This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/IV2STCCIKUBvceivIA9sMZYZz4E.roa File: IV2STCCIKUBvceivIA9sMZYZz4E.roa (raw, json) Hash identifier: NWK88nLTPVw+zgkCFtTK6JB4BF6rMCxtCHK+mBrJ6To= Subject key identifier: 21:5D:92:4C:20:88:29:40:6F:71:E8:AF:20:0F:6C:31:96:19:CF:81 Certificate issuer: /CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6 Certificate serial: 019B78A3191061CD38818512A15E99E421A8 Authority key identifier: F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/IV2STCCIKUBvceivIA9sMZYZz4E.roa Signing time: Thu 01 Jan 2026 08:18:33 +0000 ROA not before: Thu 01 Jan 2026 08:18:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 109.175.210.0/24 maxlen: 24 109.205.193.0/24 maxlen: 24 2a01:fb00::/32 maxlen: 34 2a01:fb00::/33 maxlen: 34 2a01:fb00::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.mft rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 02:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:19:10:61:cd:38:81:85:12:a1:5e:99:e4:21:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f324581e4368825d5e13f4f2a0d6ff8e484c95e6 Validity Not Before: Jan 1 08:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=215d924c208829406f71e8af200f6c319619cf81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:a0:65:f0:8a:9d:74:b9:83:11:e3:53:13:db: 0a:14:6f:35:ce:2b:c5:67:bf:1d:62:4c:bb:e7:47: 39:4f:b2:e1:cd:f3:d0:80:3b:77:7b:e1:d4:e5:49: 01:07:c3:2f:c4:9a:6d:1b:3a:30:97:32:2b:05:de: f9:0f:53:69:06:b7:6e:02:27:08:d0:79:bc:a3:1c: 25:8f:8f:3c:ea:e9:e0:8f:ea:84:ae:3e:ae:52:06: 5b:3e:ce:b2:97:0d:ea:0e:b7:f6:d0:75:61:d8:09: 1b:a3:70:18:47:7f:90:c9:c8:7c:14:78:24:f5:3a: 70:27:a3:81:5c:00:f7:ed:b2:e1:b9:8c:42:63:c2: 1c:03:99:aa:f1:58:03:f4:bb:39:71:ea:51:b9:d8: fe:e4:ab:4c:3f:cb:8e:dc:80:ff:e0:a2:d6:82:44: 17:c6:20:c0:85:3f:ab:7b:c9:f3:7f:26:bb:68:5a: 04:aa:7a:2b:21:6f:4e:07:a3:c7:d6:ae:e0:43:d0: e0:cf:bb:b6:eb:27:bc:4a:70:61:7f:ad:1b:39:24: 2e:c6:dc:b0:54:49:f3:16:22:55:c5:c0:6e:db:22: 0b:50:bb:8c:26:aa:38:5b:db:4c:a5:49:4c:09:68: 9a:5c:2c:64:ee:36:39:39:36:21:4d:e2:d4:e9:c3: 03:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:5D:92:4C:20:88:29:40:6F:71:E8:AF:20:0F:6C:31:96:19:CF:81 X509v3 Authority Key Identifier: keyid:F3:24:58:1E:43:68:82:5D:5E:13:F4:F2:A0:D6:FF:8E:48:4C:95:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yRYHkNogl1eE_TyoNb_jkhMleY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/IV2STCCIKUBvceivIA9sMZYZz4E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/6b91ab-99db-4648-b153-6e2d97ca15ff/1/8yRYHkNogl1eE_TyoNb_jkhMleY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.175.210.0/24 