This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/4cda47-384a-4354-bcb4-bef35605bcd4/1/jA_MaskNZFY8z3uRE6NiAvucTrk.roa File: jA_MaskNZFY8z3uRE6NiAvucTrk.roa (raw, json) Hash identifier: Vxa7/BRh9g/VVz94ZqeAg8BjOYIzREIfs64pIZKkHnc= Subject key identifier: 8C:0F:CC:6A:C9:0D:64:56:3C:CF:7B:91:13:A3:62:02:FB:9C:4E:B9 Certificate issuer: /CN=3ec6fd91d2a4365d3dc16721fedf692172bb3073 Certificate serial: 019B7F8345F11DF9296E25EAE2D046C66AE3 Authority key identifier: 3E:C6:FD:91:D2:A4:36:5D:3D:C1:67:21:FE:DF:69:21:72:BB:30:73 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Psb9kdKkNl09wWch_t9pIXK7MHM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/4cda47-384a-4354-bcb4-bef35605bcd4/1/jA_MaskNZFY8z3uRE6NiAvucTrk.roa Signing time: Fri 02 Jan 2026 16:21:07 +0000 ROA not before: Fri 02 Jan 2026 16:21:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44322 IP address blocks: 185.162.12.0/22 maxlen: 22 2a07:c940::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/4cda47-384a-4354-bcb4-bef35605bcd4/1/Psb9kdKkNl09wWch_t9pIXK7MHM.crl rsync://rpki.ripe.net/repository/DEFAULT/18/4cda47-384a-4354-bcb4-bef35605bcd4/1/Psb9kdKkNl09wWch_t9pIXK7MHM.mft rsync://rpki.ripe.net/repository/DEFAULT/Psb9kdKkNl09wWch_t9pIXK7MHM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:45:f1:1d:f9:29:6e:25:ea:e2:d0:46:c6:6a:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ec6fd91d2a4365d3dc16721fedf692172bb3073 Validity Not Before: Jan 2 16:21:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8c0fcc6ac90d64563ccf7b9113a36202fb9c4eb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:9d:3e:e8:74:20:83:98:f4:97:b3:ac:54:a5: c7:6a:c1:0e:2f:bb:ca:ca:77:a1:1e:97:c0:5c:97: 53:f9:00:aa:f4:92:d1:be:d8:75:31:cf:b2:a6:95: 14:9a:89:5c:0e:ac:f8:69:ab:32:fe:66:38:d9:f1: 3a:8f:9f:55:1f:bd:09:ba:dc:36:96:ec:fa:ae:71: 87:d2:e9:d0:b0:23:c2:77:ca:b2:bf:9e:26:c2:1e: 20:1f:74:e6:c3:b0:6e:01:a3:54:42:58:ca:a2:3a: bf:46:cd:45:b5:64:66:cd:28:d8:5e:12:ed:e5:3f: 46:3e:03:f0:dc:47:42:8d:53:9a:83:9d:01:c5:5b: d6:73:2b:16:3c:33:bf:a6:4b:a6:2c:27:41:cc:55: ac:91:2d:e9:58:07:3f:4d:d9:ab:6f:6d:c6:92:03: c3:ed:72:77:fe:95:b8:dd:4a:a5:7a:ba:9a:9c:39: 8c:a8:d6:41:6b:0e:45:3c:11:31:dc:76:fd:9a:f7: 86:78:b1:18:41:e1:2e:39:cf:4f:17:79:dc:48:f5: 61:32:b6:7b:23:e2:c9:8d:35:ec:8e:31:c0:5f:4a: 83:bc:c3:88:ae:0a:d0:66:ac:19:91:36:f5:cf:8c: 37:de:f5:e6:11:f1:47:c6:6c:31:64:a2:f6:11:44: 9d:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:0F:CC:6A:C9:0D:64:56:3C:CF:7B:91:13:A3:62:02:FB:9C:4E:B9 X509v3 Authority Key Identifier: keyid:3E:C6:FD:91:D2:A4:36:5D:3D:C1:67:21:FE:DF:69:21:72:BB:30:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Psb9kdKkNl09wWch_t9pIXK7MHM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/4cda47-384a-4354-bcb4-bef35605bcd4/1/jA_MaskNZFY8z3uRE6NiAvucTrk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/4cda47-384a-4354-bcb4-bef35605bcd4/1/Psb9kdKkNl09wWch_t9pIXK7MHM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.162.12.0/22 