This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/jEFjyAFrXDcV4VZRl6Fg4c-tBbI.roa File: jEFjyAFrXDcV4VZRl6Fg4c-tBbI.roa (raw, json) Hash identifier: SCNZ1jcp85B9JQOpcfN9KIw7MGVU7KDV6MeoqHXZssQ= Subject key identifier: 8C:41:63:C8:01:6B:5C:37:15:E1:56:51:97:A1:60:E1:CF:AD:05:B2 Certificate issuer: /CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2 Certificate serial: 019B7DCA78231881EF58AF6993C29AFDBDAF Authority key identifier: 03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/jEFjyAFrXDcV4VZRl6Fg4c-tBbI.roa Signing time: Fri 02 Jan 2026 08:19:39 +0000 ROA not before: Fri 02 Jan 2026 08:19:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35699 IP address blocks: 185.77.158.0/24 maxlen: 24 185.86.9.0/24 maxlen: 24 185.158.170.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.mft rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:78:23:18:81:ef:58:af:69:93:c2:9a:fd:bd:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=037862b4608c79f450295ec5c80c7c7ad6dfe2a2 Validity Not Before: Jan 2 08:19:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8c4163c8016b5c3715e1565197a160e1cfad05b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:24:2a:5f:aa:52:18:ed:e0:e1:74:1b:8b:b3: 00:e4:ae:d9:b1:2e:df:4d:dd:a9:17:2f:28:b2:44: 15:bb:69:c3:7e:c4:36:cf:40:f1:da:1c:fc:dd:59: d1:14:64:f9:53:77:51:1a:8f:dc:6c:d3:f4:86:cb: 81:e7:28:6c:94:66:37:7c:ec:38:2c:fc:73:d8:bc: 31:85:ff:95:ed:48:32:6f:ab:33:0c:af:5a:0a:b7: 6a:df:95:e3:5d:14:2b:98:72:a2:d2:a2:49:de:be: 2a:8d:d2:aa:e4:57:ce:55:e1:a8:3b:cc:a7:30:ec: 76:87:1c:47:8c:00:74:75:4c:ad:aa:2a:35:ce:e2: 20:79:77:33:ea:69:40:73:2f:70:48:4d:2e:6d:5e: 57:35:e8:5a:b1:54:da:71:3e:b8:8d:e4:47:ca:06: a9:51:17:93:c5:61:cc:49:b1:11:b5:04:4d:08:f6: da:3e:e1:25:eb:2c:52:86:d7:36:d7:59:22:da:f3: 56:92:f6:a1:f2:5f:37:1c:f2:3c:f3:52:e7:2d:61: 63:37:e9:ac:dd:63:30:2b:ba:61:e5:6d:05:70:ef: 76:4a:ca:bb:3e:af:7f:1a:16:33:41:32:b2:99:d3: 4a:a4:80:73:c9:bc:e0:91:16:0d:d8:88:36:50:7a: 6e:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:41:63:C8:01:6B:5C:37:15:E1:56:51:97:A1:60:E1:CF:AD:05:B2 X509v3 Authority Key Identifier: keyid:03:78:62:B4:60:8C:79:F4:50:29:5E:C5:C8:0C:7C:7A:D6:DF:E2:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3hitGCMefRQKV7FyAx8etbf4qI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/jEFjyAFrXDcV4VZRl6Fg4c-tBbI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/1afe53-f1b8-4315-ab1c-f474f7bd3531/1/A3hitGCMefRQKV7FyAx8etbf4qI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.77.158.0/24 185.86.9.0/24 185.158.170.