This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/586f77-6f32-4b96-9838-a5894693af10/1/pjsQjYCyJ3t8hM7PRxXLSSskH0s.roa File: pjsQjYCyJ3t8hM7PRxXLSSskH0s.roa (raw, json) Hash identifier: JlEEmKo2Oj3IztEax/xHj/p3At5KTwe0I06/xzxbFsY= Subject key identifier: A6:3B:10:8D:80:B2:27:7B:7C:84:CE:CF:47:15:CB:49:2B:24:1F:4B Certificate issuer: /CN=8ac14985cb544c6d23d19bb43ac93711afe91f18 Certificate serial: 019B79EC89AA7FAAD913C09A82E270A911CC Authority key identifier: 8A:C1:49:85:CB:54:4C:6D:23:D1:9B:B4:3A:C9:37:11:AF:E9:1F:18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/isFJhctUTG0j0Zu0Osk3Ea_pHxg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/586f77-6f32-4b96-9838-a5894693af10/1/pjsQjYCyJ3t8hM7PRxXLSSskH0s.roa Signing time: Thu 01 Jan 2026 14:18:23 +0000 ROA not before: Thu 01 Jan 2026 14:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51621 IP address blocks: 185.216.49.0/24 maxlen: 24 185.217.130.0/24 maxlen: 24 2a10:a900::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/586f77-6f32-4b96-9838-a5894693af10/1/isFJhctUTG0j0Zu0Osk3Ea_pHxg.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/586f77-6f32-4b96-9838-a5894693af10/1/isFJhctUTG0j0Zu0Osk3Ea_pHxg.mft rsync://rpki.ripe.net/repository/DEFAULT/isFJhctUTG0j0Zu0Osk3Ea_pHxg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 17:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:89:aa:7f:aa:d9:13:c0:9a:82:e2:70:a9:11:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8ac14985cb544c6d23d19bb43ac93711afe91f18 Validity Not Before: Jan 1 14:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a63b108d80b2277b7c84cecf4715cb492b241f4b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e5:c3:9a:7c:6e:6d:7a:f9:73:a3:cf:6c:9d: 08:85:48:d7:de:75:12:cf:1b:36:73:5a:11:93:4c: 85:9f:b9:92:bf:02:94:6d:0f:17:3a:00:1e:f1:b8: 42:21:bc:eb:68:6b:c2:1e:67:d7:32:38:52:2e:f0: bf:47:b5:ba:47:44:c6:73:14:e5:6d:1a:bf:67:43: 74:70:56:d0:b8:7d:08:a3:de:9d:68:bd:6c:23:54: 5e:c0:04:1c:be:74:e1:0e:b9:1f:26:37:12:3f:04: d9:90:dd:50:cd:21:6d:fb:0e:61:e2:d1:d7:0d:05: 27:b0:f6:bf:60:79:08:ce:d2:c3:64:3a:5f:4a:f3: 71:0d:14:92:a3:ae:78:bc:79:16:70:07:18:ce:e1: ba:13:e0:5d:51:a3:cb:56:a2:5a:ec:63:45:62:3f: 4e:3a:9e:04:00:53:fc:e3:9b:69:59:dd:d3:a3:2c: 21:73:5e:9f:c2:1f:08:e1:80:83:ee:11:d0:fd:d7: fc:8f:27:b8:72:27:c6:ca:d0:49:7d:09:f7:dd:e9: fc:4a:33:ce:c6:e6:5c:9a:7e:7a:9b:84:56:8a:e3: be:30:14:3d:0b:a6:28:f2:c9:58:09:c4:8a:dd:eb: 2a:fc:4e:e2:ae:4d:a2:13:1f:56:81:2f:8a:8d:67: 14:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:3B:10:8D:80:B2:27:7B:7C:84:CE:CF:47:15:CB:49:2B:24:1F:4B X509v3 Authority Key Identifier: keyid:8A:C1:49:85:CB:54:4C:6D:23:D1:9B:B4:3A:C9:37:11:AF:E9:1F:18 