This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/b678f5-557d-4b5d-aa50-9a4ff0137012/1/iTTifgK67L5ZMjUhnnWGGJHPaoc.roa File: iTTifgK67L5ZMjUhnnWGGJHPaoc.roa (raw, json) Hash identifier: dCrZAwxoBbmIZG/t8Yw3CUG+PJaqExvpsXDtPA11ABs= Subject key identifier: 89:34:E2:7E:02:BA:EC:BE:59:32:35:21:9E:75:86:18:91:CF:6A:87 Certificate issuer: /CN=977bfd99d35116f9c644194c36d9b646f73127c6 Certificate serial: 019B7D5B446B4FF1CC095B5277197321FCD8 Authority key identifier: 97:7B:FD:99:D3:51:16:F9:C6:44:19:4C:36:D9:B6:46:F7:31:27:C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l3v9mdNRFvnGRBlMNtm2RvcxJ8Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/b678f5-557d-4b5d-aa50-9a4ff0137012/1/iTTifgK67L5ZMjUhnnWGGJHPaoc.roa Signing time: Fri 02 Jan 2026 06:18:11 +0000 ROA not before: Fri 02 Jan 2026 06:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8820 IP address blocks: 2001:67c:1758::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/b678f5-557d-4b5d-aa50-9a4ff0137012/1/l3v9mdNRFvnGRBlMNtm2RvcxJ8Y.crl rsync://rpki.ripe.net/repository/DEFAULT/64/b678f5-557d-4b5d-aa50-9a4ff0137012/1/l3v9mdNRFvnGRBlMNtm2RvcxJ8Y.mft rsync://rpki.ripe.net/repository/DEFAULT/l3v9mdNRFvnGRBlMNtm2RvcxJ8Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 03:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:44:6b:4f:f1:cc:09:5b:52:77:19:73:21:fc:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=977bfd99d35116f9c644194c36d9b646f73127c6 Validity Not Before: Jan 2 06:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8934e27e02baecbe593235219e75861891cf6a87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:86:4a:96:5f:26:e0:3f:45:1c:65:68:bc:f5: f8:63:a9:88:4e:d7:39:60:e6:18:04:65:17:5b:68: 86:76:6c:c0:49:25:62:62:80:16:c7:7f:9c:01:c0: 80:e0:a0:03:a8:7c:25:2b:73:76:7e:32:21:94:ef: 6b:ed:7b:3c:a8:41:78:6e:63:10:f9:53:f4:cd:ed: 2a:35:0d:d7:c7:0c:a5:9d:36:3c:05:93:38:81:cf: 87:e6:ea:02:72:1e:94:ed:5e:49:0d:72:8b:98:90: fb:84:39:47:89:4f:a5:3c:63:f3:09:3f:6f:a2:2d: dc:52:98:94:62:31:20:12:ce:a2:a5:a3:15:46:f4: 7f:38:ae:1d:81:85:68:39:38:eb:7b:08:32:a6:ed: d7:67:ae:2c:99:46:58:1e:9f:4f:eb:7d:a7:c7:55: 07:5b:f4:92:a0:38:6e:b0:a8:9c:16:50:b8:be:60: 38:ea:66:b8:38:46:3b:ab:f5:8f:93:76:45:bb:ca: 45:a4:cb:cc:c2:f4:eb:49:32:ff:c1:5c:47:a5:46: c3:d6:a3:80:83:c1:62:57:c4:7c:bf:75:39:de:5a: 53:87:df:59:55:ed:53:98:96:ca:34:cb:bc:8d:19: 8c:bc:42:90:da:db:90:68:f1:c6:14:ed:d3:ec:26: c6:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:34:E2:7E:02:BA:EC:BE:59:32:35:21:9E:75:86:18:91:CF:6A:87 X509v3 Authority Key Identifier: