This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/AJEm0tpZ80PX3AOqTJlJZLLFZRo.roa File: AJEm0tpZ80PX3AOqTJlJZLLFZRo.roa (raw, json) Hash identifier: 9niTFrHFWmF03337Z/JCr6D2zR0zYQdhet735YBvLGg= Subject key identifier: 00:91:26:D2:DA:59:F3:43:D7:DC:03:AA:4C:99:49:64:B2:C5:65:1A Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f Certificate serial: 019B7910468F4155F392C2DABBFE18A4493E Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/AJEm0tpZ80PX3AOqTJlJZLLFZRo.roa Signing time: Thu 01 Jan 2026 10:17:48 +0000 ROA not before: Thu 01 Jan 2026 10:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 139853 IP address blocks: 149.20.126.0/24 maxlen: 24 149.20.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.mft rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:46:8f:41:55:f3:92:c2:da:bb:fe:18:a4:49:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f Validity Not Before: Jan 1 10:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=009126d2da59f343d7dc03aa4c994964b2c5651a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:85:a5:2e:87:95:ef:a2:2a:1e:68:2f:5d:8a: 51:a3:cf:79:28:11:38:a7:03:ba:93:2a:4a:ba:70: 61:b5:8e:92:28:0c:5d:2b:6b:47:44:bc:3a:9c:2e: 25:a9:f9:2d:83:90:4c:5e:fe:e4:3a:73:95:72:8a: f7:50:4c:e9:95:da:8a:0c:a2:95:e1:8e:bd:5a:6e: c2:1b:73:a9:c5:33:a3:8a:1f:fa:f3:59:d7:8e:54: 1e:48:d9:32:57:2b:2c:86:90:1a:06:6c:34:00:0c: e6:f4:7f:73:14:d3:83:cb:80:8c:d8:8f:d0:58:b7: 6c:f5:8a:03:7d:74:12:c6:64:71:cb:d2:00:2a:97: 2f:7e:42:29:dc:2d:f5:9f:11:31:a1:fe:11:64:0c: 44:f9:83:de:c3:5e:eb:60:70:b1:d8:19:ca:e8:40: 0d:9e:d3:69:b8:f3:a7:4b:09:25:e7:58:96:4e:f4: 34:68:47:bc:54:ba:16:f3:20:00:f6:9b:df:c6:22: 85:08:49:64:18:94:5f:2d:99:73:d5:71:f7:3e:b6: 97:a6:29:d6:a3:c1:4c:ad:6f:15:59:b4:44:ad:28: 8a:05:92:9c:87:22:fd:aa:42:90:69:59:96:26:63: f8:e2:ee:81:d7:f5:c4:f4:e1:ff:bb:a8:ac:24:ab: a5:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:91:26:D2:DA:59:F3:43:D7:DC:03:AA:4C:99:49:64:B2:C5:65:1A X509v3 Authority Key Identifier: keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/AJEm0tpZ80PX3AOqTJlJZLLFZRo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 149.20.126.0/23 Signature Algorithm: sha256WithRSAEncryption 50:4e:00:dc:fa:78:b5:d7:69:1f:76:68:5d:0f:1d:08:b9:f8: 73:76:5a:38:a0:84:96:f5:c1:3b:f9:42:ee:1a:24:4d:8c:ff: 71:7c:6c:1b:cd:a1:aa:eb:1b:3b:d9:7c:36:be:36:29:78:1c: b0:f5:1b:76:ee:03:f4:78:68:fb:3e:e4:4d:38:1c:56:0a:d7: 1b:46:44:69:9e:32:24:aa:46:62:7c:9b:3e:b6:60:79:f5:5c: d4:92:e7:31:1d:b3:7c:6f:18:68:75:d7:93:7d:a2:82:1d:cb: 85:e8:ef:7a:74:3b:1b:1b:7d:b2:8f:55:22:2a:51:51:56:58: 70:d6:77:f7:73:80:9b:69:4c:ca:33:e4:35:b3:5a:d2:d7:54: e3:d7:f9:ed:69:65:6d:51:09:3a:87:bb:1d:3f:6e:51:47:2b: 27:8d:38:98:a6:e0:44:79:cb:6c:62:89:e0:81:f7:2e:c2:0b: b8:82:39:3a:cc:ec:2b:4b:4a:8e:6f:f7:26:50:43:39:79:9d: ca:40:10:86:ef:3c:a9:2b:2b:55:7d:da:6f:3c:c7:1a:d4:81: d9:08:bb:bc:a8:87:d2:89:0b:d5:4e:68:7a:b4:f9:a8:46:5d: 8e:05:87:6d:5d:fa:51:7f:ed:9e:7b:d8:72:b8:9c:dd:2f:fb: ca:33:d7:21 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5EEaPQVXzksLau/4YpEk+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj ZGQ1NGYwHhcNMjYwMTAxMTAxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMDkxMjZkMmRhNTlmMzQzZDdkYzAzYWE0Yzk5NDk2NGIyYzU2NTFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4WlLoeV76IqHmgvXYpRo895KBE4 pwO6kypKunBhtY6SKAxdK2tHRLw6nC4lqfktg5BMXv7kOnOVcor3UEzpldqKDKKV 4Y69Wm7CG3OpxTOjih/681nXjlQeSNkyVysshpAaBmw0AAzm9H9zFNODy4CM2I/Q WLds9YoDfXQSxmRxy9IAKpcvfkIp3C31nxExof4RZAxE+YPew17rYHCx2BnK6EAN ntNpuPOnSwkl51iWTvQ0aEe8VLoW8yAA9pvfxiKFCElkGJRfLZlz1XH3PraXpinW o8FMrW8VWbRErSiKBZKchyL9qkKQaVmWJmP44u6B1/XE9OH/u6isJKulpwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFACRJtLaWfND19wDqkyZSWSyxWUaMB8GA1UdIwQY MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt MzQ2MzY4ODI3ZTY4LzEvQUpFbTB0cFo4MFBYM0FPcVRKbEpaTExGWlJvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4 LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBlRR+MA0G CSqGSIb3DQEBCwUAA4IBAQBQTgDc+ni112kfdmhdDx0Iufhzdlo4oISW9cE7+ULu GiRNjP9xfGwbzaGq6xs72Xw2vjYpeByw9Rt27gP0eGj7PuRNOBxWCtcbRkRpnjIk qkZifJs+tmB59VzUkucxHbN8bxhoddeTfaKCHcuF6O96dDsbG32yj1UiKlFRVlhw 1nf3c4CbaUzKM+Q1s1rS11Tj1/ntaWVtUQk6h7sdP25RRysnjTiYpuBEectsYong gfcuwgu4gjk6zOwrS0qOb/cmUEM5eZ3KQBCG7zypKytVfdpvPMca1IHZCLu8qIfS iQvVTmh6tPmoRl2OBYdtXfpRf+2ee9hyuJzdL/vKM9ch -----END CERTIFICATE-----Generated at Sun Jan 25 16:37:28 2026 by rpki-client