Zi7fZ9WaeuI55HznXI.roa File: itz24NxT7Zi7fZ9WaeuI55HznXI.roa (raw, json) Hash identifier: ujlPzuDCIcJuw9D1k7JPVilrVtFB6Vb5mfSYbPM7nRM= Subject key identifier: 8A:DC:F6:E0:DC:53:ED:98:BB:7D:9F:56:69:EB:88:E7:91:F3:9D:72 Certificate issuer: /CN=fc07c6b56ef1f239b028ef42375a2a1765bc08b8 Certificate serial: 019B76EB161D9EADCE594A4BFB5D36CE3ED2 Authority key identifier: FC:07:C6:B5:6E:F1:F2:39:B0:28:EF:42:37:5A:2A:17:65:BC:08:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_AfGtW7x8jmwKO9CN1oqF2W8CLg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/c68ae4-9724-4975-8bd4-c8700a14761b/1/itz24NxT7Zi7fZ9WaeuI55HznXI.roa Signing time: Thu 01 Jan 2026 00:17:56 +0000 ROA not before: Thu 01 Jan 2026 00:17:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29189 IP address blocks: 217.64.208.0/23 maxlen: 24 217.64.208.0/24 maxlen: 24 217.64.209.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/c68ae4-9724-4975-8bd4-c8700a14761b/1/_AfGtW7x8jmwKO9CN1oqF2W8CLg.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/c68ae4-9724-4975-8bd4-c8700a14761b/1/_AfGtW7x8jmwKO9CN1oqF2W8CLg.mft rsync://rpki.ripe.net/repository/DEFAULT/_AfGtW7x8jmwKO9CN1oqF2W8CLg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 15:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:16:1d:9e:ad:ce:59:4a:4b:fb:5d:36:ce:3e:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fc07c6b56ef1f239b028ef42375a2a1765bc08b8 Validity Not Before: Jan 1 00:17:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8adcf6e0dc53ed98bb7d9f5669eb88e791f39d72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:f9:71:56:ad:ca:99:e9:10:68:42:67:1f:0a: dc:81:27:9e:fb:18:48:ca:ca:15:a0:60:2c:97:7e: b4:ae:52:b0:7e:09:d4:40:b2:9f:5e:b4:27:01:65: 30:ee:38:c7:0b:da:35:d5:48:dd:35:22:a5:43:0d: 63:e9:d6:c9:e8:93:98:b4:fb:0b:25:6b:00:c5:f6: 93:ae:7d:90:35:cd:47:5c:13:b9:a8:2e:6a:5f:89: 5b:f3:99:08:5e:3d:d9:1a:89:db:c2:cb:78:a6:75: ef:21:29:93:fb:d8:72:8d:3f:b0:4a:7e:69:83:c5: b8:18:e4:2e:fd:40:5e:cc:9f:77:0f:c4:14:54:4b: dc:56:49:4d:a2:fe:7b:c0:c9:71:38:04:c1:85:c2: d3:e1:40:69:d4:0e:38:ec:c6:a1:f8:9f:3d:df:3c: a4:b3:db:2f:c9:49:8c:35:df:e6:5f:dc:68:37:de: 49:f9:a1:51:8f:64:44:00:ab:cf:51:09:36:21:17: 15:31:b9:68:05:6d:75:32:3c:35:ae:3e:9f:f3:ce: 76:cd:1b:b7:7a:c9:87:16:4e:22:25:71:dc:85:3d: 12:5e:9c:f8:78:04:bf:af:e6:a1:6a:4d:49:fc:62: 03:7a:12:db:4c:a4:50:00:50:c5:56:46:0f:fe:71: f7:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:DC:F6:E0:DC:53:ED:98:BB:7D:9F:56:69:EB:88:E7:91:F3:9D:72 X509v3 Authority Key Identifier: keyid:FC:07:C6:B5:6E:F1:F2:39:B0:28:EF:42:37:5A:2A:17:65:BC:08:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_AfGtW7x8jmwKO9CN1oqF2W8CLg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/c68ae4-9724-4975-8bd4-c8700a14761b/1/itz24NxT7Zi7fZ9WaeuI55HznXI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/c68ae4-9724-4975-8bd4-c8700a14761b/1/_AfGtW7x8jmwKO9CN1oqF2W8CLg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.64.208.0/23 