This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/jknUDg7dwoXIKf-FEYWIUojpUtc.roa File: jknUDg7dwoXIKf-FEYWIUojpUtc.roa (raw, json) Hash identifier: 2W3qLOECU7Uc4cSeqqL3ulz5L4R4vc28jKIJo8yhIIg= Subject key identifier: 8E:49:D4:0E:0E:DD:C2:85:C8:29:FF:85:11:85:88:52:88:E9:52:D7 Certificate issuer: /CN=77cc46ade957c8f066a5c6fe25310a4cf5a7e9d4 Certificate serial: 019B77593C0EDB876405AF4E91F34860A1CC Authority key identifier: 77:CC:46:AD:E9:57:C8:F0:66:A5:C6:FE:25:31:0A:4C:F5:A7:E9:D4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d8xGrelXyPBmpcb-JTEKTPWn6dQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/jknUDg7dwoXIKf-FEYWIUojpUtc.roa Signing time: Thu 01 Jan 2026 02:18:15 +0000 ROA not before: Thu 01 Jan 2026 02:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35070 IP address blocks: 185.223.228.0/22 maxlen: 24 185.223.228.0/24 maxlen: 24 185.223.229.0/24 maxlen: 24 185.223.230.0/24 maxlen: 24 185.223.231.0/24 maxlen: 24 2a0d:4040::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/d8xGrelXyPBmpcb-JTEKTPWn6dQ.crl rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/d8xGrelXyPBmpcb-JTEKTPWn6dQ.mft rsync://rpki.ripe.net/repository/DEFAULT/d8xGrelXyPBmpcb-JTEKTPWn6dQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 06:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:3c:0e:db:87:64:05:af:4e:91:f3:48:60:a1:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=77cc46ade957c8f066a5c6fe25310a4cf5a7e9d4 Validity Not Before: Jan 1 02:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8e49d40e0eddc285c829ff851185885288e952d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:e6:6b:c3:63:a5:70:4b:f6:95:dc:32:84:ef: 5f:21:7f:d0:8e:4b:79:1b:55:ef:5a:a8:b4:53:5f: 85:ce:02:d1:41:e0:b9:3d:06:98:e2:83:92:f1:1d: 93:0a:a0:53:99:d0:0c:dd:db:db:f1:98:85:e5:6b: eb:f7:16:06:fe:54:0e:15:cf:75:68:d6:c5:e5:3c: d3:de:a9:13:d5:42:c8:71:89:d3:f0:01:62:6f:86: 6f:bf:24:79:0a:d5:dc:f9:71:06:14:b3:eb:ff:98: 78:5a:0d:81:c0:3b:76:42:f8:54:a1:fb:fe:77:c0: a8:24:03:bb:76:99:d9:29:41:05:2d:fc:f5:aa:62: f8:2b:71:14:85:8d:c4:8d:a2:fe:73:cf:70:4e:be: ac:52:9e:55:f9:8f:3a:47:78:b4:a1:ce:16:20:8b: ec:af:46:9c:4e:8f:b3:ef:89:89:d9:07:02:5d:4c: fd:12:46:ec:73:d8:c2:97:73:e9:ea:70:66:a0:ad: 21:b5:9f:d3:29:1d:fa:af:e8:e5:5b:ba:de:bd:cb: 46:02:3a:4c:9c:32:9f:9b:71:0f:96:fe:53:99:2a: b0:04:fb:29:62:14:c8:7a:6e:1f:21:8c:a6:5c:c9: 79:52:79:d4:9d:c4:a5:2a:28:e6:da:9d:ef:5d:18: de:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:49:D4:0E:0E:DD:C2:85:C8:29:FF:85:11:85:88:52:88:E9:52:D7 X509v3 Authority Key Identifier: keyid:77:CC:46:AD:E9:57:C8:F0:66:A5:C6:FE:25:31:0A:4C:F5:A7:E9:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8xGrelXyPBmpcb-JTEKTPWn6dQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/jknUDg7dwoXIKf-FEYWIUojpUtc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/d61b54-ee9f-4e00-b1e3-f7d027560058/1/d8xGrelXyPBmpcb-JTEKTPWn6dQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.223.228.0/22 