This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/3b6eab-f909-42c9-b588-15c65ff258e8/1/aMiNXiZTn0auDW0z6jWzMcVy5es.roa File: aMiNXiZTn0auDW0z6jWzMcVy5es.roa (raw, json) Hash identifier: mTYhpZfI6W//js6v7bdR+EJfQ3pBaYPmRe515ss9poI= Subject key identifier: 68:C8:8D:5E:26:53:9F:46:AE:0D:6D:33:EA:35:B3:31:C5:72:E5:EB Certificate issuer: /CN=ef1535978be6b0ad7a9cb70eb0522f8c950982a9 Certificate serial: 019B77589977D206D693D6D09222C18A51C5 Authority key identifier: EF:15:35:97:8B:E6:B0:AD:7A:9C:B7:0E:B0:52:2F:8C:95:09:82:A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xU1l4vmsK16nLcOsFIvjJUJgqk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/3b6eab-f909-42c9-b588-15c65ff258e8/1/aMiNXiZTn0auDW0z6jWzMcVy5es.roa Signing time: Thu 01 Jan 2026 02:17:33 +0000 ROA not before: Thu 01 Jan 2026 02:17:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216426 IP address blocks: 81.172.96.0/22 maxlen: 22 81.172.96.0/24 maxlen: 24 81.172.97.0/24 maxlen: 24 81.172.98.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/3b6eab-f909-42c9-b588-15c65ff258e8/1/7xU1l4vmsK16nLcOsFIvjJUJgqk.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/3b6eab-f909-42c9-b588-15c65ff258e8/1/7xU1l4vmsK16nLcOsFIvjJUJgqk.mft rsync://rpki.ripe.net/repository/DEFAULT/7xU1l4vmsK16nLcOsFIvjJUJgqk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:99:77:d2:06:d6:93:d6:d0:92:22:c1:8a:51:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ef1535978be6b0ad7a9cb70eb0522f8c950982a9 Validity Not Before: Jan 1 02:17:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=68c88d5e26539f46ae0d6d33ea35b331c572e5eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:53:a8:06:70:84:be:25:21:e4:0c:d8:3a:8a: 45:4e:a0:9c:a9:6a:55:03:16:1b:8b:26:ad:4e:6a: 6d:f3:54:d9:3a:63:8e:ab:1c:e8:c7:2c:40:2b:93: 6e:7c:3a:4d:8a:45:d1:dc:46:09:00:89:ba:2a:0d: d4:7d:f9:a1:87:1e:74:2e:5d:b2:2d:57:0a:db:77: f7:f5:ad:13:e5:38:3f:7c:d0:07:98:76:7a:67:5f: a7:3a:53:7b:2a:36:c7:4e:f6:a9:b0:50:16:49:e8: 19:c0:8b:00:a1:6a:47:33:7d:c7:d6:9f:df:5c:76: 9a:c0:5b:08:1e:e5:36:f9:52:87:99:c6:61:ad:c6: ef:4f:cf:72:3e:18:bf:88:5f:76:c9:e9:98:dc:94: 16:ba:e5:53:6a:fb:84:8f:5a:1a:24:ad:a8:b8:ec: 20:33:05:ae:69:63:20:62:24:0a:78:37:eb:b1:1b: 2c:e4:23:91:f2:7f:62:31:72:c7:fe:57:29:b1:1a: 08:53:ea:0b:27:4d:7e:c1:7b:59:6e:e3:d5:f6:1d: 6e:53:66:da:97:f8:03:05:8a:52:b1:75:fd:ba:ec: ed:99:df:5a:13:e9:46:2d:10:46:35:ac:b8:04:f9: 37:d7:31:da:84:0d:b8:7a:d6:57:d3:97:ec:18:46: ca:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:C8:8D:5E:26:53:9F:46:AE:0D:6D:33:EA:35:B3:31:C5:72:E5:EB X509v3 Authority Key Identifier: keyid:EF:15:35:97:8B:E6:B0:AD:7A:9C:B7:0E:B0:52:2F:8C:95:09:82:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xU1l4vmsK16nLcOsFIvjJUJgqk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b6eab-f909-42c9-b588-15c65ff258e8/1/aMiNXiZTn0auDW0z6jWzMcVy5es.