This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/9IeVl12aUhba2Emfsn2fBTAFUAs.roa File: 9IeVl12aUhba2Emfsn2fBTAFUAs.roa (raw, json) Hash identifier: XK8m1Iay7rzWVYWcJ+cMdfUsonXHcQUc6/GSyCW/CfU= Subject key identifier: F4:87:95:97:5D:9A:52:16:DA:D8:49:9F:B2:7D:9F:05:30:05:50:0B Certificate issuer: /CN=eb349af2af111361b29fcfef2e043d5be75e3f98 Certificate serial: 019B7E38C64053A22E10445D24588596A120 Authority key identifier: EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/9IeVl12aUhba2Emfsn2fBTAFUAs.roa Signing time: Fri 02 Jan 2026 10:20:08 +0000 ROA not before: Fri 02 Jan 2026 10:20:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212173 IP address blocks: 5.56.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.mft rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:c6:40:53:a2:2e:10:44:5d:24:58:85:96:a1:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=eb349af2af111361b29fcfef2e043d5be75e3f98 Validity Not Before: Jan 2 10:20:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f48795975d9a5216dad8499fb27d9f053005500b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:7d:bc:87:e9:d1:49:45:87:c3:87:35:64:c7: b2:0a:7f:83:aa:eb:7a:8b:8a:8a:9e:5a:9b:2e:44: ae:79:2b:6b:15:98:45:3b:ec:a3:14:c1:57:f3:a5: b2:22:dc:9a:d4:89:2d:12:67:e0:bf:88:e4:ab:c7: c1:a2:dc:41:f0:28:7e:36:c0:b6:95:93:be:d4:67: e4:57:33:60:bf:a3:24:90:8a:c4:d3:16:b8:91:90: b8:dd:83:dc:fc:31:96:4d:b4:f5:4c:7e:b1:5f:b0: 78:8d:b6:60:5c:54:b8:62:7a:e9:7c:58:6f:2b:48: 9c:07:65:a1:28:84:22:10:65:62:7d:a5:b2:cd:51: e3:e8:99:01:64:ae:4d:3a:61:18:a7:d8:c5:d3:8b: d1:e8:68:8e:37:3b:f9:bc:cc:98:58:20:8a:10:d8: 61:cb:1d:9a:96:05:28:37:e8:30:bd:5c:b0:d6:3e: db:b4:54:45:f8:06:60:89:e0:6c:e3:5a:da:10:3d: 99:9b:1e:25:0e:48:b8:af:74:01:28:7c:b5:1b:9c: 75:97:c8:19:54:4b:55:21:2a:5e:64:fc:fe:9c:c3: 31:62:b2:f6:fd:c1:b5:c5:6e:a5:09:f6:ce:bb:ed: 68:ef:63:97:56:0a:3d:54:24:b3:0e:8b:81:4d:1b: 09:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:87:95:97:5D:9A:52:16:DA:D8:49:9F:B2:7D:9F:05:30:05:50:0B X509v3 Authority Key Identifier: keyid:EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/9IeVl12aUhba2Emfsn2fBTAFUAs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.56.29.0/24 Signature Algorithm: sha256WithRSAEncryption 30:7a:08:06:c9:d4:8f:b6:6a:98:7d:39:9b:13:c4:7f:bb:25: 9e:15:01:12:64:db:4d:db:cc:e9:bc:90:c0:36:36:18:38:74: dc:3c:1a:09:24:9a:f2:28:07:fd:62:95:af:69:a3:7f:b7:7f: a8:f0:d8:3c:45:48:37:d2:03:89:d9:31:8b:bc:38:20:37:14: 1c:6b:cd:e8:3e:e6:50:b5:33:f9:ef:bd:11:a1:cb:f5:12:32: bd:7f:02:0a:1c:23:07:bc:cc:48:6b:d7:a4:5f:a6:e1:24:e0: b7:d0:ce:42:6e:a5:9b:26:07:9e:a2:6e:03:db:c0:0c:f7:68: a5:63:9b:f5:36:11:0c:79:8e:24:5f:73:69:03:49:ba:9c:68: f6:29:5c:71:63:30:81:10:f5:81:10:9f:76:99:1d:52:91:57: 9c:a5:36:b8:7e:6a:11:c2:92:04:3f:2e:3f:50:d2:e4:bc:23: 07:4a:dd:59:9c:3b:43:4b:3c:9e:77:76:0a:12:3c:9d:6e:cd: 72:52:24:b1:93:0f:42:a4:dc:ca:19:b5:08:fd:a3:d0:85:d1: dc:b2:e0:b4:6a:6d:bd:53:cd:31:bb:ed:01:5c:df:ee:57:ce: 20:0a:a5:1a:f1:32:25:26:cb:5c:4a:05:71:52:77:02:93:21: bd:22:d2:95 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OMZAU6IuEERdJFiFlqEgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGViMzQ5YWYyYWYxMTEzNjFiMjlmY2ZlZjJlMDQzZDViZTc1 ZTNmOTgwHhcNMjYwMTAyMTAyMDA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNDg3OTU5NzVkOWE1MjE2ZGFkODQ5OWZiMjdkOWYwNTMwMDU1MDBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk328h+nRSUWHw4c1ZMeyCn+Dqut6 i4qKnlqbLkSueStrFZhFO+yjFMFX86WyItya1IktEmfgv4jkq8fBotxB8Ch+NsC2 lZO+1GfkVzNgv6MkkIrE0xa4kZC43YPc/DGWTbT1TH6xX7B4jbZgXFS4YnrpfFhv K0icB2WhKIQiEGVifaWyzVHj6JkBZK5NOmEYp9jF04vR6GiONzv5vMyYWCCKENhh yx2algUoN+gwvVyw1j7btFRF+AZgieBs41raED2Zmx4lDki4r3QBKHy1G5x1l8gZ VEtVISpeZPz+nMMxYrL2/cG1xW6lCfbOu+1o72OXVgo9VCSzDouBTRsJDwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFPSHlZddmlIW2thJn7J9nwUwBVALMB8GA1UdIwQY MBaAFOs0mvKvERNhsp/P7y4EPVvnXj+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgt OWNkNjYyYmM4MzIwLzEvOUllVmwxMmFVaGJhMkVtZnNuMmZCVEFGVUFzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgtOWNkNjYyYmM4MzIw LzEvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABTgdMA0G CSqGSIb3DQEBCwUAA4IBAQAweggGydSPtmqYfTmbE8R/uyWeFQESZNtN28zpvJDA NjYYOHTcPBoJJJryKAf9YpWvaaN/t3+o8Ng8RUg30gOJ2TGLvDggNxQca83oPuZQ tTP5770Rocv1EjK9fwIKHCMHvMxIa9ekX6bhJOC30M5CbqWbJgeeom4D28AM92il Y5v1NhEMeY4kX3NpA0m6nGj2KVxxYzCBEPWBEJ92mR1SkVecpTa4fmoRwpIEPy4/ UNLkvCMHSt1ZnDtDSzyed3YKEjydbs1yUiSxkw9CpNzKGbUI/aPQhdHcsuC0am29 U80xu+0BXN/uV84gCqUa8TIlJstcSgVxUncCkyG9ItKV -----END CERTIFICATE-----Generated at Sun Jan 25 13:00:21 2026 by rpki-client