This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/IBksnf3WkTvoF5rkP1mUy15812I.roa File: IBksnf3WkTvoF5rkP1mUy15812I.roa (raw, json) Hash identifier: HD4RkTmAf3uLEci/QM2BCfZRy1s1DoklxIvLjDBwxb4= Subject key identifier: 20:19:2C:9D:FD:D6:91:3B:E8:17:9A:E4:3F:59:94:CB:5E:7C:D7:62 Certificate issuer: /CN=a20cc67154b403145d139469886127ab629eb928 Certificate serial: 019B7C802780212E463F257899FD4A764E1A Authority key identifier: A2:0C:C6:71:54:B4:03:14:5D:13:94:69:88:61:27:AB:62:9E:B9:28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/IBksnf3WkTvoF5rkP1mUy15812I.roa Signing time: Fri 02 Jan 2026 02:18:52 +0000 ROA not before: Fri 02 Jan 2026 02:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216306 IP address blocks: 50.21.28.0/22 maxlen: 22 50.21.28.0/24 maxlen: 24 50.21.29.0/24 maxlen: 24 50.21.30.0/24 maxlen: 24 50.21.31.0/24 maxlen: 24 91.208.118.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.mft rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 17:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:27:80:21:2e:46:3f:25:78:99:fd:4a:76:4e:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a20cc67154b403145d139469886127ab629eb928 Validity Not Before: Jan 2 02:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=20192c9dfdd6913be8179ae43f5994cb5e7cd762 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:42:b3:77:bd:66:6a:48:88:07:aa:ea:ff:da: d0:de:7b:22:81:91:31:83:f7:6a:9a:d0:30:86:e8: 43:7f:30:23:c9:dd:e2:92:74:36:3f:de:f7:df:91: 2f:cc:41:41:e4:03:f4:4e:13:81:f8:91:f6:b0:ee: 45:e2:b1:91:32:8c:06:7f:e4:81:00:e8:d4:ac:32: bd:6d:c8:e2:c1:d1:e2:27:00:55:f3:3e:db:4b:81: df:8d:5c:74:4e:5a:41:64:5a:05:ce:83:13:14:7d: 28:90:91:a9:9b:8d:c6:58:4d:5b:68:6a:94:9a:11: 9a:30:a9:c7:77:59:66:38:5d:62:f7:01:51:4e:a9: d0:6d:e2:1c:9e:8a:d3:eb:df:ac:94:8b:65:09:c1: d1:99:1f:ea:64:b6:52:f8:59:fb:76:84:5d:ee:6f: 74:91:f8:c3:4e:74:7b:36:61:b5:7c:57:c9:ff:bb: 73:d1:e6:e6:41:78:bd:3d:f8:f2:a6:e7:d7:c8:b9: e2:d7:9b:15:4d:74:95:42:bf:67:29:80:6c:56:8d: f2:0c:80:98:70:53:26:09:5a:f1:f2:71:49:f4:04: 0b:28:27:30:52:bb:b4:4f:25:e1:10:79:ec:18:8a: 63:75:85:ab:db:0d:af:38:63:6d:83:f6:79:94:d0: 84:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:19:2C:9D:FD:D6:91:3B:E8:17:9A:E4:3F:59:94:CB:5E:7C:D7:62 X509v3 Authority Key Identifier: keyid:A2:0C:C6:71:54:B4:03:14:5D:13:94:69:88:61:27:AB:62:9E:B9:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogzGcVS0AxRdE5RpiGEnq2KeuSg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/IBksnf3WkTvoF5rkP1mUy15812I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/dd8878-2941-4c15-b204-8fc33737ceab/1/ogzGcVS0AxRdE5RpiGEnq2KeuSg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 