This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/iqLo87tMFOB-XBrWIzdU46MRBuE.roa File: iqLo87tMFOB-XBrWIzdU46MRBuE.roa (raw, json) Hash identifier: IzYBLEWXA56LUWCfb8F/l/nPeES5nSXV/ENxm4IRlhY= Subject key identifier: 8A:A2:E8:F3:BB:4C:14:E0:7E:5C:1A:D6:23:37:54:E3:A3:11:06:E1 Certificate issuer: /CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8 Certificate serial: 019B7BA53F6176DC1F57341C5AB13005BFEB Authority key identifier: 84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/iqLo87tMFOB-XBrWIzdU46MRBuE.roa Signing time: Thu 01 Jan 2026 22:19:45 +0000 ROA not before: Thu 01 Jan 2026 22:19:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207879 IP address blocks: 2a0b:b147::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.mft rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:3f:61:76:dc:1f:57:34:1c:5a:b1:30:05:bf:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8 Validity Not Before: Jan 1 22:19:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8aa2e8f3bb4c14e07e5c1ad6233754e3a31106e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:da:a7:a9:13:e4:16:ea:7f:28:cc:de:3b:3b: 85:d4:c5:05:2a:d2:ab:72:75:b3:4e:9f:04:b9:12: b7:4b:36:62:6d:b3:6b:46:89:3b:13:1b:62:32:e8: 2d:e5:19:c2:2a:45:dc:9c:01:ac:9d:7f:3c:d7:47: ea:17:91:73:26:de:20:0e:16:f6:4e:55:2e:65:e6: 82:f4:1f:6a:b1:82:a2:7d:16:da:e5:86:b5:ec:4b: 4a:d4:76:ce:39:c3:63:eb:89:ec:c7:19:70:4c:c0: 6d:f3:36:ab:eb:b1:07:50:b6:83:c3:b5:8c:f7:a3: c5:00:5f:6d:08:d7:c3:77:d1:05:78:bf:19:dc:f1: cb:2f:60:a9:4e:08:d5:d6:1f:bb:bd:ea:76:58:0a: 5b:a6:21:1a:db:2f:3f:d0:81:87:bd:e7:3a:56:91: d4:d6:80:ce:50:2c:39:dc:20:c7:29:a0:b9:2b:78: 90:82:22:43:fe:6b:14:d7:8d:14:53:cc:ee:43:12: 11:44:31:67:be:86:30:fc:b9:58:a7:11:70:d3:ec: fb:b2:1f:cd:40:9f:78:c5:15:54:18:9e:87:f0:cc: 54:dc:95:3e:67:d1:35:db:e4:7b:90:53:d6:ff:0f: 70:b4:9e:fe:ea:49:0f:25:db:62:0c:c6:d8:04:4d: d7:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:A2:E8:F3:BB:4C:14:E0:7E:5C:1A:D6:23:37:54:E3:A3:11:06:E1 X509v3 Authority Key Identifier: keyid:84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/iqLo87tMFOB-XBrWIzdU46MRBuE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:b147::/32 Signature Algorithm: sha256WithRSAEncryption 5c:2a:eb:7d:be:e1:09:b4:88:26:35:2d:93:9f:3a:31:a1:47: 48:31:1e:89:c3:dc:47:b5:b0:c8:c9:29:86:cf:72:c4:b5:f5: 06:e3:90:c9:9b:d5:d8:b1:04:c4:d6:61:b0:44:a1:58:7b:ee: 81:f2:12:15:9b:20:0c:dc:87:77:92:61:e0:aa:fa:49:0c:a3: 0a:db:82:8e:d7:1e:ec:c9:40:1c:b3:c3:68:5d:f3:37:88:8f: 08:b0:5d:e8:66:24:a2:1a:09:0e:64:c6:c2:9d:95:5a:09:5e: 66:24:b7:c9:64:48:49:49:62:3d:59:e1:5e:bd:38:a6:70:41: 52:2f:fd:56:c4:1f:a7:a3:5d:00:4c:a6:62:63:d0:7d:2e:6e: ad:90:2c:3c:d6:2b:5a:dc:7c:d8:f8:d8:33:29:bc:8f:07:6a: d0:3f:58:dc:69:da:f9:c7:7f:c1:c0:c1:d7:f5:ca:90:93:27: e0:96:4c:73:03:69:73:80:65:25:23:47:8a:5d:2b:64:f1:55: af:64:1b:99:da:c3:6b:a4:9b:81:c7:4d:cd:9f:40:82:ea:fd: a6:91:9d:42:8f:16:4e:67:2f:7c:25:da:6e:6b:77:08:25:4c: 09:64:59:b1:a4:a7:f2:14:0a:9d:72:01:8f:54:03:ed:5c:5c: 7a:d5:83:01 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt7pT9hdtwfVzQcWrEwBb/rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0ZTE0MjlhNTNlNjQ2M2IzYzc0ZjVhM2YxN2M1ZDRhNTFl YmQwYjgwHhcNMjYwMTAxMjIxOTQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YWEyZThmM2JiNGMxNGUwN2U1YzFhZDYyMzM3NTRlM2EzMTEwNmUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitqnqRPkFup/KMzeOzuF1MUFKtKr cnWzTp8EuRK3SzZibbNrRok7ExtiMugt5RnCKkXcnAGsnX8810fqF5FzJt4gDhb2 TlUuZeaC9B9qsYKifRba5Ya17EtK1HbOOcNj64nsxxlwTMBt8zar67EHULaDw7WM 96PFAF9tCNfDd9EFeL8Z3PHLL2CpTgjV1h+7vep2WApbpiEa2y8/0IGHvec6VpHU 1oDOUCw53CDHKaC5K3iQgiJD/msU140UU8zuQxIRRDFnvoYw/LlYpxFw0+z7sh/N QJ94xRVUGJ6H8MxU3JU+Z9E12+R7kFPW/w9wtJ7+6kkPJdtiDMbYBE3XswIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFIqi6PO7TBTgflwa1iM3VOOjEQbhMB8GA1UdIwQY MBaAFIThQppT5kY7PHT1o/F8XUpR69C4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYt YzQxZGNjYThiNzc1LzEvaXFMbzg3dE1GT0ItWEJyV0l6ZFU0Nk1SQnVFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYtYzQxZGNjYThiNzc1 LzEvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKguxRzAN BgkqhkiG9w0BAQsFAAOCAQEAXCrrfb7hCbSIJjUtk586MaFHSDEeicPcR7WwyMkp hs9yxLX1BuOQyZvV2LEExNZhsEShWHvugfISFZsgDNyHd5Jh4Kr6SQyjCtuCjtce 7MlAHLPDaF3zN4iPCLBd6GYkohoJDmTGwp2VWgleZiS3yWRISUliPVnhXr04pnBB Ui/9VsQfp6NdAEymYmPQfS5urZAsPNYrWtx82PjYMym8jwdq0D9Y3Gna+cd/wcDB 1/XKkJMn4JZMcwNpc4BlJSNHil0rZPFVr2QbmdrDa6SbgcdNzZ9Agur9ppGdQo8W TmcvfCXabmt3CCVMCWRZsaSn8hQKnXIBj1QD7VxcetWDAQ== -----END CERTIFICATE-----Generated at Sun Jan 25 23:31:53 2026 by rpki-client