This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/sJpbC87SMVa4vt5NI5bryF6Soa0.roa File: sJpbC87SMVa4vt5NI5bryF6Soa0.roa (raw, json) Hash identifier: Kq0qKJZ6NJFyN4KPgrXNyOIY6c6Ykn/I7S4MDDkskPA= Subject key identifier: B0:9A:5B:0B:CE:D2:31:56:B8:BE:DE:4D:23:96:EB:C8:5E:92:A1:AD Certificate issuer: /CN=62719c6d8b9950378a7489315fb078111a18ad55 Certificate serial: 019B9CED459E13A1770E2695DA57EF226A4A Authority key identifier: 62:71:9C:6D:8B:99:50:37:8A:74:89:31:5F:B0:78:11:1A:18:AD:55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YnGcbYuZUDeKdIkxX7B4ERoYrVU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/sJpbC87SMVa4vt5NI5bryF6Soa0.roa Signing time: Thu 08 Jan 2026 09:25:54 +0000 ROA not before: Thu 08 Jan 2026 09:25:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43260 IP address blocks: 185.71.216.0/24 maxlen: 24 185.71.217.0/24 maxlen: 24 185.71.218.0/24 maxlen: 24 185.71.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/YnGcbYuZUDeKdIkxX7B4ERoYrVU.crl rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/YnGcbYuZUDeKdIkxX7B4ERoYrVU.mft rsync://rpki.ripe.net/repository/DEFAULT/YnGcbYuZUDeKdIkxX7B4ERoYrVU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 06:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:9c:ed:45:9e:13:a1:77:0e:26:95:da:57:ef:22:6a:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=62719c6d8b9950378a7489315fb078111a18ad55 Validity Not Before: Jan 8 09:25:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b09a5b0bced23156b8bede4d2396ebc85e92a1ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:96:86:da:9e:94:b4:c6:0a:ad:bf:a8:29:1d: 2d:9f:84:e5:7a:1c:78:f5:a9:9c:fb:09:03:c9:3a: cc:e3:10:a3:1f:99:6e:61:83:62:91:43:27:3d:7a: 78:72:1c:31:76:6d:4a:2d:db:13:4c:39:ba:48:eb: 18:4a:eb:e3:b6:af:67:b3:36:bb:71:b5:b5:66:2d: d7:bf:9a:f4:9c:bf:de:3a:85:b5:b6:3f:53:be:f8: cc:b0:aa:c9:24:9d:c6:88:ad:95:1e:cb:8f:6d:3a: 8d:f3:00:f5:6c:3d:9a:d7:27:7c:10:52:a0:12:28: ae:bd:aa:7d:c1:b6:32:a9:82:21:0b:e2:8b:b6:6a: ec:e5:f0:24:c7:b1:52:41:31:dd:53:92:b2:5d:20: 49:55:5e:ef:f2:86:7c:09:ad:39:bc:4d:c0:91:af: 49:50:1e:f6:8f:db:2d:ef:63:de:eb:fa:11:3f:b8: 86:fe:7d:55:ef:06:70:0e:f4:0b:fe:98:da:e7:b8: a0:a9:27:44:ee:13:e2:94:9d:aa:5f:41:6a:f4:52: f7:a4:17:88:65:f1:89:f5:3d:b3:d6:80:64:6a:21: 8f:ce:98:c1:2c:39:9d:f2:68:fa:fb:84:3b:3d:ed: 57:f8:eb:1e:60:39:99:29:58:8d:fd:37:8a:a0:7b: 32:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:9A:5B:0B:CE:D2:31:56:B8:BE:DE:4D:23:96:EB:C8:5E:92:A1:AD X509v3 Authority Key Identifier: keyid:62:71:9C:6D:8B:99:50:37:8A:74:89:31:5F:B0:78:11:1A:18:AD:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YnGcbYuZUDeKdIkxX7B4ERoYrVU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/sJpbC87SMVa4vt5NI5bryF6Soa0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/97/072f68-813d-4ba7-b49d-75fa295411f5/1/YnGcbYuZUDeKdIkxX7B4ERoYrVU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.71.216.0/22 