This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/ilqY9c8IbcEKTWk24AXRgSNrWO0.roa File: ilqY9c8IbcEKTWk24AXRgSNrWO0.roa (raw, json) Hash identifier: m73bbuMRMSiNr5UeY5P6BQ8Ud8zaXgZ2oA4zOG5Tf2M= Subject key identifier: 8A:5A:98:F5:CF:08:6D:C1:0A:4D:69:36:E0:05:D1:81:23:6B:58:ED Certificate issuer: /CN=f2e160f0ce5e035af3cb21f4dfd04eab9ea7ee51 Certificate serial: 019BE0A0C32A7E4E85EDD9CD1F4F4CE3813E Authority key identifier: F2:E1:60:F0:CE:5E:03:5A:F3:CB:21:F4:DF:D0:4E:AB:9E:A7:EE:51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8uFg8M5eA1rzyyH039BOq56n7lE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/ilqY9c8IbcEKTWk24AXRgSNrWO0.roa Signing time: Wed 21 Jan 2026 12:56:30 +0000 ROA not before: Wed 21 Jan 2026 12:56:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49373 IP address blocks: 2a00:1e6a::/32 maxlen: 32 2a00:1e6a:76::/47 maxlen: 47 2a00:1e6a:76::/48 maxlen: 48 2a00:1e6a:77::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/8uFg8M5eA1rzyyH039BOq56n7lE.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/8uFg8M5eA1rzyyH039BOq56n7lE.mft rsync://rpki.ripe.net/repository/DEFAULT/8uFg8M5eA1rzyyH039BOq56n7lE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:e0:a0:c3:2a:7e:4e:85:ed:d9:cd:1f:4f:4c:e3:81:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f2e160f0ce5e035af3cb21f4dfd04eab9ea7ee51 Validity Not Before: Jan 21 12:56:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8a5a98f5cf086dc10a4d6936e005d181236b58ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:cd:92:c8:99:03:2c:f0:7c:d6:98:46:9e:b9: 46:2e:20:cb:82:41:cf:00:4e:14:8a:ff:bc:ac:82: 11:64:4b:dc:98:fd:38:69:f7:5c:2d:85:0a:53:59: 1e:ac:27:50:d0:eb:7b:42:ef:1f:17:48:b6:7a:f4: 90:a9:5c:2a:61:cc:81:ee:c4:cc:1e:e7:d4:57:60: 7d:c3:1b:b0:ef:a8:09:f7:e0:82:06:61:45:6b:c6: 4d:7f:3d:a2:4b:6c:aa:41:6e:d0:88:2b:bf:eb:23: 5f:74:aa:40:7d:24:cd:db:10:23:52:91:e5:76:ca: 7f:34:23:fd:fa:16:32:7f:1b:f9:a9:c3:af:23:48: b1:39:f9:ae:ee:69:be:d1:ba:e7:70:25:52:8d:d1: 85:bf:2f:72:ac:1e:a9:d9:fc:2b:ef:23:2a:d8:b4: d5:ef:11:72:2a:0d:c1:a3:e1:b6:b1:61:1c:14:13: 94:2c:7f:a6:ce:25:72:d5:ad:b4:b4:65:be:a0:82: 5d:85:07:91:14:c2:fc:56:81:39:3e:95:ad:6e:b3: fe:82:77:5a:d7:40:ac:dd:a7:a9:18:06:c2:c6:a1: 91:e7:53:65:92:0a:e1:38:5f:b1:fb:71:9d:12:30: d6:e4:3e:e0:61:d0:a7:e1:b4:9e:96:93:52:8b:d0: f8:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:5A:98:F5:CF:08:6D:C1:0A:4D:69:36:E0:05:D1:81:23:6B:58:ED X509v3 Authority Key Identifier: keyid:F2:E1:60:F0:CE:5E:03:5A:F3:CB:21:F4:DF:D0:4E:AB:9E:A7:EE:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8uFg8M5eA1rzyyH039BOq56n7lE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/ilqY9c8IbcEKTWk24AXRgSNrWO0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/8uFg8M5eA1rzyyH039BOq56n7lE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:1e6a::/32 