This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/IYF68e9ge8NFehhOqo0t0QmSt0U.roa File: IYF68e9ge8NFehhOqo0t0QmSt0U.roa (raw, json) Hash identifier: 14G6L8wEvwXcwKJdKiugXsvVQuklScEKNYwwCaNtePQ= Subject key identifier: 21:81:7A:F1:EF:60:7B:C3:45:7A:18:4E:AA:8D:2D:D1:09:92:B7:45 Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56 Certificate serial: 019B7C805723CBF8FC185B8A4ECB86721293 Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/IYF68e9ge8NFehhOqo0t0QmSt0U.roa Signing time: Fri 02 Jan 2026 02:19:04 +0000 ROA not before: Fri 02 Jan 2026 02:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48525 IP address blocks: 194.147.110.0/23 maxlen: 23 194.147.110.0/24 maxlen: 24 194.147.111.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 21:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:57:23:cb:f8:fc:18:5b:8a:4e:cb:86:72:12:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56 Validity Not Before: Jan 2 02:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=21817af1ef607bc3457a184eaa8d2dd10992b745 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:2f:bb:d2:46:59:fb:66:28:16:1c:b1:30:3b: 87:ca:cd:9e:9a:da:ed:e9:d6:07:04:54:d7:24:96: 6a:e9:3e:db:71:2e:9a:90:05:1e:13:33:b2:08:33: 9a:33:7e:d1:f6:39:b6:15:ce:e5:85:f4:12:cb:b2: af:f3:1f:d8:08:cd:b0:94:c0:79:7a:58:39:09:0b: 47:61:81:5c:5a:a4:ed:50:fb:55:72:84:cb:a7:78: 04:01:d2:7f:eb:32:29:da:60:cb:89:12:b0:92:90: c9:1f:2b:be:45:3d:23:f1:8d:7d:d2:78:fb:c2:19: 07:b2:e5:d9:53:71:4f:81:a8:81:55:fd:02:04:17: b1:5b:53:4c:58:30:c5:3c:f2:ae:ad:cf:75:f8:41: 17:6b:0c:a8:76:f5:18:7d:0c:ea:83:8c:c3:69:4f: de:dd:32:31:db:9e:25:6c:24:ea:c5:66:2f:57:0c: a9:ed:eb:66:f9:ae:e9:bd:33:e9:6c:20:47:c9:ff: a4:58:20:1d:a1:0c:87:56:cc:a7:d7:72:e5:b5:a8: 69:f5:30:78:26:f9:29:3a:c5:41:b9:25:fa:b4:67: 9e:bb:a1:cb:2a:1e:ae:72:5a:3f:90:a8:0b:63:33: 69:8c:3c:c1:6d:9d:7a:75:0a:2a:80:3f:7c:0a:a8: 45:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:81:7A:F1:EF:60:7B:C3:45:7A:18:4E:AA:8D:2D:D1:09:92:B7:45 X509v3 Authority Key Identifier: keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/IYF68e9ge8NFehhOqo0t0QmSt0U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.147.110.0/23 Signature Algorithm: sha256WithRSAEncryption 2f:26:46:70:3e:19:09:f7:7e:2e:eb:6f:43:b7:64:93:bd:05: b5:54:af:03:b8:c7:68:21:a3:84:15:1c:98:93:5b:ea:61:2a: c2:8a:d9:bc:e3:2a:47:c4:f1:db:ef:fd:aa:ee:b5:30:41:49: 36:13:97:2c:7e:bd:80:a3:25:d5:4f:01:d1:71:61:2e:bb:31: 4c:7e:c2:f8:09:94:28:8e:bc:2a:92:8c:2a:99:02:5d:3c:cb: dc:07:73:a9:23:9b:e5:ab:0c:a3:89:45:16:5a:2a:30:4b:bf: 30:b3:ef:e3:94:75:2f:ed:d9:8d:31:20:5f:1f:31:c0:3f:be: ce:b2:0b:79:3b:5c:10:f1:cf:29:8a:52:c6:02:4b:37:8a:7a: 92:82:3b:1f:ae:25:63:23:99:f2:83:12:09:57:92:19:f5:36: 7e:c3:c0:b5:b9:a4:3e:7e:dd:9c:d1:5f:51:61:d7:d8:88:ad: da:33:8b:07:b6:bb:c6:59:99:de:c8:4d:56:9e:6e:95:4c:30: c2:aa:e9:fd:03:53:a1:c6:3c:64:0e:ca:e4:15:95:19:4e:30: 6d:06:a2:f0:c1:6e:ac:3a:e2:6a:27:8d:2d:f6:b6:06:02:24: 7f:33:9c:b3:73:a7:6c:bf:4f:81:3a:f1:48:dc:68:2e:fe:29: 7c:ca:ea:a9 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8gFcjy/j8GFuKTsuGchKTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0 ZjVlNTYwHhcNMjYwMTAyMDIxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMTgxN2FmMWVmNjA3YmMzNDU3YTE4NGVhYThkMmRkMTA5OTJiNzQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7C+70kZZ+2YoFhyxMDuHys2emtrt 6dYHBFTXJJZq6T7bcS6akAUeEzOyCDOaM37R9jm2Fc7lhfQSy7Kv8x/YCM2wlMB5 elg5CQtHYYFcWqTtUPtVcoTLp3gEAdJ/6zIp2mDLiRKwkpDJHyu+RT0j8Y190nj7 whkHsuXZU3FPgaiBVf0CBBexW1NMWDDFPPKurc91+EEXawyodvUYfQzqg4zDaU/e 3TIx254lbCTqxWYvVwyp7etm+a7pvTPpbCBHyf+kWCAdoQyHVsyn13Lltahp9TB4 JvkpOsVBuSX6tGeeu6HLKh6uclo/kKgLYzNpjDzBbZ16dQoqgD98CqhFHwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCGBevHvYHvDRXoYTqqNLdEJkrdFMB8GA1UdIwQY MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt YmE5OGYxMTIyMTIxLzEvSVlGNjhlOWdlOE5GZWhoT3FvMHQwUW1TdDBVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpNuMA0G CSqGSIb3DQEBCwUAA4IBAQAvJkZwPhkJ934u629Dt2STvQW1VK8DuMdoIaOEFRyY k1vqYSrCitm84ypHxPHb7/2q7rUwQUk2E5csfr2AoyXVTwHRcWEuuzFMfsL4CZQo jrwqkowqmQJdPMvcB3OpI5vlqwyjiUUWWiowS78ws+/jlHUv7dmNMSBfHzHAP77O sgt5O1wQ8c8pilLGAks3inqSgjsfriVjI5nygxIJV5IZ9TZ+w8C1uaQ+ft2c0V9R YdfYiK3aM4sHtrvGWZneyE1Wnm6VTDDCqun9A1OhxjxkDsrkFZUZTjBtBqLwwW6s OuJqJ40t9rYGAiR/M5yzc6dsv0+BOvFI3Ggu/il8yuqp -----END CERTIFICATE-----Generated at Sat Jan 10 03:59:11 2026 by rpki-client