This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/JDb5A2keqNNHHn7egHMcEGsac60.roa File: JDb5A2keqNNHHn7egHMcEGsac60.roa (raw, json) Hash identifier: ArdL/hAkNPkcLPWJJnXPFWGPHSAOP/P5AYcbgtu+Yug= Subject key identifier: 24:36:F9:03:69:1E:A8:D3:47:1E:7E:DE:80:73:1C:10:6B:1A:73:AD Certificate issuer: /CN=e0d435784da8c218e0ff107cdcfe24ca4569c949 Certificate serial: 019B7B361DEE40D64EA72AC59073DCFFD9A0 Authority key identifier: E0:D4:35:78:4D:A8:C2:18:E0:FF:10:7C:DC:FE:24:CA:45:69:C9:49 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4NQ1eE2owhjg_xB83P4kykVpyUk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/JDb5A2keqNNHHn7egHMcEGsac60.roa Signing time: Thu 01 Jan 2026 20:18:22 +0000 ROA not before: Thu 01 Jan 2026 20:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59742 IP address blocks: 87.243.69.0/24 maxlen: 24 185.73.236.0/22 maxlen: 22 2a03:46a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/4NQ1eE2owhjg_xB83P4kykVpyUk.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/4NQ1eE2owhjg_xB83P4kykVpyUk.mft rsync://rpki.ripe.net/repository/DEFAULT/4NQ1eE2owhjg_xB83P4kykVpyUk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:1d:ee:40:d6:4e:a7:2a:c5:90:73:dc:ff:d9:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e0d435784da8c218e0ff107cdcfe24ca4569c949 Validity Not Before: Jan 1 20:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2436f903691ea8d3471e7ede80731c106b1a73ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:4b:96:d0:c2:8f:46:13:84:dd:a4:f8:d8:6a: e5:a7:d3:3f:99:2e:68:1d:99:05:9d:fa:2b:3c:ee: 04:a0:ba:49:f1:82:a1:72:c9:34:de:8d:5c:81:7c: 0f:7c:2c:1c:c4:2a:a3:cd:1e:4f:b0:fa:9e:08:79: 52:65:f5:b6:6f:a5:87:ab:a6:23:49:32:fc:2a:d0: 12:ec:ec:ea:e8:b9:9b:10:79:37:dd:e3:9b:3c:47: 9b:86:22:34:62:7a:32:90:e0:19:24:21:26:75:89: 8c:ab:46:40:c4:43:54:da:ec:91:96:62:d1:f3:0e: 6f:b3:46:a1:a1:26:54:38:3c:1f:3a:0b:3c:35:18: d1:8c:d8:91:21:c9:a1:9a:51:fe:bc:d6:b4:f4:4c: bb:b9:a0:bd:aa:31:5d:d8:e1:55:6e:35:34:8f:f6: 79:85:31:5c:3a:86:d5:4e:40:ba:14:9c:2f:3b:ec: 5d:98:d8:8f:21:2d:48:85:e7:fb:ce:c1:93:12:5b: be:1a:40:c2:4c:c4:8e:88:f7:71:62:63:b7:c0:65: 20:ad:de:d8:cd:ac:00:d8:bf:2a:bf:43:01:ee:77: 36:ad:64:5e:97:e9:25:30:ca:06:d9:8a:a9:a7:94: e5:70:00:32:6d:04:53:d1:f6:12:18:6c:e2:f7:13: 6d:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:36:F9:03:69:1E:A8:D3:47:1E:7E:DE:80:73:1C:10:6B:1A:73:AD X509v3 Authority Key Identifier: keyid:E0:D4:35:78:4D:A8:C2:18:E0:FF:10:7C:DC:FE:24:CA:45:69:C9:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4NQ1eE2owhjg_xB83P4kykVpyUk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/JDb5A2keqNNHHn7egHMcEGsac60.