This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/34c2e4-4e9b-4847-a8ef-0838f78c0259/1/IWvsOje1ZxTQJm3iMyMgDBCOgIE.roa File: IWvsOje1ZxTQJm3iMyMgDBCOgIE.roa (raw, json) Hash identifier: kaYliqjJkqMdXwb3B1wUhcuY3L6iumjr0MlG0shhuGo= Subject key identifier: 21:6B:EC:3A:37:B5:67:14:D0:26:6D:E2:33:23:20:0C:10:8E:80:81 Certificate issuer: /CN=f5fde72bf5a00bdec4d1efdd7d02029ee79e4720 Certificate serial: 019B7BA3E8A2AC364D71A2DD18CEB25D1FCC Authority key identifier: F5:FD:E7:2B:F5:A0:0B:DE:C4:D1:EF:DD:7D:02:02:9E:E7:9E:47:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9f3nK_WgC97E0e_dfQICnueeRyA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/34c2e4-4e9b-4847-a8ef-0838f78c0259/1/IWvsOje1ZxTQJm3iMyMgDBCOgIE.roa Signing time: Thu 01 Jan 2026 22:18:18 +0000 ROA not before: Thu 01 Jan 2026 22:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56753 IP address blocks: 195.254.170.0/23 maxlen: 23 195.254.170.0/24 maxlen: 24 195.254.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/34c2e4-4e9b-4847-a8ef-0838f78c0259/1/9f3nK_WgC97E0e_dfQICnueeRyA.crl rsync://rpki.ripe.net/repository/DEFAULT/86/34c2e4-4e9b-4847-a8ef-0838f78c0259/1/9f3nK_WgC97E0e_dfQICnueeRyA.mft rsync://rpki.ripe.net/repository/DEFAULT/9f3nK_WgC97E0e_dfQICnueeRyA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:e8:a2:ac:36:4d:71:a2:dd:18:ce:b2:5d:1f:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f5fde72bf5a00bdec4d1efdd7d02029ee79e4720 Validity Not Before: Jan 1 22:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=216bec3a37b56714d0266de23323200c108e8081 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:93:95:d6:3b:37:45:c7:5e:bf:78:eb:f8:11: 88:16:05:9f:f4:20:b2:34:70:e9:9e:d9:f3:07:45: 64:99:7b:d2:51:3e:a7:44:f1:2d:f3:4a:cb:3d:d8: 07:47:3a:e2:b8:b0:9b:2d:c8:61:1b:9b:e3:f9:e0: 43:36:55:6a:47:7a:f2:4d:37:1e:08:ee:0d:9b:49: f6:ff:c9:aa:7e:5a:a7:eb:25:88:24:28:50:2e:75: 4a:98:3f:2c:fd:09:c5:52:2c:2f:fc:0e:54:47:9c: 05:bc:5a:54:ba:03:9d:b6:8c:b2:a7:fa:54:37:b4: 0b:5d:4b:83:74:7b:c3:4d:f6:f5:f6:04:02:c7:35: c7:e2:67:45:8b:74:a4:f2:52:f4:a2:c8:fd:fc:62: e0:4e:1c:46:12:77:b9:93:05:e8:3e:b1:67:15:6e: e1:f8:4b:2c:ee:bb:76:7f:06:50:1b:3f:3c:2a:c0: e6:13:f1:9c:35:ed:ff:21:c0:ab:ad:29:b6:1f:28: d6:b9:65:21:dc:60:2b:a2:e8:66:5d:62:69:4c:0f: a0:2d:e9:df:44:05:3c:af:e2:b0:d6:76:24:8d:b3: e4:82:20:d9:6c:63:5a:d2:2f:28:bd:ca:83:0a:38: e6:fd:d8:97:b2:eb:d5:81:2b:87:b8:60:25:98:0d: 66:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:6B:EC:3A:37:B5:67:14:D0:26:6D:E2:33:23:20:0C:10:8E:80:81 X509v3 Authority Key Identifier: