This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/a_j0083lOlqZLjjJqW5npMU2K1c.roa File: a_j0083lOlqZLjjJqW5npMU2K1c.roa (raw, json) Hash identifier: faxoEGXKDneOWfMQo/aCLuHRodBLAUIu/JQekys4GcM= Subject key identifier: 6B:F8:F4:D3:CD:E5:3A:5A:99:2E:38:C9:A9:6E:67:A4:C5:36:2B:57 Certificate issuer: /CN=1b78dbf3e859582fd1eda2f2dcde5422295146f1 Certificate serial: 019B7F82FAAD892AABC53928F579C78D97D6 Authority key identifier: 1B:78:DB:F3:E8:59:58:2F:D1:ED:A2:F2:DC:DE:54:22:29:51:46:F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G3jb8-hZWC_R7aLy3N5UIilRRvE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/a_j0083lOlqZLjjJqW5npMU2K1c.roa Signing time: Fri 02 Jan 2026 16:20:48 +0000 ROA not before: Fri 02 Jan 2026 16:20:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15600 IP address blocks: 5.172.128.0/20 maxlen: 20 185.74.136.0/22 maxlen: 22 2a00:d4e0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/G3jb8-hZWC_R7aLy3N5UIilRRvE.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/G3jb8-hZWC_R7aLy3N5UIilRRvE.mft rsync://rpki.ripe.net/repository/DEFAULT/G3jb8-hZWC_R7aLy3N5UIilRRvE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:fa:ad:89:2a:ab:c5:39:28:f5:79:c7:8d:97:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b78dbf3e859582fd1eda2f2dcde5422295146f1 Validity Not Before: Jan 2 16:20:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=6bf8f4d3cde53a5a992e38c9a96e67a4c5362b57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:33:db:39:70:ca:4c:fb:a8:a6:12:b3:ca:c3: 61:29:1e:d1:6f:bb:a1:0e:a1:c4:d2:20:f1:58:b3: f9:56:51:ec:79:84:4c:ab:32:e8:ff:7d:ac:ab:14: 40:25:fc:00:d1:92:a0:d0:01:20:0f:d5:a7:ba:64: 30:09:db:8a:23:a6:0c:2f:54:a0:2f:72:b4:04:ba: 23:29:69:de:c4:a2:d3:2c:7d:ef:17:ae:ef:53:88: 9e:e2:9e:7b:f0:0c:c7:dc:92:e5:b7:4c:7c:8b:73: 1e:53:c8:5b:4b:e3:a6:fe:7a:7f:82:7a:ef:33:a4: 29:5d:9f:b6:6e:96:98:be:00:87:09:1e:9e:1b:63: 52:b5:c7:ff:76:22:b4:86:1a:8e:36:4a:8d:63:3c: 99:fa:68:45:0f:73:43:32:d6:42:33:e2:f4:64:29: 17:e7:58:e8:c4:a9:b9:ea:63:5b:a4:cb:ba:ff:11: 05:22:4c:e8:34:9f:48:d5:1e:78:97:90:2f:df:93: 84:0e:01:6e:7e:8c:6d:f0:5f:ff:9f:89:68:6a:19: f5:2c:83:8e:59:52:b2:45:93:34:9e:9d:34:7b:a0: a1:80:4b:b5:6f:0e:60:0a:4c:f9:f4:99:aa:f0:27: 32:3c:18:63:36:4d:36:0f:ab:ae:cc:74:22:ee:10: 95:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:F8:F4:D3:CD:E5:3A:5A:99:2E:38:C9:A9:6E:67:A4:C5:36:2B:57 X509v3 Authority Key Identifier: keyid:1B:78:DB:F3:E8:59:58:2F:D1:ED:A2:F2:DC:DE:54:22:29:51:46:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G3jb8-hZWC_R7aLy3N5UIilRRvE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/a_j0083lOlqZLjjJqW5npMU2K1c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/99b535-c42b-4e01-8793-722294783e9e/1/G3jb8-hZWC_R7aLy3N5UIilRRvE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.172.128.0/20 