This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/AOL9J_psR2q9MYaDnDfrIS_lBRY.roa File: AOL9J_psR2q9MYaDnDfrIS_lBRY.roa (raw, json) Hash identifier: 657kx6f4koOG93rh/2NodetC9NyzK4PWosddpzZD0vM= Subject key identifier: 00:E2:FD:27:FA:6C:47:6A:BD:31:86:83:9C:37:EB:21:2F:E5:05:16 Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d Certificate serial: 019B797E6644AC5F605AA435B608B2DEB6C8 Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/AOL9J_psR2q9MYaDnDfrIS_lBRY.roa Signing time: Thu 01 Jan 2026 12:18:05 +0000 ROA not before: Thu 01 Jan 2026 12:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12027 IP address blocks: 109.122.46.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:66:44:ac:5f:60:5a:a4:35:b6:08:b2:de:b6:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d Validity Not Before: Jan 1 12:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=00e2fd27fa6c476abd3186839c37eb212fe50516 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:53:a2:b7:ff:e3:bd:da:53:bb:48:87:32:0d: 0c:a3:e5:32:9a:29:fd:96:87:75:d3:15:77:40:1c: 79:a9:05:f3:e9:67:98:e1:c3:a3:37:8a:c3:68:84: 09:0c:86:87:5c:8a:6a:3a:06:4f:7b:17:ad:65:9a: 3f:a5:44:83:e7:b5:b7:e8:9b:10:2a:65:53:24:2a: 22:16:0e:ab:73:77:58:bb:82:62:1e:52:ab:09:04: 66:12:49:31:87:93:84:df:2d:b2:ed:6c:03:57:c4: 6f:c7:2b:4a:1e:06:3d:f6:f8:60:4d:de:a0:26:9f: fd:ce:23:ff:bc:47:c8:f3:d6:a8:01:16:0a:88:25: e2:18:0d:1c:74:ae:57:bc:9f:27:09:e7:bc:92:7f: c0:c4:40:58:eb:5f:48:34:53:f4:ff:98:aa:2e:1f: 80:99:de:cb:97:a8:43:a2:d3:6e:42:04:6d:2d:ce: 25:2f:f5:4f:f8:6d:48:e9:68:63:29:29:d1:d6:94: 88:8d:2f:55:c0:42:eb:de:33:69:3f:65:1a:13:07: 01:38:bf:ae:44:e3:f6:5c:82:f5:ce:00:10:4a:de: 50:09:ae:73:a8:37:fb:22:aa:a2:8f:a6:77:23:64: 95:73:70:78:82:c6:23:e7:aa:e1:7d:45:5b:9b:1f: 83:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:E2:FD:27:FA:6C:47:6A:BD:31:86:83:9C:37:EB:21:2F:E5:05:16 X509v3 Authority Key Identifier: keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/AOL9J_psR2q9MYaDnDfrIS_lBRY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.122.46.0/24 Signature Algorithm: sha256WithRSAEncryption 0d:91:0b:84:fd:83:a9:c1:f1:6c:7f:fe:56:ee:3c:b0:38:b5: 4e:91:54:43:19:58:2d:41:14:a1:18:d3:94:1b:f6:a4:a5:7f: 38:98:95:08:41:a5:20:5a:7b:e5:f8:db:6f:2e:88:71:e7:19: 15:f4:1d:8f:4a:e0:12:b2:ff:3a:30:4d:b3:9e:c8:02:e9:ba: 75:85:2f:55:14:d7:c8:d9:68:37:d6:25:07:d8:f3:12:01:73: 35:51:04:6e:84:dc:8b:9b:f0:f9:91:87:2a:78:1e:2d:86:6c: 51:ac:9a:3f:91:b8:73:4f:b4:9a:52:a2:6e:b4:da:ea:96:a5: 57:2e:eb:9a:a3:2b:1c:3b:bd:fd:45:b7:a4:ca:b2:b3:c3:3c: 82:e2:02:88:f4:d0:9b:e7:96:82:bd:83:68:a8:14:aa:5b:b4: 69:ac:0b:d8:01:04:a0:2c:d2:cb:cc:8f:cd:4e:6b:14:1b:d5: 30:13:6c:90:b3:3a:e3:45:aa:55:2a:94:87:db:55:4c:24:7e: 24:b2:ed:95:d4:1c:57:6d:1f:39:49:01:e7:21:61:b7:ce:45: 2a:65:bb:b3:e1:72:14:83:de:12:b5:29:7e:c9:30:93:06:8f: 4d:ef:29:45:29:39:00:fe:0c:c1:c1:36:3d:a6:b3:45:36:af: 51:16:06:41 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5fmZErF9gWqQ1tgiy3rbIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj NWFjOGQwHhcNMjYwMTAxMTIxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMGUyZmQyN2ZhNmM0NzZhYmQzMTg2ODM5YzM3ZWIyMTJmZTUwNTE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFOit//jvdpTu0iHMg0Mo+Uymin9 lod10xV3QBx5qQXz6WeY4cOjN4rDaIQJDIaHXIpqOgZPexetZZo/pUSD57W36JsQ KmVTJCoiFg6rc3dYu4JiHlKrCQRmEkkxh5OE3y2y7WwDV8RvxytKHgY99vhgTd6g Jp/9ziP/vEfI89aoARYKiCXiGA0cdK5XvJ8nCee8kn/AxEBY619INFP0/5iqLh+A md7Ll6hDotNuQgRtLc4lL/VP+G1I6WhjKSnR1pSIjS9VwELr3jNpP2UaEwcBOL+u ROP2XIL1zgAQSt5QCa5zqDf7Iqqij6Z3I2SVc3B4gsYj56rhfUVbmx+DswIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFADi/Sf6bEdqvTGGg5w36yEv5QUWMB8GA1UdIwQY MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt MzE4YTI2ZDRhOGM5LzEvQU9MOUpfcHNSMnE5TVlhRG5EZnJJU19sQlJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5 LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXouMA0G CSqGSIb3DQEBCwUAA4IBAQANkQuE/YOpwfFsf/5W7jywOLVOkVRDGVgtQRShGNOU G/akpX84mJUIQaUgWnvl+NtvLohx5xkV9B2PSuASsv86ME2znsgC6bp1hS9VFNfI 2Wg31iUH2PMSAXM1UQRuhNyLm/D5kYcqeB4thmxRrJo/kbhzT7SaUqJutNrqlqVX LuuaoyscO739RbekyrKzwzyC4gKI9NCb55aCvYNoqBSqW7RprAvYAQSgLNLLzI/N TmsUG9UwE2yQszrjRapVKpSH21VMJH4ksu2V1BxXbR85SQHnIWG3zkUqZbuz4XIU g94StSl+yTCTBo9N7ylFKTkA/gzBwTY9prNFNq9RFgZB -----END CERTIFICATE-----Generated at Sun Jan 18 11:04:29 2026 by rpki-client