keyid:F5:FD:E7:2B:F5:A0:0B:DE:C4:D1:EF:DD:7D:02:02:9E:E7:9E:47:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f3nK_WgC97E0e_dfQICnueeRyA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/34c2e4-4e9b-4847-a8ef-0838f78c0259/1/IWvsOje1ZxTQJm3iMyMgDBCOgIE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/34c2e4-4e9b-4847-a8ef-0838f78c0259/1/9f3nK_WgC97E0e_dfQICnueeRyA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.254.170.0/23 Signature Algorithm: sha256WithRSAEncryption 78:c7:7e:18:21:28:c3:04:40:02:1e:b7:7a:0f:3c:48:b5:a9: 0e:a4:b6:b8:f3:ef:f0:92:31:f3:8d:98:c2:72:22:c9:b4:c6: 65:1b:dd:7d:2a:75:6e:8d:a9:29:21:40:80:3e:40:9c:af:32: 7a:55:a3:72:33:e1:92:ad:a7:6c:57:88:11:ac:41:9d:82:2e: be:c8:e4:a0:d0:ff:22:0c:21:6a:2a:5b:7c:a0:12:7c:93:63: 1b:af:5b:27:86:26:7a:2f:f3:7b:be:22:d6:fb:e6:46:31:d3: 2a:99:04:ee:d4:e9:5b:3d:8d:f8:d8:38:f6:53:f6:ab:7c:1e: 8e:33:6f:32:52:85:b9:dd:5f:02:84:be:c1:36:83:54:61:33: 50:fb:58:2e:de:6f:7b:b5:2e:3b:84:ae:55:ac:3d:e6:bf:49: 9e:2b:22:2d:bc:89:b6:f2:a7:a9:ef:dc:e4:79:58:0a:8e:5f: 54:79:5b:f3:b5:ee:47:b0:f0:7a:96:ca:18:0c:c3:b7:f5:2c: e4:be:03:0d:b8:13:cd:e6:b2:b2:4c:36:83:db:f2:c8:68:06: 6a:bc:e1:e0:e4:d6:30:b0:fb:90:c2:35:be:15:b4:18:24:98: 76:c0:3d:27:0f:b6:51:6c:2f:75:99:c2:c5:59:c8:d0:ba:46: cc:9c:eb:0a -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7o+iirDZNcaLdGM6yXR/MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1ZmRlNzJiZjVhMDBiZGVjNGQxZWZkZDdkMDIwMjllZTc5 ZTQ3MjAwHhcNMjYwMTAxMjIxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMTZiZWMzYTM3YjU2NzE0ZDAyNjZkZTIzMzIzMjAwYzEwOGU4MDgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZOV1js3Rcdev3jr+BGIFgWf9CCy NHDpntnzB0VkmXvSUT6nRPEt80rLPdgHRzriuLCbLchhG5vj+eBDNlVqR3ryTTce CO4Nm0n2/8mqflqn6yWIJChQLnVKmD8s/QnFUiwv/A5UR5wFvFpUugOdtoyyp/pU N7QLXUuDdHvDTfb19gQCxzXH4mdFi3Sk8lL0osj9/GLgThxGEne5kwXoPrFnFW7h +Ess7rt2fwZQGz88KsDmE/GcNe3/IcCrrSm2HyjWuWUh3GArouhmXWJpTA+gLenf RAU8r+Kw1nYkjbPkgiDZbGNa0i8ovcqDCjjm/diXsuvVgSuHuGAlmA1m4wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCFr7Do3tWcU0CZt4jMjIAwQjoCBMB8GA1UdIwQY MBaAFPX95yv1oAvexNHv3X0CAp7nnkcgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOWYzbktfV2dDOTdFMGVfZGZRSUNudWVlUnlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8zNGMyZTQtNGU5Yi00ODQ3LWE4ZWYt MDgzOGY3OGMwMjU5LzEvSVd2c09qZTFaeFRRSm0zaU15TWdEQkNPZ0lFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni8zNGMyZTQtNGU5Yi00ODQ3LWE4ZWYtMDgzOGY3OGMwMjU5 LzEvOWYzbktfV2dDOTdFMGVfZGZRSUNudWVlUnlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/6qMA0G CSqGSIb3DQEBCwUAA4IBAQB4x34YISjDBEACHrd6DzxItakOpLa48+/wkjHzjZjC ciLJtMZlG919KnVujakpIUCAPkCcrzJ6VaNyM+GSradsV4gRrEGdgi6+yOSg0P8i DCFqKlt8oBJ8k2Mbr1snhiZ6L/N7viLW++ZGMdMqmQTu1OlbPY342Dj2U/arfB6O M28yUoW53V8ChL7BNoNUYTNQ+1gu3m97tS47hK5VrD3mv0meKyItvIm28qep79zk eVgKjl9UeVvzte5HsPB6lsoYDMO39SzkvgMNuBPN5rKyTDaD2/LIaAZqvOHg5NYw sPuQwjW+FbQYJJh2wD0nD7ZRbC91mcLFWcjQukbMnOsK -----END CERTIFICATE-----Generated at Sun Jan 25 15:28:58 2026 by rpki-client