109.205.193.0/24 IPv6: 2a01:fb00::/32 Signature Algorithm: sha256WithRSAEncryption 40:7c:7d:0a:42:d8:db:ed:d7:1b:85:46:28:51:b0:a6:11:6e: e4:a6:f8:82:a6:53:39:60:05:59:bf:9b:3f:b0:5f:e6:70:1c: f9:0d:e3:e6:12:5f:07:b7:bb:41:2f:f3:10:8b:57:5a:73:da: 7f:34:f4:a1:6a:ab:fb:be:39:8b:dd:9d:cd:da:c7:5a:8d:35: ff:ae:62:88:30:a0:68:aa:1f:57:14:5f:de:cf:b2:30:ed:bb: f9:bd:6f:79:5f:e5:c9:41:56:e3:f0:69:cf:06:80:a8:96:ee: ad:99:00:66:2b:86:e7:db:92:51:0b:e8:87:9e:4c:4f:19:f1: 98:a9:9c:c3:c7:76:4d:52:de:fc:65:93:f5:4f:47:94:24:b2: 1e:31:d1:94:50:ba:91:6e:14:e1:12:6f:59:57:20:be:b2:0d: 1b:82:03:01:f3:c6:6a:ed:f3:6c:31:e8:dd:4b:84:31:0e:00: 69:24:a8:52:58:a7:dc:52:dc:45:a2:2e:0c:8f:5f:ac:ce:4d: 80:a2:5e:0c:d3:98:33:79:16:c2:4b:8b:d2:65:ad:2d:29:c0: ae:67:ff:e3:c9:ee:24:b6:13:f5:5e:a1:fe:32:dd:e4:48:93: 9d:95:77:1f:ac:56:b9:0a:a5:89:d2:29:fa:4a:07:dc:e6:ac: 5a:0b:43:a3 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt4oxkQYc04gYUSoV6Z5CGoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYzMjQ1ODFlNDM2ODgyNWQ1ZTEzZjRmMmEwZDZmZjhlNDg0 Yzk1ZTYwHhcNMjYwMTAxMDgxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMTVkOTI0YzIwODgyOTQwNmY3MWU4YWYyMDBmNmMzMTk2MTljZjgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KBl8IqddLmDEeNTE9sKFG81zivF Z78dYky750c5T7LhzfPQgDt3e+HU5UkBB8MvxJptGzowlzIrBd75D1NpBrduAicI 0Hm8oxwlj4886ungj+qErj6uUgZbPs6ylw3qDrf20HVh2Akbo3AYR3+Qych8FHgk 9TpwJ6OBXAD37bLhuYxCY8IcA5mq8VgD9Ls5cepRudj+5KtMP8uO3ID/4KLWgkQX xiDAhT+re8nzfya7aFoEqnorIW9OB6PH1q7gQ9Dgz7u26ye8SnBhf60bOSQuxtyw VEnzFiJVxcBu2yILULuMJqo4W9tMpUlMCWiaXCxk7jY5OTYhTeLU6cMDzQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFCFdkkwgiClAb3HoryAPbDGWGc+BMB8GA1UdIwQY MBaAFPMkWB5DaIJdXhP08qDW/45ITJXmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMt NmUyZDk3Y2ExNWZmLzEvSVYyU1RDQ0lLVUJ2Y2VpdklBOXNNWllaejRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS82YjkxYWItOTlkYi00NjQ4LWIxNTMtNmUyZDk3Y2ExNWZm LzEvOHlSWUhrTm9nbDFlRV9UeW9OYl9qa2hNbGVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAba/SAwQA bc3BMA0EAgACMAcDBQAqAfsAMA0GCSqGSIb3DQEBCwUAA4IBAQBAfH0KQtjb7dcb hUYoUbCmEW7kpviCplM5YAVZv5s/sF/mcBz5DePmEl8Ht7tBL/MQi1dac9p/NPSh aqv7vjmL3Z3N2sdajTX/rmKIMKBoqh9XFF/ez7Iw7bv5vW95X+XJQVbj8GnPBoCo lu6tmQBmK4bn25JRC+iHnkxPGfGYqZzDx3ZNUt78ZZP1T0eUJLIeMdGUULqRbhTh Em9ZVyC+sg0bggMB88Zq7fNsMejdS4QxDgBpJKhSWKfcUtxFoi4Mj1+szk2Aol4M 05gzeRbCS4vSZa0tKcCuZ//jye4kthP1XqH+Mt3kSJOdlXcfrFa5CqWJ0in6Sgfc 5qxaC0Oj -----END CERTIFICATE-----Generated at Fri Jan 2 09:29:56 2026 by rpki-client