This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/JZJx4L1hE5SD9mcU3dDsqxkA624.roa File: JZJx4L1hE5SD9mcU3dDsqxkA624.roa (raw, json) Hash identifier: aZtriA7sGW64atFxZesGv0mQUg9eckBShedQMDCxoFw= Subject key identifier: 25:92:71:E0:BD:61:13:94:83:F6:67:14:DD:D0:EC:AB:19:00:EB:6E Certificate issuer: /CN=a9061f2f49a6d7af9ea676bad03df1ce2f50260d Certificate serial: 019B7D5CF6761B9054511F7C4A2121192C53 Authority key identifier: A9:06:1F:2F:49:A6:D7:AF:9E:A6:76:BA:D0:3D:F1:CE:2F:50:26:0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qQYfL0mm16-epna60D3xzi9QJg0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/JZJx4L1hE5SD9mcU3dDsqxkA624.roa Signing time: Fri 02 Jan 2026 06:20:02 +0000 ROA not before: Fri 02 Jan 2026 06:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29056 IP address blocks: 37.143.176.0/20 maxlen: 24 85.237.0.0/19 maxlen: 24 91.143.96.0/20 maxlen: 24 109.73.144.0/20 maxlen: 24 185.15.236.0/22 maxlen: 24 185.220.252.0/22 maxlen: 24 185.222.128.0/22 maxlen: 24 185.225.144.0/22 maxlen: 24 185.228.128.0/22 maxlen: 24 185.233.144.0/22 maxlen: 24 185.236.72.0/22 maxlen: 24 193.46.248.0/24 maxlen: 24 217.29.144.0/20 maxlen: 24 2a02:758::/29 maxlen: 32 2a02:758::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/qQYfL0mm16-epna60D3xzi9QJg0.crl rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/qQYfL0mm16-epna60D3xzi9QJg0.mft rsync://rpki.ripe.net/repository/DEFAULT/qQYfL0mm16-epna60D3xzi9QJg0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:f6:76:1b:90:54:51:1f:7c:4a:21:21:19:2c:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a9061f2f49a6d7af9ea676bad03df1ce2f50260d Validity Not Before: Jan 2 06:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=259271e0bd61139483f66714ddd0ecab1900eb6e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d5:06:b7:4e:41:4f:4e:eb:ab:b9:0b:8e:e1: 7d:bc:60:30:db:67:16:0b:87:8a:56:27:98:57:89: d9:54:c4:e8:2b:f1:d2:56:f0:c9:44:73:db:6d:33: 26:8c:c0:46:4e:b0:be:5a:66:5f:15:8b:a7:bb:08: 6e:8c:14:a0:7f:4e:5a:01:30:1f:bf:07:be:1d:43: 22:4d:72:3c:7f:65:3b:9e:e6:54:7a:76:24:5c:af: 08:f9:86:9a:b1:29:26:24:57:86:e1:12:42:54:14: a3:3d:11:ff:66:3a:43:a2:d3:36:a0:54:db:54:27: 3a:fb:6f:6d:87:bb:af:1d:dc:c4:48:ea:4e:eb:8c: 06:74:58:51:a8:0a:e6:ae:c7:27:2c:3e:c6:8a:9f: 49:0a:7c:fa:b4:46:12:94:28:59:4d:fe:e1:1f:d8: ad:4b:75:50:6b:77:3e:e2:6c:c7:42:fa:c0:69:f2: 74:06:8c:8e:4e:bc:08:ab:56:05:32:18:d0:d0:0c: 83:c2:e3:25:c9:e5:cb:af:fb:04:42:26:5e:d2:48: 28:3b:5b:4c:41:63:2f:d0:ae:1f:ad:e2:9a:68:a3: 6c:46:79:76:fc:35:72:8a:93:a8:7b:15:83:ec:c3: 0e:74:5c:c2:21:a6:ab:7c:ee:c4:f0:37:51:84:c4: e2:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:92:71:E0:BD:61:13:94:83:F6:67:14:DD:D0:EC:AB:19:00:EB:6E X509v3 Authority Key Identifier: keyid:A9:06:1F:2F:49:A6:D7:AF:9E:A6:76:BA:D0:3D:F1:CE:2F:50:26:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qQYfL0mm16-epna60D3xzi9QJg0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/JZJx4L1hE5SD9mcU3dDsqxkA624.