This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/jcJ1FEJq00hankjZHcjsw8w2u-s.roa File: jcJ1FEJq00hankjZHcjsw8w2u-s.roa (raw, json) Hash identifier: Qo2AdracuK7vyRKsDuRBiYGss9rpdhbei/opc826d7Y= Subject key identifier: 8D:C2:75:14:42:6A:D3:48:5A:9E:48:D9:1D:C8:EC:C3:CC:36:BB:EB Certificate issuer: /CN=20820f796481ac0e9637c962414597b1fe227c24 Certificate serial: 019B797ECCA49033559DB51F1271309703E7 Authority key identifier: 20:82:0F:79:64:81:AC:0E:96:37:C9:62:41:45:97:B1:FE:22:7C:24 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IIIPeWSBrA6WN8liQUWXsf4ifCQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/jcJ1FEJq00hankjZHcjsw8w2u-s.roa Signing time: Thu 01 Jan 2026 12:18:31 +0000 ROA not before: Thu 01 Jan 2026 12:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203483 IP address blocks: 185.11.94.0/24 maxlen: 24 185.11.95.0/24 maxlen: 24 2a0c:9680:2::/48 maxlen: 48 2a0c:9680:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/IIIPeWSBrA6WN8liQUWXsf4ifCQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/IIIPeWSBrA6WN8liQUWXsf4ifCQ.mft rsync://rpki.ripe.net/repository/DEFAULT/IIIPeWSBrA6WN8liQUWXsf4ifCQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:cc:a4:90:33:55:9d:b5:1f:12:71:30:97:03:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=20820f796481ac0e9637c962414597b1fe227c24 Validity Not Before: Jan 1 12:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8dc27514426ad3485a9e48d91dc8ecc3cc36bbeb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:4f:bf:ea:8d:cb:01:9c:70:bb:26:8c:6b:6d: 17:ff:30:38:59:5d:a5:be:75:ed:b5:dd:7e:a1:bd: af:99:1f:6b:82:fd:81:04:f0:47:80:c4:e4:74:50: 80:57:8e:aa:95:73:94:f4:d8:06:92:c1:e1:a7:0a: 2e:20:c4:5f:d5:4d:41:31:16:cf:18:42:13:f7:4e: 4d:41:18:1f:0c:63:fe:2e:33:ef:73:64:ff:89:d3: b7:40:a0:8d:a0:1d:b0:2f:91:1d:41:1c:32:d0:cb: 4c:a6:99:17:b0:ee:7f:e7:7c:f9:e7:85:40:d1:9a: 32:69:07:78:79:b8:16:23:90:86:a9:d3:fb:58:22: 9d:86:96:c2:aa:71:96:e9:e1:c3:c5:c0:ce:4c:cc: 72:0a:fa:93:54:20:a0:1c:4a:72:ed:41:c1:16:a8: 68:4e:74:81:e7:09:03:46:5a:22:a7:73:bb:cc:f2: 4c:d2:3b:0b:9e:9b:d6:db:72:72:18:77:a4:d2:8c: 4b:4a:b8:18:f1:51:fb:25:bb:04:68:ab:03:ef:75: fc:f5:19:da:2e:e8:ce:64:c4:4b:78:08:30:f5:58: 9b:97:7f:ed:35:ac:33:27:31:f5:15:d4:4d:e2:49: 30:db:6a:e1:85:ca:c0:07:90:7a:55:4d:68:58:b4: 1e:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:C2:75:14:42:6A:D3:48:5A:9E:48:D9:1D:C8:EC:C3:CC:36:BB:EB X509v3 Authority Key Identifier: keyid:20:82:0F:79:64:81:AC:0E:96:37:C9:62:41:45:97:B1:FE:22:7C:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IIIPeWSBrA6WN8liQUWXsf4ifCQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/jcJ1FEJq00hankjZHcjsw8w2u-s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/IIIPeWSBrA6WN8liQUWXsf4ifCQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.11.94.0/23 