This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/IV8KaL466Or2Gd3g8GhLVQqi3ok.roa File: IV8KaL466Or2Gd3g8GhLVQqi3ok.roa (raw, json) Hash identifier: wHbPXx2RZxFt8GfE/4X5m1dltaqNxSxAAhZqzmTPUSk= Subject key identifier: 21:5F:0A:68:BE:3A:E8:EA:F6:19:DD:E0:F0:68:4B:55:0A:A2:DE:89 Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb Certificate serial: 019B7758F046C99D10563B5C51DC47954435 Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/IV8KaL466Or2Gd3g8GhLVQqi3ok.roa Signing time: Thu 01 Jan 2026 02:17:55 +0000 ROA not before: Thu 01 Jan 2026 02:17:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203125 IP address blocks: 2a01:367:3953::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 14:02:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:f0:46:c9:9d:10:56:3b:5c:51:dc:47:95:44:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb Validity Not Before: Jan 1 02:17:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=215f0a68be3ae8eaf619dde0f0684b550aa2de89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:ec:05:cd:f3:d9:bd:65:9b:68:d9:c1:ff:ae: c2:26:ce:2e:f3:c4:22:6b:3d:53:32:68:54:c5:e2: 36:56:89:55:8a:f1:1d:a0:6d:88:a3:fa:03:24:a2: 41:14:9b:7b:6c:d6:7a:66:b7:f8:e7:7d:61:e8:47: 53:c3:3a:72:38:ed:56:fc:08:1a:6d:b7:eb:dc:10: 7b:a2:dd:9e:44:85:34:92:60:8c:78:90:dc:45:cf: 83:b7:0f:91:b7:e9:57:d0:a9:5a:3f:be:07:ff:de: 12:41:8f:01:5b:61:59:06:06:21:e9:ce:86:62:80: 26:77:7f:5f:47:c6:ee:22:32:c2:6c:ce:5b:8e:2d: 8a:07:ff:d9:7e:6b:ab:61:d0:b4:fb:ba:3c:58:bb: b2:a5:e3:30:9b:f4:9f:a8:c3:4f:c3:cc:b7:f7:42: 6a:26:04:8d:7a:82:e9:44:f1:02:8b:da:49:cd:3f: 07:7b:f4:c2:ce:c6:6a:67:65:d1:df:30:95:99:83: 48:38:8b:81:3b:e3:d9:49:58:fa:e5:cf:5c:90:76: 21:55:d0:fa:9a:1d:fc:39:23:f6:66:0e:cf:b9:cc: 25:a8:c9:97:2e:66:12:f9:7a:c4:d8:b5:7c:b0:f1: 67:c4:d7:8d:96:9f:51:f3:7d:7e:37:ea:d5:e4:22: 2b:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:5F:0A:68:BE:3A:E8:EA:F6:19:DD:E0:F0:68:4B:55:0A:A2:DE:89 X509v3 Authority Key Identifier: keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/IV8KaL466Or2Gd3g8GhLVQqi3ok.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:367:3953::/48 Signature Algorithm: sha256WithRSAEncryption 14:de:63:3e:65:89:45:e1:34:70:13:22:2c:9f:b8:1d:6b:b2: 24:3e:ea:ca:74:85:c9:6e:43:6e:39:bd:75:6a:93:5e:3c:50: fe:8f:01:c9:9f:0a:21:9f:cf:63:f7:ac:63:33:bd:7e:dd:79: 41:ee:3f:df:2e:5d:7f:4d:a6:a1:d9:68:4f:e9:91:1f:3a:b4: bb:ab:7d:68:56:45:a6:59:0e:f7:9d:e5:c1:a8:66:16:f4:07: 35:b8:89:b8:08:4e:3e:46:73:a7:a2:0d:b8:dc:e0:d2:00:77: 6d:4f:37:3d:08:c1:79:33:f5:3a:aa:1e:5e:74:c6:0a:28:38: bb:8b:1d:49:f1:98:35:0b:ee:4c:62:83:cc:50:e7:1f:69:30: 4a:b0:73:4f:e9:1d:a1:17:e6:a5:42:48:28:8b:93:9c:ea:c2: 13:b0:6c:06:78:1f:3e:27:a3:10:4d:92:5b:fd:7c:4e:5c:06: 90:4b:92:5a:67:c1:e7:91:60:c1:55:57:5b:aa:23:55:c4:15: 33:a0:9b:74:4b:da:0f:aa:42:76:bc:ec:c9:a5:e8:45:5a:72: 10:c4:33:81:87:82:8f:a2:5a:0d:3a:dc:bc:23:e1:5d:b7:2b: f5:ed:3b:e2:ae:43:34:e7:a1:80:26:f3:95:79:b0:9a:f0:ab: b6:c7:e8:d6 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt3WPBGyZ0QVjtcUdxHlUQ1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi MGZhZGIwHhcNMjYwMTAxMDIxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMTVmMGE2OGJlM2FlOGVhZjYxOWRkZTBmMDY4NGI1NTBhYTJkZTg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOwFzfPZvWWbaNnB/67CJs4u88Qi az1TMmhUxeI2VolVivEdoG2Io/oDJKJBFJt7bNZ6Zrf4531h6EdTwzpyOO1W/Aga bbfr3BB7ot2eRIU0kmCMeJDcRc+Dtw+Rt+lX0KlaP74H/94SQY8BW2FZBgYh6c6G YoAmd39fR8buIjLCbM5bji2KB//ZfmurYdC0+7o8WLuypeMwm/SfqMNPw8y390Jq JgSNeoLpRPECi9pJzT8He/TCzsZqZ2XR3zCVmYNIOIuBO+PZSVj65c9ckHYhVdD6 mh38OSP2Zg7PucwlqMmXLmYS+XrE2LV8sPFnxNeNlp9R831+N+rV5CIr8wIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFCFfCmi+Oujq9hnd4PBoS1UKot6JMB8GA1UdIwQY MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt NThiMzhmNWFjODBiLzEvSVY4S2FMNDY2T3IyR2QzZzhHaExWUXFpM29rLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEDZzlT MA0GCSqGSIb3DQEBCwUAA4IBAQAU3mM+ZYlF4TRwEyIsn7gda7IkPurKdIXJbkNu Ob11apNePFD+jwHJnwohn89j96xjM71+3XlB7j/fLl1/Taah2WhP6ZEfOrS7q31o VkWmWQ73neXBqGYW9Ac1uIm4CE4+RnOnog243ODSAHdtTzc9CMF5M/U6qh5edMYK KDi7ix1J8Zg1C+5MYoPMUOcfaTBKsHNP6R2hF+alQkgoi5Oc6sITsGwGeB8+J6MQ TZJb/XxOXAaQS5JaZ8HnkWDBVVdbqiNVxBUzoJt0S9oPqkJ2vOzJpehFWnIQxDOB h4KPoloNOty8I+Fdtyv17TvirkM056GAJvOVebCa8Ku2x+jW -----END CERTIFICATE-----Generated at Wed Jan 21 00:03:46 2026 by rpki-client