This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/IHxGZu_O4SFl3mCd8QYX5eqd12E.roa File: IHxGZu_O4SFl3mCd8QYX5eqd12E.roa (raw, json) Hash identifier: 1i0b2nBfdKjb8NkkxZHECgejSLN+yW+3HQmhrGhzeOI= Subject key identifier: 20:7C:46:66:EF:CE:E1:21:65:DE:60:9D:F1:06:17:E5:EA:9D:D7:61 Certificate issuer: /CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099 Certificate serial: 019B7F84F9CD0B9F5717615C4DD55BCAC890 Authority key identifier: 55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/IHxGZu_O4SFl3mCd8QYX5eqd12E.roa Signing time: Fri 02 Jan 2026 16:22:59 +0000 ROA not before: Fri 02 Jan 2026 16:22:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215568 IP address blocks: 2a13:cd40::/29 maxlen: 30 2a13:cd40::/30 maxlen: 30 2a13:cd44::/30 maxlen: 30 2a13:d340::/29 maxlen: 29 2a13:d840::/29 maxlen: 29 2a13:e140::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.mft rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:f9:cd:0b:9f:57:17:61:5c:4d:d5:5b:ca:c8:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5524b2e26dd3afcc5c1eac01f90263d201fbe099 Validity Not Before: Jan 2 16:22:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=207c4666efcee12165de609df10617e5ea9dd761 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:5c:f4:20:e3:60:a2:d6:a8:1c:09:5d:86:00: 5a:bd:8c:e8:d1:af:88:ce:08:e0:6b:c3:af:09:7a: be:b5:9b:69:1f:12:87:24:79:3e:46:bc:0a:f0:7f: 05:5b:34:09:a5:4c:60:06:65:a6:69:6f:03:7c:7c: fb:fb:e5:97:e6:e4:a1:a1:c7:a8:b3:58:92:d7:b5: b1:e6:23:4a:30:2f:74:86:67:3f:82:01:ff:48:a2: a4:65:e8:e4:09:de:61:70:0f:8e:f9:44:9e:3d:10: c1:73:fa:2c:38:a7:38:34:82:ed:3b:7c:1f:f1:31: 74:28:ca:48:03:a4:56:38:73:46:f3:ca:0a:9d:0d: dc:e2:f3:8a:98:7b:61:83:8d:75:54:25:6d:0d:a5: 42:eb:7a:f7:9b:6a:ab:db:63:7c:5e:e3:a8:3a:d6: 93:d1:7f:05:d7:e1:61:ba:18:2c:d8:45:4f:46:cc: 79:48:2c:62:b7:5d:22:9b:67:61:eb:06:dd:65:a1: 59:6c:19:7d:38:29:a8:6c:92:6d:cf:f5:09:fb:5f: d4:bd:ce:b6:fc:a1:07:dd:14:fb:16:cd:1a:c7:e2: 2e:ac:ac:4f:24:64:93:b5:0f:cb:ee:3f:65:ac:ce: 5f:8d:ce:a3:32:cf:71:3a:f2:bc:b1:85:22:72:88: f2:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:7C:46:66:EF:CE:E1:21:65:DE:60:9D:F1:06:17:E5:EA:9D:D7:61 X509v3 Authority Key Identifier: keyid:55:24:B2:E2:6D:D3:AF:CC:5C:1E:AC:01:F9:02:63:D2:01:FB:E0:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/IHxGZu_O4SFl3mCd8QYX5eqd12E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/143392-d868-4a26-8543-3aa2227badfe/1/VSSy4m3Tr8xcHqwB-QJj0gH74Jk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:cd40::/29 