This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/0fY2-frVSg1jq699GFwRUoCBlNc.roa File: 0fY2-frVSg1jq699GFwRUoCBlNc.roa (raw, json) Hash identifier: eUT643x5xx8hSJT1XefBsreuEw6p88bqGvTup19SiEs= Subject key identifier: D1:F6:36:F9:FA:D5:4A:0D:63:AB:AF:7D:18:5C:11:52:80:81:94:D7 Certificate issuer: /CN=23e22f8bdedcbe19bb33fce14fc1db6ae3a40e90 Certificate serial: 019B7BA3F6014660C34CAD5273A3CD067833 Authority key identifier: 23:E2:2F:8B:DE:DC:BE:19:BB:33:FC:E1:4F:C1:DB:6A:E3:A4:0E:90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-Ivi97cvhm7M_zhT8HbauOkDpA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/0fY2-frVSg1jq699GFwRUoCBlNc.roa Signing time: Thu 01 Jan 2026 22:18:21 +0000 ROA not before: Thu 01 Jan 2026 22:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207143 IP address blocks: 213.167.224.0/24 maxlen: 24 213.167.225.0/24 maxlen: 24 213.167.226.0/24 maxlen: 24 213.167.227.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/I-Ivi97cvhm7M_zhT8HbauOkDpA.crl rsync://rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/I-Ivi97cvhm7M_zhT8HbauOkDpA.mft rsync://rpki.ripe.net/repository/DEFAULT/I-Ivi97cvhm7M_zhT8HbauOkDpA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:f6:01:46:60:c3:4c:ad:52:73:a3:cd:06:78:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=23e22f8bdedcbe19bb33fce14fc1db6ae3a40e90 Validity Not Before: Jan 1 22:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d1f636f9fad54a0d63abaf7d185c1152808194d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:cf:20:cb:6f:5b:3c:34:d8:d5:6f:84:ed:d7: 8b:cb:0c:52:a7:53:a9:c3:95:2e:db:c2:b1:42:3c: bc:7c:11:22:83:93:9c:94:77:96:d1:8d:e8:48:94: 44:ae:13:96:31:18:03:99:a5:98:da:ef:65:b4:35: c8:52:7e:08:79:c3:3f:7c:0c:39:10:ba:e3:27:d1: 75:a5:10:0a:74:fa:a6:c2:4e:ce:5b:97:20:fd:29: 76:1a:91:9a:68:0e:78:24:ae:59:20:41:7b:4c:21: af:c5:d3:41:b8:3d:0c:a8:b0:d6:6e:de:dd:1e:83: d5:08:dc:fb:8b:47:0b:3c:27:14:7c:72:4e:e2:39: 65:48:e4:18:62:ce:f8:7a:86:d1:22:c3:b7:ea:dd: d8:bc:71:3e:97:e8:58:05:77:c2:1c:78:a4:31:12: d3:47:dc:40:cf:c8:e1:08:4e:e6:f8:aa:2b:db:17: 43:a7:f2:51:39:4e:55:31:f0:6f:7c:5f:9d:8e:28: 18:29:c0:03:ba:b7:73:92:d8:0b:76:7d:9e:c6:e9: df:c7:d2:ec:ce:2d:26:7b:45:cc:bf:81:0b:42:3a: 61:f2:20:c7:4a:37:4a:ac:49:42:8b:63:4f:c4:39: 5f:89:32:2b:dc:8d:d9:8f:ad:85:73:a6:43:04:91: 59:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:F6:36:F9:FA:D5:4A:0D:63:AB:AF:7D:18:5C:11:52:80:81:94:D7 X509v3 Authority Key Identifier: keyid:23:E2:2F:8B:DE:DC:BE:19:BB:33:FC:E1:4F:C1:DB:6A:E3:A4:0E:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-Ivi97cvhm7M_zhT8HbauOkDpA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/0fY2-frVSg1jq699GFwRUoCBlNc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/I-Ivi97cvhm7M_zhT8HbauOkDpA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.167.224.0/22 