IPv6: 2a0d:4040::/29 Signature Algorithm: sha256WithRSAEncryption 93:4c:cf:f1:c5:c0:92:0a:d2:c9:51:b3:46:59:7b:d1:b7:bc: 0a:6f:06:fd:2c:61:00:25:8f:78:67:b9:7d:50:d1:ab:a3:db: 16:8e:ce:ad:38:a7:38:82:5e:8d:d9:12:ac:3f:e2:3f:0e:a9: f5:0a:b7:36:8d:f8:df:c8:48:07:e5:bb:ef:6d:27:1e:16:33: f3:b9:cd:14:d6:07:e6:1a:70:57:3e:88:af:f7:bb:ec:cb:8f: 92:20:6b:64:02:1e:89:12:57:14:a4:93:de:d1:72:f7:40:0a: 42:37:be:48:59:93:5a:f0:dc:87:aa:54:76:e7:c8:be:1c:0a: 65:30:06:d8:df:fb:08:03:44:d4:f8:4f:9c:4e:80:4b:61:3d: 18:bc:d2:05:cd:7e:e8:c6:70:10:aa:9e:6e:13:64:ee:39:e3: 22:2c:e8:60:4d:bf:7c:1e:04:df:31:2f:b8:7d:43:97:6e:26: ac:a3:04:89:c7:82:3e:16:38:75:e0:25:1f:0e:cb:0e:64:61: d7:13:f3:28:b1:5c:7d:6f:0e:c6:24:7c:04:7a:1f:df:d0:a6: 71:75:f6:2c:39:7f:16:d2:15:e8:0f:51:5a:b0:45:53:20:9e: 34:bf:a5:88:21:3d:86:49:bf:d3:c4:32:87:82:bc:b5:61:cc: 9f:d6:56:af -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3WTwO24dkBa9OkfNIYKHMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3Y2M0NmFkZTk1N2M4ZjA2NmE1YzZmZTI1MzEwYTRjZjVh N2U5ZDQwHhcNMjYwMTAxMDIxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZTQ5ZDQwZTBlZGRjMjg1YzgyOWZmODUxMTg1ODg1Mjg4ZTk1MmQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOZrw2OlcEv2ldwyhO9fIX/Qjkt5 G1XvWqi0U1+FzgLRQeC5PQaY4oOS8R2TCqBTmdAM3dvb8ZiF5Wvr9xYG/lQOFc91 aNbF5TzT3qkT1ULIcYnT8AFib4ZvvyR5CtXc+XEGFLPr/5h4Wg2BwDt2QvhUofv+ d8CoJAO7dpnZKUEFLfz1qmL4K3EUhY3EjaL+c89wTr6sUp5V+Y86R3i0oc4WIIvs r0acTo+z74mJ2QcCXUz9Ekbsc9jCl3Pp6nBmoK0htZ/TKR36r+jlW7revctGAjpM nDKfm3EPlv5TmSqwBPspYhTIem4fIYymXMl5UnnUncSlKijm2p3vXRje+QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFI5J1A4O3cKFyCn/hRGFiFKI6VLXMB8GA1UdIwQY MBaAFHfMRq3pV8jwZqXG/iUxCkz1p+nUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZDh4R3JlbFh5UEJtcGNiLUpURUtUUFduNmRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9kNjFiNTQtZWU5Zi00ZTAwLWIxZTMt ZjdkMDI3NTYwMDU4LzEvamtuVURnN2R3b1hJS2YtRkVZV0lVb2pwVXRjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9kNjFiNTQtZWU5Zi00ZTAwLWIxZTMtZjdkMDI3NTYwMDU4 LzEvZDh4R3JlbFh5UEJtcGNiLUpURUtUUFduNmRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud/kMA0E AgACMAcDBQMqDUBAMA0GCSqGSIb3DQEBCwUAA4IBAQCTTM/xxcCSCtLJUbNGWXvR t7wKbwb9LGEAJY94Z7l9UNGro9sWjs6tOKc4gl6N2RKsP+I/Dqn1Crc2jfjfyEgH 5bvvbSceFjPzuc0U1gfmGnBXPoiv97vsy4+SIGtkAh6JElcUpJPe0XL3QApCN75I WZNa8NyHqlR258i+HAplMAbY3/sIA0TU+E+cToBLYT0YvNIFzX7oxnAQqp5uE2Tu OeMiLOhgTb98HgTfMS+4fUOXbiasowSJx4I+Fjh14CUfDssOZGHXE/MosVx9bw7G JHwEeh/f0KZxdfYsOX8W0hXoD1FasEVTIJ40v6WIIT2GSb/TxDKHgry1Ycyf1lav -----END CERTIFICATE-----Generated at Sat Jan 10 14:24:03 2026 by rpki-client