This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/Icxh7ran8QEFrFaor03QcMoTvV8.roa File: Icxh7ran8QEFrFaor03QcMoTvV8.roa (raw, json) Hash identifier: MFrKxNDqc3uJ1yrSEp7TKqH0r5nZYxDEls6DmflezRU= Subject key identifier: 21:CC:61:EE:B6:A7:F1:01:05:AC:56:A8:AF:4D:D0:70:CA:13:BD:5F Certificate issuer: /CN=d39123880f427446d5ff07cef9633e86dc49198d Certificate serial: 019B7F15D276B33421161BAEBD7215DB0EF1 Authority key identifier: D3:91:23:88:0F:42:74:46:D5:FF:07:CE:F9:63:3E:86:DC:49:19:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/05EjiA9CdEbV_wfO-WM-htxJGY0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/Icxh7ran8QEFrFaor03QcMoTvV8.roa Signing time: Fri 02 Jan 2026 14:21:35 +0000 ROA not before: Fri 02 Jan 2026 14:21:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210792 IP address blocks: 45.153.76.0/23 maxlen: 23 158.255.79.0/24 maxlen: 24 2a11:ba80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/05EjiA9CdEbV_wfO-WM-htxJGY0.crl rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/05EjiA9CdEbV_wfO-WM-htxJGY0.mft rsync://rpki.ripe.net/repository/DEFAULT/05EjiA9CdEbV_wfO-WM-htxJGY0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:d2:76:b3:34:21:16:1b:ae:bd:72:15:db:0e:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d39123880f427446d5ff07cef9633e86dc49198d Validity Not Before: Jan 2 14:21:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21cc61eeb6a7f10105ac56a8af4dd070ca13bd5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:b6:69:9f:d2:ae:92:6a:c9:74:19:59:23:ae: 4e:dd:36:74:08:26:a8:8e:2d:d1:14:2a:bb:90:f9: 27:bc:02:1d:bd:14:de:15:8b:ff:6e:83:d7:63:12: 85:bf:18:3b:43:f3:4c:a1:15:20:a8:c3:75:87:0b: a9:dc:a2:ee:d7:dd:0e:c7:8f:7d:3e:fe:34:3e:4f: d3:f6:be:1c:22:39:59:0c:0f:07:d3:f8:61:a2:83: 8d:9c:6f:bc:ba:8b:89:97:70:42:a9:c2:e4:d9:eb: 90:3a:22:51:cb:ba:ea:0d:c6:72:98:aa:c4:a8:86: bc:96:6f:c7:9c:a6:25:eb:37:04:4f:59:10:38:79: 9c:61:cd:13:8f:33:fa:06:37:53:70:70:cc:bf:fa: 59:ba:93:2e:9f:0f:d1:62:da:20:3f:42:90:ca:0d: b3:8a:d5:2a:0a:81:56:6f:07:65:a8:1c:5d:48:ca: 35:74:1e:b4:f9:87:ff:94:cc:22:77:ae:48:f2:34: fe:bc:44:f2:2e:2c:b1:41:f3:ae:30:ab:20:de:85: d7:51:f1:16:bb:85:23:d1:91:df:9c:77:0b:5e:9b: 64:96:12:8f:1a:17:e0:53:ba:9c:3e:23:bd:d8:d8: 69:59:42:b7:57:d5:64:61:8b:f6:a2:a6:e1:15:48: f6:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:CC:61:EE:B6:A7:F1:01:05:AC:56:A8:AF:4D:D0:70:CA:13:BD:5F X509v3 Authority Key Identifier: keyid:D3:91:23:88:0F:42:74:46:D5:FF:07:CE:F9:63:3E:86:DC:49:19:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/05EjiA9CdEbV_wfO-WM-htxJGY0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/Icxh7ran8QEFrFaor03QcMoTvV8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/661b84-114d-4929-b684-cca0ad2685ca/1/05EjiA9CdEbV_wfO-WM-htxJGY0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.153.76.0/23 