This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/ifkhfkR12chdZx40iDC75Z6ZvtI.roa File: ifkhfkR12chdZx40iDC75Z6ZvtI.roa (raw, json) Hash identifier: VCtx1LYyqYZzs+BoTifxqmMrsa75EWc9KzbMGXKx/XI= Subject key identifier: 89:F9:21:7E:44:75:D9:C8:5D:67:1E:34:88:30:BB:E5:9E:99:BE:D2 Certificate issuer: /CN=7a91b34153da0d5d121cff43259fcd9e3dbfc7d4 Certificate serial: 019B7E38896A695B81C1DA3E0656120E15E3 Authority key identifier: 7A:91:B3:41:53:DA:0D:5D:12:1C:FF:43:25:9F:CD:9E:3D:BF:C7:D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/ifkhfkR12chdZx40iDC75Z6ZvtI.roa Signing time: Fri 02 Jan 2026 10:19:52 +0000 ROA not before: Fri 02 Jan 2026 10:19:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1299 IP address blocks: 185.154.150.0/23 maxlen: 23 2a14:3b00:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.mft rsync://rpki.ripe.net/repository/DEFAULT/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:89:6a:69:5b:81:c1:da:3e:06:56:12:0e:15:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7a91b34153da0d5d121cff43259fcd9e3dbfc7d4 Validity Not Before: Jan 2 10:19:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=89f9217e4475d9c85d671e348830bbe59e99bed2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:2b:ca:40:41:0a:5f:01:20:a6:ec:52:d8:01: 29:79:cb:b0:02:83:59:aa:bd:f7:2d:f9:9c:67:08: 34:bb:1a:6e:3d:ed:d2:87:94:7d:06:e1:4c:dc:3c: e0:6a:b7:25:7f:87:5f:6e:9d:e2:b5:9d:1d:03:6e: 0a:0c:8c:ad:7a:15:da:3e:41:a2:7a:bf:5e:5a:36: 75:fb:69:98:98:25:86:b6:1c:75:29:02:2d:54:92: be:e8:72:7b:89:2b:7b:8f:40:ba:43:fe:e8:53:3c: 82:d5:0b:b5:0a:ec:4a:dd:1a:6a:dc:bf:dc:35:8f: 6a:68:25:e2:9a:21:01:a7:c1:4b:3d:55:74:20:bb: dc:ec:6e:e0:58:63:47:d7:a9:c0:71:bd:c3:8f:12: 30:62:7d:78:49:d9:b4:36:34:f2:54:74:dd:47:ba: 92:67:04:32:9d:eb:ea:8e:97:86:6a:da:c8:9b:d2: be:b3:f1:97:52:d4:14:b3:cd:fe:9b:bf:e7:e5:72: 1c:e7:2e:3b:81:c9:59:05:69:85:0f:d3:2f:95:ad: b1:38:b8:f3:69:f9:99:20:81:28:41:48:13:07:be: c7:7a:e0:4b:11:49:c2:c6:0d:fb:1a:f7:bd:ff:5f: 4e:2d:25:6d:bf:1e:42:8c:79:fd:41:af:f4:31:c4: 1a:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:F9:21:7E:44:75:D9:C8:5D:67:1E:34:88:30:BB:E5:9E:99:BE:D2 X509v3 Authority Key Identifier: keyid:7A:91:B3:41:53:DA:0D:5D:12:1C:FF:43:25:9F:CD:9E:3D:BF:C7:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/ifkhfkR12chdZx40iDC75Z6ZvtI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/53f652-01b1-42f2-85e9-4dcb23fdb06a/1/epGzQVPaDV0SHP9DJZ_Nnj2_x9Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.154.150.0/23 IPv6: 2a14:3b00:1::/48 Signature Algorithm: