This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/iQGTd2WXoLVwRsQ_8nC_udEAF7E.roa File: iQGTd2WXoLVwRsQ_8nC_udEAF7E.roa (raw, json) Hash identifier: Xe100ccFvMhNIhN2VUssDCNyo4J+LE95jPp43mX4rJ4= Subject key identifier: 89:01:93:77:65:97:A0:B5:70:46:C4:3F:F2:70:BF:B9:D1:00:17:B1 Certificate issuer: /CN=175501d93e9b2b1a4fed308e2ae431cc277e69e0 Certificate serial: 019B7F851C26A81B97D18101904A6232595C Authority key identifier: 17:55:01:D9:3E:9B:2B:1A:4F:ED:30:8E:2A:E4:31:CC:27:7E:69:E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1UB2T6bKxpP7TCOKuQxzCd-aeA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/iQGTd2WXoLVwRsQ_8nC_udEAF7E.roa Signing time: Fri 02 Jan 2026 16:23:08 +0000 ROA not before: Fri 02 Jan 2026 16:23:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5400 IP address blocks: 166.49.128.0/17 maxlen: 17 166.49.171.0/24 maxlen: 24 166.49.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/F1UB2T6bKxpP7TCOKuQxzCd-aeA.crl rsync://rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/F1UB2T6bKxpP7TCOKuQxzCd-aeA.mft rsync://rpki.ripe.net/repository/DEFAULT/F1UB2T6bKxpP7TCOKuQxzCd-aeA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:1c:26:a8:1b:97:d1:81:01:90:4a:62:32:59:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=175501d93e9b2b1a4fed308e2ae431cc277e69e0 Validity Not Before: Jan 2 16:23:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=890193776597a0b57046c43ff270bfb9d10017b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:5d:bf:58:73:14:44:22:9e:b7:53:94:2c:b5: f6:2c:b7:9a:5e:87:ba:c5:04:0b:e3:dc:fb:65:4e: 7a:f3:3b:5d:8a:6b:b1:21:1a:54:2a:73:9b:66:a5: 6c:ec:19:03:91:f0:57:13:74:43:36:76:68:67:2a: 0f:73:c3:af:79:72:a5:2b:0b:b9:56:29:00:ab:8e: 23:62:91:ea:63:4d:50:18:63:01:c1:bb:57:d8:0c: 85:28:de:13:d6:10:60:2f:34:41:a9:cc:ec:66:5f: cc:7e:af:3d:ad:8c:ad:56:f8:35:8c:27:59:2d:a6: 4d:99:76:c8:6e:1c:2a:29:9f:89:1c:0a:70:f6:21: 0a:81:d5:61:5e:c5:87:ce:8e:e9:a4:7f:d6:57:54: f5:70:32:7a:b8:94:ff:90:a7:04:9e:61:78:79:59: 51:25:3b:fa:08:03:3c:a4:a5:f1:91:c2:ad:a1:ba: 2a:30:fc:e8:c3:bd:2c:85:17:71:06:51:99:49:61: 9b:0c:4b:10:a9:8d:d5:15:06:96:51:19:eb:00:b2: 7a:e3:41:3e:92:ec:90:f2:b9:ee:d0:6c:cb:cd:aa: d1:f0:27:a2:ca:c5:cf:16:17:5f:df:b3:04:77:09: c5:6c:e9:73:1f:e9:0b:e1:a1:17:15:f9:17:57:b4: f8:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:01:93:77:65:97:A0:B5:70:46:C4:3F:F2:70:BF:B9:D1:00:17:B1 X509v3 Authority Key Identifier: keyid:17:55:01:D9:3E:9B:2B:1A:4F:ED:30:8E:2A:E4:31:CC:27:7E:69:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1UB2T6bKxpP7TCOKuQxzCd-aeA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/iQGTd2WXoLVwRsQ_8nC_udEAF7E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/068191-878d-425c-8993-09b9905d41db/1/F1UB2T6bKxpP7TCOKuQxzCd-aeA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 