keyid:97:7B:FD:99:D3:51:16:F9:C6:44:19:4C:36:D9:B6:46:F7:31:27:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l3v9mdNRFvnGRBlMNtm2RvcxJ8Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b678f5-557d-4b5d-aa50-9a4ff0137012/1/iTTifgK67L5ZMjUhnnWGGJHPaoc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b678f5-557d-4b5d-aa50-9a4ff0137012/1/l3v9mdNRFvnGRBlMNtm2RvcxJ8Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:1758::/48 Signature Algorithm: sha256WithRSAEncryption 4d:f1:46:93:a0:e9:ce:b8:03:b2:86:18:08:de:5c:2b:77:b2: d8:26:a6:d3:74:92:79:d5:f1:67:d3:ad:f5:11:ad:84:78:8a: 94:99:22:e7:7b:44:f2:97:0c:c2:93:b7:f2:67:8c:78:32:cb: cc:02:2f:d0:bc:5f:48:59:aa:36:ed:49:89:2a:d3:d8:ea:aa: 08:b7:d7:c6:b4:e6:e3:07:46:3f:a8:7d:05:00:0a:66:92:24: 00:c9:46:48:de:e3:01:df:b9:22:a9:80:2a:3b:a3:e7:1d:95: e1:a3:81:20:65:88:4a:c4:d6:fb:0c:7b:eb:9b:1c:36:8d:46: 62:02:48:e4:94:c8:a7:57:73:a3:32:ef:47:24:1a:a1:3a:87: 30:31:57:4c:f6:03:d4:cb:8a:2a:52:b8:da:28:72:da:0d:6d: 40:17:02:95:2e:87:26:31:bb:6b:25:b6:25:89:dd:30:1d:4a: 72:d7:65:be:de:a1:c1:da:2b:38:10:7e:60:c7:b2:64:80:ba: d4:4c:d3:ef:8e:c5:f5:32:53:4e:03:e1:26:19:b1:0c:06:fa: 60:83:f6:95:0f:e5:32:0c:50:35:91:11:e1:d0:39:af:10:09: 1d:16:60:7f:7a:d0:40:4b:23:02:57:0d:6a:45:14:94:78:32: 87:6e:d5:0a -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt9W0RrT/HMCVtSdxlzIfzYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3N2JmZDk5ZDM1MTE2ZjljNjQ0MTk0YzM2ZDliNjQ2Zjcz MTI3YzYwHhcNMjYwMTAyMDYxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4OTM0ZTI3ZTAyYmFlY2JlNTkzMjM1MjE5ZTc1ODYxODkxY2Y2YTg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYZKll8m4D9FHGVovPX4Y6mITtc5 YOYYBGUXW2iGdmzASSViYoAWx3+cAcCA4KADqHwlK3N2fjIhlO9r7Xs8qEF4bmMQ +VP0ze0qNQ3XxwylnTY8BZM4gc+H5uoCch6U7V5JDXKLmJD7hDlHiU+lPGPzCT9v oi3cUpiUYjEgEs6ipaMVRvR/OK4dgYVoOTjrewgypu3XZ64smUZYHp9P632nx1UH W/SSoDhusKicFlC4vmA46ma4OEY7q/WPk3ZFu8pFpMvMwvTrSTL/wVxHpUbD1qOA g8FiV8R8v3U53lpTh99ZVe1TmJbKNMu8jRmMvEKQ2tuQaPHGFO3T7CbGIwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFIk04n4Cuuy+WTI1IZ51hhiRz2qHMB8GA1UdIwQY MBaAFJd7/ZnTURb5xkQZTDbZtkb3MSfGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbDN2OW1kTlJGdm5HUkJsTU50bTJSdmN4SjhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iNjc4ZjUtNTU3ZC00YjVkLWFhNTAt OWE0ZmYwMTM3MDEyLzEvaVRUaWZnSzY3TDVaTWpVaG5uV0dHSkhQYW9jLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9iNjc4ZjUtNTU3ZC00YjVkLWFhNTAtOWE0ZmYwMTM3MDEy LzEvbDN2OW1kTlJGdm5HUkJsTU50bTJSdmN4SjhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBdY MA0GCSqGSIb3DQEBCwUAA4IBAQBN8UaToOnOuAOyhhgI3lwrd7LYJqbTdJJ51fFn 0631Ea2EeIqUmSLne0TylwzCk7fyZ4x4MsvMAi/QvF9IWao27UmJKtPY6qoIt9fG tObjB0Y/qH0FAApmkiQAyUZI3uMB37kiqYAqO6PnHZXho4EgZYhKxNb7DHvrmxw2 jUZiAkjklMinV3OjMu9HJBqhOocwMVdM9gPUy4oqUrjaKHLaDW1AFwKVLocmMbtr JbYlid0wHUpy12W+3qHB2is4EH5gx7JkgLrUTNPvjsX1MlNOA+EmGbEMBvpgg/aV D+UyDFA1kRHh0DmvEAkdFmB/etBASyMCVw1qRRSUeDKHbtUK -----END CERTIFICATE-----Generated at Wed Jan 7 10:22:10 2026 by rpki-client