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/isFJhctUTG0j0Zu0Osk3Ea_pHxg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/586f77-6f32-4b96-9838-a5894693af10/1/pjsQjYCyJ3t8hM7PRxXLSSskH0s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/586f77-6f32-4b96-9838-a5894693af10/1/isFJhctUTG0j0Zu0Osk3Ea_pHxg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.216.49.0/24 185.217.130.0/24 IPv6: 2a10:a900::/29 Signature Algorithm: sha256WithRSAEncryption 95:6b:64:a1:79:91:f5:39:8d:dd:d0:e6:b2:25:b1:96:00:98: f4:e6:65:4f:2b:65:08:b0:79:06:bd:c5:69:78:df:2c:77:f5: 41:f0:d2:a7:89:33:86:64:e8:8f:6f:b7:c5:d8:7d:a2:2b:31: bb:ad:86:69:0e:f1:94:4c:09:48:e4:81:15:95:fa:d5:60:fe: 52:6c:69:ff:d1:a8:0e:53:0e:37:29:a4:e9:63:f5:77:28:43: 8e:c7:47:3e:d4:47:11:01:9b:c8:ee:72:f1:11:e6:72:bc:8c: fc:eb:19:65:fc:67:c3:45:c9:cd:dd:a6:1c:ab:50:e7:51:2e: bf:40:8c:ef:5f:ab:44:da:8b:ac:84:77:8f:5e:f6:81:1a:92: 34:90:c0:d2:5b:0b:c3:b5:8c:7b:76:6c:c4:9f:24:c9:48:0a: 56:85:bf:83:db:95:56:b1:61:62:d2:13:3d:a7:97:10:96:ec: 5f:54:16:d3:48:d0:c1:6e:2c:53:f7:58:3e:4d:03:04:1b:ff: 71:6e:dd:77:23:88:56:d7:cb:0a:e0:33:58:44:de:e8:24:07: 58:59:b0:26:5c:26:12:9a:0c:bb:d6:a0:85:9f:cf:1d:52:d7: 38:11:22:cc:36:b4:fa:37:5a:8c:28:cc:f9:2d:0e:ce:5c:4f: a7:00:fd:c0 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt57Imqf6rZE8CaguJwqRHMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhYzE0OTg1Y2I1NDRjNmQyM2QxOWJiNDNhYzkzNzExYWZl OTFmMTgwHhcNMjYwMTAxMTQxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNjNiMTA4ZDgwYjIyNzdiN2M4NGNlY2Y0NzE1Y2I0OTJiMjQxZjRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOXDmnxubXr5c6PPbJ0IhUjX3nUS zxs2c1oRk0yFn7mSvwKUbQ8XOgAe8bhCIbzraGvCHmfXMjhSLvC/R7W6R0TGcxTl bRq/Z0N0cFbQuH0Io96daL1sI1RewAQcvnThDrkfJjcSPwTZkN1QzSFt+w5h4tHX DQUnsPa/YHkIztLDZDpfSvNxDRSSo654vHkWcAcYzuG6E+BdUaPLVqJa7GNFYj9O Op4EAFP845tpWd3Toywhc16fwh8I4YCD7hHQ/df8jye4cifGytBJfQn33en8SjPO xuZcmn56m4RWiuO+MBQ9C6Yo8slYCcSK3esq/E7irk2iEx9WgS+KjWcUXQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFKY7EI2Asid7fITOz0cVy0krJB9LMB8GA1UdIwQY MBaAFIrBSYXLVExtI9GbtDrJNxGv6R8YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXNGSmhjdFVURzBqMFp1ME9zazNFYV9wSHhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS81ODZmNzctNmYzMi00Yjk2LTk4Mzgt YTU4OTQ2OTNhZjEwLzEvcGpzUWpZQ3lKM3Q4aE03UFJ4WExTU3NrSDBzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS81ODZmNzctNmYzMi00Yjk2LTk4MzgtYTU4OTQ2OTNhZjEw LzEvaXNGSmhjdFVURzBqMFp1ME9zazNFYV9wSHhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAudgxAwQA udmCMA0EAgACMAcDBQMqEKkAMA0GCSqGSIb3DQEBCwUAA4IBAQCVa2SheZH1OY3d 0OayJbGWAJj05mVPK2UIsHkGvcVpeN8sd/VB8NKniTOGZOiPb7fF2H2iKzG7rYZp DvGUTAlI5IEVlfrVYP5SbGn/0agOUw43KaTpY/V3KEOOx0c+1EcRAZvI7nLxEeZy vIz86xll/GfDRcnN3aYcq1DnUS6/QIzvX6tE2oushHePXvaBGpI0kMDSWwvDtYx7 dmzEnyTJSApWhb+D25VWsWFi0hM9p5cQluxfVBbTSNDBbixT91g+TQMEG/9xbt13 I4hW18sK4DNYRN7oJAdYWbAmXCYSmgy71qCFn88dUtc4ESLMNrT6N1qMKMz5LQ7O XE+nAP3A -----END CERTIFICATE-----Generated at Sat Jan 24 00:28:26 2026 by rpki-client