This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/97c8X_igmy_ypAPXegDN0Fzbi3E.roa File: 97c8X_igmy_ypAPXegDN0Fzbi3E.roa (raw, json) Hash identifier: r4on45G9/o/yyUAm8tRl6BJ4ytLaJsEz9hsZkzjem9w= Subject key identifier: F7:B7:3C:5F:F8:A0:9B:2F:F2:A4:03:D7:7A:00:CD:D0:5C:DB:8B:71 Certificate issuer: /CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7 Certificate serial: 019B783491DA1200CF044C84199DEDCB818E Authority key identifier: 34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/97c8X_igmy_ypAPXegDN0Fzbi3E.roa Signing time: Thu 01 Jan 2026 06:17:49 +0000 ROA not before: Thu 01 Jan 2026 06:17:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216444 IP address blocks: 5.199.164.0/22 maxlen: 32 5.199.165.0/24 maxlen: 32 2a02:ae00:1000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.mft rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:91:da:12:00:cf:04:4c:84:19:9d:ed:cb:81:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3433ae1c60672c7591a8f97d68f79fb2a5ee8da7 Validity Not Before: Jan 1 06:17:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f7b73c5ff8a09b2ff2a403d77a00cdd05cdb8b71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:0d:d5:70:cd:42:68:7d:58:44:fb:7e:aa:a7: 1c:01:43:42:fa:fd:14:8e:93:a2:5f:4f:4e:5e:eb: 90:d4:b8:42:33:43:71:ee:b9:91:4e:47:0f:72:55: 33:b4:d8:74:0f:7d:8e:63:b1:45:b4:4c:58:0b:01: a7:b6:29:cc:80:77:f6:21:13:00:80:46:12:47:1e: ee:84:4e:c8:de:27:3c:59:71:1e:75:a4:38:1b:4f: 9d:ba:ff:6c:db:b1:e6:46:d0:24:5e:b5:1e:9a:64: 32:42:84:d4:fc:0b:5f:29:7e:98:67:35:d3:7e:1b: 86:f6:a3:68:52:3c:a6:e9:ba:8b:cf:23:24:54:c5: b4:20:4e:ac:2d:8c:90:77:6e:35:c7:a9:cc:65:4c: 97:68:5d:3b:2f:2d:e0:ad:6d:c9:62:5a:bf:d9:f8: e3:f0:f1:ea:c1:ff:14:4d:12:7f:88:d7:73:13:7a: 13:f5:2b:44:8e:76:72:49:1d:62:a5:ca:ba:60:98: df:42:55:ca:d6:65:ae:db:3c:03:7b:d9:26:c4:e7: a8:93:39:f6:b6:b2:f9:68:32:82:1e:0f:86:11:8f: 97:f7:f8:4e:84:d8:4d:c7:1b:db:ab:25:d3:aa:fa: a3:0e:61:36:9f:fe:19:23:40:e5:33:61:8c:5b:46: c6:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:B7:3C:5F:F8:A0:9B:2F:F2:A4:03:D7:7A:00:CD:D0:5C:DB:8B:71 X509v3 Authority Key Identifier: keyid:34:33:AE:1C:60:67:2C:75:91:A8:F9:7D:68:F7:9F:B2:A5:EE:8D:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NDOuHGBnLHWRqPl9aPefsqXujac.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/97c8X_igmy_ypAPXegDN0Fzbi3E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/9ca446-fc5c-4746-b26f-30ce83701b39/1/NDOuHGBnLHWRqPl9aPefsqXujac.