This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/06c734-09a1-4da3-8992-bd4d54445a95/1/jX3jgz8igyTK2RV-tIhhhxKtG08.roa File: jX3jgz8igyTK2RV-tIhhhxKtG08.roa (raw, json) Hash identifier: kYSUYs/+3s1OqdmxIRSX7foXFSWcY2NfIdKNgUSL0NQ= Subject key identifier: 8D:7D:E3:83:3F:22:83:24:CA:D9:15:7E:B4:88:61:87:12:AD:1B:4F Certificate issuer: /CN=d703ceac906d07f74ca94c446303d954666b583a Certificate serial: 019B7DCB3A25925D6681834AE3EEA74851FF Authority key identifier: D7:03:CE:AC:90:6D:07:F7:4C:A9:4C:44:63:03:D9:54:66:6B:58:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wPOrJBtB_dMqUxEYwPZVGZrWDo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/06c734-09a1-4da3-8992-bd4d54445a95/1/jX3jgz8igyTK2RV-tIhhhxKtG08.roa Signing time: Fri 02 Jan 2026 08:20:29 +0000 ROA not before: Fri 02 Jan 2026 08:20:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 19551 IP address blocks: 131.125.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/06c734-09a1-4da3-8992-bd4d54445a95/1/1wPOrJBtB_dMqUxEYwPZVGZrWDo.crl rsync://rpki.ripe.net/repository/DEFAULT/45/06c734-09a1-4da3-8992-bd4d54445a95/1/1wPOrJBtB_dMqUxEYwPZVGZrWDo.mft rsync://rpki.ripe.net/repository/DEFAULT/1wPOrJBtB_dMqUxEYwPZVGZrWDo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 23:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:3a:25:92:5d:66:81:83:4a:e3:ee:a7:48:51:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d703ceac906d07f74ca94c446303d954666b583a Validity Not Before: Jan 2 08:20:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8d7de3833f228324cad9157eb488618712ad1b4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:5c:f8:3e:98:b4:9c:04:0a:65:1c:48:e3:c2: 02:2e:2c:c0:22:60:8c:98:59:5f:17:42:f5:60:4e: b0:ed:6a:b0:25:2a:ff:3c:5a:de:70:b0:8d:93:6f: 7f:4c:c4:6b:c4:3b:06:85:3c:42:55:bd:12:46:3a: f9:5e:95:73:02:20:2e:b4:ba:bd:a0:30:c8:0b:a3: 07:b2:d3:58:46:0c:e7:79:4b:12:b1:57:d2:fa:8f: 29:d2:84:d2:6a:40:dd:fd:7e:f2:27:b5:d3:2e:4c: f7:03:56:ce:c4:fc:53:71:ad:99:3b:55:2a:b2:f5: 21:8d:d4:3e:07:09:5d:e7:27:92:74:03:73:dc:07: e0:a9:2e:6f:60:64:d7:f5:7f:e2:7e:e3:44:5f:ed: c4:cb:f4:6d:a4:cc:f0:d9:02:69:28:08:8c:45:64: 94:6a:bf:6b:b6:68:7f:72:ed:dc:2e:f5:71:b2:11: 56:08:e5:08:2d:cd:e8:9c:9a:13:7e:4d:a7:db:25: cb:79:ca:dd:ba:21:31:92:7f:3f:be:ea:99:7e:12: 0a:29:3d:38:85:07:fd:50:60:d4:b0:7e:39:4d:d1: ca:73:ab:16:2b:70:95:8a:b1:bd:f7:65:36:d6:fc: c7:52:77:49:c3:3d:6d:dd:b1:3d:42:6a:8e:5a:78: 7e:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:7D:E3:83:3F:22:83:24:CA:D9:15:7E:B4:88:61:87:12:AD:1B:4F X509v3 Authority Key Identifier: keyid:D7:03:CE:AC:90:6D:07:F7:4C:A9:4C:44:63:03:D9:54:66:6B:58:3A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wPOrJBtB_dMqUxEYwPZVGZrWDo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/06c734-09a1-4da3-8992-bd4d54445a95/1/jX3jgz8igyTK2RV-tIhhhxKtG08.