This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/1g-Lt3sSTzlFeqNWhjVm9NdPCFk.roa File: 1g-Lt3sSTzlFeqNWhjVm9NdPCFk.roa (raw, json) Hash identifier: mAlFaUCo5nypzBfu2ZJ08Z3ty+EkeWIwuWl3uzhHFS8= Subject key identifier: D6:0F:8B:B7:7B:12:4F:39:45:7A:A3:56:86:35:66:F4:D7:4F:08:59 Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491 Certificate serial: 019B7AC8CF53799C3DDCB72BD912DD1806EF Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/1g-Lt3sSTzlFeqNWhjVm9NdPCFk.roa Signing time: Thu 01 Jan 2026 18:18:59 +0000 ROA not before: Thu 01 Jan 2026 18:18:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212197 IP address blocks: 94.100.5.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.mft rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:cf:53:79:9c:3d:dc:b7:2b:d9:12:dd:18:06:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491 Validity Not Before: Jan 1 18:18:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d60f8bb77b124f39457aa356863566f4d74f0859 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b5:76:77:aa:d1:85:d3:51:dd:e6:c2:64:63: e5:6d:63:03:c4:e2:3d:98:10:14:fe:76:06:3f:9f: 9f:58:62:d8:dc:11:97:47:25:49:8b:b3:c1:a4:cc: a7:34:e1:6d:5a:ce:5c:47:22:ad:65:0f:44:b9:ee: e2:5c:f6:7b:ec:a7:f3:33:2c:b0:10:e3:4b:49:b6: 77:86:95:7a:1e:82:67:df:ef:96:a2:b2:9c:40:b4: 76:3a:4e:7b:84:21:15:6d:58:d9:88:93:2f:f4:b2: 27:52:a4:9c:fb:4c:36:f4:99:99:25:b2:2f:c5:da: 73:a9:2c:00:3f:b6:0a:f7:5e:19:f5:9d:4e:fd:5f: 53:50:26:8a:9c:6f:ae:6c:d2:2b:67:ee:6c:dd:c5: 99:08:89:2c:7d:2f:e5:99:38:de:a3:49:b0:84:36: 2e:cd:79:13:39:38:a2:e4:c8:8c:26:a2:4c:a3:32: f9:6d:66:2e:67:ca:8c:98:4d:0d:cc:e8:cd:08:23: 85:73:76:53:ab:6c:99:09:23:9e:43:6b:93:15:39: bd:b7:cc:d1:34:5b:e9:05:1f:6e:b2:33:89:d0:63: ac:92:91:37:81:c7:ad:fb:fa:6a:da:05:93:69:aa: b1:f9:ff:8a:4e:fe:0f:b9:63:3c:85:85:30:b6:4d: ac:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:0F:8B:B7:7B:12:4F:39:45:7A:A3:56:86:35:66:F4:D7:4F:08:59 X509v3 Authority Key Identifier: keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/1g-Lt3sSTzlFeqNWhjVm9NdPCFk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 94.100.5.0/24 Signature Algorithm: sha256WithRSAEncryption 98:73:21:67:a7:b7:75:41:25:56:eb:2d:3b:88:67:9e:9d:c7: 2e:1f:53:ec:4f:e4:06:95:4c:22:4d:bd:d3:b7:c6:af:b5:ea: c0:90:b0:dc:67:1f:a7:d9:4d:d7:e2:d9:f9:47:31:c2:71:61: 18:33:11:f6:b4:da:26:da:4a:97:7d:12:41:8f:88:9a:a3:f5: 03:e3:c5:d7:30:e3:f2:f4:5f:62:ec:fd:a8:17:41:bb:33:1c: e6:0a:c7:1f:18:45:5f:b2:57:62:3e:2c:fb:2f:b6:ec:c1:10: 95:4f:7a:42:57:dd:d4:44:bd:20:7c:e5:4c:c0:4e:8b:ca:07: bf:22:35:4d:ba:90:80:07:23:b3:85:50:d8:00:8b:5b:4b:a5: a2:7d:5c:45:72:42:23:d3:9b:5a:ca:c6:31:46:d8:18:84:a2: 7b:3d:1b:e5:6c:eb:83:5f:0f:e3:92:a5:3b:f2:c7:35:34:99: 09:be:75:8d:fa:29:56:46:da:3b:31:45:9b:10:22:11:12:6f: ae:0e:78:35:66:5b:82:3d:11:c3:c6:74:ee:85:67:09:8f:d4: b8:bc:da:74:0a:16:50:8e:18:20:c0:c6:45:d6:93:6d:da:06: 4a:40:74:39:2d:4a:8f:0b:08:93:9b:e9:dd:84:16:86:3e:b1: b4:87:9d:98 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6yM9TeZw93Lcr2RLdGAbvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl NjE0OTEwHhcNMjYwMTAxMTgxODU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNjBmOGJiNzdiMTI0ZjM5NDU3YWEzNTY4NjM1NjZmNGQ3NGYwODU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrV2d6rRhdNR3ebCZGPlbWMDxOI9 mBAU/nYGP5+fWGLY3BGXRyVJi7PBpMynNOFtWs5cRyKtZQ9Eue7iXPZ77KfzMyyw EONLSbZ3hpV6HoJn3++WorKcQLR2Ok57hCEVbVjZiJMv9LInUqSc+0w29JmZJbIv xdpzqSwAP7YK914Z9Z1O/V9TUCaKnG+ubNIrZ+5s3cWZCIksfS/lmTjeo0mwhDYu zXkTOTii5MiMJqJMozL5bWYuZ8qMmE0NzOjNCCOFc3ZTq2yZCSOeQ2uTFTm9t8zR NFvpBR9usjOJ0GOskpE3gcet+/pq2gWTaaqx+f+KTv4PuWM8hYUwtk2sMwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNYPi7d7Ek85RXqjVoY1ZvTXTwhZMB8GA1UdIwQY MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt ZDRlZTFkMzg5ZTBkLzEvMWctTHQzc1NUemxGZXFOV2hqVm05TmRQQ0ZrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXmQFMA0G CSqGSIb3DQEBCwUAA4IBAQCYcyFnp7d1QSVW6y07iGeenccuH1PsT+QGlUwiTb3T t8avterAkLDcZx+n2U3X4tn5RzHCcWEYMxH2tNom2kqXfRJBj4iao/UD48XXMOPy 9F9i7P2oF0G7MxzmCscfGEVfsldiPiz7L7bswRCVT3pCV93URL0gfOVMwE6Lyge/ IjVNupCAByOzhVDYAItbS6WifVxFckIj05taysYxRtgYhKJ7PRvlbOuDXw/jkqU7 8sc1NJkJvnWN+ilWRto7MUWbECIREm+uDng1ZluCPRHDxnTuhWcJj9S4vNp0ChZQ jhggwMZF1pNt2gZKQHQ5LUqPCwiTm+ndhBaGPrG0h52Y -----END CERTIFICATE-----Generated at Tue Jan 20 02:46:12 2026 by rpki-client