This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/hAJCIirAsZk8GUXF7WubyM8TjKI.roa File: hAJCIirAsZk8GUXF7WubyM8TjKI.roa (raw, json) Hash identifier: j6pH65MDKZ3nETHCyHm0OLZKv7Eb9miovENp+54ETCc= Subject key identifier: 84:02:42:22:2A:C0:B1:99:3C:19:45:C5:ED:6B:9B:C8:CF:13:8C:A2 Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10 Certificate serial: 019B7F84EDA17CCD6A53D59ACCC785A355D7 Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/hAJCIirAsZk8GUXF7WubyM8TjKI.roa Signing time: Fri 02 Jan 2026 16:22:56 +0000 ROA not before: Fri 02 Jan 2026 16:22:56 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211440 IP address blocks: 88.209.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 15:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:ed:a1:7c:cd:6a:53:d5:9a:cc:c7:85:a3:55:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10 Validity Not Before: Jan 2 16:22:56 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=840242222ac0b1993c1945c5ed6b9bc8cf138ca2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:07:a3:92:05:32:6a:3f:4c:c8:b3:18:0a:9c: 09:c5:45:05:39:90:b8:17:89:11:b1:e2:7f:44:99: 85:68:ab:8b:b4:ff:13:b8:42:ca:71:58:dc:c0:8e: 05:8b:dc:a0:ab:f2:4c:74:24:11:62:92:85:71:3b: 6f:f0:10:20:04:05:bc:38:d2:73:4c:6a:3d:2b:a4: ce:f0:64:b7:87:8a:5e:eb:a3:da:54:0f:ec:d6:7d: ca:03:de:ca:00:6a:3f:f9:65:f2:1a:1a:7d:bc:64: d7:26:0e:0b:2c:bb:7d:f9:b5:e2:38:fb:ba:20:50: 2f:37:5e:7f:c6:bd:1b:41:ec:df:65:e8:96:37:6f: d7:4d:d5:4c:f5:db:1c:1c:9a:f9:81:c2:b3:b1:74: 80:8d:64:98:77:bf:49:1e:7a:fb:e5:40:60:71:4f: fa:c8:29:5e:38:d3:4f:71:3d:d6:51:71:6f:d1:24: e5:db:d8:37:f8:97:9a:e6:37:aa:1a:28:1c:67:3e: 17:69:f2:fe:bf:8d:e4:04:e0:fc:ba:17:00:64:43: b6:33:7b:ff:28:3d:6f:e7:a6:d8:6c:cb:4a:18:c0: f6:ce:72:ef:b4:7d:34:02:fc:58:1d:7e:fa:d9:1a: 1d:11:53:17:ff:5b:4e:3c:8b:98:fe:a4:a7:d1:2b: 05:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:02:42:22:2A:C0:B1:99:3C:19:45:C5:ED:6B:9B:C8:CF:13:8C:A2 X509v3 Authority Key Identifier: keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/hAJCIirAsZk8GUXF7WubyM8TjKI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.209.252.0/24 Signature Algorithm: sha256WithRSAEncryption 9e:b8:c7:35:07:88:85:07:3e:5d:9e:29:5c:36:76:6a:d3:7e: 62:77:b6:e5:f7:39:29:ff:ac:bb:96:25:7c:9c:fb:65:7f:11: c5:be:54:d1:68:6b:15:2c:a3:5e:52:e1:7b:49:0e:62:d0:8a: 7b:cf:08:12:6c:80:73:fb:3d:9e:2f:e4:d0:07:4d:6f:0a:f8: af:6f:47:c6:87:28:5d:00:ed:bf:e6:6b:a6:88:32:33:15:ba: d5:ed:80:f7:69:37:57:36:a1:40:3f:42:06:d3:5e:08:cd:d4: 8d:a9:7b:c5:c7:6a:fc:56:b0:b6:39:ad:85:43:8d:d4:6f:59: 3f:2b:e8:6f:91:f9:85:a2:b5:46:5b:3f:62:c1:75:bc:6e:eb: df:85:f8:bb:7a:68:2c:fb:32:c5:45:48:00:e9:73:38:c5:34: be:09:c5:77:d7:bb:8e:3d:bb:9b:83:bf:0b:a9:c3:eb:a8:e2: 7d:57:fa:b5:52:61:3a:c6:7a:87:0d:c9:da:77:8c:0f:2e:ad: d8:ba:c9:2d:34:f7:bd:0d:72:26:ec:ad:c1:33:82:c8:91:bf: ff:2b:c2:9b:3d:07:8c:fe:57:3b:50:6f:28:67:96:78:5b:b4: da:a9:61:9b:f3:8e:c8:c4:02:a2:2c:80:41:37:91:0a:09:12: ba:d4:d9:bf -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/hO2hfM1qU9WazMeFo1XXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx MWRhMTAwHhcNMjYwMTAyMTYyMjU2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDAyNDIyMjJhYzBiMTk5M2MxOTQ1YzVlZDZiOWJjOGNmMTM4Y2EyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAejkgUyaj9MyLMYCpwJxUUFOZC4 F4kRseJ/RJmFaKuLtP8TuELKcVjcwI4Fi9ygq/JMdCQRYpKFcTtv8BAgBAW8ONJz TGo9K6TO8GS3h4pe66PaVA/s1n3KA97KAGo/+WXyGhp9vGTXJg4LLLt9+bXiOPu6 IFAvN15/xr0bQezfZeiWN2/XTdVM9dscHJr5gcKzsXSAjWSYd79JHnr75UBgcU/6 yCleONNPcT3WUXFv0STl29g3+Jea5jeqGigcZz4XafL+v43kBOD8uhcAZEO2M3v/ KD1v56bYbMtKGMD2znLvtH00AvxYHX762RodEVMX/1tOPIuY/qSn0SsF3wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIQCQiIqwLGZPBlFxe1rm8jPE4yiMB8GA1UdIwQY MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt N2U0ZDZmNmY2ZTY2LzEvaEFKQ0lpckFzWms4R1VYRjdXdWJ5TThUaktJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2 LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNH8MA0G CSqGSIb3DQEBCwUAA4IBAQCeuMc1B4iFBz5dnilcNnZq035id7bl9zkp/6y7liV8 nPtlfxHFvlTRaGsVLKNeUuF7SQ5i0Ip7zwgSbIBz+z2eL+TQB01vCvivb0fGhyhd AO2/5mumiDIzFbrV7YD3aTdXNqFAP0IG014IzdSNqXvFx2r8VrC2Oa2FQ43Ub1k/ K+hvkfmForVGWz9iwXW8buvfhfi7emgs+zLFRUgA6XM4xTS+CcV317uOPbubg78L qcPrqOJ9V/q1UmE6xnqHDcnad4wPLq3YusktNPe9DXIm7K3BM4LIkb//K8KbPQeM /lc7UG8oZ5Z4W7TaqWGb847IxAKiLIBBN5EKCRK61Nm/ -----END CERTIFICATE-----Generated at Mon Jan 19 19:59:30 2026 by rpki-client