This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/rJ0B3_PG0rjHq-_hS6K9nBrn-PY.roa File: rJ0B3_PG0rjHq-_hS6K9nBrn-PY.roa (raw, json) Hash identifier: m7Zi/TNYib5gTH6m2mPeaQUI4WRQNMe1ierjcvG2bOc= Subject key identifier: AC:9D:01:DF:F3:C6:D2:B8:C7:AB:EF:E1:4B:A2:BD:9C:1A:E7:F8:F6 Certificate issuer: /CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101 Certificate serial: 019B7A5A802702A635FABE269E31DE899288 Authority key identifier: C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/rJ0B3_PG0rjHq-_hS6K9nBrn-PY.roa Signing time: Thu 01 Jan 2026 16:18:30 +0000 ROA not before: Thu 01 Jan 2026 16:18:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2200 IP address blocks: 134.158.72.0/23 maxlen: 23 134.158.78.0/24 maxlen: 24 134.158.120.0/21 maxlen: 21 134.158.159.0/24 maxlen: 24 134.158.195.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.mft rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:80:27:02:a6:35:fa:be:26:9e:31:de:89:92:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101 Validity Not Before: Jan 1 16:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ac9d01dff3c6d2b8c7abefe14ba2bd9c1ae7f8f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:09:38:cf:d8:c9:15:99:fe:84:f2:9b:fc:3a: 34:28:cd:70:82:f7:d7:79:55:00:09:4f:f5:fd:22: 59:4a:a5:b8:dd:8e:e6:ef:53:fc:ba:06:a8:77:68: e7:92:0b:20:53:1c:db:fb:f9:8d:ca:b0:82:75:ec: 43:03:bd:03:f4:1f:cd:08:a9:1e:87:dd:2a:dd:1d: 38:f3:9f:58:ea:7e:4f:6b:76:c1:cc:d5:5c:da:a5: 12:1d:31:e0:7e:75:c1:77:5c:7f:8d:c5:82:d4:c1: 92:e7:e6:da:aa:0b:de:07:49:d5:55:85:b9:76:da: 54:17:77:42:97:fe:c1:f0:7e:f4:2d:fb:89:cc:2c: fe:7a:c6:4e:af:29:59:03:2b:f0:ce:a3:9b:27:53: 07:07:2a:48:30:6a:4b:ad:7a:b0:62:df:00:f7:92: 41:45:75:1b:25:7a:12:2a:f5:cc:8f:aa:2d:79:0c: 44:9a:57:56:c1:c9:e8:07:41:6e:be:5f:2c:00:85: 7e:13:bf:41:5a:69:9c:ee:02:a7:11:7e:51:d4:27: 7e:a4:72:af:25:96:b2:0f:0f:20:c0:47:58:e2:be: 1f:11:37:ae:eb:59:fc:92:81:05:b6:d1:99:c1:a0: 86:97:da:71:1c:8e:6a:f0:4b:08:f4:a7:20:57:9e: 6e:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:9D:01:DF:F3:C6:D2:B8:C7:AB:EF:E1:4B:A2:BD:9C:1A:E7:F8:F6 X509v3 Authority Key Identifier: keyid:C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/rJ0B3_PG0rjHq-_hS6K9nBrn-PY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 134.158.72.0/23 134.158.78.0/24 134.158.120.0/21 134.158.159.0/24 134.158.195.0/24 Signature Algorithm: