This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/IAcgHGi2lFpmozwldAdI6otCCf8.roa File: IAcgHGi2lFpmozwldAdI6otCCf8.roa (raw, json) Hash identifier: BMvZpTPd4wPptVWAuFWagP2MsiisY343W0Dlxwe5jk8= Subject key identifier: 20:07:20:1C:68:B6:94:5A:66:A3:3C:25:74:07:48:EA:8B:42:09:FF Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255 Certificate serial: 019B7EA6BF91BC142C8E82394CC3337C65A7 Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/IAcgHGi2lFpmozwldAdI6otCCf8.roa Signing time: Fri 02 Jan 2026 12:20:15 +0000 ROA not before: Fri 02 Jan 2026 12:20:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207701 IP address blocks: 5.11.31.0/24 maxlen: 24 2a01:7a8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.mft rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:bf:91:bc:14:2c:8e:82:39:4c:c3:33:7c:65:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255 Validity Not Before: Jan 2 12:20:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2007201c68b6945a66a33c25740748ea8b4209ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:75:b6:b4:90:81:d2:bc:ad:ee:86:83:14:28: d1:e1:fb:0c:95:86:3c:3d:b8:d8:81:9a:c7:4e:50: be:56:d4:be:14:ec:6a:16:cf:fb:09:e2:32:dd:ed: 9b:ac:14:16:7d:99:5d:b9:94:d8:2b:ef:8f:7d:83: 52:30:3b:18:d4:63:b9:70:4b:37:44:44:15:9e:ca: 1e:05:1a:bc:a3:6e:74:b0:54:7c:6d:d3:66:3d:6c: 54:3a:fa:47:36:98:30:fe:7a:9c:f2:0c:d6:f2:3b: 12:41:00:ac:fb:9b:74:cc:3b:df:df:2d:4f:fd:c9: 84:94:12:7b:f8:6e:33:f7:e5:74:0d:f6:42:e0:8a: b7:5a:2e:0d:a6:34:ff:02:86:34:cd:e1:d0:6a:01: cd:1b:a2:e1:2b:dd:b3:5e:48:dd:70:a9:39:4c:28: a7:47:96:95:b2:e8:1e:bd:31:b7:bd:f0:47:bb:1b: bd:c0:b4:aa:c8:05:5b:a4:40:3d:32:3c:2d:2a:7a: f8:5f:c5:75:dd:a0:e3:00:11:02:b0:03:a1:4d:63: 8f:15:c6:4f:52:03:5f:58:da:1e:13:82:df:cb:65: 34:35:1e:86:43:cd:21:06:9b:89:78:0c:bd:f7:8b: 69:51:41:fb:5a:52:0d:6b:d2:29:db:75:ba:c2:6e: ea:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:07:20:1C:68:B6:94:5A:66:A3:3C:25:74:07:48:EA:8B:42:09:FF X509v3 Authority Key Identifier: keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/IAcgHGi2lFpmozwldAdI6otCCf8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.11.31.0/24 IPv6: 2a01:7a8::/48 Signature Algorithm: sha256WithRSAEncryption 10:97:b4:6c:ab:6e:9b:52:9b:8b:0e:46:8a:18:f6:74:38:33: c2:c6:f9:19:0d:f1:4c:12:25:70:f5:38:60:51:84:d8:19:c8: a1:ad:f4:ad:de:38:d9:fd:06:cc:e2:77:51:3e:ab:30:46:5c: c3:82:f1:88:b3:e4:82:2e:3c:aa:ca:5c:2b:63:82:19:df:07: f0:00:db:77:df:46:d7:67:f1:80:7f:69:dc:2b:87:78:5a:39: 6b:a6:6b:42:4c:8e:2d:23:de:b9:0d:30:d5:1e:fb:2e:06:79: f7:d6:a6:b8:31:b6:ea:0a:df:c5:49:13:62:5d:5d:f1:14:2f: b4:04:ad:05:a0:64:87:86:8d:d8:b2:8c:2c:4d:83:54:b1:19: 14:8a:bd:2b:2f:79:dc:be:6f:69:e2:73:0b:61:8b:17:a5:f1: d0:1c:0e:82:ff:83:35:a3:c3:85:67:15:f6:6d:17:c0:c9:a3: 8d:8b:a6:ce:ef:94:3f:7d:bb:cd:f4:af:de:43:c6:b7:41:71: 7c:2f:30:26:e9:33:be:d7:1e:47:da:a3:0e:13:a9:a2:4f:c3: 8f:b4:b4:00:f7:da:b2:e9:87:bb:ec:65:41:ed:93:ec:6d:32: f2:f5:57:bc:92:46:55:43:51:6f:1e:fd:5c:60:91:45:34:cf: ec:7a:de:76 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+pr+RvBQsjoI5TMMzfGWnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj NDkyNTUwHhcNMjYwMTAyMTIyMDE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMDA3MjAxYzY4YjY5NDVhNjZhMzNjMjU3NDA3NDhlYThiNDIwOWZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXW2tJCB0ryt7oaDFCjR4fsMlYY8 PbjYgZrHTlC+VtS+FOxqFs/7CeIy3e2brBQWfZlduZTYK++PfYNSMDsY1GO5cEs3 REQVnsoeBRq8o250sFR8bdNmPWxUOvpHNpgw/nqc8gzW8jsSQQCs+5t0zDvf3y1P /cmElBJ7+G4z9+V0DfZC4Iq3Wi4NpjT/AoY0zeHQagHNG6LhK92zXkjdcKk5TCin R5aVsugevTG3vfBHuxu9wLSqyAVbpEA9MjwtKnr4X8V13aDjABECsAOhTWOPFcZP UgNfWNoeE4Lfy2U0NR6GQ80hBpuJeAy994tpUUH7WlINa9Ip23W6wm7qUQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFCAHIBxotpRaZqM8JXQHSOqLQgn/MB8GA1UdIwQY MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct MzZhZTc2ZWU5ODNlLzEvSUFjZ0hHaTJsRnBtb3p3bGRBZEk2b3RDQ2Y4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQABQsfMA8E AgACMAkDBwAqAQeoAAAwDQYJKoZIhvcNAQELBQADggEBABCXtGyrbptSm4sORooY 9nQ4M8LG+RkN8UwSJXD1OGBRhNgZyKGt9K3eONn9Bszid1E+qzBGXMOC8Yiz5IIu PKrKXCtjghnfB/AA23ffRtdn8YB/adwrh3haOWuma0JMji0j3rkNMNUe+y4GeffW prgxtuoK38VJE2JdXfEUL7QErQWgZIeGjdiyjCxNg1SxGRSKvSsvedy+b2nicwth ixel8dAcDoL/gzWjw4VnFfZtF8DJo42Lps7vlD99u830r95DxrdBcXwvMCbpM77X Hkfaow4TqaJPw4+0tAD32rLph7vsZUHtk+xtMvL1V7ySRlVDUW8e/VxgkUU0z+x6 3nY= -----END CERTIFICATE-----Generated at Sun Jan 25 12:18:23 2026 by rpki-client