This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/119dcd-84e1-48d5-a280-aa09d6e1ffee/1/IY5stn4uFyzkXhxk9GN4WlXIsnU.roa File: IY5stn4uFyzkXhxk9GN4WlXIsnU.roa (raw, json) Hash identifier: PjV6+EPoAnHt7bbW6zTa++1bAvRToNMnmP3SVwfF3kE= Subject key identifier: 21:8E:6C:B6:7E:2E:17:2C:E4:5E:1C:64:F4:63:78:5A:55:C8:B2:75 Certificate issuer: /CN=177e11f5233e933999a2a0c68903fc275ae459e6 Certificate serial: 019B7F14D68B1B963D89A75537A48BB854C9 Authority key identifier: 17:7E:11:F5:23:3E:93:39:99:A2:A0:C6:89:03:FC:27:5A:E4:59:E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F34R9SM-kzmZoqDGiQP8J1rkWeY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/119dcd-84e1-48d5-a280-aa09d6e1ffee/1/IY5stn4uFyzkXhxk9GN4WlXIsnU.roa Signing time: Fri 02 Jan 2026 14:20:30 +0000 ROA not before: Fri 02 Jan 2026 14:20:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209783 IP address blocks: 185.63.113.0/24 maxlen: 24 2a14:fc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/119dcd-84e1-48d5-a280-aa09d6e1ffee/1/F34R9SM-kzmZoqDGiQP8J1rkWeY.crl rsync://rpki.ripe.net/repository/DEFAULT/98/119dcd-84e1-48d5-a280-aa09d6e1ffee/1/F34R9SM-kzmZoqDGiQP8J1rkWeY.mft rsync://rpki.ripe.net/repository/DEFAULT/F34R9SM-kzmZoqDGiQP8J1rkWeY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 05:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:d6:8b:1b:96:3d:89:a7:55:37:a4:8b:b8:54:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=177e11f5233e933999a2a0c68903fc275ae459e6 Validity Not Before: Jan 2 14:20:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=218e6cb67e2e172ce45e1c64f463785a55c8b275 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:11:a5:47:72:ef:1a:0e:87:db:2c:cd:6f:2c: 2e:27:11:38:dd:a1:03:7e:68:87:a8:91:e2:4b:01: 41:da:09:e0:1d:09:0b:e3:a6:fe:3d:7c:79:80:17: 85:4e:ef:68:a0:17:c6:27:d1:66:b8:ee:5d:a9:7e: c8:67:40:cb:10:6d:7a:28:a0:f8:6d:6f:1d:3d:c8: fa:a8:f9:f9:72:13:d9:19:91:7b:bc:f7:1b:8f:f1: 5d:25:61:41:99:e8:e0:ac:70:7e:8e:70:49:13:c3: 8e:8a:e7:5c:83:bf:83:00:65:32:96:b9:95:95:4b: f9:1f:db:a2:c5:21:6e:e9:85:0e:a3:dd:1f:f0:83: 28:be:35:24:af:99:0e:4c:16:c9:6b:b4:a6:82:16: 66:c4:88:22:c1:5d:12:a2:cd:62:3c:08:d9:1a:b7: 6a:81:f8:13:dc:1c:a6:17:ea:d5:c4:fc:61:6f:63: c5:28:30:22:ae:e6:63:ce:e8:01:58:a5:f5:30:db: 7c:d6:96:c8:d9:28:89:3d:8c:e7:e0:18:b2:c0:43: 41:ab:93:a3:f3:6b:d1:6d:ea:6a:e9:51:f5:66:f4: ee:91:3f:f7:9c:05:e0:3a:11:98:97:b0:e7:19:ec: 00:92:66:f4:a4:b0:ae:0f:b2:6e:40:e7:5d:6d:33: b2:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:8E:6C:B6:7E:2E:17:2C:E4:5E:1C:64:F4:63:78:5A:55:C8:B2:75 X509v3 Authority Key Identifier: keyid:17:7E:11:F5:23:3E:93:39:99:A2:A0:C6:89:03:FC:27:5A:E4:59:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F34R9SM-kzmZoqDGiQP8J1rkWeY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/119dcd-84e1-48d5-a280-aa09d6e1ffee/1/IY5stn4uFyzkXhxk9GN4WlXIsnU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/119dcd-84e1-48d5-a280-aa09d6e1ffee/1/F34R9SM-kzmZoqDGiQP8J1rkWeY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.63.113.0/24 IPv6: 2a14:fc0::/29 Signature Algorithm: sha256WithRSAEncryption 51:bd:61:92:98:74:8d:e2:a8:6b:2b:45:52:c4:db:08:34:a4: 74:38:f4:c3:81:8b:17:65:d8:e9:fe:ac:96:d2:eb:0b:0d:47: ef:f4:46:91:1a:8d:98:c3:d5:2d:7f:7a:4b:c3:fc:16:df:ae: be:bb:04:26:1e:67:25:a1:3f:c3:2d:a5:0d:a2:72:b7:43:80: 83:50:1a:28:a7:78:a1:b4:19:4b:56:f0:a3:21:9d:2a:63:75: 3e:48:a4:5c:e5:d1:ba:f9:00:3c:8d:3b:c5:52:aa:72:1a:34: 17:63:76:dd:73:ab:73:ce:dc:b0:f4:b3:63:69:a2:ba:f1:9d: 7d:e1:bb:a2:bd:bf:9f:b0:44:c5:35:55:83:1e:e5:88:22:42: f6:7f:77:67:d0:aa:a4:76:c3:0b:cc:8e:3b:24:ba:7c:1d:8d: c4:03:a4:76:4e:cf:c1:c0:cc:58:b3:f1:a4:5e:3d:6f:d0:9e: 10:11:9d:74:ac:5d:ca:fd:e0:db:c3:95:16:91:2e:db:6a:bc: 3f:de:5d:79:fa:e4:90:93:64:fc:7a:9c:00:50:9a:88:66:0d: 02:ee:dd:f9:9a:d8:7d:32:b8:1a:87:f6:73:96:22:e6:ed:22: 11:b1:72:26:d3:62:5c:32:29:bf:8b:c3:af:c4:dd:16:23:b1: 3a:26:15:1f -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/FNaLG5Y9iadVN6SLuFTJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3N2UxMWY1MjMzZTkzMzk5OWEyYTBjNjg5MDNmYzI3NWFl NDU5ZTYwHhcNMjYwMTAyMTQyMDMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMThlNmNiNjdlMmUxNzJjZTQ1ZTFjNjRmNDYzNzg1YTU1YzhiMjc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhGlR3LvGg6H2yzNbywuJxE43aED fmiHqJHiSwFB2gngHQkL46b+PXx5gBeFTu9ooBfGJ9FmuO5dqX7IZ0DLEG16KKD4 bW8dPcj6qPn5chPZGZF7vPcbj/FdJWFBmejgrHB+jnBJE8OOiudcg7+DAGUylrmV lUv5H9uixSFu6YUOo90f8IMovjUkr5kOTBbJa7SmghZmxIgiwV0Sos1iPAjZGrdq gfgT3BymF+rVxPxhb2PFKDAiruZjzugBWKX1MNt81pbI2SiJPYzn4BiywENBq5Oj 82vRbepq6VH1ZvTukT/3nAXgOhGYl7DnGewAkmb0pLCuD7JuQOddbTOyxQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFCGObLZ+Lhcs5F4cZPRjeFpVyLJ1MB8GA1UdIwQY MBaAFBd+EfUjPpM5maKgxokD/Cda5FnmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjM0UjlTTS1rem1ab3FER2lRUDhKMXJrV2VZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xMTlkY2QtODRlMS00OGQ1LWEyODAt YWEwOWQ2ZTFmZmVlLzEvSVk1c3RuNHVGeXprWGh4azlHTjRXbFhJc25VLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC8xMTlkY2QtODRlMS00OGQ1LWEyODAtYWEwOWQ2ZTFmZmVl LzEvRjM0UjlTTS1rem1ab3FER2lRUDhKMXJrV2VZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuT9xMA0E AgACMAcDBQMqFA/AMA0GCSqGSIb3DQEBCwUAA4IBAQBRvWGSmHSN4qhrK0VSxNsI NKR0OPTDgYsXZdjp/qyW0usLDUfv9EaRGo2Yw9Utf3pLw/wW366+uwQmHmcloT/D LaUNonK3Q4CDUBoop3ihtBlLVvCjIZ0qY3U+SKRc5dG6+QA8jTvFUqpyGjQXY3bd c6tzztyw9LNjaaK68Z194buivb+fsETFNVWDHuWIIkL2f3dn0KqkdsMLzI47JLp8 HY3EA6R2Ts/BwMxYs/GkXj1v0J4QEZ10rF3K/eDbw5UWkS7barw/3l15+uSQk2T8 epwAUJqIZg0C7t35mth9Mrgah/ZzliLm7SIRsXIm02JcMim/i8OvxN0WI7E6JhUf -----END CERTIFICATE-----Generated at Mon Jan 26 12:18:26 2026 by rpki-client