This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fjJzi6C0ACBXjJylK4FOS39PXAM.roa File: fjJzi6C0ACBXjJylK4FOS39PXAM.roa (raw, json) Hash identifier: qFkQmRsUHzwdIMICY4Qsak2F8EuiYiFWgkA6sIv4Uo4= Subject key identifier: 7E:32:73:8B:A0:B4:00:20:57:8C:9C:A5:2B:81:4E:4B:7F:4F:5C:03 Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Certificate serial: 019B7D5D3D6F3FF6A1A60A3EF8BC2B04341D Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fjJzi6C0ACBXjJylK4FOS39PXAM.roa Signing time: Fri 02 Jan 2026 06:20:21 +0000 ROA not before: Fri 02 Jan 2026 06:20:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42708 IP address blocks: 45.8.71.0/24 maxlen: 24 2a0b:64c2::/32 maxlen: 48 2a0b:64c3::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:3d:6f:3f:f6:a1:a6:0a:3e:f8:bc:2b:04:34:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2 Validity Not Before: Jan 2 06:20:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7e32738ba0b40020578c9ca52b814e4b7f4f5c03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:e2:75:b3:15:3c:26:42:f6:3f:11:32:0a:94: d8:5f:65:e3:75:b4:52:ff:49:c1:91:77:93:fa:37: 3a:38:d1:e0:ac:98:28:d8:63:e1:e1:06:b6:ac:d7: 7e:25:f2:88:16:1c:96:f0:4e:17:33:e5:0e:81:34: 6f:13:ce:4a:7c:bc:80:97:61:0e:44:4f:c6:19:e7: 5c:af:25:bb:da:c7:62:d4:f8:47:0a:13:5e:45:b4: ee:9f:16:c2:4b:cd:1a:43:e6:09:75:52:09:d7:f7: 8e:32:aa:10:39:ed:ea:58:be:93:8c:b6:97:09:fa: b3:2a:df:4a:e1:ff:20:ea:a3:e6:13:ef:98:b3:8a: 80:77:f4:72:9a:48:a2:b9:77:5d:11:8d:5e:92:0e: 0e:e9:ac:40:a0:fd:bb:76:26:d2:e6:79:e1:95:9d: 55:f8:4b:4f:02:31:60:dc:92:e0:b9:2d:f1:9d:35: 5b:21:70:9d:f6:ff:bc:7e:2d:6e:a4:f0:9b:93:4f: 7f:4d:a7:d1:70:bd:4e:24:f1:e2:89:7f:7c:dc:6c: e8:0c:d4:d9:df:1b:43:08:5d:1a:19:92:d0:3e:b8: 34:74:d2:30:9d:26:8c:48:bb:a8:7a:5c:24:9b:b9: ab:d0:11:86:75:8d:d1:46:f7:f1:10:35:24:2e:29: 74:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:32:73:8B:A0:B4:00:20:57:8C:9C:A5:2B:81:4E:4B:7F:4F:5C:03 X509v3 Authority Key Identifier: keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/fjJzi6C0ACBXjJylK4FOS39PXAM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.8.71.0/24 IPv6: 2a0b:64c2::/31 Signature Algorithm: sha256WithRSAEncryption 89:8a:9b:22:2a:cc:5b:25:b0:bf:2d:a8:87:9c:cf:a6:a9:03: 33:cc:87:8d:f9:8e:82:00:2f:f0:f1:30:ae:6a:77:b3:20:21: f2:bb:f3:92:a1:6d:2e:b9:b5:19:93:63:66:83:18:c6:03:80: 0b:ec:1a:11:ec:65:e0:40:80:01:18:49:a0:e5:9f:69:6c:c2: fd:61:35:b2:d4:68:64:ea:ec:e0:03:5f:45:4a:d2:78:4d:9b: b6:6d:86:bc:0b:e4:e8:40:db:d9:d6:c5:c4:0d:1e:66:13:5f: 17:78:de:f6:60:7a:0f:7b:72:f8:3e:fb:77:64:50:70:df:f6: 6c:82:e0:73:e2:00:84:40:08:13:8e:c3:82:71:29:00:84:a8: a4:e1:0a:a6:ec:08:ea:87:6b:33:f1:c0:79:32:43:a2:8e:b3: 9a:a0:a1:7e:6c:1f:cc:a3:99:fe:7a:51:da:f9:0b:58:1c:e4: b4:70:4d:98:e7:49:75:ee:35:80:f3:7f:af:f4:b7:2b:65:26: d3:4b:f0:41:d8:31:69:b0:bf:09:19:a8:5d:f5:92:03:3d:8c: f9:a3:9d:05:ca:63:47:0e:ea:55:c7:45:6f:57:94:ce:36:5d: 12:20:61:2a:e2:87:b7:09:79:40:e1:b3:8f:1f:35:d0:95:98: f8:54:a9:8e -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9XT1vP/ahpgo++LwrBDQdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw NWIwZTIwHhcNMjYwMTAyMDYyMDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3ZTMyNzM4YmEwYjQwMDIwNTc4YzljYTUyYjgxNGU0YjdmNGY1YzAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeJ1sxU8JkL2PxEyCpTYX2XjdbRS /0nBkXeT+jc6ONHgrJgo2GPh4Qa2rNd+JfKIFhyW8E4XM+UOgTRvE85KfLyAl2EO RE/GGedcryW72sdi1PhHChNeRbTunxbCS80aQ+YJdVIJ1/eOMqoQOe3qWL6TjLaX CfqzKt9K4f8g6qPmE++Ys4qAd/RymkiiuXddEY1ekg4O6axAoP27dibS5nnhlZ1V +EtPAjFg3JLguS3xnTVbIXCd9v+8fi1upPCbk09/TafRcL1OJPHiiX983GzoDNTZ 3xtDCF0aGZLQPrg0dNIwnSaMSLuoelwkm7mr0BGGdY3RRvfxEDUkLil02QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFH4yc4ugtAAgV4ycpSuBTkt/T1wDMB8GA1UdIwQY MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt MmNjZWRiOTY2YTU4LzEvZmpKemk2QzBBQ0JYakp5bEs0Rk9TMzlQWEFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4 LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALQhHMA0E AgACMAcDBQEqC2TCMA0GCSqGSIb3DQEBCwUAA4IBAQCJipsiKsxbJbC/LaiHnM+m qQMzzIeN+Y6CAC/w8TCuanezICHyu/OSoW0uubUZk2NmgxjGA4AL7BoR7GXgQIAB GEmg5Z9pbML9YTWy1Ghk6uzgA19FStJ4TZu2bYa8C+ToQNvZ1sXEDR5mE18XeN72 YHoPe3L4Pvt3ZFBw3/ZsguBz4gCEQAgTjsOCcSkAhKik4Qqm7Ajqh2sz8cB5MkOi jrOaoKF+bB/Mo5n+elHa+QtYHOS0cE2Y50l17jWA83+v9LcrZSbTS/BB2DFpsL8J Gahd9ZIDPYz5o50FymNHDupVx0VvV5TONl0SIGEq4oe3CXlA4bOPHzXQlZj4VKmO -----END CERTIFICATE-----Generated at Mon Jan 19 17:45:42 2026 by rpki-client