This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ikqYwXx4ATF9s6KHl2PLmUXCWlM.roa File: ikqYwXx4ATF9s6KHl2PLmUXCWlM.roa (raw, json) Hash identifier: B0bQ9MUv2KBsMgq8JKkZLtmuuK5t3EQXBliyDo6a9w8= Subject key identifier: 8A:4A:98:C1:7C:78:01:31:7D:B3:A2:87:97:63:CB:99:45:C2:5A:53 Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722 Certificate serial: 019B7B36DDC074A0EA440FFE7F417C2167AC Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ikqYwXx4ATF9s6KHl2PLmUXCWlM.roa Signing time: Thu 01 Jan 2026 20:19:11 +0000 ROA not before: Thu 01 Jan 2026 20:19:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 396356 IP address blocks: 213.145.85.0/24 maxlen: 24 213.145.86.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 11:02:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:dd:c0:74:a0:ea:44:0f:fe:7f:41:7c:21:67:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722 Validity Not Before: Jan 1 20:19:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8a4a98c17c7801317db3a2879763cb9945c25a53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:ce:0b:53:b8:c4:c0:d0:92:f0:91:a2:d0:5f: c9:2c:39:10:80:a9:da:74:fb:52:f6:ce:1e:46:51: 74:cd:e1:bf:d0:c5:9b:27:1e:8b:5c:74:25:aa:ea: 00:60:0b:be:58:f1:97:dc:4c:c2:fd:7e:a3:40:6b: 4a:5f:d0:a1:36:56:d8:bb:7b:6a:36:c7:78:41:bb: 91:82:63:1a:71:da:56:cc:4c:f7:36:f3:90:63:52: d2:92:1e:32:73:80:22:9c:48:84:bb:e8:b8:87:4a: 35:c8:70:01:81:03:b8:a7:b2:c4:e0:75:95:9d:ff: 7c:35:e6:c6:78:ed:75:17:6d:fb:d1:63:4d:9b:a2: 2a:99:bd:4f:ad:3e:b7:a8:28:39:b8:7c:d2:d0:7b: 79:40:2a:e3:c9:0c:c1:1e:1a:1f:36:c1:c3:85:3b: 2f:38:39:6d:ef:04:a6:90:d4:3d:c5:2f:e7:75:26: f5:de:e8:fe:8e:0c:7c:bf:03:f6:f4:fa:e8:a6:87: 03:4a:13:d8:86:8b:0e:08:58:15:a9:62:25:91:fb: da:0a:2c:c2:76:f1:d1:28:57:18:47:9d:76:23:4f: 35:8d:1a:b1:23:13:b4:20:c8:6a:99:9e:c3:2d:88: 2e:c3:d5:f7:c1:0b:47:3b:13:ae:3f:6b:46:32:93: 37:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:4A:98:C1:7C:78:01:31:7D:B3:A2:87:97:63:CB:99:45:C2:5A:53 X509v3 Authority Key Identifier: keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ikqYwXx4ATF9s6KHl2PLmUXCWlM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.145.85.0-213.145.86.255 Signature Algorithm: sha256WithRSAEncryption 1b:3d:57:fb:ee:8c:46:d3:d1:01:c8:e2:6c:22:fd:9d:d0:f1: 36:fd:5d:ae:02:b2:4f:1f:30:0d:e4:31:42:e2:bf:b1:96:90: fb:25:78:3f:a7:6a:3a:df:2f:27:07:29:c1:6e:36:0a:57:f0: 1b:0f:24:d6:96:e3:ba:62:3e:c8:10:25:42:a2:8d:03:24:4b: 1f:3a:9d:09:2f:c6:ec:44:23:2b:51:e9:1d:9c:7f:53:1b:df: b0:a1:a8:f2:fc:37:22:67:76:d5:a7:10:a6:7d:8c:47:c9:28: 73:48:5e:59:02:b0:e3:c2:83:8b:fe:85:63:26:b7:75:37:d6: 2f:41:04:1f:e3:52:3c:7f:47:46:66:81:e6:8e:d7:7e:5c:cd: 8d:b1:3b:6a:a5:b1:99:55:63:25:1b:fc:08:c0:31:9b:94:49: bc:fb:ed:12:d6:9a:6c:b6:8d:af:91:c7:6a:f7:20:c6:40:02: bb:3a:3d:50:91:ef:cd:70:3c:d3:44:5a:3d:b5:a6:0c:4d:bb: 36:1f:71:84:27:07:23:5c:d7:a7:6e:81:6c:ca:30:29:66:16: f7:97:59:4c:c5:6a:c9:ba:db:dc:ce:f1:42:2a:4c:11:9b:1b: 05:9a:99:d8:de:a5:f2:01:5c:ad:2e:d9:a5:d6:88:49:81:39: a1:bc:ea:bb -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt7Nt3AdKDqRA/+f0F8IWesMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx ZDA3MjIwHhcNMjYwMTAxMjAxOTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YTRhOThjMTdjNzgwMTMxN2RiM2EyODc5NzYzY2I5OTQ1YzI1YTUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxs4LU7jEwNCS8JGi0F/JLDkQgKna dPtS9s4eRlF0zeG/0MWbJx6LXHQlquoAYAu+WPGX3EzC/X6jQGtKX9ChNlbYu3tq Nsd4QbuRgmMacdpWzEz3NvOQY1LSkh4yc4AinEiEu+i4h0o1yHABgQO4p7LE4HWV nf98NebGeO11F2370WNNm6Iqmb1PrT63qCg5uHzS0Ht5QCrjyQzBHhofNsHDhTsv ODlt7wSmkNQ9xS/ndSb13uj+jgx8vwP29PropocDShPYhosOCFgVqWIlkfvaCizC dvHRKFcYR512I081jRqxIxO0IMhqmZ7DLYguw9X3wQtHOxOuP2tGMpM3YwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFIpKmMF8eAExfbOih5djy5lFwlpTMB8GA1UdIwQY MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt ZDI0MmI2ZjNhOGExLzEvaWtxWXdYeDRBVEY5czZLSGwyUExtVVhDV2xNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADVkVUD BADVkVYwDQYJKoZIhvcNAQELBQADggEBABs9V/vujEbT0QHI4mwi/Z3Q8Tb9Xa4C sk8fMA3kMULiv7GWkPsleD+najrfLycHKcFuNgpX8BsPJNaW47piPsgQJUKijQMk Sx86nQkvxuxEIytR6R2cf1Mb37ChqPL8NyJndtWnEKZ9jEfJKHNIXlkCsOPCg4v+ hWMmt3U31i9BBB/jUjx/R0ZmgeaO135czY2xO2qlsZlVYyUb/AjAMZuUSbz77RLW mmy2ja+Rx2r3IMZAArs6PVCR781wPNNEWj21pgxNuzYfcYQnByNc16dugWzKMClm FveXWUzFasm629zO8UIqTBGbGwWamdjepfIBXK0u2aXWiEmBOaG86rs= -----END CERTIFICATE-----Generated at Mon Jan 19 20:14:54 2026 by rpki-client