This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/jWXMDv13AWDAzHmG3AwphA0uU3I.roa File: jWXMDv13AWDAzHmG3AwphA0uU3I.roa (raw, json) Hash identifier: gbSC++TyPC7wR0U95OM82la8DG8eXm7v1JK7SFOBZRE= Subject key identifier: 8D:65:CC:0E:FD:77:01:60:C0:CC:79:86:DC:0C:29:84:0D:2E:53:72 Certificate issuer: /CN=97f4674e8236bddc3d2327a02b0abfba79a5483c Certificate serial: 019B7834ED8F3FF9A8F13A1D8E6ACFD92FE9 Authority key identifier: 97:F4:67:4E:82:36:BD:DC:3D:23:27:A0:2B:0A:BF:BA:79:A5:48:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l_RnToI2vdw9IyegKwq_unmlSDw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/jWXMDv13AWDAzHmG3AwphA0uU3I.roa Signing time: Thu 01 Jan 2026 06:18:13 +0000 ROA not before: Thu 01 Jan 2026 06:18:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48618 IP address blocks: 91.209.29.0/24 maxlen: 24 185.55.176.0/22 maxlen: 22 2a04:d500::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/l_RnToI2vdw9IyegKwq_unmlSDw.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/l_RnToI2vdw9IyegKwq_unmlSDw.mft rsync://rpki.ripe.net/repository/DEFAULT/l_RnToI2vdw9IyegKwq_unmlSDw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 03:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:ed:8f:3f:f9:a8:f1:3a:1d:8e:6a:cf:d9:2f:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=97f4674e8236bddc3d2327a02b0abfba79a5483c Validity Not Before: Jan 1 06:18:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8d65cc0efd770160c0cc7986dc0c29840d2e5372 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:3a:81:87:e8:96:8d:8b:80:b2:87:ef:1c:b4: 78:c6:4c:ec:d0:a2:76:26:4b:d0:19:a2:11:37:92: 79:79:5a:b4:21:cc:fd:19:c1:c9:7f:3c:3a:b7:7d: 33:92:fd:cf:32:ba:bf:09:44:db:5e:1a:73:c1:c3: b1:dd:a1:ed:ee:b7:27:7c:6d:8b:60:77:8a:d4:bc: 1d:3e:1e:40:59:0d:c5:86:ac:26:53:e0:61:46:be: a5:ec:f3:f6:4b:65:0a:31:d2:bf:66:1a:4d:74:16: 2e:05:7e:d2:c2:d7:db:bd:97:97:f8:ff:fe:df:46: 4e:2b:93:fc:bd:7a:72:f4:8f:af:01:fe:13:ee:4c: 54:5e:46:fb:2b:f4:76:b7:a5:94:2c:b5:b1:11:f8: 0f:52:92:53:08:67:f0:1c:f7:26:76:fd:0d:ce:4d: 82:05:a2:65:6e:38:8e:e3:90:cb:a9:d3:8f:78:be: 67:24:2c:3e:40:c3:2b:4e:e0:72:cb:2e:1e:cf:49: 04:d4:a1:d3:39:60:fe:fa:de:fe:1e:0c:58:c1:2b: 8e:a9:cf:ba:d8:f2:80:f2:a9:3c:5e:54:66:ee:49: b1:2c:55:e7:02:7f:f3:ed:f9:73:5f:67:9f:7e:ed: 4e:f2:d6:47:41:44:62:be:3f:04:01:e1:fb:38:06: 90:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:65:CC:0E:FD:77:01:60:C0:CC:79:86:DC:0C:29:84:0D:2E:53:72 X509v3 Authority Key Identifier: keyid:97:F4:67:4E:82:36:BD:DC:3D:23:27:A0:2B:0A:BF:BA:79:A5:48:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l_RnToI2vdw9IyegKwq_unmlSDw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/jWXMDv13AWDAzHmG3AwphA0uU3I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/75a920-2a3a-4129-800e-af2ec5d8dc3c/1/l_RnToI2vdw9IyegKwq_unmlSDw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.209.29.0/24 