This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/tI-oEDKOKhS-KmX2_lG7V3df0Vg.roa File: tI-oEDKOKhS-KmX2_lG7V3df0Vg.roa (raw, json) Hash identifier: EhBTeqHKncLHn89ra2kf3+picxLHGT6UtpRvGFOuWYA= Subject key identifier: B4:8F:A8:10:32:8E:2A:14:BE:2A:65:F6:FE:51:BB:57:77:5F:D1:58 Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1 Certificate serial: 019B7F15C7E1AC4680E2C71002871061C7D9 Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/tI-oEDKOKhS-KmX2_lG7V3df0Vg.roa Signing time: Fri 02 Jan 2026 14:21:32 +0000 ROA not before: Fri 02 Jan 2026 14:21:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212230 IP address blocks: 213.0.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.mft rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:c7:e1:ac:46:80:e2:c7:10:02:87:10:61:c7:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1 Validity Not Before: Jan 2 14:21:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b48fa810328e2a14be2a65f6fe51bb57775fd158 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:da:bd:fe:ac:e4:48:8d:d8:bf:4f:38:11:6f: f1:23:26:7a:25:83:d0:8c:d2:24:cf:03:14:aa:7d: ba:b9:74:87:5a:b6:57:04:3e:34:ad:06:9c:6c:87: 9b:93:82:e1:a3:e9:b6:eb:af:93:1f:fe:6a:4b:de: d9:de:b0:b4:4a:cb:c5:0d:d7:95:73:d5:1f:45:1c: 5d:a2:ac:25:4d:9e:fb:5a:45:7a:69:de:be:56:1a: fd:2e:12:a2:e7:21:0b:3d:2c:ee:b5:d9:ab:69:84: a2:be:e2:d7:a5:51:75:1d:3d:22:1a:d4:66:10:2c: d5:04:ec:fe:27:21:dc:66:e8:fa:15:c7:16:c6:fa: 9e:a6:f9:19:a8:92:d6:89:4d:f2:5a:cc:b3:9a:2b: 4c:bd:18:42:69:4d:7f:f5:21:66:67:79:93:b6:54: 5e:39:e1:11:65:fb:70:e1:88:05:01:13:bc:b4:0d: 13:1c:dc:8e:4f:ea:fe:2a:26:3b:d0:31:4f:df:ef: e1:a3:10:29:39:dd:24:3c:38:07:ba:01:2e:ef:92: 41:88:b3:10:19:99:07:51:10:b8:9f:e2:86:41:d3: 97:23:03:e4:25:d3:67:28:90:9b:35:c1:1b:86:b9: 4f:33:72:e6:6b:b1:00:e4:9c:8a:82:fc:50:e7:21: 70:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:8F:A8:10:32:8E:2A:14:BE:2A:65:F6:FE:51:BB:57:77:5F:D1:58 X509v3 Authority Key Identifier: keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/tI-oEDKOKhS-KmX2_lG7V3df0Vg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.0.21.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:0b:08:a6:cf:0d:1c:43:3b:7a:fc:48:dd:50:de:04:26:cb: 69:3a:5d:c1:47:2b:e1:ae:81:21:bb:3e:17:80:34:ae:78:00: 75:b3:38:50:9f:7c:d6:71:06:af:cf:f1:8c:17:71:1a:4e:df: f8:87:2e:cd:7c:00:1d:e4:69:db:bc:e1:44:75:51:37:12:71: 14:31:9d:44:ba:f2:c7:49:a4:9d:97:d1:3e:e1:bb:4d:33:7e: 3a:eb:b5:ab:59:c0:d0:7a:76:44:79:45:c7:4b:67:c6:46:d2: c9:68:a3:f1:6e:9b:47:17:cd:ca:d1:84:e0:12:f3:82:96:23: 1c:fc:92:f1:0b:76:e2:b4:42:d0:0d:a0:b3:1c:29:6d:dc:d8: c8:6c:c4:0b:de:0f:f4:9d:8c:e8:02:be:76:23:0e:18:af:99: 1c:45:6a:51:97:05:1a:66:d9:96:ce:7d:be:94:94:cc:ae:22: 18:bc:e8:ee:58:af:e6:44:0c:23:e3:3e:56:f9:0a:78:30:79: e0:28:bb:fb:52:d1:87:b2:d8:e8:c4:68:ab:a8:32:3a:b0:f9: 34:fc:9f:84:6b:fa:18:2d:0f:69:4a:a8:bf:bb:d7:15:b2:6e: e7:da:2b:a9:db:c2:3c:83:5e:29:1c:bf:bd:f0:bf:62:d7:44: c5:ac:ac:a1 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/FcfhrEaA4scQAocQYcfZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5 NjdkYTEwHhcNMjYwMTAyMTQyMTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiNDhmYTgxMDMyOGUyYTE0YmUyYTY1ZjZmZTUxYmI1Nzc3NWZkMTU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9q9/qzkSI3Yv084EW/xIyZ6JYPQ jNIkzwMUqn26uXSHWrZXBD40rQacbIebk4Lho+m266+TH/5qS97Z3rC0SsvFDdeV c9UfRRxdoqwlTZ77WkV6ad6+Vhr9LhKi5yELPSzutdmraYSivuLXpVF1HT0iGtRm ECzVBOz+JyHcZuj6FccWxvqepvkZqJLWiU3yWsyzmitMvRhCaU1/9SFmZ3mTtlRe OeERZftw4YgFARO8tA0THNyOT+r+KiY70DFP3+/hoxApOd0kPDgHugEu75JBiLMQ GZkHURC4n+KGQdOXIwPkJdNnKJCbNcEbhrlPM3Lma7EA5JyKgvxQ5yFw9QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLSPqBAyjioUvipl9v5Ru1d3X9FYMB8GA1UdIwQY MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt NGJhMmY4ZjFmODNiLzEvdEktb0VES09LaFMtS21YMl9sRzdWM2RmMFZnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1QAVMA0G CSqGSIb3DQEBCwUAA4IBAQAKCwimzw0cQzt6/EjdUN4EJstpOl3BRyvhroEhuz4X gDSueAB1szhQn3zWcQavz/GMF3EaTt/4hy7NfAAd5GnbvOFEdVE3EnEUMZ1EuvLH SaSdl9E+4btNM34667WrWcDQenZEeUXHS2fGRtLJaKPxbptHF83K0YTgEvOCliMc /JLxC3bitELQDaCzHClt3NjIbMQL3g/0nYzoAr52Iw4Yr5kcRWpRlwUaZtmWzn2+ lJTMriIYvOjuWK/mRAwj4z5W+Qp4MHngKLv7UtGHstjoxGirqDI6sPk0/J+Ea/oY LQ9pSqi/u9cVsm7n2iup28I8g14pHL+98L9i10TFrKyh -----END CERTIFICATE-----Generated at Sun Jan 25 18:05:56 2026 by rpki-client