This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/8YICkcy5MxdkFP4Ulv27x-Ip2YA.roa File: 8YICkcy5MxdkFP4Ulv27x-Ip2YA.roa (raw, json) Hash identifier: FjVwt2RS+W3bJxzVk95vARiv6Ttn05j7+22iJ3Ku7Y8= Subject key identifier: F1:82:02:91:CC:B9:33:17:64:14:FE:14:96:FD:BB:C7:E2:29:D9:80 Certificate issuer: /CN=beb12ce6a91030e27d5abad146df27bc2880652b Certificate serial: 019B7A5B5190E0AE19C39EA9775728FB7616 Authority key identifier: BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/8YICkcy5MxdkFP4Ulv27x-Ip2YA.roa Signing time: Thu 01 Jan 2026 16:19:23 +0000 ROA not before: Thu 01 Jan 2026 16:19:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42705 IP address blocks: 5.11.20.0/24 maxlen: 24 5.11.23.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.crl rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.mft rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:51:90:e0:ae:19:c3:9e:a9:77:57:28:fb:76:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=beb12ce6a91030e27d5abad146df27bc2880652b Validity Not Before: Jan 1 16:19:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f1820291ccb933176414fe1496fdbbc7e229d980 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:b0:3f:dc:98:41:aa:a1:98:6a:c7:29:53:86: ba:7a:10:e0:c7:8f:1b:ad:08:e1:a7:0a:76:74:13: 65:04:ec:e2:1c:a3:0c:ad:dd:62:b6:0a:46:5f:74: 64:26:43:30:17:16:82:f7:00:71:61:c6:bb:7a:7f: f1:80:0f:bc:09:8a:d5:95:eb:41:06:9e:f7:4f:38: 8f:19:28:c1:76:d2:66:1b:96:83:69:fa:e4:cf:c8: 62:ed:a8:65:2c:f3:ef:ea:e0:f1:3a:e6:14:f4:ef: f9:a5:85:47:36:2e:09:9c:79:53:0f:75:a1:8a:7b: 22:da:30:3e:df:42:c2:67:03:0f:0b:9d:d5:93:37: db:ec:cf:43:f7:1c:ce:6e:d6:ec:c4:0e:e3:92:9b: 87:90:f7:84:f1:44:44:a5:96:bc:3f:54:14:82:1d: d6:77:f9:31:96:92:85:21:47:19:09:ca:a7:52:c7: c2:12:9b:6a:91:82:71:1e:0b:55:0a:4f:66:27:8e: 16:ec:cc:8a:63:fe:a2:87:7b:f5:67:eb:10:3a:3b: 4f:d8:51:37:52:b3:9f:9b:46:15:ba:74:5d:a5:51: d6:42:8e:9f:2c:0f:28:27:ea:9e:81:f8:bb:91:97: 73:a7:6f:f9:9d:a2:84:1c:7d:32:5b:21:7b:f0:06: 6a:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:82:02:91:CC:B9:33:17:64:14:FE:14:96:FD:BB:C7:E2:29:D9:80 X509v3 Authority Key Identifier: keyid:BE:B1:2C:E6:A9:10:30:E2:7D:5A:BA:D1:46:DF:27:BC:28:80:65:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/8YICkcy5MxdkFP4Ulv27x-Ip2YA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/74940a-d9fa-4552-be5c-a7ade434d451/1/vrEs5qkQMOJ9WrrRRt8nvCiAZSs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.11.20.0/24 