This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/I2tNxhGFF35MT6ATAQ34a1mldMA.roa File: I2tNxhGFF35MT6ATAQ34a1mldMA.roa (raw, json) Hash identifier: aCwLuTKx+lT5TRi4XqsraXtHCM8YuZl8sxF9wyX0Vvo= Subject key identifier: 23:6B:4D:C6:11:85:17:7E:4C:4F:A0:13:01:0D:F8:6B:59:A5:74:C0 Certificate issuer: /CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c Certificate serial: 019B7AC8EBD5587C26EC7F8E25754A78D9A4 Authority key identifier: 5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/I2tNxhGFF35MT6ATAQ34a1mldMA.roa Signing time: Thu 01 Jan 2026 18:19:06 +0000 ROA not before: Thu 01 Jan 2026 18:19:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197902 IP address blocks: 141.138.172.0/22 maxlen: 22 2a03:3c00:c000::/34 maxlen: 34 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.mft rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 03:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:eb:d5:58:7c:26:ec:7f:8e:25:75:4a:78:d9:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5f5980132d193e270ed1efe0ad2849fe8ab0d76c Validity Not Before: Jan 1 18:19:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=236b4dc61185177e4c4fa013010df86b59a574c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:aa:c7:d2:f5:9a:b6:7b:8f:b7:86:15:b4:de: b2:49:b5:b8:7c:7f:3c:be:9c:7b:0b:af:a7:00:cf: 41:4f:71:11:80:4c:9a:95:d7:bb:0e:7d:5b:fa:27: 38:81:c7:d3:80:99:1c:12:06:9c:76:d7:35:1d:36: 5f:21:c1:aa:d9:41:9a:af:6e:91:13:b1:9a:4b:d9: 00:a8:48:1d:b5:45:a9:56:51:93:2b:8a:14:85:6d: f7:b9:66:ef:7b:86:0d:e4:8a:ff:27:57:18:3a:3e: 2a:c2:03:db:5c:11:8f:98:b0:71:3b:12:6f:2a:20: 09:21:eb:2f:f2:de:b8:eb:8d:16:e9:b6:7a:f5:e9: db:77:34:8e:61:86:f2:ca:b9:42:9f:50:6c:4c:28: aa:0e:03:58:1e:4f:ef:5e:ef:3b:eb:13:5e:e4:a8: 72:47:df:b7:2a:8b:4d:b4:5b:76:41:0a:8a:18:b4: 17:08:dd:24:66:92:f9:b9:a4:18:14:5c:79:47:eb: 3c:71:02:6b:95:e1:16:4b:18:b4:52:b6:b2:43:36: ca:bb:6e:86:18:d3:0c:7d:d7:36:53:a6:de:97:50: 74:01:df:96:8a:58:37:75:13:6c:b5:5c:6e:38:81: 41:ff:f6:79:92:d8:55:7d:f9:24:da:7a:06:f8:e9: a1:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:6B:4D:C6:11:85:17:7E:4C:4F:A0:13:01:0D:F8:6B:59:A5:74:C0 X509v3 Authority Key Identifier: keyid:5F:59:80:13:2D:19:3E:27:0E:D1:EF:E0:AD:28:49:FE:8A:B0:D7:6C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X1mAEy0ZPicO0e_grShJ_oqw12w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/I2tNxhGFF35MT6ATAQ34a1mldMA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/aa8ac8-13b8-4197-be56-1e1de91a987c/1/X1mAEy0ZPicO0e_grShJ_oqw12w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.138.172.0/22 