Signature Algorithm: sha256WithRSAEncryption 94:05:5e:c0:6a:76:2e:64:28:93:03:f2:99:fd:f1:f2:22:52: 1f:15:a0:e7:85:10:25:95:17:32:42:ca:69:09:a4:7a:83:b3: 08:60:66:76:47:ec:19:bb:da:04:47:54:0a:df:2e:d1:5c:11: a0:62:3e:67:5c:21:1c:89:9a:83:42:06:70:8d:05:cb:65:6d: 29:1c:e9:25:9e:81:14:e2:0f:ec:ae:24:5a:0e:1a:cc:e9:84: ce:fb:63:d1:02:b3:c2:4f:1f:61:5b:ef:08:40:f9:30:d1:8e: e5:4b:af:76:90:01:25:70:3b:b8:8c:19:26:16:15:18:32:55: 17:38:12:e8:4d:05:7f:58:a5:5e:02:5c:e8:c5:e3:94:7c:f4: 80:74:57:27:22:5e:fb:d4:67:ae:75:73:b6:c6:7f:d2:d7:1b: 0a:43:8c:6b:68:2e:16:7e:fc:a4:32:bb:84:2d:68:27:f0:24: 66:f8:b8:80:67:b8:ed:84:70:21:04:7b:f9:16:dc:b4:d6:d6: a6:0e:30:63:5d:c5:a7:f3:42:8b:bb:cf:cd:74:a4:79:c7:73: d7:07:ce:30:e5:b2:5c:7d:f3:c9:3e:c6:02:e7:4d:82:c3:5f: be:70:f4:38:b8:90:51:66:1b:70:1d:af:5d:10:39:71:f2:cc: 57:f3:75:d5 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt26xYdnq3OWUpL+102zj7SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZjMDdjNmI1NmVmMWYyMzliMDI4ZWY0MjM3NWEyYTE3NjVi YzA4YjgwHhcNMjYwMTAxMDAxNzU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YWRjZjZlMGRjNTNlZDk4YmI3ZDlmNTY2OWViODhlNzkxZjM5ZDcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/lxVq3KmekQaEJnHwrcgSee+xhI ysoVoGAsl360rlKwfgnUQLKfXrQnAWUw7jjHC9o11UjdNSKlQw1j6dbJ6JOYtPsL JWsAxfaTrn2QNc1HXBO5qC5qX4lb85kIXj3ZGonbwst4pnXvISmT+9hyjT+wSn5p g8W4GOQu/UBezJ93D8QUVEvcVklNov57wMlxOATBhcLT4UBp1A447Mah+J893zyk s9svyUmMNd/mX9xoN95J+aFRj2REAKvPUQk2IRcVMbloBW11Mjw1rj6f8852zRu3 esmHFk4iJXHchT0SXpz4eAS/r+ahak1J/GIDehLbTKRQAFDFVkYP/nH3swIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIrc9uDcU+2Yu32fVmnriOeR851yMB8GA1UdIwQY MBaAFPwHxrVu8fI5sCjvQjdaKhdlvAi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX0FmR3RXN3g4am13S085Q04xb3FGMlc4Q0xnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9jNjhhZTQtOTcyNC00OTc1LThiZDQt Yzg3MDBhMTQ3NjFiLzEvaXR6MjROeFQ3Wmk3Zlo5V2FldUk1NUh6blhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS9jNjhhZTQtOTcyNC00OTc1LThiZDQtYzg3MDBhMTQ3NjFi LzEvX0FmR3RXN3g4am13S085Q04xb3FGMlc4Q0xnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2UDQMA0G CSqGSIb3DQEBCwUAA4IBAQCUBV7AanYuZCiTA/KZ/fHyIlIfFaDnhRAllRcyQspp CaR6g7MIYGZ2R+wZu9oER1QK3y7RXBGgYj5nXCEciZqDQgZwjQXLZW0pHOklnoEU 4g/sriRaDhrM6YTO+2PRArPCTx9hW+8IQPkw0Y7lS692kAElcDu4jBkmFhUYMlUX OBLoTQV/WKVeAlzoxeOUfPSAdFcnIl771GeudXO2xn/S1xsKQ4xraC4WfvykMruE LWgn8CRm+LiAZ7jthHAhBHv5Fty01tamDjBjXcWn80KLu8/NdKR5x3PXB84w5bJc ffPJPsYC502Cw1++cPQ4uJBRZhtwHa9dEDlx8sxX83XV -----END CERTIFICATE-----Generated at Wed Jan 21 17:30:16 2026 by rpki-client