Signature Algorithm: sha256WithRSAEncryption d3:8d:99:84:e3:3a:9d:5d:64:b5:07:72:c4:13:12:3b:ad:64: c0:9c:e2:47:ab:f5:79:fa:f4:c2:ef:49:22:a1:2d:08:97:89: 7b:2a:d2:52:ac:41:90:f7:fd:8f:d6:67:03:4b:19:e4:ac:53: 43:bd:91:dc:59:e0:b6:ed:34:a5:5b:8b:35:ef:08:f9:2d:f3: b4:0d:2e:5d:7b:99:e5:57:bd:5c:7a:a0:a8:1d:f1:75:b4:5f: 41:e1:89:38:43:fa:97:fd:14:10:ab:af:09:e9:68:44:9f:55: 80:67:52:f7:d6:49:70:13:5c:39:8e:9e:09:f5:43:f5:10:0f: 82:08:30:3b:3e:a3:10:5f:65:f2:61:2d:0a:70:c2:a1:5c:19: c3:6e:61:fe:81:bd:79:d3:18:bd:4a:f9:22:9a:00:5d:8a:f2: 48:6a:b9:19:76:de:c8:73:1a:c1:6f:72:f0:e6:3c:64:9f:2d: c6:e7:b6:20:9b:d9:5b:4e:ce:6c:c2:22:41:01:c9:46:46:0e: 82:85:6e:23:28:93:0e:93:b5:d0:06:18:85:8d:59:e7:a0:a9: 5f:6c:48:fd:22:0a:69:a5:2f:32:be:98:25:bd:a7:d0:3c:30: 24:a4:ab:89:1c:f6:dc:bd:4d:d8:dd:10:b5:56:89:c2:eb:0b: 9e:2c:76:73 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZvgoMMqfk6F7dnNH09M44E+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYyZTE2MGYwY2U1ZTAzNWFmM2NiMjFmNGRmZDA0ZWFiOWVh N2VlNTEwHhcNMjYwMTIxMTI1NjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YTVhOThmNWNmMDg2ZGMxMGE0ZDY5MzZlMDA1ZDE4MTIzNmI1OGVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5s2SyJkDLPB81phGnrlGLiDLgkHP AE4Uiv+8rIIRZEvcmP04afdcLYUKU1kerCdQ0Ot7Qu8fF0i2evSQqVwqYcyB7sTM HufUV2B9wxuw76gJ9+CCBmFFa8ZNfz2iS2yqQW7QiCu/6yNfdKpAfSTN2xAjUpHl dsp/NCP9+hYyfxv5qcOvI0ixOfmu7mm+0brncCVSjdGFvy9yrB6p2fwr7yMq2LTV 7xFyKg3Bo+G2sWEcFBOULH+mziVy1a20tGW+oIJdhQeRFML8VoE5PpWtbrP+gnda 10Cs3aepGAbCxqGR51NlkgrhOF+x+3GdEjDW5D7gYdCn4bSelpNSi9D4zQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFIpamPXPCG3BCk1pNuAF0YEja1jtMB8GA1UdIwQY MBaAFPLhYPDOXgNa88sh9N/QTquep+5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOHVGZzhNNWVBMXJ6eXlIMDM5Qk9xNTZuN2xFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zYjE1NDQtNGI1MC00Njg0LWFiNzUt ZmNlMjE0YzZmZmRhLzEvaWxxWTljOEliY0VLVFdrMjRBWFJnU05yV08wLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS8zYjE1NDQtNGI1MC00Njg0LWFiNzUtZmNlMjE0YzZmZmRh LzEvOHVGZzhNNWVBMXJ6eXlIMDM5Qk9xNTZuN2xFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgAeajAN BgkqhkiG9w0BAQsFAAOCAQEA042ZhOM6nV1ktQdyxBMSO61kwJziR6v1efr0wu9J IqEtCJeJeyrSUqxBkPf9j9ZnA0sZ5KxTQ72R3Fngtu00pVuLNe8I+S3ztA0uXXuZ 5Ve9XHqgqB3xdbRfQeGJOEP6l/0UEKuvCeloRJ9VgGdS99ZJcBNcOY6eCfVD9RAP gggwOz6jEF9l8mEtCnDCoVwZw25h/oG9edMYvUr5IpoAXYrySGq5GXbeyHMawW9y 8OY8ZJ8txue2IJvZW07ObMIiQQHJRkYOgoVuIyiTDpO10AYYhY1Z56CpX2xI/SIK aaUvMr6YJb2n0DwwJKSriRz23L1N2N0QtVaJwusLnix2cw== -----END CERTIFICATE-----Generated at Sun Jan 25 23:49:09 2026 by rpki-client