This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/JCYIq9abXabyABSE5MBNKtlW6Ds.roa File: JCYIq9abXabyABSE5MBNKtlW6Ds.roa (raw, json) Hash identifier: wyz0gi5oUZNHdIXWdMzjT6ryVOTn8WqxbAJlVCJ1Slc= Subject key identifier: 24:26:08:AB:D6:9B:5D:A6:F2:00:14:84:E4:C0:4D:2A:D9:56:E8:3B Certificate issuer: /CN=a633725cd5dd91cf190ab3a99526e898357856ef Certificate serial: 019B7F82FE72F955786581E4D88699CAB907 Authority key identifier: A6:33:72:5C:D5:DD:91:CF:19:0A:B3:A9:95:26:E8:98:35:78:56:EF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjNyXNXdkc8ZCrOplSbomDV4Vu8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/JCYIq9abXabyABSE5MBNKtlW6Ds.roa Signing time: Fri 02 Jan 2026 16:20:49 +0000 ROA not before: Fri 02 Jan 2026 16:20:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15495 IP address blocks: 91.213.221.0/24 maxlen: 24 128.246.0.0/16 maxlen: 24 141.6.0.0/16 maxlen: 24 193.23.152.0/22 maxlen: 24 195.234.178.0/24 maxlen: 24 2a03:5680::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/pjNyXNXdkc8ZCrOplSbomDV4Vu8.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/pjNyXNXdkc8ZCrOplSbomDV4Vu8.mft rsync://rpki.ripe.net/repository/DEFAULT/pjNyXNXdkc8ZCrOplSbomDV4Vu8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:29:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:82:fe:72:f9:55:78:65:81:e4:d8:86:99:ca:b9:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a633725cd5dd91cf190ab3a99526e898357856ef Validity Not Before: Jan 2 16:20:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=242608abd69b5da6f2001484e4c04d2ad956e83b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:c1:e2:f6:7d:de:9e:48:8f:a1:2b:81:8a:c0: 83:51:db:60:52:8c:08:28:ab:19:58:27:7d:98:4b: ab:4f:7a:e2:e6:a1:79:bb:58:1d:f3:da:a9:f2:b8: 4f:52:d4:d9:c6:f8:66:f2:2b:a6:eb:9c:f3:06:06: 1d:b7:61:57:b0:4c:29:70:2e:da:83:14:5f:47:a9: 9c:cb:4e:21:2e:30:53:8f:f7:6e:98:e1:48:fc:41: 88:a3:16:31:13:67:5a:88:b0:f1:75:65:3f:82:7b: 98:20:6e:24:dd:4a:9e:d7:f3:1d:25:2a:a6:96:f9: 43:1f:26:1d:65:50:c8:b4:92:20:c7:29:db:4f:ca: 3b:ed:2b:60:9c:62:52:a8:ac:02:8c:91:6d:4b:8d: cf:16:81:89:63:ee:ad:58:24:63:34:b2:99:1f:ae: 3c:09:a3:9e:98:b8:06:41:70:f6:2e:88:6b:c8:9e: d2:34:bc:8f:c7:6f:3f:be:f8:49:98:1d:01:97:f3: df:6e:42:95:27:31:3d:98:0e:47:f7:38:ee:39:a9: 2b:e7:86:ab:b1:a6:e3:05:49:17:5c:97:59:e1:b8: b0:b8:47:f9:dd:25:13:b0:cd:61:60:30:a9:b1:18: f3:22:77:49:c0:bd:f0:e4:27:61:91:a1:39:76:47: 7b:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:26:08:AB:D6:9B:5D:A6:F2:00:14:84:E4:C0:4D:2A:D9:56:E8:3B X509v3 Authority Key Identifier: keyid:A6:33:72:5C:D5:DD:91:CF:19:0A:B3:A9:95:26:E8:98:35:78:56:EF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjNyXNXdkc8ZCrOplSbomDV4Vu8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/JCYIq9abXabyABSE5MBNKtlW6Ds.