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.199.164.0/22 IPv6: 2a02:ae00:1000::/36 Signature Algorithm: sha256WithRSAEncryption 06:bd:d2:95:c0:92:f6:69:2f:17:7a:ad:db:c5:c0:47:48:98: 9f:4b:f8:65:6a:f8:8c:05:c1:82:39:6e:14:3c:63:ca:b9:7d: aa:32:af:be:dc:cb:0a:60:c9:80:a5:6a:eb:28:a4:b9:66:2e: cc:9e:a3:3a:7f:af:0b:d1:d2:11:74:6c:fb:68:78:09:14:18: 8a:cc:0e:21:9a:67:ab:b1:03:97:03:8a:63:7f:f4:cc:be:40: 65:39:44:7e:ce:d9:81:75:f1:9f:0d:32:64:68:62:37:b3:e7: 51:66:45:2d:6c:dc:25:e7:d4:da:60:d8:d9:11:fa:fb:44:6f: c0:a4:dc:9a:72:2a:d2:cd:43:4e:81:bd:5e:e1:c9:4d:e4:45: 9e:2a:15:a5:68:a4:eb:66:69:c7:35:3b:c5:36:ef:17:3e:db: e3:c5:bf:ec:4f:42:74:9a:ed:25:06:01:c3:47:45:ef:4c:db: 7b:41:f1:21:d5:69:b4:e4:78:64:c5:03:3b:28:41:3d:2c:69: da:02:a9:0c:2a:55:20:cf:45:e1:e5:bb:95:27:dd:8a:7c:ce: 5b:1d:0d:d9:6c:66:a0:6d:fb:98:44:f7:42:3a:74:c6:20:35: 2d:1e:ba:1c:09:1c:f8:76:bc:e8:68:71:bb:94:0f:be:98:6e: a2:b6:28:96 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt4NJHaEgDPBEyEGZ3ty4GOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM0MzNhZTFjNjA2NzJjNzU5MWE4Zjk3ZDY4Zjc5ZmIyYTVl ZThkYTcwHhcNMjYwMTAxMDYxNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmN2I3M2M1ZmY4YTA5YjJmZjJhNDAzZDc3YTAwY2RkMDVjZGI4YjcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Q3VcM1CaH1YRPt+qqccAUNC+v0U jpOiX09OXuuQ1LhCM0Nx7rmRTkcPclUztNh0D32OY7FFtExYCwGntinMgHf2IRMA gEYSRx7uhE7I3ic8WXEedaQ4G0+duv9s27HmRtAkXrUemmQyQoTU/AtfKX6YZzXT fhuG9qNoUjym6bqLzyMkVMW0IE6sLYyQd241x6nMZUyXaF07Ly3grW3JYlq/2fjj 8PHqwf8UTRJ/iNdzE3oT9StEjnZySR1ipcq6YJjfQlXK1mWu2zwDe9kmxOeokzn2 trL5aDKCHg+GEY+X9/hOhNhNxxvbqyXTqvqjDmE2n/4ZI0DlM2GMW0bGuwIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFPe3PF/4oJsv8qQD13oAzdBc24txMB8GA1UdIwQY MBaAFDQzrhxgZyx1kaj5fWj3n7Kl7o2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYt MzBjZTgzNzAxYjM5LzEvOTdjOFhfaWdteV95cEFQWGVnRE4wRnpiaTNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My85Y2E0NDYtZmM1Yy00NzQ2LWIyNmYtMzBjZTgzNzAxYjM5 LzEvTkRPdUhHQm5MSFdScVBsOWFQZWZzcVh1amFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCBcekMA4E AgACMAgDBgQqAq4AEDANBgkqhkiG9w0BAQsFAAOCAQEABr3SlcCS9mkvF3qt28XA R0iYn0v4ZWr4jAXBgjluFDxjyrl9qjKvvtzLCmDJgKVq6yikuWYuzJ6jOn+vC9HS EXRs+2h4CRQYiswOIZpnq7EDlwOKY3/0zL5AZTlEfs7ZgXXxnw0yZGhiN7PnUWZF LWzcJefU2mDY2RH6+0RvwKTcmnIq0s1DToG9XuHJTeRFnioVpWik62ZpxzU7xTbv Fz7b48W/7E9CdJrtJQYBw0dF70zbe0HxIdVptOR4ZMUDOyhBPSxp2gKpDCpVIM9F 4eW7lSfdinzOWx0N2WxmoG37mET3Qjp0xiA1LR66HAkc+Ha86Ghxu5QPvphuorYo lg== -----END CERTIFICATE-----Generated at Sun Jan 25 21:06:51 2026 by rpki-client