This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/ivQFZHRMsvejyMfxqalTl6eZyTU.roa File: ivQFZHRMsvejyMfxqalTl6eZyTU.roa (raw, json) Hash identifier: WA+GjW1Muidb5011AIHmuW7RcHYLCIXNLZLjL3+5V3I= Subject key identifier: 8A:F4:05:64:74:4C:B2:F7:A3:C8:C7:F1:A9:A9:53:97:A7:99:C9:35 Certificate issuer: /CN=b3e60d38bb37794e72e87e6870d071f2a7dd3e57 Certificate serial: 019B7F80F91B7914020EBA5A8AE99B1749F7 Authority key identifier: B3:E6:0D:38:BB:37:79:4E:72:E8:7E:68:70:D0:71:F2:A7:DD:3E:57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s-YNOLs3eU5y6H5ocNBx8qfdPlc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/ivQFZHRMsvejyMfxqalTl6eZyTU.roa Signing time: Fri 02 Jan 2026 16:18:37 +0000 ROA not before: Fri 02 Jan 2026 16:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42326 IP address blocks: 158.146.128.0/24 maxlen: 24 158.146.129.0/24 maxlen: 24 158.146.137.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/s-YNOLs3eU5y6H5ocNBx8qfdPlc.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/s-YNOLs3eU5y6H5ocNBx8qfdPlc.mft rsync://rpki.ripe.net/repository/DEFAULT/s-YNOLs3eU5y6H5ocNBx8qfdPlc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:80:f9:1b:79:14:02:0e:ba:5a:8a:e9:9b:17:49:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3e60d38bb37794e72e87e6870d071f2a7dd3e57 Validity Not Before: Jan 2 16:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8af40564744cb2f7a3c8c7f1a9a95397a799c935 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f2:7b:a1:a7:2c:7a:5b:b4:f7:a6:fd:6f:db: 20:53:65:6a:ad:e2:c6:a1:69:c6:c6:46:44:fc:b5: 55:4b:c8:00:2b:9c:05:ec:a1:75:3d:fa:74:0c:3f: 08:84:c1:6a:56:a2:aa:67:36:2a:53:25:f2:e4:a4: ce:26:8d:b6:af:51:6c:29:e3:93:9a:52:24:f3:10: 97:45:55:23:84:e8:87:8d:da:1f:81:06:93:56:c6: ca:1e:a1:df:db:2b:45:af:ff:09:cc:61:b9:34:dd: 04:76:f9:a1:cc:7d:e5:96:6f:09:a9:43:2c:70:a1: 00:11:b3:da:11:6f:49:91:bd:ef:6a:68:9e:82:b3: fe:a3:d3:07:b6:96:78:0f:61:ee:2d:92:72:23:1a: b4:a3:d1:9c:73:03:03:60:7b:96:e0:d3:c1:1b:29: 4a:1f:0f:d4:e3:1d:1e:6d:56:2a:3e:79:cc:46:a0: 16:c8:4b:55:fd:0b:8f:a4:02:4b:30:59:54:07:56: 1a:b6:b1:51:16:76:bd:01:1f:e3:0f:fe:d7:ce:9d: d5:e4:2e:84:73:9e:ae:77:6f:1e:de:bc:10:ea:ef: 1b:90:17:57:ab:74:79:b8:ef:f9:7d:9e:73:c9:aa: 45:a5:4a:d0:23:f8:8a:55:ae:be:a6:f4:04:15:80: b9:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:F4:05:64:74:4C:B2:F7:A3:C8:C7:F1:A9:A9:53:97:A7:99:C9:35 X509v3 Authority Key Identifier: keyid:B3:E6:0D:38:BB:37:79:4E:72:E8:7E:68:70:D0:71:F2:A7:DD:3E:57 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-YNOLs3eU5y6H5ocNBx8qfdPlc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/ivQFZHRMsvejyMfxqalTl6eZyTU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/7f765d-d07e-4a66-92a5-7a94c7c36217/1/s-YNOLs3eU5y6H5ocNBx8qfdPlc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.146.128.0/23 