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba9be1-1fa2-4253-bf01-f6c268612fc7/1/qQYfL0mm16-epna60D3xzi9QJg0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.143.176.0/20 85.237.0.0/19 91.143.96.0/20 109.73.144.0/20 185.15.236.0/22 185.220.252.0/22 185.222.128.0/22 185.225.144.0/22 185.228.128.0/22 185.233.144.0/22 185.236.72.0/22 193.46.248.0/24 217.29.144.0/20 IPv6: 2a02:758::/29 Signature Algorithm: sha256WithRSAEncryption 5c:74:66:5a:64:c9:ec:71:f0:43:40:95:c0:e9:87:78:45:35: 70:c8:26:d3:09:2a:39:ec:34:26:28:e9:72:44:b0:3f:7d:74: be:6b:1f:1d:8a:b2:27:0e:e1:c6:0b:0b:a3:ee:d9:e5:a6:f5: 11:1c:90:aa:54:e7:6b:b0:25:a7:73:01:f6:2a:00:69:38:7f: 98:45:dc:38:aa:00:6f:10:7b:5d:c5:85:08:25:03:e7:cd:c2: 65:f7:5f:df:60:c0:d5:da:99:b8:c7:f3:91:a9:b2:17:7a:0e: e3:b0:87:70:51:a1:48:2a:86:86:42:e8:0d:ba:c1:12:30:a2: 42:f6:d1:d1:4a:52:73:25:6f:dd:28:3d:47:94:f7:16:51:62: d4:c7:c4:f9:6e:91:92:de:ad:7c:5b:01:e5:98:4a:89:c8:71: a0:fd:49:7d:2e:3c:98:a7:07:c6:57:6a:c7:0f:c3:4b:40:4d: 4e:bc:03:66:3c:65:27:20:a3:35:6e:a0:f6:16:e7:cd:e3:c0: ec:76:0d:c5:38:5b:87:5b:ee:dd:c7:8d:25:b1:4d:08:9f:58: 15:52:48:c4:52:a9:5c:81:ca:a7:61:0c:e4:12:be:b8:c7:3d: 0e:9c:93:5a:a4:a0:0e:e6:c5:2e:4e:90:c5:4c:11:59:2a:57: 70:96:a7:c5 -----BEGIN CERTIFICATE----- MIIFVDCCBDygAwIBAgISAZt9XPZ2G5BUUR98SiEhGSxTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE5MDYxZjJmNDlhNmQ3YWY5ZWE2NzZiYWQwM2RmMWNlMmY1 MDI2MGQwHhcNMjYwMTAyMDYyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNTkyNzFlMGJkNjExMzk0ODNmNjY3MTRkZGQwZWNhYjE5MDBlYjZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytUGt05BT07rq7kLjuF9vGAw22cW C4eKVieYV4nZVMToK/HSVvDJRHPbbTMmjMBGTrC+WmZfFYunuwhujBSgf05aATAf vwe+HUMiTXI8f2U7nuZUenYkXK8I+YaasSkmJFeG4RJCVBSjPRH/ZjpDotM2oFTb VCc6+29th7uvHdzESOpO64wGdFhRqArmrscnLD7Gip9JCnz6tEYSlChZTf7hH9it S3VQa3c+4mzHQvrAafJ0BoyOTrwIq1YFMhjQ0AyDwuMlyeXLr/sEQiZe0kgoO1tM QWMv0K4freKaaKNsRnl2/DVyipOoexWD7MMOdFzCIaarfO7E8DdRhMTi+wIDAQAB o4ICYDCCAlwwHQYDVR0OBBYEFCWSceC9YROUg/ZnFN3Q7KsZAOtuMB8GA1UdIwQY MBaAFKkGHy9JptevnqZ2utA98c4vUCYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcVFZZkwwbW0xNi1lcG5hNjBEM3h6aTlRSmcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTliZTEtMWZhMi00MjUzLWJmMDEt ZjZjMjY4NjEyZmM3LzEvSlpKeDRMMWhFNVNEOW1jVTNkRHNxeGtBNjI0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC9iYTliZTEtMWZhMi00MjUzLWJmMDEtZjZjMjY4NjEyZmM3 LzEvcVFZZkwwbW0xNi1lcG5hNjBEM3h6aTlRSmcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQEJY+wAwQF Ve0AAwQEW49gAwQEbUmQAwQCuQ/sAwQCudz8AwQCud6AAwQCueGQAwQCueSAAwQC uemQAwQCuexIAwQAwS74AwQE2R2QMA0EAgACMAcDBQMqAgdYMA0GCSqGSIb3DQEB CwUAA4IBAQBcdGZaZMnscfBDQJXA6Yd4RTVwyCbTCSo57DQmKOlyRLA/fXS+ax8d irInDuHGCwuj7tnlpvURHJCqVOdrsCWncwH2KgBpOH+YRdw4qgBvEHtdxYUIJQPn zcJl91/fYMDV2pm4x/ORqbIXeg7jsIdwUaFIKoaGQugNusESMKJC9tHRSlJzJW/d KD1HlPcWUWLUx8T5bpGS3q18WwHlmEqJyHGg/Ul9LjyYpwfGV2rHD8NLQE1OvANm PGUnIKM1bqD2FufN48Dsdg3FOFuHW+7dx40lsU0In1gVUkjEUqlcgcqnYQzkEr64 xz0OnJNapKAO5sUuTpDFTBFZKldwlqfF -----END CERTIFICATE-----Generated at Mon Feb 9 21:01:23 2026 by rpki-client