158.255.79.0/24 IPv6: 2a11:ba80::/29 Signature Algorithm: sha256WithRSAEncryption 43:84:b7:5b:7c:6b:ba:4f:85:1d:6b:db:60:1a:ff:4e:b8:a8: 42:ee:90:7c:c0:a4:82:8c:7b:f7:60:d9:f8:11:b9:d5:ae:16: 99:27:65:53:a5:aa:87:ba:bc:cc:6e:ea:2c:44:28:f3:69:01: 24:77:e8:a2:d4:b9:45:09:1b:2b:cb:cc:47:6a:c3:4a:2e:39: 95:c9:b9:f7:57:df:30:40:69:0c:f3:84:d0:94:01:e1:d3:84: 4f:79:9d:a5:62:1a:a0:11:44:30:3e:f6:1e:74:d4:54:f3:a7: 6c:2e:f7:58:5c:2b:10:d0:ee:30:1d:ba:a4:19:12:ae:75:fd: f0:72:80:6d:8c:f5:22:af:c1:aa:ca:14:4a:f1:1b:e1:4b:18: 27:4b:6e:44:9a:0c:e6:8a:4b:b3:ce:11:90:c5:68:8d:a9:b8: 57:5e:00:c3:1a:78:65:1c:34:c3:5b:28:ea:67:41:60:b5:8b: e4:c3:b0:14:aa:a0:12:e7:a0:4f:6f:a5:f9:11:9d:27:04:cc: 30:e2:fe:d7:25:33:59:44:51:5c:a4:88:64:76:2b:b4:2e:0d: 70:d8:6c:10:9f:02:6f:ad:7a:9e:a3:bb:51:55:74:f2:84:15: 6c:fb:7f:c1:44:6f:cc:42:e1:4e:2e:e0:e7:c0:14:4b:93:41: 7a:63:e0:c2 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/FdJ2szQhFhuuvXIV2w7xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzOTEyMzg4MGY0Mjc0NDZkNWZmMDdjZWY5NjMzZTg2ZGM0 OTE5OGQwHhcNMjYwMTAyMTQyMTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMWNjNjFlZWI2YTdmMTAxMDVhYzU2YThhZjRkZDA3MGNhMTNiZDVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrZpn9KukmrJdBlZI65O3TZ0CCao ji3RFCq7kPknvAIdvRTeFYv/boPXYxKFvxg7Q/NMoRUgqMN1hwup3KLu190Ox499 Pv40Pk/T9r4cIjlZDA8H0/hhooONnG+8uouJl3BCqcLk2euQOiJRy7rqDcZymKrE qIa8lm/HnKYl6zcET1kQOHmcYc0TjzP6BjdTcHDMv/pZupMunw/RYtogP0KQyg2z itUqCoFWbwdlqBxdSMo1dB60+Yf/lMwid65I8jT+vETyLiyxQfOuMKsg3oXXUfEW u4Uj0ZHfnHcLXptklhKPGhfgU7qcPiO92NhpWUK3V9VkYYv2oqbhFUj2CQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFCHMYe62p/EBBaxWqK9N0HDKE71fMB8GA1UdIwQY MBaAFNORI4gPQnRG1f8HzvljPobcSRmNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDVFamlBOUNkRWJWX3dmTy1XTS1odHhKR1kwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS82NjFiODQtMTE0ZC00OTI5LWI2ODQt Y2NhMGFkMjY4NWNhLzEvSWN4aDdyYW44UUVGckZhb3IwM1FjTW9UdlY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS82NjFiODQtMTE0ZC00OTI5LWI2ODQtY2NhMGFkMjY4NWNh LzEvMDVFamlBOUNkRWJWX3dmTy1XTS1odHhKR1kwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLZlMAwQA nv9PMA0EAgACMAcDBQMqEbqAMA0GCSqGSIb3DQEBCwUAA4IBAQBDhLdbfGu6T4Ud a9tgGv9OuKhC7pB8wKSCjHv3YNn4EbnVrhaZJ2VTpaqHurzMbuosRCjzaQEkd+ii 1LlFCRsry8xHasNKLjmVybn3V98wQGkM84TQlAHh04RPeZ2lYhqgEUQwPvYedNRU 86dsLvdYXCsQ0O4wHbqkGRKudf3wcoBtjPUir8GqyhRK8RvhSxgnS25Emgzmikuz zhGQxWiNqbhXXgDDGnhlHDTDWyjqZ0FgtYvkw7AUqqAS56BPb6X5EZ0nBMww4v7X JTNZRFFcpIhkdiu0Lg1w2GwQnwJvrXqeo7tRVXTyhBVs+3/BRG/MQuFOLuDnwBRL k0F6Y+DC -----END CERTIFICATE-----Generated at Sun Jan 11 07:52:49 2026 by rpki-client