This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/03af8b-3e58-4916-a9b5-6b877036aa1a/1/jGh-wNW6Bb8Ek-tElbdvocTw07w.roa File: jGh-wNW6Bb8Ek-tElbdvocTw07w.roa (raw, json) Hash identifier: U9B8vDsky1QCNLRt1e+ai6h13YxOH7cX6zl+1cv2MFQ= Subject key identifier: 8C:68:7E:C0:D5:BA:05:BF:04:93:EB:44:95:B7:6F:A1:C4:F0:D3:BC Certificate issuer: /CN=43724e61e3ba2f94665917339e6dac2b680a18cf Certificate serial: 019B7CED45E84486DC99F8F6590229983B9E Authority key identifier: 43:72:4E:61:E3:BA:2F:94:66:59:17:33:9E:6D:AC:2B:68:0A:18:CF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q3JOYeO6L5RmWRcznm2sK2gKGM8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/03af8b-3e58-4916-a9b5-6b877036aa1a/1/jGh-wNW6Bb8Ek-tElbdvocTw07w.roa Signing time: Fri 02 Jan 2026 04:18:03 +0000 ROA not before: Fri 02 Jan 2026 04:18:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50349 IP address blocks: 91.240.248.0/22 maxlen: 22 193.150.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/03af8b-3e58-4916-a9b5-6b877036aa1a/1/Q3JOYeO6L5RmWRcznm2sK2gKGM8.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/03af8b-3e58-4916-a9b5-6b877036aa1a/1/Q3JOYeO6L5RmWRcznm2sK2gKGM8.mft rsync://rpki.ripe.net/repository/DEFAULT/Q3JOYeO6L5RmWRcznm2sK2gKGM8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:45:e8:44:86:dc:99:f8:f6:59:02:29:98:3b:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=43724e61e3ba2f94665917339e6dac2b680a18cf Validity Not Before: Jan 2 04:18:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8c687ec0d5ba05bf0493eb4495b76fa1c4f0d3bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:f3:6c:f2:68:5c:fd:bd:23:1b:53:a7:e1:f9: 6e:9a:1b:14:87:84:d0:48:51:b3:2a:1f:f7:68:8c: 6c:47:d3:77:a8:0e:8d:d2:e6:73:76:6e:35:f3:fe: 18:74:5d:88:53:33:1b:d1:e1:1b:49:02:25:f7:66: 42:04:6c:2a:11:ab:df:51:ad:86:d5:b8:2c:ac:2a: 62:7b:69:74:51:41:57:2c:63:da:83:57:94:5d:5e: 48:f0:ed:ff:be:98:86:16:a2:6c:8f:e8:c5:ee:d0: 74:25:1f:1a:83:04:a9:f8:f4:1f:e6:45:3e:00:85: 92:87:f4:f6:04:24:90:6f:f7:fd:93:76:cc:51:4a: 1e:79:6f:d7:3f:7c:ab:6a:bf:ff:83:39:14:bd:7c: 6c:c4:fd:8e:e5:46:fa:23:b3:78:0c:76:ce:0c:2e: f1:cc:73:45:60:ab:5c:0f:14:c2:81:75:ca:f6:0a: a4:e8:73:67:ee:94:45:f3:e3:d4:87:f8:2e:5c:96: e4:d1:25:5c:ef:47:c3:3a:71:2a:16:de:0c:ad:74: a6:bb:45:95:31:5c:c7:d6:9e:90:15:db:d0:5f:6e: dc:39:66:6a:8d:d1:99:67:f1:ed:3f:05:1b:a1:67: a4:86:ba:b7:9d:5e:7b:d3:fb:b6:be:b5:b2:ab:f2: 8e:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:68:7E:C0:D5:BA:05:BF:04:93:EB:44:95:B7:6F:A1:C4:F0:D3:BC X509v3 Authority Key Identifier: keyid:43:72:4E:61:E3:BA:2F:94:66:59:17:33:9E:6D:AC:2B:68:0A:18:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q3JOYeO6L5RmWRcznm2sK2gKGM8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/03af8b-3e58-4916-a9b5-6b877036aa1a/1/jGh-wNW6Bb8Ek-tElbdvocTw07w.