This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/aojI_JsDEIxXnOz4PZxsAnlJa3o.roa File: aojI_JsDEIxXnOz4PZxsAnlJa3o.roa (raw, json) Hash identifier: PJic4it1tGPs9tX49/CnUprlHognZespLJ+dZ7W4/TY= Subject key identifier: 6A:88:C8:FC:9B:03:10:8C:57:9C:EC:F8:3D:9C:6C:02:79:49:6B:7A Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184 Certificate serial: 019B79ED08258055BD285BDA50DC14EA8583 Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/aojI_JsDEIxXnOz4PZxsAnlJa3o.roa Signing time: Thu 01 Jan 2026 14:18:55 +0000 ROA not before: Thu 01 Jan 2026 14:18:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3320 IP address blocks: 86.110.57.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.mft rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:08:25:80:55:bd:28:5b:da:50:dc:14:ea:85:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184 Validity Not Before: Jan 1 14:18:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6a88c8fc9b03108c579cecf83d9c6c0279496b7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:a4:71:90:f6:92:e2:7d:ab:1c:74:b9:39:cf: d1:4e:43:fa:00:7f:76:13:fc:80:06:a4:a5:0a:b4: 39:c9:b4:04:29:57:35:f6:b0:c5:98:86:89:92:f5: 48:95:af:6f:f5:6b:73:5c:6c:25:81:a1:a2:e4:78: 98:a4:01:8f:54:75:be:1d:ba:bb:25:9b:79:bd:65: 3c:da:35:5a:56:21:00:65:9a:fd:d0:99:c4:94:36: 28:7c:01:b2:16:35:b8:a3:a8:10:ba:5e:2a:35:df: 1c:f2:d3:00:41:52:ff:8d:01:37:08:33:fa:c4:89: 9c:8e:5f:2a:95:34:5b:4c:9f:8b:46:bc:40:45:f5: 09:fe:0c:64:3e:f9:69:f4:65:08:84:1a:d5:97:b2: 63:49:21:6f:9e:45:97:4e:e9:dd:be:d4:2d:3e:9e: 79:c3:df:4a:27:1f:f6:22:cb:10:cb:8d:08:d3:52: 5d:1a:6c:c0:19:56:b9:b0:cd:ab:43:bf:8e:06:63: ec:15:97:88:e6:15:d4:dc:20:53:bb:43:c8:0f:ac: 5b:06:bd:1f:42:f8:aa:65:57:b9:9b:7e:f3:4c:13: be:54:1a:4a:34:46:af:7d:b0:89:99:e8:99:6d:32: 8b:ba:0f:83:0b:6c:6e:ec:77:59:16:bb:f0:71:9a: ec:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:88:C8:FC:9B:03:10:8C:57:9C:EC:F8:3D:9C:6C:02:79:49:6B:7A X509v3 Authority Key Identifier: keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/aojI_JsDEIxXnOz4PZxsAnlJa3o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.110.57.0/24 Signature Algorithm: sha256WithRSAEncryption 2f:f1:1a:fe:19:58:0a:6a:91:80:53:c9:21:71:ae:85:03:73: c3:9c:49:80:7e:03:ef:76:c9:95:c6:18:a9:e2:d7:74:ed:3f: 95:60:2d:87:0d:36:90:05:95:65:fb:eb:0a:22:c1:56:a9:ab: bf:a9:6d:5e:d6:d8:3b:ae:43:49:ee:bc:e7:6d:98:5e:bb:26: 17:e4:c7:6b:40:8f:e2:21:3b:58:07:4a:76:4d:8c:3f:ec:f8: c6:cf:c2:ea:0f:14:0f:22:1e:06:de:59:0c:4b:fc:a9:3b:b4: 8c:c1:1e:20:4f:6d:d8:71:9b:21:50:72:3d:48:76:78:06:bd: 47:65:92:a8:e5:c8:57:d9:f2:c8:6f:e2:64:e0:2a:e0:5c:f6: 7e:f8:ba:db:30:d7:18:81:8b:f4:76:e1:b4:27:52:7f:8b:b8: 76:7f:2b:1e:4a:b3:be:3e:dd:77:94:9c:28:94:12:67:de:84: a3:90:e9:49:52:35:4e:c7:50:f0:de:cf:d1:07:10:7f:27:05: b0:07:4f:03:df:80:9c:ec:c7:6f:f5:fb:89:b6:1b:04:f8:9d: 81:cf:80:3b:9f:9f:d7:4a:95:9a:d5:f2:c9:19:8f:bf:1f:d5: 8e:ed:dd:cc:7a:96:9f:94:5e:cd:00:fd:cd:29:42:23:71:36: 55:8d:c2:e8 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt57QglgFW9KFvaUNwU6oWDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi YjAxODQwHhcNMjYwMTAxMTQxODU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YTg4YzhmYzliMDMxMDhjNTc5Y2VjZjgzZDljNmMwMjc5NDk2YjdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKRxkPaS4n2rHHS5Oc/RTkP6AH92 E/yABqSlCrQ5ybQEKVc19rDFmIaJkvVIla9v9WtzXGwlgaGi5HiYpAGPVHW+Hbq7 JZt5vWU82jVaViEAZZr90JnElDYofAGyFjW4o6gQul4qNd8c8tMAQVL/jQE3CDP6 xImcjl8qlTRbTJ+LRrxARfUJ/gxkPvlp9GUIhBrVl7JjSSFvnkWXTundvtQtPp55 w99KJx/2IssQy40I01JdGmzAGVa5sM2rQ7+OBmPsFZeI5hXU3CBTu0PID6xbBr0f QviqZVe5m37zTBO+VBpKNEavfbCJmeiZbTKLug+DC2xu7HdZFrvwcZrsbQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGqIyPybAxCMV5zs+D2cbAJ5SWt6MB8GA1UdIwQY MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt ZDFhNzc3MmRiMDc2LzEvYW9qSV9Kc0RFSXhYbk96NFBaeHNBbmxKYTNvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2 LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVm45MA0G CSqGSIb3DQEBCwUAA4IBAQAv8Rr+GVgKapGAU8khca6FA3PDnEmAfgPvdsmVxhip 4td07T+VYC2HDTaQBZVl++sKIsFWqau/qW1e1tg7rkNJ7rznbZheuyYX5MdrQI/i ITtYB0p2TYw/7PjGz8LqDxQPIh4G3lkMS/ypO7SMwR4gT23YcZshUHI9SHZ4Br1H ZZKo5chX2fLIb+Jk4CrgXPZ++LrbMNcYgYv0duG0J1J/i7h2fyseSrO+Pt13lJwo lBJn3oSjkOlJUjVOx1Dw3s/RBxB/JwWwB08D34Cc7Mdv9fuJthsE+J2Bz4A7n5/X SpWa1fLJGY+/H9WO7d3MepaflF7NAP3NKUIjcTZVjcLo -----END CERTIFICATE-----Generated at Mon Jan 19 11:49:09 2026 by rpki-client