This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/ifhYa3Ahf-7nBPCkXYplSHiOD7E.roa File: ifhYa3Ahf-7nBPCkXYplSHiOD7E.roa (raw, json) Hash identifier: JrhH2ZSJK6uvHDAbaPFXGHKEtzyC6In9rAcOXfiQpmE= Subject key identifier: 89:F8:58:6B:70:21:7F:EE:E7:04:F0:A4:5D:8A:65:48:78:8E:0F:B1 Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5 Certificate serial: 019B7BA4A0F5B76911872139D4EEBF18A3FF Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/ifhYa3Ahf-7nBPCkXYplSHiOD7E.roa Signing time: Thu 01 Jan 2026 22:19:05 +0000 ROA not before: Thu 01 Jan 2026 22:19:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204957 IP address blocks: 45.137.155.0/24 maxlen: 24 194.32.104.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:a0:f5:b7:69:11:87:21:39:d4:ee:bf:18:a3:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5 Validity Not Before: Jan 1 22:19:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=89f8586b70217feee704f0a45d8a6548788e0fb1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:9f:b1:6a:0d:03:38:00:66:31:2e:6a:f1:c8: 4e:57:84:b5:03:88:92:8a:78:e4:3e:ae:7d:80:1f: eb:18:53:66:9b:5c:88:9c:ca:dd:c0:b4:f1:33:bb: c5:60:9f:c4:8a:b1:f9:24:35:d3:e6:15:fa:0f:7b: 69:04:41:42:9e:d5:54:0d:70:b9:cc:bf:7e:07:5a: c6:a7:80:be:2f:be:81:4c:64:c7:fe:fa:15:c2:2c: 64:99:a5:ad:af:42:7a:42:cf:37:10:22:95:00:8e: 75:24:0b:a6:dd:09:9c:0a:3e:4d:a1:2c:60:02:a4: cc:23:c1:f6:7b:c9:40:31:fa:f9:78:f0:b9:d4:c2: 29:33:fb:41:15:5d:c9:ff:e5:66:27:a3:8f:4e:e9: a9:dc:69:4b:54:3b:6d:c4:07:46:aa:89:32:ec:31: 22:f0:91:46:3f:25:4a:77:dd:7c:57:34:31:ef:47: 01:9d:08:c8:27:f8:26:9e:02:0e:5e:e1:9c:02:c6: 6c:64:0c:9f:d4:c3:2a:bd:31:23:50:db:f7:d1:b2: 69:96:69:a5:b3:1b:d4:60:7f:9e:b3:3d:dc:b7:09: ef:bd:6d:27:8c:69:89:3d:6c:fb:fa:ba:85:63:b8: 1f:ed:cb:97:2b:2c:ee:f4:1b:49:63:15:25:2b:e5: 1c:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:F8:58:6B:70:21:7F:EE:E7:04:F0:A4:5D:8A:65:48:78:8E:0F:B1 X509v3 Authority Key Identifier: keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/ifhYa3Ahf-7nBPCkXYplSHiOD7E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.137.155.0/24 194.32.104.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:fb:8b:ed:24:78:d4:eb:27:b1:ac:73:af:27:a5:51:86:a7: 7a:65:58:d4:6d:22:d8:d5:2a:21:cd:b5:4f:55:13:73:6d:2f: cf:f6:15:c3:18:7e:a2:0d:f4:c8:ee:ee:43:2b:db:2a:47:48: d3:7a:f5:58:49:63:36:ed:bc:78:bf:a8:a2:cd:84:ac:0a:1e: 9c:3c:7f:fc:78:24:13:38:f6:92:e7:f9:de:a7:1f:13:73:77: 95:b6:b9:b4:05:e4:2f:da:d9:42:76:b6:29:10:b3:36:74:2b: 06:87:42:78:d3:02:e0:50:3e:41:a1:59:f7:00:78:5c:12:fe: fd:3c:87:a0:87:00:11:2a:32:e5:43:c3:c7:37:a4:b0:79:66: f0:f9:0d:6a:4d:4e:fd:33:1c:cf:13:1c:8b:df:b1:9d:5e:88: f6:c3:71:3b:1d:17:da:42:6f:8f:47:c6:51:a0:ad:20:f0:68: 63:b0:c9:09:e4:8d:db:3e:03:37:58:68:50:78:af:19:15:ff: 35:9f:d7:72:c4:c0:83:6a:70:8c:53:a9:4a:18:59:12:6a:c5: 53:4e:53:37:e3:5a:6c:5b:d1:19:2b:e4:69:d8:9d:b0:a9:59: 0d:b8:8a:ca:63:1b:a6:e2:09:4f:2b:c6:67:7b:97:0d:50:75: 27:2e:d9:f5 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7pKD1t2kRhyE51O6/GKP/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4 YWJjYzUwHhcNMjYwMTAxMjIxOTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OWY4NTg2YjcwMjE3ZmVlZTcwNGYwYTQ1ZDhhNjU0ODc4OGUwZmIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ+xag0DOABmMS5q8chOV4S1A4iS injkPq59gB/rGFNmm1yInMrdwLTxM7vFYJ/EirH5JDXT5hX6D3tpBEFCntVUDXC5 zL9+B1rGp4C+L76BTGTH/voVwixkmaWtr0J6Qs83ECKVAI51JAum3QmcCj5NoSxg AqTMI8H2e8lAMfr5ePC51MIpM/tBFV3J/+VmJ6OPTump3GlLVDttxAdGqoky7DEi 8JFGPyVKd918VzQx70cBnQjIJ/gmngIOXuGcAsZsZAyf1MMqvTEjUNv30bJplmml sxvUYH+esz3ctwnvvW0njGmJPWz7+rqFY7gf7cuXKyzu9BtJYxUlK+UchwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIn4WGtwIX/u5wTwpF2KZUh4jg+xMB8GA1UdIwQY MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt NmZlOWJmNjA1NjFjLzEvaWZoWWEzQWhmLTduQlBDa1hZcGxTSGlPRDdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYmbAwQA wiBoMA0GCSqGSIb3DQEBCwUAA4IBAQCO+4vtJHjU6yexrHOvJ6VRhqd6ZVjUbSLY 1SohzbVPVRNzbS/P9hXDGH6iDfTI7u5DK9sqR0jTevVYSWM27bx4v6iizYSsCh6c PH/8eCQTOPaS5/nepx8Tc3eVtrm0BeQv2tlCdrYpELM2dCsGh0J40wLgUD5BoVn3 AHhcEv79PIeghwARKjLlQ8PHN6SweWbw+Q1qTU79MxzPExyL37GdXoj2w3E7HRfa Qm+PR8ZRoK0g8GhjsMkJ5I3bPgM3WGhQeK8ZFf81n9dyxMCDanCMU6lKGFkSasVT TlM341psW9EZK+Rp2J2wqVkNuIrKYxum4glPK8Zne5cNUHUnLtn1 -----END CERTIFICATE-----Generated at Tue Jan 20 02:46:11 2026 by rpki-client