This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/J1cLQGWUhIVSfZKk_j_qK7xfNRk.roa File: J1cLQGWUhIVSfZKk_j_qK7xfNRk.roa (raw, json) Hash identifier: txu0I6tcoeoOCvYRp5YDtz869JeJI1kFO2/j3Mpeh2A= Subject key identifier: 27:57:0B:40:65:94:84:85:52:7D:92:A4:FE:3F:EA:2B:BC:5F:35:19 Certificate issuer: /CN=3eb1788fe220e46434692d1cc437072d792d7888 Certificate serial: 019B79ECD9AC174A9E00EB0A315AA743CE3A Authority key identifier: 3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/J1cLQGWUhIVSfZKk_j_qK7xfNRk.roa Signing time: Thu 01 Jan 2026 14:18:43 +0000 ROA not before: Thu 01 Jan 2026 14:18:43 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 0 IP address blocks: 185.1.189.0/24 maxlen: 24 2001:7f8:103::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.mft rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 14:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:d9:ac:17:4a:9e:00:eb:0a:31:5a:a7:43:ce:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3eb1788fe220e46434692d1cc437072d792d7888 Validity Not Before: Jan 1 14:18:43 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=27570b4065948485527d92a4fe3fea2bbc5f3519 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:58:cd:50:26:2c:e3:2e:0d:8e:3e:61:47:30: d0:83:96:d0:70:62:d8:75:a7:34:cb:a8:70:ef:3b: 89:ed:1f:b0:f6:a5:83:a5:74:e4:49:b1:31:10:e4: 45:06:68:5a:39:c0:73:0d:d0:10:fa:e2:4e:e2:74: 4b:c7:c0:d4:46:88:2a:33:d2:6e:7c:86:e2:9b:d6: 20:b1:ea:19:0d:fb:d8:ca:6a:c5:35:14:da:f4:6d: e7:12:5f:9a:7c:91:89:71:d8:84:da:5e:e2:0b:c2: b3:6d:ea:99:bd:3f:58:e0:da:b9:8e:31:64:2e:f4: 25:9e:cb:fc:04:83:02:28:cb:d4:2d:95:aa:75:a9: eb:4b:8e:0a:1f:f4:61:55:a7:ec:ff:f5:49:07:00: 78:04:4d:69:01:94:e4:48:11:61:54:15:29:ec:fa: e5:d2:4e:5c:6f:1c:6a:34:6a:bb:a2:c5:d1:a1:a1: 76:7d:81:0e:67:39:1a:46:2e:20:8c:85:a2:0e:ab: 90:fd:6d:9f:d1:c2:8e:4d:f8:bf:f2:b8:a9:df:f6: b6:2d:e7:58:ec:f1:4a:3d:e0:39:48:cf:23:74:db: 64:de:b0:db:5d:70:4d:e8:12:ab:2f:e7:d1:d5:b5: 96:0b:89:c5:12:fe:05:bf:ad:6a:d0:3f:ed:de:da: 58:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:57:0B:40:65:94:84:85:52:7D:92:A4:FE:3F:EA:2B:BC:5F:35:19 X509v3 Authority Key Identifier: keyid:3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/J1cLQGWUhIVSfZKk_j_qK7xfNRk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.1.189.0/24 IPv6: 2001:7f8:103::/48 Signature Algorithm: sha256WithRSAEncryption 07:7e:89:6c:84:8f:ca:0d:45:5f:be:28:ee:00:76:e2:55:5e: e6:d0:57:1a:9f:d7:4c:9e:c4:93:57:02:12:58:7c:45:5f:64: de:89:04:23:67:f9:b2:12:42:7d:4d:c0:97:e4:82:8d:70:dd: 7a:a8:20:df:08:6d:74:f8:7b:4f:4d:7e:df:51:55:6a:b3:04: 08:44:26:e1:fa:09:87:ea:57:b0:34:51:92:10:8e:4b:8e:8a: 47:f2:61:61:f4:66:da:d8:e8:b0:61:10:79:a7:fb:ac:7a:77: 7b:cf:08:cd:77:39:51:dc:cb:77:96:cb:47:86:c3:dc:43:09: 5a:10:19:4b:7d:01:db:f4:ec:b7:9a:36:ee:7c:bd:16:79:3d: c0:dd:7f:73:cf:70:29:c0:16:6b:d1:d3:de:0c:d4:2e:6c:f6: 94:95:cf:7d:79:d5:d2:d1:f4:40:06:23:b2:26:e1:f7:96:07: 79:68:3c:c4:50:4e:4c:21:fc:70:74:ef:0b:32:d8:f4:52:ef: 5f:0d:d4:6a:e0:92:a8:fe:68:d4:b6:cb:3e:51:ca:f6:2d:59: a6:4a:9e:2e:d1:de:53:50:b4:0c:6d:20:e2:5b:c4:e0:d5:89: bd:b1:58:39:39:a0:71:3d:5b:b6:17:29:15:7c:1f:37:c9:80: 11:ec:bc:21 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt57NmsF0qeAOsKMVqnQ846MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlYjE3ODhmZTIyMGU0NjQzNDY5MmQxY2M0MzcwNzJkNzky ZDc4ODgwHhcNMjYwMTAxMTQxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNzU3MGI0MDY1OTQ4NDg1NTI3ZDkyYTRmZTNmZWEyYmJjNWYzNTE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VjNUCYs4y4Njj5hRzDQg5bQcGLY dac0y6hw7zuJ7R+w9qWDpXTkSbExEORFBmhaOcBzDdAQ+uJO4nRLx8DURogqM9Ju fIbim9YgseoZDfvYymrFNRTa9G3nEl+afJGJcdiE2l7iC8KzbeqZvT9Y4Nq5jjFk LvQlnsv8BIMCKMvULZWqdanrS44KH/RhVafs//VJBwB4BE1pAZTkSBFhVBUp7Prl 0k5cbxxqNGq7osXRoaF2fYEOZzkaRi4gjIWiDquQ/W2f0cKOTfi/8rip3/a2LedY 7PFKPeA5SM8jdNtk3rDbXXBN6BKrL+fR1bWWC4nFEv4Fv61q0D/t3tpYywIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFCdXC0BllISFUn2SpP4/6iu8XzUZMB8GA1UdIwQY MBaAFD6xeI/iIORkNGktHMQ3By15LXiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAt ZDk1MDk0NzMwNzJjLzEvSjFjTFFHV1VoSVZTZlpLa19qX3FLN3hmTlJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAtZDk1MDk0NzMwNzJj LzEvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQG9MA8E AgACMAkDBwAgAQf4AQMwDQYJKoZIhvcNAQELBQADggEBAAd+iWyEj8oNRV++KO4A duJVXubQVxqf10yexJNXAhJYfEVfZN6JBCNn+bISQn1NwJfkgo1w3XqoIN8IbXT4 e09Nft9RVWqzBAhEJuH6CYfqV7A0UZIQjkuOikfyYWH0ZtrY6LBhEHmn+6x6d3vP CM13OVHcy3eWy0eGw9xDCVoQGUt9Adv07LeaNu58vRZ5PcDdf3PPcCnAFmvR094M 1C5s9pSVz3151dLR9EAGI7Im4feWB3loPMRQTkwh/HB07wsy2PRS718N1Grgkqj+ aNS2yz5RyvYtWaZKni7R3lNQtAxtIOJbxODVib2xWDk5oHE9W7YXKRV8HzfJgBHs vCE= -----END CERTIFICATE-----Generated at Wed Jan 7 23:47:58 2026 by rpki-client