This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/IXCeJ_byCNVELvp9jRcWKh_bBvc.roa File: IXCeJ_byCNVELvp9jRcWKh_bBvc.roa (raw, json) Hash identifier: HLRQyauNlxqkbbZVe7bwHpiiXRRzErR+W+RnPz3utM0= Subject key identifier: 21:70:9E:27:F6:F2:08:D5:44:2E:FA:7D:8D:17:16:2A:1F:DB:06:F7 Certificate issuer: /CN=4f895ff0e99a77c017e8a383292cb5c6f8261120 Certificate serial: 019B797F2E029069FE711551BA8A8327F465 Authority key identifier: 4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/IXCeJ_byCNVELvp9jRcWKh_bBvc.roa Signing time: Thu 01 Jan 2026 12:18:56 +0000 ROA not before: Thu 01 Jan 2026 12:18:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1299 IP address blocks: 185.26.158.0/24 maxlen: 24 2a00:d0c0:1299::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.mft rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:2e:02:90:69:fe:71:15:51:ba:8a:83:27:f4:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f895ff0e99a77c017e8a383292cb5c6f8261120 Validity Not Before: Jan 1 12:18:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21709e27f6f208d5442efa7d8d17162a1fdb06f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:54:27:3f:8a:2e:c8:cc:0f:7a:10:1a:84:df: d1:dd:8a:47:f9:2d:1f:1c:7c:b4:5d:02:68:17:68: 11:c9:af:86:0a:92:5a:83:90:55:9e:bf:8f:24:4d: 90:8a:24:b5:34:d6:83:54:14:59:7b:07:6c:44:fa: 30:30:01:e5:44:18:4e:d7:1e:ba:04:f0:66:32:97: 3a:28:11:1d:d3:09:54:c1:14:8c:4e:a6:f4:77:38: 45:2a:5f:fe:03:9a:a1:48:58:67:7f:6d:36:82:07: 47:2d:72:fb:ac:d3:d8:e6:ce:5c:a5:97:1e:05:9d: 19:15:3e:ae:0a:2b:04:3e:05:08:a6:e8:70:80:fc: e9:d5:cd:32:6a:2b:4f:e3:d0:86:d2:a7:62:d2:3a: 79:2d:1f:6f:90:eb:13:c7:34:6c:47:97:d3:1c:78: 4f:0c:50:68:ca:93:c9:3d:74:65:75:00:f1:3e:21: 04:a0:db:7b:74:2e:6e:64:4f:d4:7d:25:63:2e:28: fd:ab:2c:e7:a2:bd:ed:88:d3:20:42:c9:ed:cf:fb: 78:57:f4:ec:61:f5:ff:27:ce:ca:c6:d1:8a:70:f1: 06:d6:9e:c2:73:dd:21:41:23:73:8c:c7:f9:16:58: cc:90:ec:ad:2b:91:c6:2e:25:de:f1:cc:60:0c:55: 18:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:70:9E:27:F6:F2:08:D5:44:2E:FA:7D:8D:17:16:2A:1F:DB:06:F7 X509v3 Authority Key Identifier: keyid:4F:89:5F:F0:E9:9A:77:C0:17:E8:A3:83:29:2C:B5:C6:F8:26:11:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4lf8Omad8AX6KODKSy1xvgmESA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/IXCeJ_byCNVELvp9jRcWKh_bBvc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3328da-aa4e-445b-9da9-d053745c2acc/1/T4lf8Omad8AX6KODKSy1xvgmESA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.26.158.0/24 