This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/Iz5nLUfv321GZa6N4y4SX1n66js.roa File: Iz5nLUfv321GZa6N4y4SX1n66js.roa (raw, json) Hash identifier: 8zVHmxnGk+Q4B7zsAE0x+JOTo+ZbJfPApo8b/lVxmqc= Subject key identifier: 23:3E:67:2D:47:EF:DF:6D:46:65:AE:8D:E3:2E:12:5F:59:FA:EA:3B Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497 Certificate serial: 019B7CEE6320CE6C79D7A399F30CF404242F Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/Iz5nLUfv321GZa6N4y4SX1n66js.roa Signing time: Fri 02 Jan 2026 04:19:16 +0000 ROA not before: Fri 02 Jan 2026 04:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198831 IP address blocks: 79.172.200.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:63:20:ce:6c:79:d7:a3:99:f3:0c:f4:04:24:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497 Validity Not Before: Jan 2 04:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=233e672d47efdf6d4665ae8de32e125f59faea3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:86:40:24:b6:0f:76:a0:73:df:a2:95:62:8d: 42:17:42:dd:cb:21:12:0a:4d:fb:d2:58:07:7c:55: 31:ee:1c:66:01:b8:44:54:f8:d3:69:aa:c2:41:08: 13:07:62:f9:1f:21:e5:7d:bd:d4:e6:b9:46:f2:bf: 5e:43:14:19:07:fa:f1:9a:d7:82:f3:ce:90:ef:47: 34:f8:1e:0a:f7:51:7f:a0:e1:f5:e7:f3:44:fb:c0: f8:b4:be:89:82:c7:be:da:34:c9:d1:c5:34:f2:7e: 13:1c:89:31:96:f9:f8:55:d2:ca:6e:bd:79:4e:20: 88:3a:90:c3:28:28:5d:4a:1d:13:e2:0c:10:7b:11: f4:6e:06:d1:0d:0b:c0:36:85:2f:6d:67:9d:83:94: 91:82:c6:81:01:f0:79:9d:b0:be:48:ae:80:84:0a: 8c:32:1d:82:41:8a:26:28:ef:cd:14:95:ec:d8:fb: 80:92:cd:92:13:f2:81:4a:25:c3:f8:64:29:af:8a: 78:d3:76:e5:94:dc:00:94:21:52:66:b5:85:7d:37: 84:4a:da:64:29:ec:d4:b7:ed:95:58:35:b7:da:22: 3d:53:fa:ac:ea:f7:d2:57:56:cd:62:a3:00:8d:f1: ea:1d:df:ef:b8:5f:3c:08:4b:6c:b3:22:3b:06:58: 6e:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:3E:67:2D:47:EF:DF:6D:46:65:AE:8D:E3:2E:12:5F:59:FA:EA:3B X509v3 Authority Key Identifier: keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/Iz5nLUfv321GZa6N4y4SX1n66js.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 79.172.200.0/24 Signature Algorithm: sha256WithRSAEncryption 4a:f3:88:1d:10:75:96:c5:7f:7d:91:e6:b9:0d:64:43:9a:d0: cc:28:d7:db:ff:04:7f:8a:10:79:7e:23:e5:4f:2d:28:44:d1: e5:94:18:01:35:2e:28:ad:14:22:9a:06:cc:08:ab:60:f9:d7: 73:75:21:0b:38:f5:b8:ab:60:19:bc:b6:03:bc:18:81:e9:f9: da:47:89:0f:05:8b:35:c5:e2:88:b5:72:31:25:44:ad:8b:d7: e8:4c:4d:ec:b0:74:28:dd:80:88:7c:05:b1:ba:0c:12:ca:9d: 31:39:ce:39:03:09:cb:69:a4:65:c3:72:95:53:0e:d1:ab:0b: 0c:11:1b:21:ba:ee:32:06:3f:d5:77:cf:8d:94:1c:54:9d:a8: 26:0c:23:c7:43:34:89:a7:32:97:a8:e8:c1:74:bf:85:dd:10: 25:08:c8:67:83:75:fd:e0:a2:b4:48:95:37:04:3d:03:2a:2a: c0:9f:ab:e4:83:28:4f:c3:06:42:93:b3:56:fd:5a:5c:66:b6: 3f:ff:3c:de:4b:a5:dd:7f:b5:08:56:bc:46:74:6d:a4:3f:0f: 6e:0e:7b:74:b2:f5:52:f7:90:ef:3b:9d:41:f9:92:ef:7a:1c: 43:79:ed:94:8b:df:b1:ce:a8:93:a9:66:d3:3d:05:01:f2:9f: 43:64:3c:f6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87mMgzmx516OZ8wz0BCQvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2 NDI0OTcwHhcNMjYwMTAyMDQxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMzNlNjcyZDQ3ZWZkZjZkNDY2NWFlOGRlMzJlMTI1ZjU5ZmFlYTNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4ZAJLYPdqBz36KVYo1CF0LdyyES Ck370lgHfFUx7hxmAbhEVPjTaarCQQgTB2L5HyHlfb3U5rlG8r9eQxQZB/rxmteC 886Q70c0+B4K91F/oOH15/NE+8D4tL6Jgse+2jTJ0cU08n4THIkxlvn4VdLKbr15 TiCIOpDDKChdSh0T4gwQexH0bgbRDQvANoUvbWedg5SRgsaBAfB5nbC+SK6AhAqM Mh2CQYomKO/NFJXs2PuAks2SE/KBSiXD+GQpr4p403bllNwAlCFSZrWFfTeEStpk KezUt+2VWDW32iI9U/qs6vfSV1bNYqMAjfHqHd/vuF88CEtssyI7BlhufwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCM+Zy1H799tRmWujeMuEl9Z+uo7MB8GA1UdIwQY MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt OTU5M2E0ODhhZmNjLzEvSXo1bkxVZnYzMjFHWmE2TjR5NFNYMW42NmpzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT6zIMA0G CSqGSIb3DQEBCwUAA4IBAQBK84gdEHWWxX99kea5DWRDmtDMKNfb/wR/ihB5fiPl Ty0oRNHllBgBNS4orRQimgbMCKtg+ddzdSELOPW4q2AZvLYDvBiB6fnaR4kPBYs1 xeKItXIxJUSti9foTE3ssHQo3YCIfAWxugwSyp0xOc45AwnLaaRlw3KVUw7RqwsM ERshuu4yBj/Vd8+NlBxUnagmDCPHQzSJpzKXqOjBdL+F3RAlCMhng3X94KK0SJU3 BD0DKirAn6vkgyhPwwZCk7NW/VpcZrY//zzeS6Xdf7UIVrxGdG2kPw9uDnt0svVS 95DvO51B+ZLvehxDee2Ui9+xzqiTqWbTPQUB8p9DZDz2 -----END CERTIFICATE-----Generated at Sun Jan 25 07:17:26 2026 by rpki-client