This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/IfURpUgFpbVNvnCEcZgUNhevcZU.roa File: IfURpUgFpbVNvnCEcZgUNhevcZU.roa (raw, json) Hash identifier: 0AGljKEdhAMw7coWxuquiA6Dj1ABe9m7+/a6e4Sbu60= Subject key identifier: 21:F5:11:A5:48:05:A5:B5:4D:BE:70:84:71:98:14:36:17:AF:71:95 Certificate issuer: /CN=14a4780f5cd07e948be6fa4b4925a7313906d5eb Certificate serial: 019B7F14BA81BC187767849D5BB7C794729B Authority key identifier: 14:A4:78:0F:5C:D0:7E:94:8B:E6:FA:4B:49:25:A7:31:39:06:D5:EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FKR4D1zQfpSL5vpLSSWnMTkG1es.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/IfURpUgFpbVNvnCEcZgUNhevcZU.roa Signing time: Fri 02 Jan 2026 14:20:23 +0000 ROA not before: Fri 02 Jan 2026 14:20:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208169 IP address blocks: 2001:678:e3c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/FKR4D1zQfpSL5vpLSSWnMTkG1es.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/FKR4D1zQfpSL5vpLSSWnMTkG1es.mft rsync://rpki.ripe.net/repository/DEFAULT/FKR4D1zQfpSL5vpLSSWnMTkG1es.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:ba:81:bc:18:77:67:84:9d:5b:b7:c7:94:72:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=14a4780f5cd07e948be6fa4b4925a7313906d5eb Validity Not Before: Jan 2 14:20:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21f511a54805a5b54dbe70847198143617af7195 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:22:31:31:53:04:db:53:54:eb:77:f1:f8:7e: 6a:48:71:48:02:85:6d:2a:1f:c3:40:90:e8:32:74: c4:cf:67:7a:c9:17:f9:a4:95:16:e8:e8:40:c3:b6: c1:71:34:48:6f:c3:5a:21:d3:cc:88:6e:3e:c6:bf: 73:f9:67:12:5d:8a:70:a1:cf:4a:72:a4:74:a8:d0: 64:e8:3c:bb:87:1c:cc:31:58:9b:bb:e9:23:e8:bc: 5d:2a:54:76:04:58:a0:b1:76:b7:c9:36:7c:96:b7: 70:4a:e5:ae:86:51:cd:e3:d8:9b:4b:e6:46:f9:16: 0e:c3:a3:d7:a1:35:80:21:6a:d8:6f:73:a2:04:4f: 20:84:54:5c:57:0f:e8:7d:d4:d5:3f:c1:ca:8a:5c: db:2e:0b:67:40:96:48:8d:54:16:a1:79:ef:1e:57: 98:45:1f:de:cb:fe:89:97:30:24:12:60:93:72:66: 55:a4:02:3c:db:83:94:7c:3c:47:f4:07:c2:56:75: c0:13:12:fc:48:b6:74:99:31:ff:2f:a2:78:05:c9: a3:1b:01:d3:4c:9e:fe:29:6a:d2:a3:d4:5b:46:7c: a5:0b:e1:21:1e:5b:f2:e5:36:51:1b:8c:bc:99:5d: 44:1e:f1:be:82:27:4d:2f:df:63:18:03:32:03:55: 53:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:F5:11:A5:48:05:A5:B5:4D:BE:70:84:71:98:14:36:17:AF:71:95 X509v3 Authority Key Identifier: keyid:14:A4:78:0F:5C:D0:7E:94:8B:E6:FA:4B:49:25:A7:31:39:06:D5:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FKR4D1zQfpSL5vpLSSWnMTkG1es.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/IfURpUgFpbVNvnCEcZgUNhevcZU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/42cdab-2029-4624-9f4b-99323686216d/1/FKR4D1zQfpSL5vpLSSWnMTkG1es.