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:d1:93:e3:f0:ae:2e:27:0b:40:47:f6:8b:5f:d9:9a:84:67: 36:72:5e:d3:12:c1:61:97:37:56:7c:ff:fd:2f:b2:e3:16:cd: 70:b7:5d:be:6c:dc:15:af:13:54:54:7d:77:f9:eb:76:29:d8: 49:93:ba:d9:6b:4f:33:6f:4e:2c:35:03:d8:52:ea:5f:b0:57: 78:db:e0:78:e4:6f:bb:8a:d3:0d:ee:97:ab:f6:7f:5d:e9:f2: f9:9e:33:1d:9c:1a:8b:d5:d7:d1:7c:e9:2d:fb:bb:6a:95:71: 34:20:4c:3a:6f:ef:53:e2:40:8e:90:65:fe:f9:0d:6b:4a:bc: 1c:b8:65:b6:6a:98:2a:d9:7d:96:fa:60:06:32:8e:43:db:35: cd:31:09:54:7a:e4:4c:6d:70:fe:b1:60:70:bb:5a:f9:67:e8: ee:a4:5a:39:58:fc:fc:57:7d:b9:73:7c:d7:f2:5f:f8:81:44: 46:bc:e9:e2:53:88:bc:54:81:01:7f:fa:de:2d:19:14:42:69: 89:69:88:f0:72:d6:f5:d1:33:84:1a:40:45:a1:fa:97:ed:cb: 26:4e:5b:a6:f7:36:1a:aa:31:86:1c:da:75:26:91:10:d7:29: 7b:cc:db:2d:4a:2b:75:37:2d:ef:34:d7:06:d0:bc:e9:a1:3f: da:36:34:5d -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt9yngjGIHvWK9pk8Ka/b2vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzNzg2MmI0NjA4Yzc5ZjQ1MDI5NWVjNWM4MGM3YzdhZDZk ZmUyYTIwHhcNMjYwMTAyMDgxOTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YzQxNjNjODAxNmI1YzM3MTVlMTU2NTE5N2ExNjBlMWNmYWQwNWIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviQqX6pSGO3g4XQbi7MA5K7ZsS7f Td2pFy8oskQVu2nDfsQ2z0Dx2hz83VnRFGT5U3dRGo/cbNP0hsuB5yhslGY3fOw4 LPxz2Lwxhf+V7Ugyb6szDK9aCrdq35XjXRQrmHKi0qJJ3r4qjdKq5FfOVeGoO8yn MOx2hxxHjAB0dUytqio1zuIgeXcz6mlAcy9wSE0ubV5XNehasVTacT64jeRHygap UReTxWHMSbERtQRNCPbaPuEl6yxShtc211ki2vNWkvah8l83HPI881LnLWFjN+ms 3WMwK7ph5W0FcO92Ssq7Pq9/GhYzQTKymdNKpIBzybzgkRYN2Ig2UHpuIQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFIxBY8gBa1w3FeFWUZehYOHPrQWyMB8GA1UdIwQY MBaAFAN4YrRgjHn0UClexcgMfHrW3+KiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMt ZjQ3NGY3YmQzNTMxLzEvakVGanlBRnJYRGNWNFZaUmw2Rmc0Yy10QmJJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS8xYWZlNTMtZjFiOC00MzE1LWFiMWMtZjQ3NGY3YmQzNTMx LzEvQTNoaXRHQ01lZlJRS1Y3RnlBeDhldGJmNHFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuU2eAwQA uVYJAwQAuZ6qMA0GCSqGSIb3DQEBCwUAA4IBAQAt0ZPj8K4uJwtAR/aLX9mahGc2 cl7TEsFhlzdWfP/9L7LjFs1wt12+bNwVrxNUVH13+et2KdhJk7rZa08zb04sNQPY UupfsFd42+B45G+7itMN7per9n9d6fL5njMdnBqL1dfRfOkt+7tqlXE0IEw6b+9T 4kCOkGX++Q1rSrwcuGW2apgq2X2W+mAGMo5D2zXNMQlUeuRMbXD+sWBwu1r5Z+ju pFo5WPz8V325c3zX8l/4gURGvOniU4i8VIEBf/reLRkUQmmJaYjwctb10TOEGkBF ofqX7csmTlum9zYaqjGGHNp1JpEQ1yl7zNstSit1Ny3vNNcG0LzpoT/aNjRd -----END CERTIFICATE-----Generated at Mon Jan 26 23:01:45 2026 by rpki-client