Signature Algorithm: sha256WithRSAEncryption dd:65:e6:7f:a3:7e:5b:82:d6:b9:2e:21:50:67:c8:f8:84:a2: 82:8e:ec:75:9f:16:1a:89:8f:56:ba:cc:cb:99:ef:8b:9c:ae: 5f:09:ca:dd:1b:60:d6:cf:f9:f5:7b:4c:62:cd:ae:18:ca:a4: 3a:38:a5:ec:08:7a:45:fa:f6:1b:11:04:3b:c5:9e:f3:2f:d4: e9:ce:6b:f9:5d:d8:c5:31:6f:0a:45:00:1b:1c:e5:cb:e0:14: cc:7b:9f:25:ff:19:48:48:b9:03:9d:b5:c2:f1:50:52:61:a7: 71:21:88:0e:42:69:d5:f4:5a:5b:25:64:f0:d0:24:d0:48:49: ac:84:50:4d:bc:5b:4b:8f:ee:d0:4b:77:07:75:58:25:c7:e2: 88:81:76:6a:2c:7d:89:3d:8d:ec:57:e5:51:f5:b8:a6:ba:56: 77:97:bd:ed:0a:11:e4:1a:41:67:93:43:70:b2:81:0c:40:7a: 6b:c3:57:f0:03:d4:65:26:0d:7d:45:ff:3a:c0:c9:db:94:1f: ae:26:35:30:92:8c:71:3b:aa:ac:b0:b3:4d:3e:fb:0e:4a:9d: 82:b7:3d:2d:97:1c:19:76:4f:ab:9a:6d:8f:66:50:01:cb:08: 5f:66:19:bf:94:a2:14:be:58:f2:0d:0a:88:2f:94:37:ce:b2: 5a:d5:fd:44 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZuc7UWeE6F3DiaV2lfvImpKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyNzE5YzZkOGI5OTUwMzc4YTc0ODkzMTVmYjA3ODExMWEx OGFkNTUwHhcNMjYwMTA4MDkyNTU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMDlhNWIwYmNlZDIzMTU2YjhiZWRlNGQyMzk2ZWJjODVlOTJhMWFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZaG2p6UtMYKrb+oKR0tn4Tlehx4 9amc+wkDyTrM4xCjH5luYYNikUMnPXp4chwxdm1KLdsTTDm6SOsYSuvjtq9nsza7 cbW1Zi3Xv5r0nL/eOoW1tj9TvvjMsKrJJJ3GiK2VHsuPbTqN8wD1bD2a1yd8EFKg Eiiuvap9wbYyqYIhC+KLtmrs5fAkx7FSQTHdU5KyXSBJVV7v8oZ8Ca05vE3Aka9J UB72j9st72Pe6/oRP7iG/n1V7wZwDvQL/pja57igqSdE7hPilJ2qX0Fq9FL3pBeI ZfGJ9T2z1oBkaiGPzpjBLDmd8mj6+4Q7Pe1X+OseYDmZKViN/TeKoHsyoQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLCaWwvO0jFWuL7eTSOW68hekqGtMB8GA1UdIwQY MBaAFGJxnG2LmVA3inSJMV+weBEaGK1VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWW5HY2JZdVpVRGVLZElreFg3QjRFUm9ZclZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wNzJmNjgtODEzZC00YmE3LWI0OWQt NzVmYTI5NTQxMWY1LzEvc0pwYkM4N1NNVmE0dnQ1Tkk1YnJ5RjZTb2EwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Ny8wNzJmNjgtODEzZC00YmE3LWI0OWQtNzVmYTI5NTQxMWY1 LzEvWW5HY2JZdVpVRGVLZElreFg3QjRFUm9ZclZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUfYMA0G CSqGSIb3DQEBCwUAA4IBAQDdZeZ/o35bgta5LiFQZ8j4hKKCjux1nxYaiY9WuszL me+LnK5fCcrdG2DWz/n1e0xiza4YyqQ6OKXsCHpF+vYbEQQ7xZ7zL9Tpzmv5XdjF MW8KRQAbHOXL4BTMe58l/xlISLkDnbXC8VBSYadxIYgOQmnV9FpbJWTw0CTQSEms hFBNvFtLj+7QS3cHdVglx+KIgXZqLH2JPY3sV+VR9bimulZ3l73tChHkGkFnk0Nw soEMQHprw1fwA9RlJg19Rf86wMnblB+uJjUwkoxxO6qssLNNPvsOSp2Ctz0tlxwZ dk+rmm2PZlABywhfZhm/lKIUvljyDQqIL5Q3zrJa1f1E -----END CERTIFICATE-----Generated at Mon Jan 19 16:51:41 2026 by rpki-client