IPv6: 2a03:3c00:c000::/34 Signature Algorithm: sha256WithRSAEncryption 18:7f:78:5d:ba:46:0a:7e:a1:ad:b8:0b:c2:29:78:1d:f6:a5: 9e:71:06:69:40:25:55:26:a7:96:00:c3:b8:28:49:8b:7f:8f: ba:b9:38:2e:a4:23:35:20:d9:de:25:b8:39:7c:16:0f:d2:81: 19:7b:36:ab:54:b7:84:9b:73:a6:5d:4b:f1:77:d7:6c:69:09: 10:60:9d:93:1f:d6:c7:39:9f:15:c1:24:a9:96:55:84:e2:92: 94:aa:ca:50:47:04:1c:ba:ef:e0:29:3c:df:56:a2:64:79:4e: 65:0e:7d:59:3b:ad:35:dd:bf:7f:3e:f9:bb:d8:e0:71:f8:31: b1:18:2f:ec:7a:a9:e3:fd:e0:e4:a7:0d:f8:08:88:87:e1:4f: c2:2b:64:67:4f:d2:62:74:f6:51:d4:10:23:c8:37:fe:3f:87: 12:8a:9b:ec:e6:29:e8:88:f5:cb:24:4a:e9:82:b4:3a:a0:71: 60:3b:6d:e7:b4:55:30:f1:2f:ac:93:ca:e8:50:ec:40:6b:b6: 64:6d:97:b9:51:95:2c:c8:fc:88:3f:fa:3f:6d:bd:4d:6d:7f: 90:33:95:5f:2f:28:55:22:6e:e3:bd:ae:7d:35:f7:79:e4:56: 3b:1c:fa:51:f1:e3:28:c1:50:19:e1:df:db:49:7f:b4:7b:fa: d1:1e:79:4a -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt6yOvVWHwm7H+OJXVKeNmkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVmNTk4MDEzMmQxOTNlMjcwZWQxZWZlMGFkMjg0OWZlOGFi MGQ3NmMwHhcNMjYwMTAxMTgxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMzZiNGRjNjExODUxNzdlNGM0ZmEwMTMwMTBkZjg2YjU5YTU3NGMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3qrH0vWatnuPt4YVtN6ySbW4fH88 vpx7C6+nAM9BT3ERgEyalde7Dn1b+ic4gcfTgJkcEgacdtc1HTZfIcGq2UGar26R E7GaS9kAqEgdtUWpVlGTK4oUhW33uWbve4YN5Ir/J1cYOj4qwgPbXBGPmLBxOxJv KiAJIesv8t64640W6bZ69enbdzSOYYbyyrlCn1BsTCiqDgNYHk/vXu876xNe5Khy R9+3KotNtFt2QQqKGLQXCN0kZpL5uaQYFFx5R+s8cQJrleEWSxi0UrayQzbKu26G GNMMfdc2U6bel1B0Ad+Wilg3dRNstVxuOIFB//Z5kthVffkk2noG+OmhRQIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFCNrTcYRhRd+TE+gEwEN+GtZpXTAMB8GA1UdIwQY MBaAFF9ZgBMtGT4nDtHv4K0oSf6KsNdsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYt MWUxZGU5MWE5ODdjLzEvSTJ0TnhoR0ZGMzVNVDZBVEFRMzRhMW1sZE1BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC9hYThhYzgtMTNiOC00MTk3LWJlNTYtMWUxZGU5MWE5ODdj LzEvWDFtQUV5MFpQaWNPMGVfZ3JTaEpfb3F3MTJ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCjYqsMA4E AgACMAgDBgYqAzwAwDANBgkqhkiG9w0BAQsFAAOCAQEAGH94XbpGCn6hrbgLwil4 HfalnnEGaUAlVSanlgDDuChJi3+Purk4LqQjNSDZ3iW4OXwWD9KBGXs2q1S3hJtz pl1L8XfXbGkJEGCdkx/WxzmfFcEkqZZVhOKSlKrKUEcEHLrv4Ck831aiZHlOZQ59 WTutNd2/fz75u9jgcfgxsRgv7Hqp4/3g5KcN+AiIh+FPwitkZ0/SYnT2UdQQI8g3 /j+HEoqb7OYp6Ij1yyRK6YK0OqBxYDtt57RVMPEvrJPK6FDsQGu2ZG2XuVGVLMj8 iD/6P229TW1/kDOVXy8oVSJu472ufTX3eeRWOxz6UfHjKMFQGeHf20l/tHv60R55 Sg== -----END CERTIFICATE-----Generated at Mon Jan 26 12:22:07 2026 by rpki-client