Signature Algorithm: sha256WithRSAEncryption cc:68:ee:8c:c2:7e:d8:63:2c:59:cf:1d:66:49:c6:da:7a:b0: b4:49:44:93:eb:48:5e:a9:2e:d2:ef:b7:8c:d6:67:bd:d0:94: 23:e3:b2:e8:a1:65:98:e8:94:46:ca:39:be:a4:10:5f:0e:33: 47:fc:d0:99:e6:32:4e:05:0c:27:28:cc:49:b7:10:c4:4d:70: 87:ae:5b:e4:84:44:0d:f2:cd:1f:39:50:aa:08:e1:1d:c0:d2: 80:a7:28:ec:2d:86:7d:38:9f:61:aa:16:5d:f4:cd:b4:b0:1c: fe:06:a1:c0:0c:12:bd:e9:c1:95:6d:e6:08:c3:b6:52:f4:2b: 45:79:38:45:6e:c8:5c:af:26:cb:98:8a:77:a6:4b:a5:33:7e: 69:0f:e6:ab:87:1c:8e:07:0b:33:61:ff:fe:20:84:02:73:51: 5b:ff:fe:56:92:96:d1:e4:12:b2:a6:3d:6a:30:c4:e6:00:71: aa:05:f7:f1:1a:a9:c5:08:9b:34:4a:43:ff:74:e2:d7:ed:cc: bf:0a:9e:53:80:29:60:c8:67:1e:e3:88:ab:58:0f:f9:2c:01: f0:5d:14:b5:0a:c6:71:a8:57:c1:05:31:01:af:7c:19:63:c7: b6:c1:03:f4:82:03:2a:d5:36:5f:c9:9b:1d:b4:3c:9e:3b:ce: 8a:d0:37:56 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7o/YBRmDDTK1Sc6PNBngzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzZTIyZjhiZGVkY2JlMTliYjMzZmNlMTRmYzFkYjZhZTNh NDBlOTAwHhcNMjYwMTAxMjIxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMWY2MzZmOWZhZDU0YTBkNjNhYmFmN2QxODVjMTE1MjgwODE5NGQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr88gy29bPDTY1W+E7deLywxSp1Op w5Uu28KxQjy8fBEig5OclHeW0Y3oSJRErhOWMRgDmaWY2u9ltDXIUn4IecM/fAw5 ELrjJ9F1pRAKdPqmwk7OW5cg/Sl2GpGaaA54JK5ZIEF7TCGvxdNBuD0MqLDWbt7d HoPVCNz7i0cLPCcUfHJO4jllSOQYYs74eobRIsO36t3YvHE+l+hYBXfCHHikMRLT R9xAz8jhCE7m+Kor2xdDp/JROU5VMfBvfF+djigYKcADurdzktgLdn2exunfx9Ls zi0me0XMv4ELQjph8iDHSjdKrElCi2NPxDlfiTIr3I3Zj62Fc6ZDBJFZPQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNH2Nvn61UoNY6uvfRhcEVKAgZTXMB8GA1UdIwQY MBaAFCPiL4ve3L4ZuzP84U/B22rjpA6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSS1Jdmk5N2N2aG03TV96aFQ4SGJhdU9rRHBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lNmEwZGItYzc2Ni00OTkxLWI3MmMt NzRiZDA0NWIyYWY3LzEvMGZZMi1mclZTZzFqcTY5OUdGd1JVb0NCbE5jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNi9lNmEwZGItYzc2Ni00OTkxLWI3MmMtNzRiZDA0NWIyYWY3 LzEvSS1Jdmk5N2N2aG03TV96aFQ4SGJhdU9rRHBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1afgMA0G CSqGSIb3DQEBCwUAA4IBAQDMaO6Mwn7YYyxZzx1mScbaerC0SUST60heqS7S77eM 1me90JQj47LooWWY6JRGyjm+pBBfDjNH/NCZ5jJOBQwnKMxJtxDETXCHrlvkhEQN 8s0fOVCqCOEdwNKApyjsLYZ9OJ9hqhZd9M20sBz+BqHADBK96cGVbeYIw7ZS9CtF eThFbshcrybLmIp3pkulM35pD+arhxyOBwszYf/+IIQCc1Fb//5WkpbR5BKypj1q MMTmAHGqBffxGqnFCJs0SkP/dOLX7cy/Cp5TgClgyGce44irWA/5LAHwXRS1CsZx qFfBBTEBr3wZY8e2wQP0ggMq1TZfyZsdtDyeO86K0DdW -----END CERTIFICATE-----Generated at Mon Jan 26 06:56:25 2026 by rpki-client