IPv6: 2a0c:9680:2::/47 Signature Algorithm: sha256WithRSAEncryption 73:c1:51:56:11:ec:e8:ce:af:4f:4b:a8:95:c6:2f:5c:38:c1: ff:2a:4b:24:a7:29:e2:33:c6:5b:f9:5a:52:d0:fe:49:3a:42: 05:c0:3c:c7:84:5c:5f:d6:53:85:3f:4a:9d:aa:4c:db:3d:26: f5:ab:c7:50:f0:6b:55:dd:50:44:99:50:23:ec:92:8a:e2:df: 11:46:10:af:07:b3:34:1e:04:83:20:72:5f:58:01:bf:0e:77: 40:35:84:d5:4c:c8:3a:e3:6a:ff:a0:bb:07:ed:4e:0f:92:c9: fa:b4:d4:bf:f1:3f:99:f3:bb:ac:4b:55:14:18:b9:5a:b2:26: 38:b0:63:e2:56:f0:89:e3:67:d5:3a:f1:a0:90:8d:77:01:5b: 8a:cb:4d:18:a0:0a:0b:12:06:0c:e6:2b:fb:68:f1:70:9f:f2: 57:69:53:78:3c:8d:35:f8:1f:b9:ab:e2:1f:5d:df:59:fc:ff: ff:06:77:d5:3f:0d:80:6b:d3:ea:78:2f:9e:c8:1e:ca:80:d1: c0:20:57:44:81:3e:d7:1e:62:66:7d:c8:bb:6c:8e:d7:9a:f9: f0:2a:a0:82:67:da:13:43:89:6e:20:b1:c3:fe:eb:6a:8a:cc: e5:a3:f2:60:e6:15:fd:b7:f0:c5:84:36:27:4d:c8:9d:06:1b: f8:ee:82:a7 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt5fsykkDNVnbUfEnEwlwPnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwODIwZjc5NjQ4MWFjMGU5NjM3Yzk2MjQxNDU5N2IxZmUy MjdjMjQwHhcNMjYwMTAxMTIxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZGMyNzUxNDQyNmFkMzQ4NWE5ZTQ4ZDkxZGM4ZWNjM2NjMzZiYmViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0+/6o3LAZxwuyaMa20X/zA4WV2l vnXttd1+ob2vmR9rgv2BBPBHgMTkdFCAV46qlXOU9NgGksHhpwouIMRf1U1BMRbP GEIT905NQRgfDGP+LjPvc2T/idO3QKCNoB2wL5EdQRwy0MtMppkXsO5/53z554VA 0ZoyaQd4ebgWI5CGqdP7WCKdhpbCqnGW6eHDxcDOTMxyCvqTVCCgHEpy7UHBFqho TnSB5wkDRloip3O7zPJM0jsLnpvW23JyGHek0oxLSrgY8VH7JbsEaKsD73X89Rna LujOZMRLeAgw9Vibl3/tNawzJzH1FdRN4kkw22rhhcrAB5B6VU1oWLQeXwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFI3CdRRCatNIWp5I2R3I7MPMNrvrMB8GA1UdIwQY MBaAFCCCD3lkgawOljfJYkFFl7H+InwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUlJUGVXU0JyQTZXTjhsaVFVV1hzZjRpZkNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9iOThiOWYtYjU4MS00ZTNlLWFlOGEt OTg3ZDg2OTU2NmY2LzEvamNKMUZFSnEwMGhhbmtqWkhjanN3OHcydS1zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZi9iOThiOWYtYjU4MS00ZTNlLWFlOGEtOTg3ZDg2OTU2NmY2 LzEvSUlJUGVXU0JyQTZXTjhsaVFVV1hzZjRpZkNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuQteMA8E AgACMAkDBwEqDJaAAAIwDQYJKoZIhvcNAQELBQADggEBAHPBUVYR7OjOr09LqJXG L1w4wf8qSySnKeIzxlv5WlLQ/kk6QgXAPMeEXF/WU4U/Sp2qTNs9JvWrx1Dwa1Xd UESZUCPskori3xFGEK8HszQeBIMgcl9YAb8Od0A1hNVMyDrjav+guwftTg+Syfq0 1L/xP5nzu6xLVRQYuVqyJjiwY+JW8InjZ9U68aCQjXcBW4rLTRigCgsSBgzmK/to 8XCf8ldpU3g8jTX4H7mr4h9d31n8//8Gd9U/DYBr0+p4L57IHsqA0cAgV0SBPtce YmZ9yLtsjtea+fAqoIJn2hNDiW4gscP+62qKzOWj8mDmFf238MWENidNyJ0GG/ju gqc= -----END CERTIFICATE-----Generated at Fri Jan 23 00:54:19 2026 by rpki-client