158.146.137.0/24 Signature Algorithm: sha256WithRSAEncryption 79:d9:1c:df:6d:31:c6:63:4e:c3:6b:7c:3c:dd:65:0f:c9:dd: c1:45:9c:0a:b6:87:e0:e9:11:61:56:b9:47:bc:33:0b:28:d9: 7a:99:44:7d:63:09:e0:ae:a2:e1:cc:ce:07:4d:09:a0:76:76: e3:81:9d:0d:1b:69:95:50:8e:f7:32:78:82:b2:69:01:0c:19: 8a:b4:ea:d2:2d:81:ca:a6:f5:3a:b9:f1:97:3c:9b:9f:ce:bd: e9:55:52:05:55:98:d2:ff:54:81:6d:73:5e:bb:80:64:01:e7: 14:30:95:3b:dd:56:1b:35:6a:01:87:27:52:34:cc:3b:bf:f5: 85:ff:e0:45:be:87:8f:71:31:af:b0:b3:8f:65:6b:8e:45:00: fd:25:eb:74:ac:0d:78:a7:e3:74:dd:0f:48:31:4c:23:8a:4f: 0a:de:ea:9b:42:db:42:48:86:22:93:d8:28:a8:a2:32:47:f5: a4:e7:63:23:2a:65:ea:94:09:47:e3:b2:f6:ca:b1:94:e7:b1: 9d:db:f5:39:24:54:a5:a4:3e:cd:63:dd:68:44:21:50:09:f7: c3:4b:e7:07:a7:30:59:55:8b:34:e6:2c:f6:56:e3:e5:22:93: 58:8e:60:c1:1a:d0:ad:c6:4f:d0:09:b7:cc:0f:ce:42:70:b4: c0:c7:40:5a -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/gPkbeRQCDrpaiumbF0n3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzZTYwZDM4YmIzNzc5NGU3MmU4N2U2ODcwZDA3MWYyYTdk ZDNlNTcwHhcNMjYwMTAyMTYxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YWY0MDU2NDc0NGNiMmY3YTNjOGM3ZjFhOWE5NTM5N2E3OTljOTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPJ7oacselu096b9b9sgU2VqreLG oWnGxkZE/LVVS8gAK5wF7KF1Pfp0DD8IhMFqVqKqZzYqUyXy5KTOJo22r1FsKeOT mlIk8xCXRVUjhOiHjdofgQaTVsbKHqHf2ytFr/8JzGG5NN0EdvmhzH3llm8JqUMs cKEAEbPaEW9Jkb3vamiegrP+o9MHtpZ4D2HuLZJyIxq0o9GccwMDYHuW4NPBGylK Hw/U4x0ebVYqPnnMRqAWyEtV/QuPpAJLMFlUB1YatrFRFna9AR/jD/7Xzp3V5C6E c56ud28e3rwQ6u8bkBdXq3R5uO/5fZ5zyapFpUrQI/iKVa6+pvQEFYC5xQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIr0BWR0TLL3o8jH8ampU5enmck1MB8GA1UdIwQY MBaAFLPmDTi7N3lOcuh+aHDQcfKn3T5XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcy1ZTk9MczNlVTV5Nkg1b2NOQng4cWZkUGxjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC83Zjc2NWQtZDA3ZS00YTY2LTkyYTUt N2E5NGM3YzM2MjE3LzEvaXZRRlpIUk1zdmVqeU1meHFhbFRsNmVaeVRVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC83Zjc2NWQtZDA3ZS00YTY2LTkyYTUtN2E5NGM3YzM2MjE3 LzEvcy1ZTk9MczNlVTV5Nkg1b2NOQng4cWZkUGxjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBnpKAAwQA npKJMA0GCSqGSIb3DQEBCwUAA4IBAQB52RzfbTHGY07Da3w83WUPyd3BRZwKtofg 6RFhVrlHvDMLKNl6mUR9YwngrqLhzM4HTQmgdnbjgZ0NG2mVUI73MniCsmkBDBmK tOrSLYHKpvU6ufGXPJufzr3pVVIFVZjS/1SBbXNeu4BkAecUMJU73VYbNWoBhydS NMw7v/WF/+BFvoePcTGvsLOPZWuORQD9Jet0rA14p+N03Q9IMUwjik8K3uqbQttC SIYik9goqKIyR/Wk52MjKmXqlAlH47L2yrGU57Gd2/U5JFSlpD7NY91oRCFQCffD S+cHpzBZVYs05iz2VuPlIpNYjmDBGtCtxk/QCbfMD85CcLTAx0Ba -----END CERTIFICATE-----Generated at Sun Jan 25 23:32:38 2026 by rpki-client