185.74.136.0/22 IPv6: 2a00:d4e0::/29 Signature Algorithm: sha256WithRSAEncryption 92:2d:e4:3f:13:61:50:a3:c4:bb:e5:6a:a3:a9:80:73:32:41: 12:dc:30:8c:52:f7:a4:c9:32:b9:9f:fa:d2:6a:85:5c:a9:75: fc:48:44:82:f3:ed:dd:6d:92:3e:4e:48:4c:34:90:5e:60:69: 45:55:0d:bf:11:7d:8c:ee:9e:23:89:51:72:8a:6d:71:c7:59: 47:37:55:30:ac:40:88:bf:a7:e1:11:36:9f:44:1e:9b:66:94: a5:ab:19:9a:a7:d7:16:85:6e:57:f4:3a:c7:9e:de:1b:3a:87: 8a:52:71:19:72:cb:d5:12:5d:cd:97:5d:16:18:50:c6:4d:80: dd:64:3b:6e:d0:29:8e:c8:11:48:84:be:91:3d:a3:19:cb:ce: 4a:f5:9a:9b:67:b0:22:04:89:45:c0:3d:15:4d:04:ef:e3:9d: d2:32:6c:45:a2:b9:9e:69:28:ab:17:d2:e5:1b:72:cf:36:f7: 34:78:37:d0:25:3a:53:9e:4c:73:eb:73:8a:17:e1:b3:52:a1: a5:8d:a4:f7:94:31:c2:31:92:e3:20:47:7c:0f:eb:fc:a7:b0: 05:99:7f:c3:20:ef:dc:6c:8f:55:b7:df:5c:1c:f8:cc:dc:72: 1f:4b:1d:1a:3e:52:a7:b1:ef:d3:de:b0:91:12:84:23:e9:e7: 5a:40:4f:af -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/gvqtiSqrxTko9XnHjZfWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiNzhkYmYzZTg1OTU4MmZkMWVkYTJmMmRjZGU1NDIyMjk1 MTQ2ZjEwHhcNMjYwMTAyMTYyMDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2YmY4ZjRkM2NkZTUzYTVhOTkyZTM4YzlhOTZlNjdhNGM1MzYyYjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjPbOXDKTPuophKzysNhKR7Rb7uh DqHE0iDxWLP5VlHseYRMqzLo/32sqxRAJfwA0ZKg0AEgD9WnumQwCduKI6YML1Sg L3K0BLojKWnexKLTLH3vF67vU4ie4p578AzH3JLlt0x8i3MeU8hbS+Om/np/gnrv M6QpXZ+2bpaYvgCHCR6eG2NStcf/diK0hhqONkqNYzyZ+mhFD3NDMtZCM+L0ZCkX 51joxKm56mNbpMu6/xEFIkzoNJ9I1R54l5Av35OEDgFufoxt8F//n4loahn1LIOO WVKyRZM0np00e6ChgEu1bw5gCkz59Jmq8CcyPBhjNk02D6uuzHQi7hCVaQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFGv49NPN5TpamS44yaluZ6TFNitXMB8GA1UdIwQY MBaAFBt42/PoWVgv0e2i8tzeVCIpUUbxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRzNqYjgtaFpXQ19SN2FMeTNONVVJaWxSUnZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC85OWI1MzUtYzQyYi00ZTAxLTg3OTMt NzIyMjk0NzgzZTllLzEvYV9qMDA4M2xPbHFaTGpqSnFXNW5wTVUySzFjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC85OWI1MzUtYzQyYi00ZTAxLTg3OTMtNzIyMjk0NzgzZTll LzEvRzNqYjgtaFpXQ19SN2FMeTNONVVJaWxSUnZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEBayAAwQC uUqIMA0EAgACMAcDBQMqANTgMA0GCSqGSIb3DQEBCwUAA4IBAQCSLeQ/E2FQo8S7 5WqjqYBzMkES3DCMUvekyTK5n/rSaoVcqXX8SESC8+3dbZI+TkhMNJBeYGlFVQ2/ EX2M7p4jiVFyim1xx1lHN1UwrECIv6fhETafRB6bZpSlqxmap9cWhW5X9DrHnt4b OoeKUnEZcsvVEl3Nl10WGFDGTYDdZDtu0CmOyBFIhL6RPaMZy85K9ZqbZ7AiBIlF wD0VTQTv453SMmxFormeaSirF9LlG3LPNvc0eDfQJTpTnkxz63OKF+GzUqGljaT3 lDHCMZLjIEd8D+v8p7AFmX/DIO/cbI9Vt99cHPjM3HIfSx0aPlKnse/T3rCREoQj 6edaQE+v -----END CERTIFICATE-----Generated at Mon Jan 26 20:42:27 2026 by rpki-client