IPv6: 2a00:d0c0:1299::/48 Signature Algorithm: sha256WithRSAEncryption 3f:12:e0:46:2a:f1:21:d4:4e:1c:29:db:67:fa:27:be:bf:36: b2:e2:3c:62:df:60:45:16:e7:b1:a7:d7:af:c4:4e:80:03:bd: aa:ce:80:f1:fb:9e:38:32:85:58:c7:c1:5a:62:7f:3a:40:51: 00:ee:72:00:f2:52:59:7f:3c:d7:94:5a:e7:bc:17:d0:6b:55: 28:ee:3d:47:3e:a9:8f:ce:ee:fa:97:55:79:4d:be:2a:8b:62: 57:18:47:f2:d6:3b:d7:f7:07:e3:79:cd:fc:ef:06:7c:43:47: 6d:29:07:c6:89:bd:f5:0e:a2:20:6e:c5:ea:a6:88:e8:9a:c0: 54:9a:41:f1:be:a9:0e:17:08:60:8b:ac:84:89:0b:37:c8:7b: 76:ae:a0:ee:50:47:83:6c:74:17:17:74:72:98:76:48:fc:01: b1:b9:cb:7e:d0:bd:be:b2:d8:6d:20:19:e8:e1:20:d4:f4:28: d1:6e:06:5c:bc:d4:1c:1b:1f:ed:8e:69:88:d9:62:f4:2b:25: 77:f4:ba:d2:46:99:4f:46:b9:a7:bb:a9:54:67:85:80:c8:0d: 82:08:47:a6:b2:49:8c:3e:43:8f:8c:33:a4:47:38:b1:58:c3: 9b:92:49:a7:61:b3:93:f7:fb:a7:05:34:29:da:75:78:b9:c1: 4a:a4:c2:8b -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt5fy4CkGn+cRVRuoqDJ/RlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmODk1ZmYwZTk5YTc3YzAxN2U4YTM4MzI5MmNiNWM2Zjgy NjExMjAwHhcNMjYwMTAxMTIxODU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMTcwOWUyN2Y2ZjIwOGQ1NDQyZWZhN2Q4ZDE3MTYyYTFmZGIwNmY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VQnP4ouyMwPehAahN/R3YpH+S0f HHy0XQJoF2gRya+GCpJag5BVnr+PJE2QiiS1NNaDVBRZewdsRPowMAHlRBhO1x66 BPBmMpc6KBEd0wlUwRSMTqb0dzhFKl/+A5qhSFhnf202ggdHLXL7rNPY5s5cpZce BZ0ZFT6uCisEPgUIpuhwgPzp1c0yaitP49CG0qdi0jp5LR9vkOsTxzRsR5fTHHhP DFBoypPJPXRldQDxPiEEoNt7dC5uZE/UfSVjLij9qyznor3tiNMgQsntz/t4V/Ts YfX/J87KxtGKcPEG1p7Cc90hQSNzjMf5FljMkOytK5HGLiXe8cxgDFUYgwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFCFwnif28gjVRC76fY0XFiof2wb3MB8GA1UdIwQY MBaAFE+JX/DpmnfAF+ijgykstcb4JhEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTkt ZDA1Mzc0NWMyYWNjLzEvSVhDZUpfYnlDTlZFTHZwOWpSY1dLaF9iQnZjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS8zMzI4ZGEtYWE0ZS00NDViLTlkYTktZDA1Mzc0NWMyYWNj LzEvVDRsZjhPbWFkOEFYNktPREtTeTF4dmdtRVNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuRqeMA8E AgACMAkDBwAqANDAEpkwDQYJKoZIhvcNAQELBQADggEBAD8S4EYq8SHUThwp22f6 J76/NrLiPGLfYEUW57Gn16/EToADvarOgPH7njgyhVjHwVpifzpAUQDucgDyUll/ PNeUWue8F9BrVSjuPUc+qY/O7vqXVXlNviqLYlcYR/LWO9f3B+N5zfzvBnxDR20p B8aJvfUOoiBuxeqmiOiawFSaQfG+qQ4XCGCLrISJCzfIe3auoO5QR4NsdBcXdHKY dkj8AbG5y37Qvb6y2G0gGejhINT0KNFuBly81BwbH+2OaYjZYvQrJXf0utJGmU9G uae7qVRnhYDIDYIIR6aySYw+Q4+MM6RHOLFYw5uSSadhs5P3+6cFNCnadXi5wUqk wos= -----END CERTIFICATE-----Generated at Wed Jan 21 07:21:59 2026 by rpki-client