This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/IPJjNe_cB3zjIZyONYjGoBmmxrw.roa File: IPJjNe_cB3zjIZyONYjGoBmmxrw.roa (raw, json) Hash identifier: g27Ahx8NQ/P8ycHloD1dj7SU+EOwFLKNLXOaBXz5Lxw= Subject key identifier: 20:F2:63:35:EF:DC:07:7C:E3:21:9C:8E:35:88:C6:A0:19:A6:C6:BC Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5 Certificate serial: 019B7DCA2E9A07012725305E38D0F319D901 Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/IPJjNe_cB3zjIZyONYjGoBmmxrw.roa Signing time: Fri 02 Jan 2026 08:19:20 +0000 ROA not before: Fri 02 Jan 2026 08:19:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42087 IP address blocks: 2a00:1fa2:80c0::/48 maxlen: 48 2a00:1fa2:ba00::/40 maxlen: 40 2a00:1fa2:baf0::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.mft rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:2e:9a:07:01:27:25:30:5e:38:d0:f3:19:d9:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5 Validity Not Before: Jan 2 08:19:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=20f26335efdc077ce3219c8e3588c6a019a6c6bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:b2:52:7d:99:37:7b:f0:d4:3a:d0:b7:a6:55: e8:2c:d7:df:6b:2f:ae:df:17:8f:5a:88:63:12:0c: 71:54:bb:75:f6:e2:14:19:0f:92:c4:b1:12:f1:06: 0d:16:88:76:35:ac:a6:31:8e:28:f0:3b:2c:8c:7b: cb:eb:79:fd:aa:0e:31:d0:50:bf:a7:ce:a2:c5:cb: b5:cd:53:f2:12:7f:a9:9f:40:8e:d1:b2:10:06:34: 55:f9:a8:e9:81:98:45:c5:99:52:e5:49:c3:d0:2d: 2c:d1:42:24:78:0d:ba:49:91:6c:6a:76:53:02:2f: 02:fe:71:45:2e:f9:e3:d9:4e:1d:81:58:63:cb:93: 0e:93:05:8e:e8:46:d1:6b:95:34:4e:f5:a3:79:52: f1:9b:19:bc:4d:16:23:87:0f:74:bc:54:2a:0d:2b: 5e:ca:6a:60:73:13:01:a0:bd:19:0c:80:f0:18:81: 22:b3:c9:69:e2:2b:90:37:6f:37:df:7c:1a:36:c0: 95:30:bc:b3:4c:7e:f0:4d:8a:cb:50:0f:d3:1e:4b: 93:5f:c5:bb:55:a2:71:a3:4e:ba:77:3b:31:25:3b: bc:aa:d6:ca:73:99:88:ec:8b:d7:28:58:78:cc:c5: ee:85:36:79:d0:21:5a:8f:cc:72:c2:da:dd:3e:01: 66:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:F2:63:35:EF:DC:07:7C:E3:21:9C:8E:35:88:C6:A0:19:A6:C6:BC X509v3 Authority Key Identifier: keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/IPJjNe_cB3zjIZyONYjGoBmmxrw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:1fa2:80c0::/48 2a00:1fa2:ba00::/40 Signature Algorithm: sha256WithRSAEncryption 58:6d:37:e3:45:d6:c3:e6:18:f7:d9:fe:13:0d:a0:f5:9b:9d: 91:7a:c8:55:43:13:a3:15:14:82:b0:e2:4f:61:c5:25:b3:8f: d6:82:1c:35:20:c7:46:92:23:d5:42:4a:90:13:95:d7:9b:25: bb:51:4a:fb:ea:d7:a9:dc:10:c8:3f:dc:25:c7:63:53:c7:b4: f4:2d:0f:3f:b7:a8:5f:0d:df:56:b9:ad:7b:5b:3d:22:68:1c: 8f:14:76:16:17:07:44:4c:0e:6e:29:d0:16:1b:f9:e5:c7:38: d1:be:1b:8b:c1:10:bb:14:97:cc:11:ef:50:89:15:d7:73:74: 5e:79:4d:c6:c9:28:82:af:43:dc:15:0d:76:84:72:c1:8f:c8: 7c:08:c1:2b:5c:56:7e:6c:64:b6:00:8b:18:88:8a:f8:89:ee: f6:a6:0e:b4:b8:bb:eb:bf:70:7c:65:59:d6:98:c0:77:57:0b: 58:78:46:0d:32:32:44:f3:11:78:2d:fb:f5:24:18:f4:fd:6a: 68:73:8c:f6:a7:7b:b3:32:11:81:c8:72:6d:dc:c4:1e:9b:cb: e2:39:ee:55:01:0e:17:74:b1:50:2b:ec:2c:ba:60:00:7f:58: 85:79:64:f8:87:5f:65:55:45:21:21:c4:3b:6e:75:c3:50:2b: 15:89:e5:b3 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgISAZt9yi6aBwEnJTBeONDzGdkBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl NmI3ZTUwHhcNMjYwMTAyMDgxOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMGYyNjMzNWVmZGMwNzdjZTMyMTljOGUzNTg4YzZhMDE5YTZjNmJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA77JSfZk3e/DUOtC3plXoLNffay+u 3xePWohjEgxxVLt19uIUGQ+SxLES8QYNFoh2NaymMY4o8DssjHvL63n9qg4x0FC/ p86ixcu1zVPyEn+pn0CO0bIQBjRV+ajpgZhFxZlS5UnD0C0s0UIkeA26SZFsanZT Ai8C/nFFLvnj2U4dgVhjy5MOkwWO6EbRa5U0TvWjeVLxmxm8TRYjhw90vFQqDSte ympgcxMBoL0ZDIDwGIEis8lp4iuQN28333waNsCVMLyzTH7wTYrLUA/THkuTX8W7 VaJxo066dzsxJTu8qtbKc5mI7IvXKFh4zMXuhTZ50CFaj8xywtrdPgFm4QIDAQAB o4ICFDCCAhAwHQYDVR0OBBYEFCDyYzXv3Ad84yGcjjWIxqAZpsa8MB8GA1UdIwQY MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt NDI4NDU4Njc5Y2U0LzEvSVBKak5lX2NCM3pqSVp5T05ZakdvQm1teHJ3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0 LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKgAfooDA AwYAKgAforowDQYJKoZIhvcNAQELBQADggEBAFhtN+NF1sPmGPfZ/hMNoPWbnZF6 yFVDE6MVFIKw4k9hxSWzj9aCHDUgx0aSI9VCSpATldebJbtRSvvq16ncEMg/3CXH Y1PHtPQtDz+3qF8N31a5rXtbPSJoHI8UdhYXB0RMDm4p0BYb+eXHONG+G4vBELsU l8wR71CJFddzdF55TcbJKIKvQ9wVDXaEcsGPyHwIwStcVn5sZLYAixiIiviJ7vam DrS4u+u/cHxlWdaYwHdXC1h4Rg0yMkTzEXgt+/UkGPT9amhzjPane7MyEYHIcm3c xB6by+I57lUBDhd0sVAr7Cy6YAB/WIV5ZPiHX2VVRSEhxDtudcNQKxWJ5bM= -----END CERTIFICATE-----Generated at Tue Feb 10 01:44:26 2026 by rpki-client