166.49.128.0/17 Signature Algorithm: sha256WithRSAEncryption 90:13:6d:7f:cc:c1:02:dc:e6:39:a0:46:17:a2:9f:20:c7:46: a0:9b:6b:50:df:58:84:63:0a:d3:cb:64:b9:30:c5:1f:58:dd: 69:c8:a3:7d:fa:4b:d6:f9:7a:8f:eb:30:af:0a:26:6d:9c:20: 81:57:2a:6f:d0:af:27:87:c9:25:3f:6c:e0:24:a8:fd:83:dd: e6:89:bf:ae:da:57:ef:34:2c:d5:57:27:11:52:90:f4:0e:dc: 4d:9c:ab:29:e7:c7:16:82:84:f6:49:b5:97:9e:02:bf:57:d5: f7:a4:39:45:be:84:c5:db:7c:5c:39:bb:fe:c4:b2:97:98:f7: 82:75:86:1e:c9:87:8c:eb:28:2a:2b:a2:e4:59:73:b2:19:f5: e7:a8:cf:30:10:bf:03:bd:54:95:c6:3e:48:2b:75:f5:6e:a2: 56:6c:ed:a5:b1:55:99:b1:9b:f0:e7:fa:c6:c9:f0:82:c6:46: 60:9d:4f:b4:bd:0f:24:21:1d:b4:6d:55:80:e7:d3:6e:30:a7: e5:49:b3:49:60:f6:e3:ff:4f:e2:b6:72:22:ab:eb:75:89:34: 5b:0c:1c:3c:dc:14:97:28:cb:89:5f:b8:7d:36:ce:8e:27:d6: 41:83:56:99:b8:55:33:4c:4d:34:da:22:07:ed:c5:75:11:b2: b0:c4:f1:49 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hRwmqBuX0YEBkEpiMllcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3NTUwMWQ5M2U5YjJiMWE0ZmVkMzA4ZTJhZTQzMWNjMjc3 ZTY5ZTAwHhcNMjYwMTAyMTYyMzA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OTAxOTM3NzY1OTdhMGI1NzA0NmM0M2ZmMjcwYmZiOWQxMDAxN2IxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA712/WHMURCKet1OULLX2LLeaXoe6 xQQL49z7ZU568ztdimuxIRpUKnObZqVs7BkDkfBXE3RDNnZoZyoPc8OveXKlKwu5 VikAq44jYpHqY01QGGMBwbtX2AyFKN4T1hBgLzRBqczsZl/Mfq89rYytVvg1jCdZ LaZNmXbIbhwqKZ+JHApw9iEKgdVhXsWHzo7ppH/WV1T1cDJ6uJT/kKcEnmF4eVlR JTv6CAM8pKXxkcKtoboqMPzow70shRdxBlGZSWGbDEsQqY3VFQaWURnrALJ640E+ kuyQ8rnu0GzLzarR8CeiysXPFhdf37MEdwnFbOlzH+kL4aEXFfkXV7T4IQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIkBk3dll6C1cEbEP/Jwv7nRABexMB8GA1UdIwQY MBaAFBdVAdk+mysaT+0wjirkMcwnfmngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjFVQjJUNmJLeHBQN1RDT0t1UXh6Q2QtYWVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8wNjgxOTEtODc4ZC00MjVjLTg5OTMt MDliOTkwNWQ0MWRiLzEvaVFHVGQyV1hvTFZ3UnNRXzhuQ191ZEVBRjdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNi8wNjgxOTEtODc4ZC00MjVjLTg5OTMtMDliOTkwNWQ0MWRi LzEvRjFVQjJUNmJLeHBQN1RDT0t1UXh6Q2QtYWVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHpjGAMA0G CSqGSIb3DQEBCwUAA4IBAQCQE21/zMEC3OY5oEYXop8gx0agm2tQ31iEYwrTy2S5 MMUfWN1pyKN9+kvW+XqP6zCvCiZtnCCBVypv0K8nh8klP2zgJKj9g93mib+u2lfv NCzVVycRUpD0DtxNnKsp58cWgoT2SbWXngK/V9X3pDlFvoTF23xcObv+xLKXmPeC dYYeyYeM6ygqK6LkWXOyGfXnqM8wEL8DvVSVxj5IK3X1bqJWbO2lsVWZsZvw5/rG yfCCxkZgnU+0vQ8kIR20bVWA59NuMKflSbNJYPbj/0/itnIiq+t1iTRbDBw83BSX KMuJX7h9Ns6OJ9ZBg1aZuFUzTE002iIH7cV1EbKwxPFJ -----END CERTIFICATE-----Generated at Sun Jan 25 13:09:04 2026 by rpki-client