sha256WithRSAEncryption 29:f6:ce:d6:d6:38:97:14:ea:9f:0c:83:fd:1e:79:e5:d3:5b: f6:f9:c9:26:9e:64:8c:a1:58:4c:b4:be:be:93:08:70:22:50: 8f:41:0c:c9:0a:f0:37:47:a4:cb:95:63:4b:13:56:f6:9f:da: cc:68:0e:b0:58:b4:a3:41:97:d1:4e:97:43:38:5f:d7:58:5d: d3:8c:bd:c6:a1:64:7e:88:f8:24:17:9b:e1:6f:01:a1:4b:78: 77:81:4d:dc:8c:11:cd:51:86:fc:cf:e9:78:3f:a5:12:62:85: 0f:e6:55:f7:85:e6:b1:f2:29:a7:b8:c5:f8:bb:08:14:91:b8: be:8e:35:c2:a6:2e:6d:3b:81:68:eb:a6:80:c7:62:70:f3:88: bc:87:ae:97:e4:5b:56:5c:5c:e1:8b:76:4b:89:82:ce:d2:9b: 55:90:ca:92:e7:4c:26:e6:9d:b3:b9:60:e3:46:6e:8d:11:d4: 64:99:e0:ef:c1:fb:eb:e6:2f:00:21:4d:42:e5:4c:0f:0a:2b: 28:40:62:1a:c8:30:59:c5:e7:4b:1f:bc:3b:35:b3:64:00:09: 84:59:18:45:dd:88:42:4f:e6:ea:c5:b3:57:e9:de:d8:91:ac: 2b:44:f6:7c:f2:1a:7e:99:27:fd:6d:32:54:b2:75:fd:7e:57: 7b:07:6b:1b -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt6WoAnAqY1+r4mnjHeiZKIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM1YTdjM2Y0YjE0NjkzNTEyMjAyNTk1YThhNGY5NWIwZDZi N2ExMDEwHhcNMjYwMTAxMTYxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYzlkMDFkZmYzYzZkMmI4YzdhYmVmZTE0YmEyYmQ5YzFhZTdmOGY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywk4z9jJFZn+hPKb/Do0KM1wgvfX eVUACU/1/SJZSqW43Y7m71P8ugaod2jnkgsgUxzb+/mNyrCCdexDA70D9B/NCKke h90q3R04859Y6n5Pa3bBzNVc2qUSHTHgfnXBd1x/jcWC1MGS5+baqgveB0nVVYW5 dtpUF3dCl/7B8H70LfuJzCz+esZOrylZAyvwzqObJ1MHBypIMGpLrXqwYt8A95JB RXUbJXoSKvXMj6oteQxEmldWwcnoB0Fuvl8sAIV+E79BWmmc7gKnEX5R1Cd+pHKv JZayDw8gwEdY4r4fETeu61n8koEFttGZwaCGl9pxHI5q8EsI9KcgV55uLQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFKydAd/zxtK4x6vv4UuivZwa5/j2MB8GA1UdIwQY MBaAFMWnw/SxRpNRIgJZWopPlbDWt6EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgt ZDEyZjFlMjQ1NmJhLzEvckowQjNfUEcwcmpIcS1faFM2SzluQnJuLVBZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgtZDEyZjFlMjQ1NmJh LzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBhp5IAwQA hp5OAwQDhp54AwQAhp6fAwQAhp7DMA0GCSqGSIb3DQEBCwUAA4IBAQAp9s7W1jiX FOqfDIP9Hnnl01v2+ckmnmSMoVhMtL6+kwhwIlCPQQzJCvA3R6TLlWNLE1b2n9rM aA6wWLSjQZfRTpdDOF/XWF3TjL3GoWR+iPgkF5vhbwGhS3h3gU3cjBHNUYb8z+l4 P6USYoUP5lX3heax8imnuMX4uwgUkbi+jjXCpi5tO4Fo66aAx2Jw84i8h66X5FtW XFzhi3ZLiYLO0ptVkMqS50wm5p2zuWDjRm6NEdRkmeDvwfvr5i8AIU1C5UwPCiso QGIayDBZxedLH7w7NbNkAAmEWRhF3YhCT+bqxbNX6d7YkawrRPZ88hp+mSf9bTJU snX9fld7B2sb -----END CERTIFICATE-----Generated at Mon Jan 26 06:21:21 2026 by rpki-client