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a05eba-9d85-489b-aec7-ed42d3a625a4/1/4NQ1eE2owhjg_xB83P4kykVpyUk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.243.69.0/24 185.73.236.0/22 IPv6: 2a03:46a0::/32 Signature Algorithm: sha256WithRSAEncryption 44:61:fd:9f:11:ca:3a:c0:66:4f:c3:0f:40:18:2e:dc:c7:8b: 64:21:b8:f1:c7:ef:b4:7d:1d:04:81:70:1d:6a:cb:2b:47:c3: 27:23:6d:7b:68:c7:fd:fe:d9:16:d0:c2:57:33:3c:31:4e:4e: 55:60:83:33:bf:20:44:dc:b4:97:51:e0:6b:58:4e:a2:80:0b: f8:aa:d7:5b:46:95:13:d4:a7:8f:57:7c:40:90:23:d2:ee:0d: e7:3c:40:30:66:f5:d5:30:6c:62:58:ec:98:26:de:b5:af:f5: 23:13:ba:e1:7c:86:3a:0a:01:88:62:e7:73:c5:f5:1b:52:43: ce:8a:8f:f8:6c:fe:c7:16:74:d8:61:fd:64:98:4f:6c:00:ab: bc:c9:29:b5:4e:27:68:60:e1:ec:c1:eb:6d:d9:50:8f:54:77: 4a:ac:0e:06:b2:68:df:a7:5e:3b:0d:6b:11:4d:1c:8b:6d:3a: c9:42:9f:fd:b3:b5:6b:4a:51:95:87:76:77:48:82:c2:d1:1b: 6d:7e:dd:83:b2:54:ea:4c:93:36:45:e1:2b:93:36:e0:83:4a: 72:c1:1b:a9:8b:16:29:93:c1:e3:0a:a2:ba:37:3e:58:b4:31: fd:0d:af:6a:cd:ad:18:31:73:76:db:05:63:18:88:c5:d6:28: 8a:41:e7:84 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt7Nh3uQNZOpyrFkHPc/9mgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwZDQzNTc4NGRhOGMyMThlMGZmMTA3Y2RjZmUyNGNhNDU2 OWM5NDkwHhcNMjYwMTAxMjAxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNDM2ZjkwMzY5MWVhOGQzNDcxZTdlZGU4MDczMWMxMDZiMWE3M2FkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukuW0MKPRhOE3aT42Grlp9M/mS5o HZkFnforPO4EoLpJ8YKhcsk03o1cgXwPfCwcxCqjzR5PsPqeCHlSZfW2b6WHq6Yj STL8KtAS7Ozq6LmbEHk33eObPEebhiI0YnoykOAZJCEmdYmMq0ZAxENU2uyRlmLR 8w5vs0ahoSZUODwfOgs8NRjRjNiRIcmhmlH+vNa09Ey7uaC9qjFd2OFVbjU0j/Z5 hTFcOobVTkC6FJwvO+xdmNiPIS1Ihef7zsGTElu+GkDCTMSOiPdxYmO3wGUgrd7Y zawA2L8qv0MB7nc2rWRel+klMMoG2Yqpp5TlcAAybQRT0fYSGGzi9xNtpwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFCQ2+QNpHqjTRx5+3oBzHBBrGnOtMB8GA1UdIwQY MBaAFODUNXhNqMIY4P8QfNz+JMpFaclJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNE5RMWVFMm93aGpnX3hCODNQNGt5a1ZweVVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hMDVlYmEtOWQ4NS00ODliLWFlYzct ZWQ0MmQzYTYyNWE0LzEvSkRiNUEya2VxTk5ISG43ZWdITWNFR3NhYzYwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC9hMDVlYmEtOWQ4NS00ODliLWFlYzctZWQ0MmQzYTYyNWE0 LzEvNE5RMWVFMm93aGpnX3hCODNQNGt5a1ZweVVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAV/NFAwQC uUnsMA0EAgACMAcDBQAqA0agMA0GCSqGSIb3DQEBCwUAA4IBAQBEYf2fEco6wGZP ww9AGC7cx4tkIbjxx++0fR0EgXAdassrR8MnI217aMf9/tkW0MJXMzwxTk5VYIMz vyBE3LSXUeBrWE6igAv4qtdbRpUT1KePV3xAkCPS7g3nPEAwZvXVMGxiWOyYJt61 r/UjE7rhfIY6CgGIYudzxfUbUkPOio/4bP7HFnTYYf1kmE9sAKu8ySm1TidoYOHs wett2VCPVHdKrA4Gsmjfp147DWsRTRyLbTrJQp/9s7VrSlGVh3Z3SILC0Rttft2D slTqTJM2ReErkzbgg0pywRupixYpk8HjCqK6Nz5YtDH9Da9qza0YMXN22wVjGIjF 1iiKQeeE -----END CERTIFICATE-----Generated at Mon Feb 9 18:30:23 2026 by rpki-client