IPv6: 2a07:c940::/29 Signature Algorithm: sha256WithRSAEncryption 9f:af:ef:26:6c:50:5a:7c:0f:63:e9:7b:47:bc:6d:d2:e0:20: 6c:8d:38:28:66:e9:aa:5a:f4:9b:e4:8f:1c:0e:59:49:64:29: 52:37:aa:e9:ff:07:c4:03:3d:1a:22:03:48:08:bc:34:12:99: 59:e8:db:2d:47:fd:4c:6b:2b:a5:4c:73:05:f1:86:86:ae:ce: 7f:25:51:16:40:03:c3:c7:4e:bb:f9:74:82:8c:18:9f:9a:b6: 5b:55:cf:a2:93:60:37:05:58:2c:d8:6d:91:fa:0d:94:14:40: 8d:3b:a3:61:68:36:26:80:fd:e9:ad:8d:ac:02:cc:0f:13:b6: 74:59:c1:05:df:c9:e1:e5:fe:ae:50:54:82:38:e1:48:3b:5e: 74:42:a5:0a:9a:61:c0:44:2b:c3:b3:a0:c2:da:a3:e0:c6:80: 94:93:aa:4c:db:8c:a9:8b:a7:9c:2b:11:2f:ae:12:c5:c6:ec: 58:e4:3a:21:ed:e7:60:90:61:f2:4c:60:8f:52:18:b0:cc:ae: 14:8e:58:87:9b:11:79:e2:c8:65:72:91:9c:3d:01:bc:38:7d: e5:6f:a5:14:3a:16:de:3c:cf:15:ba:bd:cc:20:9c:a9:05:0a: 01:73:93:77:16:41:37:ac:db:cf:38:37:37:aa:cd:5b:12:d2: 15:08:c4:c0 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/g0XxHfkpbiXq4tBGxmrjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlYzZmZDkxZDJhNDM2NWQzZGMxNjcyMWZlZGY2OTIxNzJi YjMwNzMwHhcNMjYwMTAyMTYyMTA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YzBmY2M2YWM5MGQ2NDU2M2NjZjdiOTExM2EzNjIwMmZiOWM0ZWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Z0+6HQgg5j0l7OsVKXHasEOL7vK ynehHpfAXJdT+QCq9JLRvth1Mc+yppUUmolcDqz4aasy/mY42fE6j59VH70Jutw2 luz6rnGH0unQsCPCd8qyv54mwh4gH3Tmw7BuAaNUQljKojq/Rs1FtWRmzSjYXhLt 5T9GPgPw3EdCjVOag50BxVvWcysWPDO/pkumLCdBzFWskS3pWAc/Tdmrb23GkgPD 7XJ3/pW43UqlerqanDmMqNZBaw5FPBEx3Hb9mveGeLEYQeEuOc9PF3ncSPVhMrZ7 I+LJjTXsjjHAX0qDvMOIrgrQZqwZkTb1z4w33vXmEfFHxmwxZKL2EUSdXQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFIwPzGrJDWRWPM97kROjYgL7nE65MB8GA1UdIwQY MBaAFD7G/ZHSpDZdPcFnIf7faSFyuzBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHNiOWtkS2tObDA5d1djaF90OXBJWEs3TUhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC80Y2RhNDctMzg0YS00MzU0LWJjYjQt YmVmMzU2MDViY2Q0LzEvakFfTWFza05aRlk4ejN1UkU2TmlBdnVjVHJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC80Y2RhNDctMzg0YS00MzU0LWJjYjQtYmVmMzU2MDViY2Q0 LzEvUHNiOWtkS2tObDA5d1djaF90OXBJWEs3TUhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaIMMA0E AgACMAcDBQMqB8lAMA0GCSqGSIb3DQEBCwUAA4IBAQCfr+8mbFBafA9j6XtHvG3S 4CBsjTgoZumqWvSb5I8cDllJZClSN6rp/wfEAz0aIgNICLw0EplZ6NstR/1Mayul THMF8YaGrs5/JVEWQAPDx067+XSCjBifmrZbVc+ik2A3BVgs2G2R+g2UFECNO6Nh aDYmgP3prY2sAswPE7Z0WcEF38nh5f6uUFSCOOFIO150QqUKmmHARCvDs6DC2qPg xoCUk6pM24ypi6ecKxEvrhLFxuxY5Doh7edgkGHyTGCPUhiwzK4UjliHmxF54shl cpGcPQG8OH3lb6UUOhbePM8Vur3MIJypBQoBc5N3FkE3rNvPODc3qs1bEtIVCMTA -----END CERTIFICATE-----Generated at Mon Feb 9 21:23:23 2026 by rpki-client