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/06c734-09a1-4da3-8992-bd4d54445a95/1/1wPOrJBtB_dMqUxEYwPZVGZrWDo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 131.125.128.0/17 Signature Algorithm: sha256WithRSAEncryption 4f:14:11:76:39:aa:d8:7c:f4:a1:6d:ca:06:74:ca:20:b5:69: a0:53:b0:6f:e5:7f:04:b8:5e:4c:3c:bf:67:a5:21:1e:57:2c: ca:1a:de:5b:1a:28:f2:f2:e0:6e:d5:b8:3f:c7:c1:f2:bc:49: 1b:67:67:05:9a:ee:8a:e0:e2:d3:e0:ae:1b:d7:81:b2:3f:e7: 3d:ba:39:40:18:d9:ef:7b:14:99:e4:40:3b:98:e3:05:79:e4: 72:50:11:61:fa:e2:5b:e1:eb:b1:4c:1a:9b:87:04:c4:fd:c6: dd:2a:d4:04:d9:c5:2a:c3:33:24:7c:46:21:71:ae:82:27:29: c7:78:86:84:e1:db:7a:d0:3f:aa:7d:5a:b4:4e:1a:13:d2:ca: e1:e9:dc:81:b6:89:d2:2a:c6:56:b6:59:9a:44:9c:85:1f:3c: 6e:a1:33:3d:a7:45:93:c2:1f:0c:e5:9c:ac:75:30:85:54:2f: 62:47:f0:49:fb:e4:b7:db:d0:ba:45:d0:24:bb:38:60:25:ad: bd:c5:5b:6a:87:ed:ba:50:5c:4e:b1:1e:3b:12:dc:c2:9a:e2: 7b:ea:b1:5a:83:57:08:fe:d1:29:6e:83:25:5a:7d:53:7f:63: 72:78:19:7c:70:0b:c4:aa:45:32:58:13:38:09:da:a7:e9:fe: 4e:08:51:9d -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yzolkl1mgYNK4+6nSFH/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3MDNjZWFjOTA2ZDA3Zjc0Y2E5NGM0NDYzMDNkOTU0NjY2 YjU4M2EwHhcNMjYwMTAyMDgyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZDdkZTM4MzNmMjI4MzI0Y2FkOTE1N2ViNDg4NjE4NzEyYWQxYjRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVz4Ppi0nAQKZRxI48ICLizAImCM mFlfF0L1YE6w7WqwJSr/PFrecLCNk29/TMRrxDsGhTxCVb0SRjr5XpVzAiAutLq9 oDDIC6MHstNYRgzneUsSsVfS+o8p0oTSakDd/X7yJ7XTLkz3A1bOxPxTca2ZO1Uq svUhjdQ+Bwld5yeSdANz3AfgqS5vYGTX9X/ifuNEX+3Ey/RtpMzw2QJpKAiMRWSU ar9rtmh/cu3cLvVxshFWCOUILc3onJoTfk2n2yXLecrduiExkn8/vuqZfhIKKT04 hQf9UGDUsH45TdHKc6sWK3CVirG992U21vzHUndJwz1t3bE9QmqOWnh+AwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFI1944M/IoMkytkVfrSIYYcSrRtPMB8GA1UdIwQY MBaAFNcDzqyQbQf3TKlMRGMD2VRma1g6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMXdQT3JKQnRCX2RNcVV4RVl3UFpWR1pyV0RvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8wNmM3MzQtMDlhMS00ZGEzLTg5OTIt YmQ0ZDU0NDQ1YTk1LzEvalgzamd6OGlneVRLMlJWLXRJaGhoeEt0RzA4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS8wNmM3MzQtMDlhMS00ZGEzLTg5OTItYmQ0ZDU0NDQ1YTk1 LzEvMXdQT3JKQnRCX2RNcVV4RVl3UFpWR1pyV0RvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHg32AMA0G CSqGSIb3DQEBCwUAA4IBAQBPFBF2OarYfPShbcoGdMogtWmgU7Bv5X8EuF5MPL9n pSEeVyzKGt5bGijy8uBu1bg/x8HyvEkbZ2cFmu6K4OLT4K4b14GyP+c9ujlAGNnv exSZ5EA7mOMFeeRyUBFh+uJb4euxTBqbhwTE/cbdKtQE2cUqwzMkfEYhca6CJynH eIaE4dt60D+qfVq0ThoT0srh6dyBtonSKsZWtlmaRJyFHzxuoTM9p0WTwh8M5Zys dTCFVC9iR/BJ++S329C6RdAkuzhgJa29xVtqh+26UFxOsR47EtzCmuJ76rFag1cI /tEpboMlWn1Tf2NyeBl8cAvEqkUyWBM4Cdqn6f5OCFGd -----END CERTIFICATE-----Generated at Tue Jan 20 07:48:44 2026 by rpki-client