This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/ec23cc-da5a-4d2b-95d9-7db3ec6fa302/1/IKgcyvSIA45izSMf7tUqa3g6d94.roa File: IKgcyvSIA45izSMf7tUqa3g6d94.roa (raw, json) Hash identifier: bRbSeQALCJ6vQauwQMiodJiLk0I/cBj0aUju5c7LVIg= Subject key identifier: 20:A8:1C:CA:F4:88:03:8E:62:CD:23:1F:EE:D5:2A:6B:78:3A:77:DE Certificate issuer: /CN=d103af197645a4941c6cdb08669af008b79102be Certificate serial: 019B7F1574E7EB31D61694D9DA1AAA6FE89D Authority key identifier: D1:03:AF:19:76:45:A4:94:1C:6C:DB:08:66:9A:F0:08:B7:91:02:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0QOvGXZFpJQcbNsIZprwCLeRAr4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/ec23cc-da5a-4d2b-95d9-7db3ec6fa302/1/IKgcyvSIA45izSMf7tUqa3g6d94.roa Signing time: Fri 02 Jan 2026 14:21:11 +0000 ROA not before: Fri 02 Jan 2026 14:21:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8455 IP address blocks: 185.158.164.0/22 maxlen: 24 2a07:ae80::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/ec23cc-da5a-4d2b-95d9-7db3ec6fa302/1/0QOvGXZFpJQcbNsIZprwCLeRAr4.crl rsync://rpki.ripe.net/repository/DEFAULT/53/ec23cc-da5a-4d2b-95d9-7db3ec6fa302/1/0QOvGXZFpJQcbNsIZprwCLeRAr4.mft rsync://rpki.ripe.net/repository/DEFAULT/0QOvGXZFpJQcbNsIZprwCLeRAr4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:74:e7:eb:31:d6:16:94:d9:da:1a:aa:6f:e8:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d103af197645a4941c6cdb08669af008b79102be Validity Not Before: Jan 2 14:21:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=20a81ccaf488038e62cd231feed52a6b783a77de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:7e:e0:c5:c1:92:da:2a:83:09:56:dc:27:15: fc:4f:16:62:fb:16:c5:97:fb:7a:dc:1f:f1:91:d9: 9e:65:80:ce:2b:0e:92:0d:4f:de:89:f6:89:38:db: 30:9e:e0:bf:3e:fe:ba:a3:92:d1:fe:4e:a7:73:15: fb:0f:d6:6c:29:78:ae:89:58:71:82:c2:a7:21:36: 0a:4a:89:8d:f5:c9:5c:6a:17:19:83:cc:7f:33:49: 35:db:46:9b:ec:73:54:2c:c8:68:8d:b9:d3:de:d3: da:9a:e6:10:79:92:8a:ee:18:2f:e6:0c:aa:ed:ed: b8:b7:ee:19:45:ec:ca:5c:51:d4:dc:f2:c7:ab:34: 88:3a:72:3a:2a:5f:88:3b:22:78:3f:ca:23:b8:c3: f1:6d:75:a1:c9:69:c6:f3:83:69:0d:38:73:21:11: 4d:75:1a:d2:9c:5f:b7:9b:c9:19:2b:4c:25:bd:a1: d9:4a:c8:dd:f5:e1:f0:74:5f:b9:a5:f4:b5:fe:04: 94:b6:5c:79:ab:c7:c1:21:26:27:0f:c0:66:a5:bd: bf:70:36:ff:85:0b:7c:05:27:4c:86:a2:d9:07:d8: 2c:e0:d5:d7:88:08:8c:7a:1e:23:aa:53:8f:46:da: 22:dc:1a:93:b0:18:c3:1a:6d:5e:71:8a:ef:43:0b: 2f:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:A8:1C:CA:F4:88:03:8E:62:CD:23:1F:EE:D5:2A:6B:78:3A:77:DE X509v3 Authority Key Identifier: keyid:D1:03:AF:19:76:45:A4:94:1C:6C:DB:08:66:9A:F0:08:B7:91:02:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0QOvGXZFpJQcbNsIZprwCLeRAr4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ec23cc-da5a-4d2b-95d9-7db3ec6fa302/1/IKgcyvSIA45izSMf7tUqa3g6d94.