This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/AFJzhmH9R0mG2bUCJPJT6j8bKrw.roa File: AFJzhmH9R0mG2bUCJPJT6j8bKrw.roa (raw, json) Hash identifier: EzibNTyau7BTPE7oIO9TUlGehtGq8uPVCAnORk3k9nM= Subject key identifier: 00:52:73:86:61:FD:47:49:86:D9:B5:02:24:F2:53:EA:3F:1B:2A:BC Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df Certificate serial: 019B7E37F4EB0645BD9E2ED2863C2E504FC3 Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/AFJzhmH9R0mG2bUCJPJT6j8bKrw.roa Signing time: Fri 02 Jan 2026 10:19:14 +0000 ROA not before: Fri 02 Jan 2026 10:19:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15372 IP address blocks: 153.96.101.0/24 maxlen: 24 153.96.230.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.mft rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 05:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:f4:eb:06:45:bd:9e:2e:d2:86:3c:2e:50:4f:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df Validity Not Before: Jan 2 10:19:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0052738661fd474986d9b50224f253ea3f1b2abc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:a1:eb:dd:02:b7:f2:e1:d4:85:b8:32:fd:9d: a1:48:71:5b:b8:bd:f5:94:f5:81:55:a9:b8:b0:63: 8d:dc:53:36:03:f8:71:4a:17:66:5b:d5:b4:fd:74: 61:e6:86:4d:e6:8b:78:d5:14:6c:ca:06:5b:d3:f7: 54:f7:f8:cb:35:1c:39:0b:ac:c4:65:90:8a:2f:43: 44:ea:dd:bb:d6:39:de:9b:66:85:db:54:fc:88:b5: bd:15:5b:4e:41:92:eb:56:ec:58:9f:e8:0d:15:34: 50:1e:bb:89:60:c9:99:ad:c5:8b:16:e5:86:73:40: 16:38:2d:41:52:07:77:9f:9b:4f:00:be:d0:76:5c: 2a:98:f0:c8:7a:c4:52:e2:8d:09:c6:9f:08:52:36: 0f:50:58:88:78:6e:84:e0:54:d9:4e:ae:8a:d0:71: e8:e9:72:8a:02:25:4c:71:bd:ff:39:89:f6:20:f1: 3d:36:b7:96:40:57:df:c9:12:f0:af:ea:c4:26:d9: 0f:43:1e:a7:82:20:eb:a4:f7:24:1b:de:86:18:98: df:0a:37:b5:cc:3b:00:43:1f:27:3c:c8:04:8b:c9: a6:e6:6d:e7:aa:b5:1c:8a:dc:84:8d:b0:fc:9c:f7: 81:c1:43:12:4d:28:68:6c:cd:fe:29:d5:00:96:e9: 6b:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:52:73:86:61:FD:47:49:86:D9:B5:02:24:F2:53:EA:3F:1B:2A:BC X509v3 Authority Key Identifier: keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/AFJzhmH9R0mG2bUCJPJT6j8bKrw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 153.96.101.0/24 153.96.230.0/24 Signature Algorithm: sha256WithRSAEncryption 0c:12:67:bc:c0:92:e0:e5:eb:85:e4:da:07:46:a1:1a:85:dc: b5:84:fe:f1:07:10:23:45:b7:79:8d:6e:d5:d8:3f:ce:44:1f: a6:ee:44:ee:b0:6a:f4:71:f9:15:b4:e1:fe:5a:a6:7b:01:1f: 4c:6b:92:13:32:ab:e2:9f:a7:87:18:25:a9:58:ff:6f:d2:bd: 99:81:57:8a:13:6e:88:03:a5:20:15:1f:1d:1b:db:38:ab:5e: 82:29:08:d1:d7:d4:24:eb:d9:18:a4:d1:d1:31:b2:c9:51:fc: c5:db:7e:66:f7:16:33:79:f9:7a:c7:01:08:42:29:a5:0e:3c: 02:1d:aa:66:5c:6d:d0:d2:a0:d4:8f:f8:36:3e:4e:39:da:ae: 39:b5:a1:d0:6f:73:ac:59:09:37:17:aa:a3:67:79:9d:43:24: 8c:c9:d4:27:e2:cf:d4:a3:4f:bb:56:1b:fc:0b:d4:07:14:7c: b7:d4:38:15:23:7f:d5:a1:ab:16:8d:3c:1e:a3:2b:5f:e2:17: 46:3f:27:eb:c0:c9:50:db:06:c9:82:fd:f1:c6:4e:96:5c:95: 69:11:be:a7:3f:98:ed:0a:2d:b0:60:e8:55:cb:2a:55:3f:54: 0e:21:9c:3b:cf:01:47:8f:fa:52:7f:be:4e:e2:44:45:ad:bf: 77:bc:d9:cf -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+N/TrBkW9ni7ShjwuUE/DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2 NDIwZGYwHhcNMjYwMTAyMTAxOTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMDUyNzM4NjYxZmQ0NzQ5ODZkOWI1MDIyNGYyNTNlYTNmMWIyYWJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqHr3QK38uHUhbgy/Z2hSHFbuL31 lPWBVam4sGON3FM2A/hxShdmW9W0/XRh5oZN5ot41RRsygZb0/dU9/jLNRw5C6zE ZZCKL0NE6t271jnem2aF21T8iLW9FVtOQZLrVuxYn+gNFTRQHruJYMmZrcWLFuWG c0AWOC1BUgd3n5tPAL7QdlwqmPDIesRS4o0Jxp8IUjYPUFiIeG6E4FTZTq6K0HHo 6XKKAiVMcb3/OYn2IPE9NreWQFffyRLwr+rEJtkPQx6ngiDrpPckG96GGJjfCje1 zDsAQx8nPMgEi8mm5m3nqrUcityEjbD8nPeBwUMSTShobM3+KdUAlulrpQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFABSc4Zh/UdJhtm1AiTyU+o/Gyq8MB8GA1UdIwQY MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct YWQ4ZmJlYWE4ZGQ5LzEvQUZKemhtSDlSMG1HMmJVQ0pQSlQ2ajhiS3J3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5 LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmWBlAwQA mWDmMA0GCSqGSIb3DQEBCwUAA4IBAQAMEme8wJLg5euF5NoHRqEahdy1hP7xBxAj Rbd5jW7V2D/ORB+m7kTusGr0cfkVtOH+WqZ7AR9Ma5ITMqvin6eHGCWpWP9v0r2Z gVeKE26IA6UgFR8dG9s4q16CKQjR19Qk69kYpNHRMbLJUfzF235m9xYzefl6xwEI QimlDjwCHapmXG3Q0qDUj/g2Pk452q45taHQb3OsWQk3F6qjZ3mdQySMydQn4s/U o0+7Vhv8C9QHFHy31DgVI3/VoasWjTweoytf4hdGPyfrwMlQ2wbJgv3xxk6WXJVp Eb6nP5jtCi2wYOhVyypVP1QOIZw7zwFHj/pSf75O4kRFrb93vNnP -----END CERTIFICATE-----Generated at Wed Jan 21 14:40:55 2026 by rpki-client