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/03af8b-3e58-4916-a9b5-6b877036aa1a/1/Q3JOYeO6L5RmWRcznm2sK2gKGM8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.240.248.0/22 193.150.21.0/24 Signature Algorithm: sha256WithRSAEncryption 16:95:d5:f1:6e:07:97:94:21:2e:30:f2:14:97:d5:ee:4c:ce: 22:a1:a3:74:dc:8d:03:c4:1b:71:7e:37:8f:d1:a2:ab:74:44: 43:24:4d:93:7e:c5:eb:7a:98:31:a8:8a:3b:65:d8:f5:2b:3d: c2:c9:aa:a3:23:81:c9:3f:97:a2:32:20:88:a0:1d:9f:cc:52: 2a:a3:cb:20:47:75:d8:10:3d:b8:75:88:e3:bc:3d:bc:41:d9: 83:1c:10:64:33:7b:fa:1f:01:b5:5f:c1:56:28:7f:c9:4b:76: e7:7a:21:12:a2:02:f1:28:d9:6a:fd:0c:c5:7c:ab:fd:ab:c6: 26:b5:04:7f:17:51:63:f2:07:0b:85:74:1a:1d:c5:b0:fe:38: e8:7d:96:92:b1:a0:52:83:b1:0e:c4:31:02:0f:14:ef:2e:54: 46:c3:03:24:da:60:a8:5a:8e:13:a5:50:51:4f:36:94:b8:7d: 01:a2:bc:98:6f:5f:7c:ee:a6:7f:97:54:6d:52:a0:39:6d:f3: 89:b9:94:6e:2b:72:94:40:10:c1:4e:43:dd:cb:1b:2d:7e:32: 48:02:0b:f7:6b:a7:d3:5d:bb:d5:56:15:95:cd:b7:39:19:6c: 41:37:10:b3:2f:64:a3:f1:64:c4:ce:23:b7:1e:bd:a1:82:10: 6f:3b:33:e5 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt87UXoRIbcmfj2WQIpmDueMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQzNzI0ZTYxZTNiYTJmOTQ2NjU5MTczMzllNmRhYzJiNjgw YTE4Y2YwHhcNMjYwMTAyMDQxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YzY4N2VjMGQ1YmEwNWJmMDQ5M2ViNDQ5NWI3NmZhMWM0ZjBkM2JjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/Ns8mhc/b0jG1On4flumhsUh4TQ SFGzKh/3aIxsR9N3qA6N0uZzdm418/4YdF2IUzMb0eEbSQIl92ZCBGwqEavfUa2G 1bgsrCpie2l0UUFXLGPag1eUXV5I8O3/vpiGFqJsj+jF7tB0JR8agwSp+PQf5kU+ AIWSh/T2BCSQb/f9k3bMUUoeeW/XP3yrar//gzkUvXxsxP2O5Ub6I7N4DHbODC7x zHNFYKtcDxTCgXXK9gqk6HNn7pRF8+PUh/guXJbk0SVc70fDOnEqFt4MrXSmu0WV MVzH1p6QFdvQX27cOWZqjdGZZ/HtPwUboWekhrq3nV570/u2vrWyq/KOnwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIxofsDVugW/BJPrRJW3b6HE8NO8MB8GA1UdIwQY MBaAFENyTmHjui+UZlkXM55trCtoChjPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUTNKT1llTzZMNVJtV1Jjem5tMnNLMmdLR004LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wM2FmOGItM2U1OC00OTE2LWE5YjUt NmI4NzcwMzZhYTFhLzEvakdoLXdOVzZCYjhFay10RWxiZHZvY1R3MDd3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8wM2FmOGItM2U1OC00OTE2LWE5YjUtNmI4NzcwMzZhYTFh LzEvUTNKT1llTzZMNVJtV1Jjem5tMnNLMmdLR004LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW/D4AwQA wZYVMA0GCSqGSIb3DQEBCwUAA4IBAQAWldXxbgeXlCEuMPIUl9XuTM4ioaN03I0D xBtxfjeP0aKrdERDJE2TfsXrepgxqIo7Zdj1Kz3CyaqjI4HJP5eiMiCIoB2fzFIq o8sgR3XYED24dYjjvD28QdmDHBBkM3v6HwG1X8FWKH/JS3bneiESogLxKNlq/QzF fKv9q8YmtQR/F1Fj8gcLhXQaHcWw/jjofZaSsaBSg7EOxDECDxTvLlRGwwMk2mCo Wo4TpVBRTzaUuH0BoryYb1987qZ/l1RtUqA5bfOJuZRuK3KUQBDBTkPdyxstfjJI Agv3a6fTXbvVVhWVzbc5GWxBNxCzL2Sj8WTEziO3Hr2hghBvOzPl -----END CERTIFICATE-----Generated at Tue Feb 10 00:09:25 2026 by rpki-client