This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/IY4I_I-7Ak9VpZTxxwnR0rCSA1U.roa File: IY4I_I-7Ak9VpZTxxwnR0rCSA1U.roa (raw, json) Hash identifier: xgbFbgYmjLRdThFb0rYpIWFwzf6U66UapdtCfgVp3XM= Subject key identifier: 21:8E:08:FC:8F:BB:02:4F:55:A5:94:F1:C7:09:D1:D2:B0:92:03:55 Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Certificate serial: 019B06883AF3403100EF5A9D2F397E004555 Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/IY4I_I-7Ak9VpZTxxwnR0rCSA1U.roa Signing time: Wed 10 Dec 2025 04:32:29 +0000 ROA not before: Wed 10 Dec 2025 04:32:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 213861 IP address blocks: 2a10:4101::/32 maxlen: 32 2a12:a340::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:06:88:3a:f3:40:31:00:ef:5a:9d:2f:39:7e:00:45:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Validity Not Before: Dec 10 04:32:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=218e08fc8fbb024f55a594f1c709d1d2b0920355 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:89:ec:30:7a:3b:bc:3e:fd:51:68:a9:f9:9d: c0:1f:bd:61:52:47:64:ba:16:fc:50:b7:ce:9b:45: 71:7d:3b:d1:03:dc:7d:1b:84:6e:d6:be:04:8f:94: 18:c3:c3:b1:b9:cf:e1:cd:2c:7b:a5:1f:5a:49:e3: fb:95:71:40:9a:55:4d:4a:17:51:3f:d1:6f:a5:cf: 6a:55:a7:81:1f:27:4e:05:02:0d:43:f5:02:7f:99: 21:38:8e:ff:d4:1e:e5:10:2d:8c:b9:88:6b:c5:5c: 9d:0f:3b:3b:c2:53:ee:aa:45:3e:92:56:59:51:e4: 75:65:e4:b5:cf:b4:07:9b:f6:5e:fd:c5:ad:63:01: dc:86:39:84:8e:de:06:a7:e4:57:02:d0:58:ae:2b: 6d:09:9c:2f:a8:14:c1:42:68:68:50:24:0e:e2:ba: fe:dd:9b:3e:a1:9b:17:5e:da:cf:f0:10:7e:b7:e1: 65:43:f4:40:46:0f:d4:d2:8a:8b:17:92:f7:c7:e0: 5d:d8:dc:a8:b1:10:8f:ec:70:48:7e:f3:33:8d:91: 1e:25:fe:2c:30:23:4d:99:f6:5b:b3:82:8f:42:71: ef:bb:db:73:cf:c3:57:fa:9b:3c:84:ae:dd:f1:c4: 22:95:09:a4:32:e0:35:09:bc:7a:9b:e3:36:5a:b9: 91:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:8E:08:FC:8F:BB:02:4F:55:A5:94:F1:C7:09:D1:D2:B0:92:03:55 X509v3 Authority Key Identifier: keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/IY4I_I-7Ak9VpZTxxwnR0rCSA1U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a10:4101::/32 2a12:a340::/32 Signature Algorithm: sha256WithRSAEncryption 43:52:23:52:b8:3c:32:bc:53:bb:2e:ee:97:18:6e:41:5e:35: fc:ec:6b:d9:bf:3d:ed:6e:67:65:e2:c7:49:ca:0c:fa:08:17: cd:57:4e:e6:7d:50:8b:aa:4d:e7:bb:12:e1:23:19:8d:7f:7e: 02:a6:fb:32:a2:69:0e:9f:21:f6:84:e9:4e:ba:87:f5:d5:de: 65:75:b9:1d:c5:1f:84:6e:4d:05:e5:43:5c:3a:81:57:7a:db: 8e:24:d2:64:87:6a:9f:a5:cf:c8:5e:a0:46:45:8b:b6:7e:eb: 1d:cd:8b:0a:81:0c:4c:49:6d:64:bb:4a:c9:e3:bf:66:24:36: 20:0c:ff:3f:e5:5c:63:da:91:36:9a:e9:17:48:e7:73:3a:43: fb:53:42:7d:0b:b9:3b:4b:7c:ce:38:a8:11:e9:8d:6e:41:2f: 3b:97:56:6b:31:7e:6f:9a:26:88:76:18:ae:8e:bc:71:bd:1c: c7:c3:25:ab:19:74:c0:c2:39:79:c7:07:94:92:b9:06:c9:70: 22:73:55:de:70:c2:b0:59:9d:b0:1f:54:24:e6:d1:c4:c9:b8: 9a:e7:e7:18:c0:ef:e6:55:b9:67:b4:a8:f3:c1:9d:9c:58:c9: 67:94:34:57:b3:00:99:58:e0:37:b0:ca:9b:83:bf:3a:6d:c4: a9:c5:00:12 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZsGiDrzQDEA71qdLzl+AEVVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl NWVjZjIwHhcNMjUxMjEwMDQzMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMThlMDhmYzhmYmIwMjRmNTVhNTk0ZjFjNzA5ZDFkMmIwOTIwMzU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYnsMHo7vD79UWip+Z3AH71hUkdk uhb8ULfOm0VxfTvRA9x9G4Ru1r4Ej5QYw8Oxuc/hzSx7pR9aSeP7lXFAmlVNShdR P9Fvpc9qVaeBHydOBQINQ/UCf5khOI7/1B7lEC2MuYhrxVydDzs7wlPuqkU+klZZ UeR1ZeS1z7QHm/Ze/cWtYwHchjmEjt4Gp+RXAtBYrittCZwvqBTBQmhoUCQO4rr+ 3Zs+oZsXXtrP8BB+t+FlQ/RARg/U0oqLF5L3x+Bd2NyosRCP7HBIfvMzjZEeJf4s MCNNmfZbs4KPQnHvu9tzz8NX+ps8hK7d8cQilQmkMuA1Cbx6m+M2WrmR2QIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFCGOCPyPuwJPVaWU8ccJ0dKwkgNVMB8GA1UdIwQY MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt MTcxYzM2N2JlNzgyLzEvSVk0SV9JLTdBazlWcFpUeHh3blIwckNTQTFVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhBBAQMF ACoSo0AwDQYJKoZIhvcNAQELBQADggEBAENSI1K4PDK8U7su7pcYbkFeNfzsa9m/ Pe1uZ2Xix0nKDPoIF81XTuZ9UIuqTee7EuEjGY1/fgKm+zKiaQ6fIfaE6U66h/XV 3mV1uR3FH4RuTQXlQ1w6gVd6244k0mSHap+lz8heoEZFi7Z+6x3NiwqBDExJbWS7 Ssnjv2YkNiAM/z/lXGPakTaa6RdI53M6Q/tTQn0LuTtLfM44qBHpjW5BLzuXVmsx fm+aJoh2GK6OvHG9HMfDJasZdMDCOXnHB5SSuQbJcCJzVd5wwrBZnbAfVCTm0cTJ uJrn5xjA7+ZVuWe0qPPBnZxYyWeUNFezAJlY4DewypuDvzptxKnFABI= -----END CERTIFICATE-----Generated at Sat Dec 20 00:48:02 2025 by rpki-client