50.21.28.0/22 91.208.118.0/24 Signature Algorithm: sha256WithRSAEncryption 50:b9:c6:79:17:9c:7d:f5:4c:f1:a9:4d:c6:17:10:42:35:c3: 71:53:ea:dc:ed:bf:29:a3:1e:ba:02:09:6b:11:28:0c:1d:4b: d8:67:c8:8e:60:39:22:7d:2a:99:a3:29:5f:fc:cd:aa:6e:5f: fb:d9:09:94:a4:cb:57:7e:b3:52:76:05:5a:b2:3d:7e:19:64: 4b:16:c8:61:0b:7f:6c:33:2d:03:09:79:b0:cc:b7:b6:b8:29: 5c:ff:73:05:8f:4e:02:10:b4:c8:76:e8:0a:58:b2:93:22:de: 95:2c:34:25:25:5a:19:3d:0d:7e:4a:05:a4:96:9d:97:ae:8e: 87:3d:cd:2c:10:28:1a:26:f2:ba:27:87:4e:cf:5f:b3:bd:84: f9:0a:04:c1:ef:b3:69:0b:36:6a:7d:79:a6:18:a3:22:61:5c: e3:30:d5:7a:6c:55:b3:1d:67:e8:dd:0e:29:88:21:85:3e:02: 0a:c8:99:6e:d1:02:d3:94:b1:85:d6:e9:ec:a6:ae:5d:4f:b3: 99:c2:fd:08:a5:b8:fd:f2:26:12:c0:cd:65:70:15:06:c4:4c: b5:cc:ad:db:c8:de:c0:14:5a:80:ef:da:8a:6e:d2:44:08:a9: 0a:26:d9:2a:ff:fe:12:b2:fd:27:64:6b:e7:0e:56:cc:df:01: 29:e5:06:74 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8gCeAIS5GPyV4mf1Kdk4aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEyMGNjNjcxNTRiNDAzMTQ1ZDEzOTQ2OTg4NjEyN2FiNjI5 ZWI5MjgwHhcNMjYwMTAyMDIxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMDE5MmM5ZGZkZDY5MTNiZTgxNzlhZTQzZjU5OTRjYjVlN2NkNzYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEKzd71makiIB6rq/9rQ3nsigZEx g/dqmtAwhuhDfzAjyd3iknQ2P97335EvzEFB5AP0ThOB+JH2sO5F4rGRMowGf+SB AOjUrDK9bcjiwdHiJwBV8z7bS4HfjVx0TlpBZFoFzoMTFH0okJGpm43GWE1baGqU mhGaMKnHd1lmOF1i9wFRTqnQbeIcnorT69+slItlCcHRmR/qZLZS+Fn7doRd7m90 kfjDTnR7NmG1fFfJ/7tz0ebmQXi9PfjypufXyLni15sVTXSVQr9nKYBsVo3yDICY cFMmCVrx8nFJ9AQLKCcwUru0TyXhEHnsGIpjdYWr2w2vOGNtg/Z5lNCEowIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCAZLJ391pE76Bea5D9ZlMtefNdiMB8GA1UdIwQY MBaAFKIMxnFUtAMUXROUaYhhJ6tinrkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kZDg4NzgtMjk0MS00YzE1LWIyMDQt OGZjMzM3MzdjZWFiLzEvSUJrc25mM1drVHZvRjVya1AxbVV5MTU4MTJJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS9kZDg4NzgtMjk0MS00YzE1LWIyMDQtOGZjMzM3MzdjZWFi LzEvb2d6R2NWUzBBeFJkRTVScGlHRW5xMktldVNnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCMhUcAwQA W9B2MA0GCSqGSIb3DQEBCwUAA4IBAQBQucZ5F5x99UzxqU3GFxBCNcNxU+rc7b8p ox66AglrESgMHUvYZ8iOYDkifSqZoylf/M2qbl/72QmUpMtXfrNSdgVasj1+GWRL FshhC39sMy0DCXmwzLe2uClc/3MFj04CELTIdugKWLKTIt6VLDQlJVoZPQ1+SgWk lp2Xro6HPc0sECgaJvK6J4dOz1+zvYT5CgTB77NpCzZqfXmmGKMiYVzjMNV6bFWz HWfo3Q4piCGFPgIKyJlu0QLTlLGF1unspq5dT7OZwv0Ipbj98iYSwM1lcBUGxEy1 zK3byN7AFFqA79qKbtJECKkKJtkq//4Ssv0nZGvnDlbM3wEp5QZ0 -----END CERTIFICATE-----Generated at Mon Jan 26 03:07:19 2026 by rpki-client