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5b856a-a90d-4791-9c10-c0b813b4ec7e/1/pjNyXNXdkc8ZCrOplSbomDV4Vu8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.213.221.0/24 128.246.0.0/16 141.6.0.0/16 193.23.152.0/22 195.234.178.0/24 IPv6: 2a03:5680::/32 Signature Algorithm: sha256WithRSAEncryption 34:9f:2e:eb:31:11:0f:17:c1:75:f9:20:22:82:e1:71:3f:57: 7c:71:7b:7e:20:b5:10:37:e8:32:e3:58:df:c4:1c:f9:0e:98: eb:93:f3:59:bd:fb:11:65:b9:11:cc:c8:3b:a8:b4:37:4d:a3: 6b:d3:67:0e:7b:a1:e7:81:88:8f:88:68:29:61:97:83:87:be: c4:ee:53:19:91:0b:7a:25:79:fd:c9:28:7f:aa:a7:9b:c0:e5: 02:a1:64:df:94:75:a3:cf:8c:e2:db:d4:32:c4:29:fe:64:1a: 4f:38:7c:5f:81:af:b7:86:64:3a:f2:d7:00:87:4b:77:8d:75: b1:15:db:aa:f5:e3:89:d4:63:01:36:cf:11:72:a9:65:50:80: e8:74:b3:6c:6f:83:a8:db:08:79:90:93:0f:a0:df:e2:8a:e1: 4b:fc:a5:4e:09:5b:ea:2a:54:09:a5:6b:f9:28:54:0c:b9:74: 2e:f2:44:3b:30:28:b3:f5:e0:dd:0b:87:42:18:29:8c:6b:1e: 30:66:b7:a8:5c:c1:30:c2:ae:0e:c8:98:aa:41:f6:95:c1:97: d5:01:01:db:cc:23:51:23:d0:d6:99:d2:dd:10:81:d2:64:7b: 65:70:17:21:c7:60:7f:07:df:28:dc:f7:24:dd:59:d7:3c:e9: 78:53:4e:a7 -----BEGIN CERTIFICATE----- MIIFIjCCBAqgAwIBAgISAZt/gv5y+VV4ZYHk2IaZyrkHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2MzM3MjVjZDVkZDkxY2YxOTBhYjNhOTk1MjZlODk4MzU3 ODU2ZWYwHhcNMjYwMTAyMTYyMDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNDI2MDhhYmQ2OWI1ZGE2ZjIwMDE0ODRlNGMwNGQyYWQ5NTZlODNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8Hi9n3enkiPoSuBisCDUdtgUowI KKsZWCd9mEurT3ri5qF5u1gd89qp8rhPUtTZxvhm8ium65zzBgYdt2FXsEwpcC7a gxRfR6mcy04hLjBTj/dumOFI/EGIoxYxE2daiLDxdWU/gnuYIG4k3Uqe1/MdJSqm lvlDHyYdZVDItJIgxynbT8o77StgnGJSqKwCjJFtS43PFoGJY+6tWCRjNLKZH648 CaOemLgGQXD2LohryJ7SNLyPx28/vvhJmB0Bl/PfbkKVJzE9mA5H9zjuOakr54ar sabjBUkXXJdZ4biwuEf53SUTsM1hYDCpsRjzIndJwL3w5CdhkaE5dkd7IwIDAQAB o4ICLjCCAiowHQYDVR0OBBYEFCQmCKvWm12m8gAUhOTATSrZVug7MB8GA1UdIwQY MBaAFKYzclzV3ZHPGQqzqZUm6Jg1eFbvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGpOeVhOWGRrYzhaQ3JPcGxTYm9tRFY0VnU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81Yjg1NmEtYTkwZC00NzkxLTljMTAt YzBiODEzYjRlYzdlLzEvSkNZSXE5YWJYYWJ5QUJTRTVNQk5LdGxXNkRzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC81Yjg1NmEtYTkwZC00NzkxLTljMTAtYzBiODEzYjRlYzdl LzEvcGpOeVhOWGRrYzhaQ3JPcGxTYm9tRFY0VnU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAiBAIAATAcAwQAW9XdAwMA gPYDAwCNBgMEAsEXmAMEAMPqsjANBAIAAjAHAwUAKgNWgDANBgkqhkiG9w0BAQsF AAOCAQEANJ8u6zERDxfBdfkgIoLhcT9XfHF7fiC1EDfoMuNY38Qc+Q6Y65PzWb37 EWW5EczIO6i0N02ja9NnDnuh54GIj4hoKWGXg4e+xO5TGZELeiV5/ckof6qnm8Dl AqFk35R1o8+M4tvUMsQp/mQaTzh8X4Gvt4ZkOvLXAIdLd411sRXbqvXjidRjATbP EXKpZVCA6HSzbG+DqNsIeZCTD6Df4orhS/ylTglb6ipUCaVr+ShUDLl0LvJEOzAo s/Xg3QuHQhgpjGseMGa3qFzBMMKuDsiYqkH2lcGX1QEB28wjUSPQ1pnS3RCB0mR7 ZXAXIcdgfwffKNz3JN1Z1zzpeFNOpw== -----END CERTIFICATE-----Generated at Tue Jan 20 04:45:26 2026 by rpki-client