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:e3c::/48 Signature Algorithm: sha256WithRSAEncryption 3c:8a:e5:ef:43:31:bf:aa:e4:1b:02:d4:13:d9:b8:86:69:76: 2e:f5:c0:a0:04:9e:f7:70:63:d9:37:a8:de:40:3b:51:b5:f2: 05:42:0b:c9:f1:d5:94:32:53:6b:e5:89:d6:83:64:fe:90:5d: b0:e4:0e:20:3e:d8:12:e7:1b:f6:74:be:5b:55:b3:2e:30:30: a0:d9:69:2e:4d:64:0d:ac:c4:fd:a4:36:e5:4e:c4:e0:e1:d5: 7f:c3:0b:e9:7d:7a:30:e3:db:36:0b:4d:65:a1:61:61:29:cc: 9e:67:f7:64:6f:9a:c2:23:39:ce:4e:35:4c:6a:91:53:04:71: e9:8d:85:c1:28:78:79:3a:b9:c9:b5:84:d3:73:5b:ab:b7:5d: 7d:8c:c2:2f:2a:0a:56:3a:cb:11:18:46:dd:d2:ff:b6:15:91: dd:59:f7:fb:4e:32:35:4b:e7:be:e8:be:a0:cb:f4:5c:a8:4f: b8:ca:d8:84:5b:58:3b:47:7f:e4:9d:46:ba:2e:78:0f:fa:fe: 27:3d:37:7a:e3:7c:e7:8c:01:b4:38:e2:a8:bc:9a:a8:7b:03: fc:38:43:3c:e7:23:56:7c:be:62:31:fe:5d:80:fc:1d:85:51: a1:0c:9f:ba:ca:b9:37:91:7d:d2:8f:dd:e5:22:a0:0d:26:10: 8f:e6:92:55 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/FLqBvBh3Z4SdW7fHlHKbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE0YTQ3ODBmNWNkMDdlOTQ4YmU2ZmE0YjQ5MjVhNzMxMzkw NmQ1ZWIwHhcNMjYwMTAyMTQyMDIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWY1MTFhNTQ4MDVhNWI1NGRiZTcwODQ3MTk4MTQzNjE3YWY3MTk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyIxMVME21NU63fx+H5qSHFIAoVt Kh/DQJDoMnTEz2d6yRf5pJUW6OhAw7bBcTRIb8NaIdPMiG4+xr9z+WcSXYpwoc9K cqR0qNBk6Dy7hxzMMVibu+kj6LxdKlR2BFigsXa3yTZ8lrdwSuWuhlHN49ibS+ZG +RYOw6PXoTWAIWrYb3OiBE8ghFRcVw/ofdTVP8HKilzbLgtnQJZIjVQWoXnvHleY RR/ey/6JlzAkEmCTcmZVpAI824OUfDxH9AfCVnXAExL8SLZ0mTH/L6J4BcmjGwHT TJ7+KWrSo9RbRnylC+EhHlvy5TZRG4y8mV1EHvG+gidNL99jGAMyA1VTtQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFCH1EaVIBaW1Tb5whHGYFDYXr3GVMB8GA1UdIwQY MBaAFBSkeA9c0H6Ui+b6S0klpzE5BtXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRktSNEQxelFmcFNMNXZwTFNTV25NVGtHMWVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80MmNkYWItMjAyOS00NjI0LTlmNGIt OTkzMjM2ODYyMTZkLzEvSWZVUnBVZ0ZwYlZOdm5DRWNaZ1VOaGV2Y1pVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS80MmNkYWItMjAyOS00NjI0LTlmNGItOTkzMjM2ODYyMTZk LzEvRktSNEQxelFmcFNMNXZwTFNTV25NVGtHMWVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA48 MA0GCSqGSIb3DQEBCwUAA4IBAQA8iuXvQzG/quQbAtQT2biGaXYu9cCgBJ73cGPZ N6jeQDtRtfIFQgvJ8dWUMlNr5YnWg2T+kF2w5A4gPtgS5xv2dL5bVbMuMDCg2Wku TWQNrMT9pDblTsTg4dV/wwvpfXow49s2C01loWFhKcyeZ/dkb5rCIznOTjVMapFT BHHpjYXBKHh5OrnJtYTTc1urt119jMIvKgpWOssRGEbd0v+2FZHdWff7TjI1S+e+ 6L6gy/RcqE+4ytiEW1g7R3/knUa6LngP+v4nPTd643znjAG0OOKovJqoewP8OEM8 5yNWfL5iMf5dgPwdhVGhDJ+6yrk3kX3Sj93lIqANJhCP5pJV -----END CERTIFICATE-----Generated at Tue Feb 10 03:11:56 2026 by rpki-client