This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/iO24D_W0B1UjBwRFlQ8CdPgIqgs.roa File: iO24D_W0B1UjBwRFlQ8CdPgIqgs.roa (raw, json) Hash identifier: VKTFC+1OrvrVs+DP4mHHKFLGZKyqteGaSW/b1eEAqMs= Subject key identifier: 88:ED:B8:0F:F5:B4:07:55:23:07:04:45:95:0F:02:74:F8:08:AA:0B Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Certificate serial: 019B7EA6B368A8B66BEB94E61449365BACAF Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/iO24D_W0B1UjBwRFlQ8CdPgIqgs.roa Signing time: Fri 02 Jan 2026 12:20:12 +0000 ROA not before: Fri 02 Jan 2026 12:20:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21334 IP address blocks: 2a01:870::/32 maxlen: 32 2a01:8f8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:b3:68:a8:b6:6b:eb:94:e6:14:49:36:5b:ac:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Validity Not Before: Jan 2 12:20:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=88edb80ff5b4075523070445950f0274f808aa0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:20:60:54:a6:f2:26:86:b6:23:68:f6:5c:1a: a6:bc:34:6a:58:37:66:e3:82:50:40:db:27:f6:da: 6d:fe:98:04:03:66:2f:c4:4a:25:34:65:6e:0c:16: 43:1d:69:00:34:b1:3d:76:fa:8a:2e:4b:7f:79:d3: 6f:fb:cb:15:9a:4e:23:e4:2b:b9:ce:74:df:68:0b: f2:b8:d3:a4:63:3c:e1:3f:72:05:fb:c7:40:1a:d3: 70:a5:06:d6:74:03:a9:99:16:8c:3e:67:30:22:47: 73:99:b1:83:e6:e2:45:d4:5f:c2:1b:1b:e8:b5:4c: ce:bd:d8:bb:07:b1:43:67:38:dc:e6:b1:29:72:13: 93:dd:ba:5b:11:8e:9c:4e:57:00:ca:22:ca:b7:72: 58:c6:c3:b3:b2:dd:29:25:00:87:a6:7d:6a:dc:8e: 6a:ad:cf:e6:5a:09:90:65:58:6c:00:24:ee:2c:99: 88:c2:52:0b:d2:16:08:af:1e:1d:2c:7d:01:b5:01: 76:85:b7:43:1f:2a:b9:f9:de:6f:8d:9e:78:a5:25: 0d:87:8d:61:5c:e7:66:40:05:9e:f1:20:71:5a:c7: 79:44:af:bc:bf:71:57:35:ed:95:8f:b1:12:46:71: 2f:92:d0:00:bb:6d:93:6c:50:cf:f1:ff:a1:a5:be: ca:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:ED:B8:0F:F5:B4:07:55:23:07:04:45:95:0F:02:74:F8:08:AA:0B X509v3 Authority Key Identifier: keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/iO24D_W0B1UjBwRFlQ8CdPgIqgs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:870::/32 2a01:8f8::/32 Signature Algorithm: sha256WithRSAEncryption 40:28:07:36:82:55:c3:fe:bc:0c:90:ab:57:d2:71:d7:74:1e: 20:3e:9e:a9:44:c0:12:6c:25:11:b9:33:b8:0d:d0:a4:0e:27: 31:eb:bc:46:23:53:bf:e8:ce:a6:0d:f6:2e:87:b1:94:99:02: fd:31:68:7f:69:70:b8:54:37:01:10:6c:ef:a0:fc:fa:71:52: ea:1c:b4:df:82:87:72:98:4b:2e:fd:50:a4:bd:3a:8c:a4:d2: 52:2a:20:14:db:d1:f8:68:f0:66:7a:52:a6:b1:4a:3b:a1:7a: 88:ce:56:a2:79:bd:09:9f:3a:87:6f:06:98:9c:20:44:8b:8e: b8:a1:19:ed:e0:19:73:77:34:d7:bb:ae:30:35:f5:29:ca:c6: 13:0a:10:d0:2b:fa:68:51:fb:93:6d:ac:f1:0e:67:a8:56:31: 48:7b:87:6a:06:db:46:56:09:9c:fe:4d:44:a3:8f:90:95:61: f7:36:70:9c:30:e1:c3:04:8b:5a:f7:44:25:fe:90:47:d4:02: bc:9f:e2:c1:91:aa:0f:87:8c:33:66:41:9d:1c:79:7b:53:df: 9b:2c:3d:fc:1c:2d:a5:56:36:ac:3e:f3:11:73:90:4a:89:4b: 21:6a:ad:ef:5b:e5:ee:8f:9d:78:ac:f0:6a:71:4e:94:f2:8d: 7c:fa:52:6a -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt+prNoqLZr65TmFEk2W6yvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3 NTE1ZDIwHhcNMjYwMTAyMTIyMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OGVkYjgwZmY1YjQwNzU1MjMwNzA0NDU5NTBmMDI3NGY4MDhhYTBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiBgVKbyJoa2I2j2XBqmvDRqWDdm 44JQQNsn9tpt/pgEA2YvxEolNGVuDBZDHWkANLE9dvqKLkt/edNv+8sVmk4j5Cu5 znTfaAvyuNOkYzzhP3IF+8dAGtNwpQbWdAOpmRaMPmcwIkdzmbGD5uJF1F/CGxvo tUzOvdi7B7FDZzjc5rEpchOT3bpbEY6cTlcAyiLKt3JYxsOzst0pJQCHpn1q3I5q rc/mWgmQZVhsACTuLJmIwlIL0hYIrx4dLH0BtQF2hbdDHyq5+d5vjZ54pSUNh41h XOdmQAWe8SBxWsd5RK+8v3FXNe2Vj7ESRnEvktAAu22TbFDP8f+hpb7KtwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFIjtuA/1tAdVIwcERZUPAnT4CKoLMB8GA1UdIwQY MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt ZWVjNWQ1MGVmYTk0LzEvaU8yNERfVzBCMVVqQndSRmxROENkUGdJcWdzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0 LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgEIcAMF ACoBCPgwDQYJKoZIhvcNAQELBQADggEBAEAoBzaCVcP+vAyQq1fScdd0HiA+nqlE wBJsJRG5M7gN0KQOJzHrvEYjU7/ozqYN9i6HsZSZAv0xaH9pcLhUNwEQbO+g/Ppx UuoctN+Ch3KYSy79UKS9Ooyk0lIqIBTb0fho8GZ6UqaxSjuheojOVqJ5vQmfOodv BpicIESLjrihGe3gGXN3NNe7rjA19SnKxhMKENAr+mhR+5NtrPEOZ6hWMUh7h2oG 20ZWCZz+TUSjj5CVYfc2cJww4cMEi1r3RCX+kEfUAryf4sGRqg+HjDNmQZ0ceXtT 35ssPfwcLaVWNqw+8xFzkEqJSyFqre9b5e6PnXis8GpxTpTyjXz6Umo= -----END CERTIFICATE-----Generated at Sun Jan 25 19:16:08 2026 by rpki-client