This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/8YEFvbEwVLH9qWllGkk7g4NlnI0.roa File: 8YEFvbEwVLH9qWllGkk7g4NlnI0.roa (raw, json) Hash identifier: II2QPPzjTL1kCxQBuVajcyo2dWvGe95JioEGL2xzIuI= Subject key identifier: F1:81:05:BD:B1:30:54:B1:FD:A9:69:65:1A:49:3B:83:83:65:9C:8D Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933 Certificate serial: 019B7D5D06C0DAFE670FF7774512B1413E3F Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/8YEFvbEwVLH9qWllGkk7g4NlnI0.roa Signing time: Fri 02 Jan 2026 06:20:07 +0000 ROA not before: Fri 02 Jan 2026 06:20:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199410 IP address blocks: 217.153.154.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:06:c0:da:fe:67:0f:f7:77:45:12:b1:41:3e:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933 Validity Not Before: Jan 2 06:20:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f18105bdb13054b1fda969651a493b8383659c8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:cb:cb:c0:17:74:7e:b2:d6:f0:ff:a2:d6:a0: 75:ab:9e:0d:37:e3:c2:6c:31:b4:79:c1:30:50:a9: a6:36:23:4a:27:b0:d9:be:e1:23:e8:4e:e1:ff:1c: c0:ef:c5:24:2f:02:45:a6:21:5b:cd:ba:0b:a9:53: 87:62:ed:52:85:0c:ca:6e:b8:95:10:35:db:ea:70: dd:7e:0a:b7:1d:bf:e3:63:03:99:2c:34:37:9c:6d: c6:19:6c:1c:7b:b8:35:b5:24:4a:bb:cd:d1:b9:2f: 70:14:2a:e3:10:36:bd:97:73:6a:45:9d:a8:24:da: 7e:12:42:4c:13:18:2b:5b:d1:6d:1d:22:60:66:78: de:5b:44:7c:8c:82:26:83:0b:fa:e1:91:3b:d6:97: e7:31:e2:c6:80:56:29:7a:56:24:18:0a:76:f5:63: 32:59:4d:f3:aa:fb:44:2d:98:43:4b:a2:cc:3f:fd: ad:28:37:2e:9e:22:2f:30:40:8c:5d:56:85:3d:46: 85:78:c9:20:97:08:2f:e7:15:59:6f:5a:b1:d8:d1: 76:f3:10:ec:93:90:86:d9:f6:f6:54:a0:69:f7:9c: 61:78:09:cf:4f:e6:30:3d:85:f4:26:8e:a3:67:53: 2c:86:b6:52:30:2e:14:02:7a:9c:96:eb:f6:7c:90: a2:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:81:05:BD:B1:30:54:B1:FD:A9:69:65:1A:49:3B:83:83:65:9C:8D X509v3 Authority Key Identifier: keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/8YEFvbEwVLH9qWllGkk7g4NlnI0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.153.154.0/23 Signature Algorithm: sha256WithRSAEncryption 90:37:18:42:cf:c3:87:77:41:74:6b:b8:fa:bf:4d:a6:fa:db: 68:5c:81:f6:ed:d2:99:80:c0:64:25:4d:c4:72:9c:ea:e9:5a: 9a:e8:89:ad:fe:67:53:8b:6a:29:35:cf:96:71:91:57:ad:11: 8c:c3:98:88:68:49:6e:1e:ee:18:4b:38:63:e8:90:84:3f:b7: 29:0b:b6:f6:5a:d1:57:26:de:26:9f:fc:3f:0b:23:43:5a:8e: dd:d2:ad:aa:3b:01:a0:02:31:13:e4:65:68:c5:27:7d:d6:87: 8a:b0:aa:2e:1b:23:5b:87:9c:a4:55:2e:2b:af:37:57:52:8f: 99:d7:a0:8f:9f:74:07:df:86:4b:08:f2:ef:d4:a2:5c:e5:be: cf:d3:f7:f8:3d:80:e2:96:e9:94:03:ef:1c:d6:0b:aa:ac:4f: d6:66:3a:09:a7:21:0b:d8:36:98:f1:a3:80:a5:11:99:db:71: 99:8b:4d:d4:3e:5f:b4:72:6c:d7:b3:cb:1c:f0:8c:19:33:fc: d5:83:3b:8f:9d:c4:99:53:30:d7:b1:92:4d:2e:8b:32:3c:80: c9:13:59:8d:53:29:1c:f1:52:d1:c2:f2:10:48:0a:41:01:75: 1a:59:0f:26:d9:2b:98:87:5d:47:6b:68:82:6f:34:3b:b5:82: f5:37:21:10 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9XQbA2v5nD/d3RRKxQT4/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj ZWY5MzMwHhcNMjYwMTAyMDYyMDA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmMTgxMDViZGIxMzA1NGIxZmRhOTY5NjUxYTQ5M2I4MzgzNjU5YzhkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocvLwBd0frLW8P+i1qB1q54NN+PC bDG0ecEwUKmmNiNKJ7DZvuEj6E7h/xzA78UkLwJFpiFbzboLqVOHYu1ShQzKbriV EDXb6nDdfgq3Hb/jYwOZLDQ3nG3GGWwce7g1tSRKu83RuS9wFCrjEDa9l3NqRZ2o JNp+EkJMExgrW9FtHSJgZnjeW0R8jIImgwv64ZE71pfnMeLGgFYpelYkGAp29WMy WU3zqvtELZhDS6LMP/2tKDcuniIvMECMXVaFPUaFeMkglwgv5xVZb1qx2NF28xDs k5CG2fb2VKBp95xheAnPT+YwPYX0Jo6jZ1MshrZSMC4UAnqcluv2fJCi6wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFPGBBb2xMFSx/alpZRpJO4ODZZyNMB8GA1UdIwQY MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt OTFlMzE4NGJiMGFiLzEvOFlFRnZiRXdWTEg5cVdsbEdrazdnNE5sbkkwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2ZmaMA0G CSqGSIb3DQEBCwUAA4IBAQCQNxhCz8OHd0F0a7j6v02m+ttoXIH27dKZgMBkJU3E cpzq6Vqa6Imt/mdTi2opNc+WcZFXrRGMw5iIaEluHu4YSzhj6JCEP7cpC7b2WtFX Jt4mn/w/CyNDWo7d0q2qOwGgAjET5GVoxSd91oeKsKouGyNbh5ykVS4rrzdXUo+Z 16CPn3QH34ZLCPLv1KJc5b7P0/f4PYDilumUA+8c1guqrE/WZjoJpyEL2DaY8aOA pRGZ23GZi03UPl+0cmzXs8sc8IwZM/zVgzuPncSZUzDXsZJNLosyPIDJE1mNUykc 8VLRwvIQSApBAXUaWQ8m2SuYh11Ha2iCbzQ7tYL1NyEQ -----END CERTIFICATE-----Generated at Sun Jan 25 20:48:34 2026 by rpki-client