sha256WithRSAEncryption a6:e5:9b:0b:e9:e3:f5:2e:92:d3:da:86:c9:e1:12:45:5f:24: f0:e3:0b:a3:85:cd:5e:5a:92:bd:f8:e9:e6:87:ec:f4:04:2d: 89:d5:73:58:ff:bd:e9:80:8b:55:a9:78:59:ea:b6:d1:65:97: 6a:df:7a:a0:9e:1d:42:89:83:8f:77:c4:2f:69:0d:a8:c8:39: e6:b5:22:f3:77:b0:e4:b7:24:9a:bc:b9:8c:bb:77:f4:84:bd: 17:2d:43:d3:bc:77:0a:fa:18:af:87:80:7e:8d:c9:80:1c:5a: 66:a0:0b:8d:be:1b:9a:97:20:39:b9:36:d9:9c:22:6f:58:42: 15:fe:38:a5:f8:98:db:1c:ce:28:a5:25:dd:f3:a0:ff:27:0a: d6:96:3d:24:78:6e:01:d1:78:b7:f6:ab:e9:d5:3e:c0:a1:9e: 76:30:0a:bc:56:da:1f:7d:3d:79:36:3d:13:40:83:97:44:60: 38:d4:6e:f8:30:78:b9:b0:8a:53:88:0d:71:e3:5e:40:b0:7c: 74:34:0b:2b:c4:d6:02:19:fe:f4:32:94:dc:24:9f:e7:58:b9: cc:8d:89:53:3b:48:27:31:65:2f:99:12:5b:15:1b:e6:f8:fb: 75:a3:dc:2a:db:a1:3d:e1:db:42:1c:9c:fe:70:91:fc:b3:e6: bb:d2:d7:64 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+OIlqaVuBwdo+BlYSDhXjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdhOTFiMzQxNTNkYTBkNWQxMjFjZmY0MzI1OWZjZDllM2Ri ZmM3ZDQwHhcNMjYwMTAyMTAxOTUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OWY5MjE3ZTQ0NzVkOWM4NWQ2NzFlMzQ4ODMwYmJlNTllOTliZWQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCvKQEEKXwEgpuxS2AEpecuwAoNZ qr33LfmcZwg0uxpuPe3Sh5R9BuFM3Dzgarclf4dfbp3itZ0dA24KDIytehXaPkGi er9eWjZ1+2mYmCWGthx1KQItVJK+6HJ7iSt7j0C6Q/7oUzyC1Qu1CuxK3Rpq3L/c NY9qaCXimiEBp8FLPVV0ILvc7G7gWGNH16nAcb3DjxIwYn14Sdm0NjTyVHTdR7qS ZwQynevqjpeGatrIm9K+s/GXUtQUs83+m7/n5XIc5y47gclZBWmFD9Mvla2xOLjz afmZIIEoQUgTB77HeuBLEUnCxg37Gve9/19OLSVtvx5CjHn9Qa/0McQaaQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFIn5IX5EddnIXWceNIgwu+Wemb7SMB8GA1UdIwQY MBaAFHqRs0FT2g1dEhz/QyWfzZ49v8fUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZXBHelFWUGFEVjBTSFA5REpaX05uajJfeDlRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC81M2Y2NTItMDFiMS00MmYyLTg1ZTkt NGRjYjIzZmRiMDZhLzEvaWZraGZrUjEyY2hkWng0MGlEQzc1WjZadnRJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC81M2Y2NTItMDFiMS00MmYyLTg1ZTktNGRjYjIzZmRiMDZh LzEvZXBHelFWUGFEVjBTSFA5REpaX05uajJfeDlRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuZqWMA8E AgACMAkDBwAqFDsAAAEwDQYJKoZIhvcNAQELBQADggEBAKblmwvp4/UuktPahsnh EkVfJPDjC6OFzV5akr346eaH7PQELYnVc1j/vemAi1WpeFnqttFll2rfeqCeHUKJ g493xC9pDajIOea1IvN3sOS3JJq8uYy7d/SEvRctQ9O8dwr6GK+HgH6NyYAcWmag C42+G5qXIDm5NtmcIm9YQhX+OKX4mNscziilJd3zoP8nCtaWPSR4bgHReLf2q+nV PsChnnYwCrxW2h99PXk2PRNAg5dEYDjUbvgweLmwilOIDXHjXkCwfHQ0CyvE1gIZ /vQylNwkn+dYucyNiVM7SCcxZS+ZElsVG+b4+3Wj3CrboT3h20IcnP5wkfyz5rvS 12Q= -----END CERTIFICATE-----Generated at Wed Jan 21 07:21:52 2026 by rpki-client