5.11.23.0/24 Signature Algorithm: sha256WithRSAEncryption 3c:2b:2a:a2:02:db:c0:0a:70:05:ee:8b:d6:ec:36:a7:a4:de: 19:b5:69:23:cb:ca:e7:33:41:c9:bb:0f:bb:f2:a4:eb:d8:58: 23:49:f6:6f:03:d5:c0:c4:ee:c9:00:ab:19:eb:43:a2:78:ad: 17:8f:ba:8b:51:54:f3:96:a6:74:f6:0c:3d:43:6e:e2:ee:fa: d1:86:db:43:b5:62:fb:2c:85:2a:1b:d6:8a:00:18:ce:6a:b9: ad:50:d9:08:59:f9:fb:2c:4c:e3:43:50:88:76:5c:bb:92:2b: b7:d5:95:9e:f1:1f:cf:2b:ec:eb:2b:e3:c1:2a:2d:7c:d1:81: 2d:e3:f4:da:79:6f:72:8e:01:27:9c:f8:ed:e5:ea:9d:6f:f4: 93:23:d4:43:93:b0:e6:b8:5b:77:8a:93:c1:97:30:f5:2a:8b: 07:bd:98:3c:1c:8f:da:88:a9:a8:7d:eb:e6:53:7d:68:20:e0: 3d:13:35:9c:f6:b3:12:01:ef:16:76:d4:34:51:5a:8d:b9:ed: 68:d1:16:3f:f0:65:9e:6c:4b:6d:e1:d4:de:96:1f:70:df:14: 72:92:72:1a:6f:dd:6a:bf:39:60:1f:00:12:71:45:47:96:6e: b9:74:9b:59:df:5f:47:35:9f:ab:3d:fc:be:96:99:15:fb:c3: 9b:d8:a9:61 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6W1GQ4K4Zw56pd1co+3YWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJlYjEyY2U2YTkxMDMwZTI3ZDVhYmFkMTQ2ZGYyN2JjMjg4 MDY1MmIwHhcNMjYwMTAxMTYxOTIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMTgyMDI5MWNjYjkzMzE3NjQxNGZlMTQ5NmZkYmJjN2UyMjlkOTgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rA/3JhBqqGYascpU4a6ehDgx48b rQjhpwp2dBNlBOziHKMMrd1itgpGX3RkJkMwFxaC9wBxYca7en/xgA+8CYrVletB Bp73TziPGSjBdtJmG5aDafrkz8hi7ahlLPPv6uDxOuYU9O/5pYVHNi4JnHlTD3Wh insi2jA+30LCZwMPC53Vkzfb7M9D9xzObtbsxA7jkpuHkPeE8UREpZa8P1QUgh3W d/kxlpKFIUcZCcqnUsfCEptqkYJxHgtVCk9mJ44W7MyKY/6ih3v1Z+sQOjtP2FE3 UrOfm0YVunRdpVHWQo6fLA8oJ+qegfi7kZdzp2/5naKEHH0yWyF78AZqsQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFPGCApHMuTMXZBT+FJb9u8fiKdmAMB8GA1UdIwQY MBaAFL6xLOapEDDifVq60UbfJ7wogGUrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMt YTdhZGU0MzRkNDUxLzEvOFlJQ2tjeTVNeGRrRlA0VWx2Mjd4LUlwMllBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOC83NDk0MGEtZDlmYS00NTUyLWJlNWMtYTdhZGU0MzRkNDUx LzEvdnJFczVxa1FNT0o5V3JyUlJ0OG52Q2lBWlNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQsUAwQA BQsXMA0GCSqGSIb3DQEBCwUAA4IBAQA8KyqiAtvACnAF7ovW7DanpN4ZtWkjy8rn M0HJuw+78qTr2FgjSfZvA9XAxO7JAKsZ60OieK0Xj7qLUVTzlqZ09gw9Q27i7vrR httDtWL7LIUqG9aKABjOarmtUNkIWfn7LEzjQ1CIdly7kiu31ZWe8R/PK+zrK+PB Ki180YEt4/TaeW9yjgEnnPjt5eqdb/STI9RDk7DmuFt3ipPBlzD1KosHvZg8HI/a iKmofevmU31oIOA9EzWc9rMSAe8WdtQ0UVqNue1o0RY/8GWebEtt4dTelh9w3xRy knIab91qvzlgHwAScUVHlm65dJtZ319HNZ+rPfy+lpkV+8Ob2Klh -----END CERTIFICATE-----Generated at Tue Jan 20 04:46:12 2026 by rpki-client