This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/IrFs_aYDL98DrBmqXNeImOXYqVs.roa File: IrFs_aYDL98DrBmqXNeImOXYqVs.roa (raw, json) Hash identifier: /du+UzfxF5Oy69bwitaws2QcGuPpQ2q/PzP+2+rlKmc= Subject key identifier: 22:B1:6C:FD:A6:03:2F:DF:03:AC:19:AA:5C:D7:88:98:E5:D8:A9:5B Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd Certificate serial: 019B783459C27BED0856DD63DCF3B59075FF Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/IrFs_aYDL98DrBmqXNeImOXYqVs.roa Signing time: Thu 01 Jan 2026 06:17:35 +0000 ROA not before: Thu 01 Jan 2026 06:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12321 IP address blocks: 212.7.32.0/19 maxlen: 19 212.166.64.0/19 maxlen: 19 213.129.160.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:59:c2:7b:ed:08:56:dd:63:dc:f3:b5:90:75:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd Validity Not Before: Jan 1 06:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=22b16cfda6032fdf03ac19aa5cd78898e5d8a95b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:c3:59:55:dc:06:16:bb:49:90:d8:c7:2a:cb: e2:19:4f:f7:eb:a8:16:0a:9d:77:9f:63:fc:d6:8c: d0:17:21:e6:23:14:bc:bf:ae:c6:b2:e8:9a:19:0b: 4a:76:fb:a1:c0:78:98:b9:d4:da:22:1f:79:d6:b2: dd:ab:f4:be:01:e0:ed:52:9c:ee:c2:e9:0f:e0:da: 17:07:65:cb:57:4a:fa:44:6c:e5:66:1b:96:3f:ae: 6c:a2:18:8f:92:25:57:b1:95:19:96:af:7d:84:cc: 30:4c:5d:41:8e:7d:8d:97:2d:16:9e:f6:28:d7:6a: ac:14:13:b8:cc:51:9b:81:7b:ed:fc:61:4f:11:e3: 4f:54:ca:dd:9c:95:44:68:96:b6:34:28:b0:f4:bd: 77:67:57:05:3b:9c:63:0d:5d:cd:32:72:09:55:98: d2:a8:f0:12:38:1a:55:a1:f8:3c:09:20:1f:76:3b: 25:e7:dd:67:c5:ac:e7:a9:26:ff:0d:1b:14:1b:dd: c2:74:c6:87:1e:02:f4:94:73:43:de:97:1a:fb:78: 8c:8d:58:46:99:b6:ce:58:48:64:a7:65:b4:56:ae: 8a:e9:8f:3b:7c:35:c7:31:ab:d6:90:27:f9:07:ea: 66:77:97:90:41:a6:9f:2a:16:0a:be:07:bb:35:10: 0d:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:B1:6C:FD:A6:03:2F:DF:03:AC:19:AA:5C:D7:88:98:E5:D8:A9:5B X509v3 Authority Key Identifier: keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/IrFs_aYDL98DrBmqXNeImOXYqVs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.7.32.0/19 212.166.64.0/19 213.129.160.0/19 Signature Algorithm: sha256WithRSAEncryption a3:6a:e8:25:83:30:a4:1e:f0:e4:18:e1:63:46:5e:d1:92:ae: 2f:2c:d7:9e:8c:22:2a:bf:74:6f:87:a9:80:c1:d7:46:a2:77: 88:be:91:5a:13:7c:de:90:ac:b5:86:20:c0:1e:98:ce:29:8f: a5:55:aa:95:d2:7e:ad:c4:dd:d0:5c:3b:3a:b7:5c:d8:11:cf: 31:16:57:60:1c:1d:21:0e:4e:cf:b9:9a:e9:8b:93:43:c1:60: 5c:d8:b5:ba:c1:59:89:06:87:7a:76:ae:50:3d:51:71:29:40: 58:c1:f3:e9:cc:37:ac:3b:ff:eb:71:e1:85:ab:d7:92:e5:45: 99:f8:57:91:24:31:f7:7e:eb:b9:1f:ce:fd:8e:e5:d5:91:76: b2:25:e2:3e:69:53:78:c5:b1:ad:df:67:fa:ef:6b:c4:1c:ff: 1d:a1:6f:6f:7d:6d:08:06:ce:d2:8f:57:2b:09:0b:c9:76:2c: b4:72:a0:54:ee:dd:d8:e0:85:66:d1:7f:84:f2:f9:b2:71:8d: 53:51:30:b2:d3:2d:09:e4:f5:86:24:d2:0a:82:fa:12:ab:f2: cb:e8:6b:20:a3:86:c2:e2:59:5b:0c:ce:a5:ad:16:75:c7:63: 0f:e6:93:4c:83:83:a9:09:65:ae:46:fe:21:90:52:ee:a2:45: a5:15:83:b1 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt4NFnCe+0IVt1j3PO1kHX/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi MmUyY2QwHhcNMjYwMTAxMDYxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMmIxNmNmZGE2MDMyZmRmMDNhYzE5YWE1Y2Q3ODg5OGU1ZDhhOTViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMNZVdwGFrtJkNjHKsviGU/366gW Cp13n2P81ozQFyHmIxS8v67GsuiaGQtKdvuhwHiYudTaIh951rLdq/S+AeDtUpzu wukP4NoXB2XLV0r6RGzlZhuWP65sohiPkiVXsZUZlq99hMwwTF1Bjn2Nly0WnvYo 12qsFBO4zFGbgXvt/GFPEeNPVMrdnJVEaJa2NCiw9L13Z1cFO5xjDV3NMnIJVZjS qPASOBpVofg8CSAfdjsl591nxaznqSb/DRsUG93CdMaHHgL0lHND3pca+3iMjVhG mbbOWEhkp2W0Vq6K6Y87fDXHMavWkCf5B+pmd5eQQaafKhYKvge7NRANpwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFCKxbP2mAy/fA6wZqlzXiJjl2KlbMB8GA1UdIwQY MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt ZjEyODM1ZjAyNDdiLzEvSXJGc19hWURMOThEckJtcVhOZUltT1hZcVZzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2QtZjEyODM1ZjAyNDdi LzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQF1AcgAwQF 1KZAAwQF1YGgMA0GCSqGSIb3DQEBCwUAA4IBAQCjauglgzCkHvDkGOFjRl7Rkq4v LNeejCIqv3Rvh6mAwddGoneIvpFaE3zekKy1hiDAHpjOKY+lVaqV0n6txN3QXDs6 t1zYEc8xFldgHB0hDk7PuZrpi5NDwWBc2LW6wVmJBod6dq5QPVFxKUBYwfPpzDes O//rceGFq9eS5UWZ+FeRJDH3fuu5H879juXVkXayJeI+aVN4xbGt32f672vEHP8d oW9vfW0IBs7Sj1crCQvJdiy0cqBU7t3Y4IVm0X+E8vmycY1TUTCy0y0J5PWGJNIK gvoSq/LL6Gsgo4bC4llbDM6lrRZ1x2MP5pNMg4OpCWWuRv4hkFLuokWlFYOx -----END CERTIFICATE-----Generated at Sun Jan 25 16:27:32 2026 by rpki-client