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/ec23cc-da5a-4d2b-95d9-7db3ec6fa302/1/0QOvGXZFpJQcbNsIZprwCLeRAr4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.158.164.0/22 IPv6: 2a07:ae80::/29 Signature Algorithm: sha256WithRSAEncryption 70:ab:da:b2:27:24:43:e0:04:9c:f8:62:1b:5c:51:74:62:9a: 27:5e:4e:58:37:b2:b9:fd:b9:ce:73:4b:47:76:72:03:30:52: c8:d4:2b:37:c7:c1:7d:1a:3b:c8:5c:9d:ca:5b:d6:70:b0:45: df:c9:e2:92:65:e4:c5:08:ae:5f:2b:17:21:d3:34:97:db:d7: 1e:d8:89:89:13:e9:86:50:ad:4b:c9:d8:e7:0e:5e:62:f2:fb: 09:dd:94:c7:af:b1:fc:88:ae:7f:fb:19:76:bc:55:23:ed:a6: 98:1b:1c:c6:35:0f:ff:0c:b9:f5:a5:74:9a:93:e7:0c:61:52: c6:f6:84:bd:07:36:cd:ac:14:02:ee:a5:65:c8:91:c2:0a:21: 07:b4:2c:1e:5e:f3:d0:34:ab:09:ac:ee:4a:e8:6a:61:f8:fb: 2b:08:2c:9e:4a:f4:5f:89:30:21:17:8a:c1:06:02:db:a1:25: b1:93:32:3d:2a:62:81:3b:ba:86:a0:6e:f9:f6:d4:db:7d:99: e3:02:70:d3:10:6b:ed:3a:64:65:6e:ca:86:0a:2b:a7:2e:90: f5:a3:29:67:f0:f1:30:75:69:86:d8:db:00:64:72:d1:f3:7e: 44:a7:cd:46:73:bd:14:f8:7f:ce:e7:56:0f:27:6a:86:3c:65: f6:98:cf:d8 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/FXTn6zHWFpTZ2hqqb+idMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxMDNhZjE5NzY0NWE0OTQxYzZjZGIwODY2OWFmMDA4Yjc5 MTAyYmUwHhcNMjYwMTAyMTQyMTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMGE4MWNjYWY0ODgwMzhlNjJjZDIzMWZlZWQ1MmE2Yjc4M2E3N2RlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA137gxcGS2iqDCVbcJxX8TxZi+xbF l/t63B/xkdmeZYDOKw6SDU/eifaJONswnuC/Pv66o5LR/k6ncxX7D9ZsKXiuiVhx gsKnITYKSomN9clcahcZg8x/M0k120ab7HNULMhojbnT3tPamuYQeZKK7hgv5gyq 7e24t+4ZRezKXFHU3PLHqzSIOnI6Kl+IOyJ4P8ojuMPxbXWhyWnG84NpDThzIRFN dRrSnF+3m8kZK0wlvaHZSsjd9eHwdF+5pfS1/gSUtlx5q8fBISYnD8Bmpb2/cDb/ hQt8BSdMhqLZB9gs4NXXiAiMeh4jqlOPRtoi3BqTsBjDGm1ecYrvQwsvJwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFCCoHMr0iAOOYs0jH+7VKmt4OnfeMB8GA1UdIwQY MBaAFNEDrxl2RaSUHGzbCGaa8Ai3kQK+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMFFPdkdYWkZwSlFjYk5zSVpwcndDTGVSQXI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9lYzIzY2MtZGE1YS00ZDJiLTk1ZDkt N2RiM2VjNmZhMzAyLzEvSUtnY3l2U0lBNDVpelNNZjd0VXFhM2c2ZDk0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9lYzIzY2MtZGE1YS00ZDJiLTk1ZDktN2RiM2VjNmZhMzAy LzEvMFFPdkdYWkZwSlFjYk5zSVpwcndDTGVSQXI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ6kMA0E AgACMAcDBQMqB66AMA0GCSqGSIb3DQEBCwUAA4IBAQBwq9qyJyRD4ASc+GIbXFF0 YponXk5YN7K5/bnOc0tHdnIDMFLI1Cs3x8F9GjvIXJ3KW9ZwsEXfyeKSZeTFCK5f Kxch0zSX29ce2ImJE+mGUK1LydjnDl5i8vsJ3ZTHr7H8iK5/+xl2vFUj7aaYGxzG NQ//DLn1pXSak+cMYVLG9oS9BzbNrBQC7qVlyJHCCiEHtCweXvPQNKsJrO5K6Gph +PsrCCyeSvRfiTAhF4rBBgLboSWxkzI9KmKBO7qGoG759tTbfZnjAnDTEGvtOmRl bsqGCiunLpD1oyln8PEwdWmG2NsAZHLR835Ep81Gc70U+H/O51YPJ2qGPGX2mM/Y -----END CERTIFICATE-----Generated at Mon Jan 26 10:53:01 2026 by rpki-client