2a13:d340::/29 2a13:d840::/29 2a13:e140::/29 Signature Algorithm: sha256WithRSAEncryption 12:fa:7e:bc:55:c3:e5:28:b0:d3:e6:31:b5:e0:71:49:2f:e5: c7:e2:64:3e:23:d7:58:50:a6:b2:8e:01:f1:92:b3:2f:34:7c: e0:71:31:8d:09:51:5a:f6:57:9c:79:da:e2:1c:3e:36:a1:8b: 62:d0:33:d0:e0:c4:fc:7f:00:50:6f:8f:d6:cf:49:49:b7:92: e4:d3:5c:85:4a:87:4a:f8:79:4a:22:01:30:d0:59:17:54:4a: b4:da:b1:3c:0b:ee:ec:57:a2:a0:d4:ae:0c:78:82:fa:b6:bb: 8b:26:06:da:40:4d:3e:69:4d:44:aa:72:27:d0:79:5a:4b:cb: 7c:9f:08:8b:ed:3f:7e:a5:87:7f:4f:21:c8:81:bc:66:3b:e5: c4:fc:33:a1:8b:5c:ed:be:03:96:7d:7b:58:2f:a7:63:ad:9f: c8:55:f5:cb:80:9a:de:4b:cf:ee:78:e4:35:14:e3:3c:31:e9: d1:ae:47:b2:30:0c:c2:52:24:ff:7e:03:f5:9e:55:dd:3c:93: ee:5b:e7:3b:3f:f0:20:96:ab:08:c6:c1:f4:4c:ff:4e:49:6a: f8:74:fb:49:51:f1:1c:a2:fb:8b:08:f7:5d:43:79:93:fb:fc: f8:7d:5d:72:99:1d:3d:58:68:58:08:e1:3a:93:10:cb:b3:0a: 65:67:5e:29 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt/hPnNC59XF2FcTdVbysiQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU1MjRiMmUyNmRkM2FmY2M1YzFlYWMwMWY5MDI2M2QyMDFm YmUwOTkwHhcNMjYwMTAyMTYyMjU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMDdjNDY2NmVmY2VlMTIxNjVkZTYwOWRmMTA2MTdlNWVhOWRkNzYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Vz0IONgotaoHAldhgBavYzo0a+I zgjga8OvCXq+tZtpHxKHJHk+RrwK8H8FWzQJpUxgBmWmaW8DfHz7++WX5uShoceo s1iS17Wx5iNKMC90hmc/ggH/SKKkZejkCd5hcA+O+USePRDBc/osOKc4NILtO3wf 8TF0KMpIA6RWOHNG88oKnQ3c4vOKmHthg411VCVtDaVC63r3m2qr22N8XuOoOtaT 0X8F1+Fhuhgs2EVPRsx5SCxit10im2dh6wbdZaFZbBl9OCmobJJtz/UJ+1/Uvc62 /KEH3RT7Fs0ax+IurKxPJGSTtQ/L7j9lrM5fjc6jMs9xOvK8sYUicojyewIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFCB8RmbvzuEhZd5gnfEGF+XqnddhMB8GA1UdIwQY MBaAFFUksuJt06/MXB6sAfkCY9IB++CZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMt M2FhMjIyN2JhZGZlLzEvSUh4R1p1X080U0ZsM21DZDhRWVg1ZXFkMTJFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS8xNDMzOTItZDg2OC00YTI2LTg1NDMtM2FhMjIyN2JhZGZl LzEvVlNTeTRtM1RyOHhjSHF3Qi1RSmowZ0g3NEprLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKhPNQAMF AyoT00ADBQMqE9hAAwUDKhPhQDANBgkqhkiG9w0BAQsFAAOCAQEAEvp+vFXD5Siw 0+YxteBxSS/lx+JkPiPXWFCmso4B8ZKzLzR84HExjQlRWvZXnHna4hw+NqGLYtAz 0ODE/H8AUG+P1s9JSbeS5NNchUqHSvh5SiIBMNBZF1RKtNqxPAvu7FeioNSuDHiC +ra7iyYG2kBNPmlNRKpyJ9B5WkvLfJ8Ii+0/fqWHf08hyIG8ZjvlxPwzoYtc7b4D ln17WC+nY62fyFX1y4Ca3kvP7njkNRTjPDHp0a5HsjAMwlIk/34D9Z5V3TyT7lvn Oz/wIJarCMbB9Ez/Tklq+HT7SVHxHKL7iwj3XUN5k/v8+H1dcpkdPVhoWAjhOpMQ y7MKZWdeKQ== -----END CERTIFICATE-----Generated at Sun Jan 25 20:47:37 2026 by rpki-client