This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/iyx4iGSqz3YL_BqXzYoasBlGIOs.roa File: iyx4iGSqz3YL_BqXzYoasBlGIOs.roa (raw, json) Hash identifier: tcdJGjSX6zqPJW45F+GkjDvmD1FBoeYzAmLsGXVBq0c= Subject key identifier: 8B:2C:78:88:64:AA:CF:76:0B:FC:1A:97:CD:8A:1A:B0:19:46:20:EB Certificate issuer: /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2 Certificate serial: 019B7C12F87C21A394E1BCA247DC528A293B Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/iyx4iGSqz3YL_BqXzYoasBlGIOs.roa Signing time: Fri 02 Jan 2026 00:19:36 +0000 ROA not before: Fri 02 Jan 2026 00:19:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202314 IP address blocks: 139.28.206.0/24 maxlen: 24 2a06:1e86::/32 maxlen: 48 2a0d:1a41:cafe::/48 maxlen: 48 2a0d:1a45:666::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.mft rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 06:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:f8:7c:21:a3:94:e1:bc:a2:47:dc:52:8a:29:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2 Validity Not Before: Jan 2 00:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8b2c788864aacf760bfc1a97cd8a1ab0194620eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:9a:5c:10:61:76:17:6f:04:50:f0:c8:ef:be: 3f:ab:54:c8:53:80:8f:70:3c:90:42:c6:71:7a:b6: fd:1b:4b:36:7f:04:d3:c2:df:78:76:d5:64:47:ad: 45:5d:aa:8a:e5:2b:77:63:a0:fe:cb:a1:16:db:e6: cb:07:a0:be:e4:2b:8f:6e:e4:d1:56:61:14:b6:61: 6b:c8:b3:5d:11:10:01:32:68:e3:99:54:2e:94:35: b3:dd:92:7c:28:a4:2f:c4:57:e2:a7:4f:aa:e5:1b: 99:de:bd:56:00:c9:99:6a:3d:24:af:3f:1b:f3:43: 8f:fa:3f:29:98:59:4b:f0:29:74:46:b3:b2:2d:19: aa:69:44:19:31:9f:b6:f2:af:1c:16:49:bc:75:76: d4:ec:fc:b9:5d:c4:73:84:9c:95:e7:93:05:d6:81: e1:ca:9d:90:bc:26:1b:a9:55:20:66:c7:f3:72:41: 7e:a4:f6:2f:6d:78:7e:5c:ac:22:8e:02:a2:64:0d: fa:b9:b1:17:c0:76:fd:8a:0a:a6:c0:d5:65:72:4b: 0b:04:82:85:d5:5a:65:c7:f9:42:df:02:6c:75:90: 23:cf:02:2e:a9:cd:ed:eb:8a:02:5a:03:93:8c:d5: 83:6b:c4:b9:31:a4:ff:8c:92:34:b2:14:eb:5f:49: 03:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:2C:78:88:64:AA:CF:76:0B:FC:1A:97:CD:8A:1A:B0:19:46:20:EB X509v3 Authority Key Identifier: keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/iyx4iGSqz3YL_BqXzYoasBlGIOs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 139.28.206.0/24 IPv6: 2a06:1e86::/32 2a0d:1a41:cafe::/48 2a0d:1a45:666::/48 Signature Algorithm: sha256WithRSAEncryption 4a:8f:37:91:95:9c:a8:b3:58:2d:96:d8:7f:e0:9a:a6:bc:8d: d4:f3:01:9c:f9:a3:8f:4a:47:13:ad:5c:52:08:d3:1d:46:db: da:89:e5:ff:24:c4:67:38:30:69:71:d6:41:33:c1:b2:98:ae: 5e:46:de:84:2f:23:37:bc:9d:81:d0:2c:a2:69:34:30:77:30: 95:7b:70:83:8f:1d:cd:6a:63:28:c2:48:3a:b4:20:e6:ca:83: b1:f5:03:96:0f:e5:74:70:b6:ac:03:7e:2f:9f:67:49:e4:3c: 69:da:f5:5b:5f:13:9c:99:f3:46:2e:c5:cd:19:1c:a6:51:13: 0d:9e:50:11:aa:f2:ab:85:db:a9:5b:d7:a7:45:22:6d:f2:d8: 3c:e3:27:8c:27:4c:c4:bd:58:2d:a4:d4:54:47:d8:c4:b7:11: 89:1b:ed:bd:92:61:89:38:08:11:3c:34:77:96:f9:fa:5a:5b: 0c:f7:6a:e7:f6:5a:d2:ed:c9:82:26:a8:3f:b5:02:aa:27:5e: 25:84:57:db:5a:92:c9:ef:31:68:8d:17:6c:41:97:9b:80:d5: 8b:df:a0:92:ca:53:60:5d:a2:17:9f:79:d8:5c:93:44:d9:9f: 56:ba:31:4c:11:78:0b:ef:c0:c7:e5:d8:ab:34:6d:30:11:07: 22:0d:85:f4 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt8Evh8IaOU4byiR9xSiik7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm YTYyZDIwHhcNMjYwMTAyMDAxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YjJjNzg4ODY0YWFjZjc2MGJmYzFhOTdjZDhhMWFiMDE5NDYyMGViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJpcEGF2F28EUPDI774/q1TIU4CP cDyQQsZxerb9G0s2fwTTwt94dtVkR61FXaqK5St3Y6D+y6EW2+bLB6C+5CuPbuTR VmEUtmFryLNdERABMmjjmVQulDWz3ZJ8KKQvxFfip0+q5RuZ3r1WAMmZaj0krz8b 80OP+j8pmFlL8Cl0RrOyLRmqaUQZMZ+28q8cFkm8dXbU7Py5XcRzhJyV55MF1oHh yp2QvCYbqVUgZsfzckF+pPYvbXh+XKwijgKiZA36ubEXwHb9igqmwNVlcksLBIKF 1Vplx/lC3wJsdZAjzwIuqc3t64oCWgOTjNWDa8S5MaT/jJI0shTrX0kD8QIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFIsseIhkqs92C/wal82KGrAZRiDrMB8GA1UdIwQY MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt OTI4MTlkZThhMDM2LzEvaXl4NGlHU3F6M1lMX0JxWHpZb2FzQmxHSU9zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2 LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAMBAIAATAGAwQAixzOMB8E AgACMBkDBQAqBh6GAwcAKg0aQcr+AwcAKg0aRQZmMA0GCSqGSIb3DQEBCwUAA4IB AQBKjzeRlZyos1gtlth/4JqmvI3U8wGc+aOPSkcTrVxSCNMdRtvaieX/JMRnODBp cdZBM8GymK5eRt6ELyM3vJ2B0CyiaTQwdzCVe3CDjx3NamMowkg6tCDmyoOx9QOW D+V0cLasA34vn2dJ5Dxp2vVbXxOcmfNGLsXNGRymURMNnlARqvKrhdupW9enRSJt 8tg84yeMJ0zEvVgtpNRUR9jEtxGJG+29kmGJOAgRPDR3lvn6WlsM92rn9lrS7cmC Jqg/tQKqJ14lhFfbWpLJ7zFojRdsQZebgNWL36CSylNgXaIXn3nYXJNE2Z9WujFM EXgL78DH5dirNG0wEQciDYX0 -----END CERTIFICATE-----Generated at Wed Jan 7 15:53:11 2026 by rpki-client