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/3b6eab-f909-42c9-b588-15c65ff258e8/1/7xU1l4vmsK16nLcOsFIvjJUJgqk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.172.96.0/22 Signature Algorithm: sha256WithRSAEncryption 78:57:ae:a0:93:d0:59:57:b9:6e:9d:28:a7:dc:1f:22:ac:c2: f6:0b:53:dd:3e:26:6a:13:8a:a4:dc:aa:41:a8:48:cf:78:5a: 92:57:1b:b4:3a:cf:cd:50:bb:de:a5:0d:df:f3:72:71:5a:97: 2d:7b:50:49:18:5f:86:1f:e9:c2:e8:2d:a6:b3:12:4b:19:1c: a7:de:d9:f7:57:90:63:c8:71:63:74:56:a3:94:d5:e0:83:9c: 51:94:14:c6:6d:35:ca:1e:52:74:53:43:1b:3e:4b:57:c0:44: 33:0a:14:da:45:8b:e4:aa:a4:5e:cb:cb:40:b8:0a:af:6c:7e: 08:99:c5:72:d7:64:8b:db:f2:e2:2d:61:d8:ed:06:02:af:99: 85:06:2c:95:c2:d3:bd:24:c7:3d:ad:bf:37:b2:11:85:51:55: d2:e3:ae:e1:d4:e4:0d:dc:68:fc:31:73:b5:e5:95:1d:b0:f6: 59:db:db:89:4b:40:98:55:7b:11:7c:69:cd:f0:66:5b:3b:84: d1:8a:76:6d:95:aa:0c:24:8a:4a:42:8a:b2:72:ac:ac:6e:0d: 47:74:8b:70:10:ca:be:6b:2a:d3:89:18:8c:78:23:8f:1c:1f: 52:99:53:38:6f:80:0b:d2:30:26:59:81:cd:1a:ff:a6:3b:8a: 1d:36:f8:a6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3WJl30gbWk9bQkiLBilHFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVmMTUzNTk3OGJlNmIwYWQ3YTljYjcwZWIwNTIyZjhjOTUw OTgyYTkwHhcNMjYwMTAxMDIxNzMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OGM4OGQ1ZTI2NTM5ZjQ2YWUwZDZkMzNlYTM1YjMzMWM1NzJlNWViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1OoBnCEviUh5AzYOopFTqCcqWpV AxYbiyatTmpt81TZOmOOqxzoxyxAK5NufDpNikXR3EYJAIm6Kg3Uffmhhx50Ll2y LVcK23f39a0T5Tg/fNAHmHZ6Z1+nOlN7KjbHTvapsFAWSegZwIsAoWpHM33H1p/f XHaawFsIHuU2+VKHmcZhrcbvT89yPhi/iF92yemY3JQWuuVTavuEj1oaJK2ouOwg MwWuaWMgYiQKeDfrsRss5COR8n9iMXLH/lcpsRoIU+oLJ01+wXtZbuPV9h1uU2ba l/gDBYpSsXX9uuztmd9aE+lGLRBGNay4BPk31zHahA24etZX05fsGEbKfwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGjIjV4mU59Grg1tM+o1szHFcuXrMB8GA1UdIwQY MBaAFO8VNZeL5rCtepy3DrBSL4yVCYKpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN3hVMWw0dm1zSzE2bkxjT3NGSXZqSlVKZ3FrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8zYjZlYWItZjkwOS00MmM5LWI1ODgt MTVjNjVmZjI1OGU4LzEvYU1pTlhpWlRuMGF1RFcwejZqV3pNY1Z5NWVzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC8zYjZlYWItZjkwOS00MmM5LWI1ODgtMTVjNjVmZjI1OGU4 LzEvN3hVMWw0dm1zSzE2bkxjT3NGSXZqSlVKZ3FrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUaxgMA0G CSqGSIb3DQEBCwUAA4IBAQB4V66gk9BZV7lunSin3B8irML2C1PdPiZqE4qk3KpB qEjPeFqSVxu0Os/NULvepQ3f83JxWpcte1BJGF+GH+nC6C2msxJLGRyn3tn3V5Bj yHFjdFajlNXgg5xRlBTGbTXKHlJ0U0MbPktXwEQzChTaRYvkqqRey8tAuAqvbH4I mcVy12SL2/LiLWHY7QYCr5mFBiyVwtO9JMc9rb83shGFUVXS467h1OQN3Gj8MXO1 5ZUdsPZZ29uJS0CYVXsRfGnN8GZbO4TRinZtlaoMJIpKQoqycqysbg1HdItwEMq+ ayrTiRiMeCOPHB9SmVM4b4AL0jAmWYHNGv+mO4odNvim -----END CERTIFICATE-----Generated at Mon Jan 26 02:02:01 2026 by rpki-client