185.55.176.0/22 IPv6: 2a04:d500::/29 Signature Algorithm: sha256WithRSAEncryption 83:11:a4:9f:20:bc:3c:db:c8:73:52:f6:2b:1b:ba:4f:45:f2: 18:9f:54:9c:4d:ce:d3:2f:a8:42:1f:af:47:01:30:22:fa:0b: 4e:2e:65:74:31:1f:82:6a:34:6a:47:bc:c4:3d:6b:81:60:ef: 72:48:71:b7:c2:9b:a3:88:d1:41:fd:96:b0:b3:a3:ba:2d:b8: 3e:2c:bc:b8:c4:11:d3:a3:ac:d4:d8:b0:a4:96:ed:16:3b:60: e0:d0:d1:6d:7d:65:49:1b:aa:1a:85:bc:a2:bd:12:ed:18:c3: 00:54:02:34:80:0e:ce:f9:f8:f6:ed:b7:3f:b0:34:36:38:58: ad:fa:48:72:78:38:1f:1f:de:c2:d2:3a:f9:c4:22:18:23:bb: 00:1c:7c:48:aa:d7:39:f8:7a:7c:61:cc:dc:76:b2:fc:ee:61: b2:24:17:c4:14:ea:16:0e:c1:f0:03:e8:30:30:0d:a5:25:a0: 20:7c:f6:63:32:da:27:3d:6c:9f:38:7f:04:98:43:cb:45:ee: 03:ad:cc:dd:f9:c0:b2:8f:07:10:36:c7:c5:e2:40:2e:a2:3c: 5a:46:42:41:97:73:0b:00:2c:34:82:18:44:a1:c4:e7:ff:86: d7:f2:e7:3b:01:aa:13:ca:54:3d:8e:36:9e:56:01:a3:59:ec: c4:06:b2:da -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt4NO2PP/mo8TodjmrP2S/pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3ZjQ2NzRlODIzNmJkZGMzZDIzMjdhMDJiMGFiZmJhNzlh NTQ4M2MwHhcNMjYwMTAxMDYxODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZDY1Y2MwZWZkNzcwMTYwYzBjYzc5ODZkYzBjMjk4NDBkMmU1MzcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzqBh+iWjYuAsofvHLR4xkzs0KJ2 JkvQGaIRN5J5eVq0Icz9GcHJfzw6t30zkv3PMrq/CUTbXhpzwcOx3aHt7rcnfG2L YHeK1LwdPh5AWQ3FhqwmU+BhRr6l7PP2S2UKMdK/ZhpNdBYuBX7SwtfbvZeX+P/+ 30ZOK5P8vXpy9I+vAf4T7kxUXkb7K/R2t6WULLWxEfgPUpJTCGfwHPcmdv0Nzk2C BaJlbjiO45DLqdOPeL5nJCw+QMMrTuByyy4ez0kE1KHTOWD++t7+HgxYwSuOqc+6 2PKA8qk8XlRm7kmxLFXnAn/z7flzX2effu1O8tZHQURivj8EAeH7OAaQ3QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFI1lzA79dwFgwMx5htwMKYQNLlNyMB8GA1UdIwQY MBaAFJf0Z06CNr3cPSMnoCsKv7p5pUg8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbF9SblRvSTJ2ZHc5SXllZ0t3cV91bm1sU0R3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS83NWE5MjAtMmEzYS00MTI5LTgwMGUt YWYyZWM1ZDhkYzNjLzEvaldYTUR2MTNBV0RBekhtRzNBd3BoQTB1VTNJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS83NWE5MjAtMmEzYS00MTI5LTgwMGUtYWYyZWM1ZDhkYzNj LzEvbF9SblRvSTJ2ZHc5SXllZ0t3cV91bm1sU0R3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9EdAwQC uTewMA0EAgACMAcDBQMqBNUAMA0GCSqGSIb3DQEBCwUAA4IBAQCDEaSfILw828hz UvYrG7pPRfIYn1ScTc7TL6hCH69HATAi+gtOLmV0MR+CajRqR7zEPWuBYO9ySHG3 wpujiNFB/Zaws6O6Lbg+LLy4xBHTo6zU2LCklu0WO2Dg0NFtfWVJG6oahbyivRLt GMMAVAI0gA7O+fj27bc/sDQ2OFit+khyeDgfH97C0jr5xCIYI7sAHHxIqtc5+Hp8 YczcdrL87mGyJBfEFOoWDsHwA+gwMA2lJaAgfPZjMtonPWyfOH8EmEPLRe4Drczd +cCyjwcQNsfF4kAuojxaRkJBl3MLACw0ghhEocTn/4bX8uc7AaoTylQ9jjaeVgGj WezEBrLa -----END CERTIFICATE-----Generated at Wed Jan 21 12:18:00 2026 by rpki-client