This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/IJctrhezjfWjiA84ZaayWYeZh1k.roa File: IJctrhezjfWjiA84ZaayWYeZh1k.roa (raw, json) Hash identifier: VetyKsjNSyH6fNCp1k97xHgv6Vja8yJIQbMcO2qIjkU= Subject key identifier: 20:97:2D:AE:17:B3:8D:F5:A3:88:0F:38:65:A6:B2:59:87:99:87:59 Certificate issuer: /CN=5d7f63401407c1cc797b17034e813d2254f9773e Certificate serial: 019B7D5C162EEE92FF937E2C8554EA55D6F0 Authority key identifier: 5D:7F:63:40:14:07:C1:CC:79:7B:17:03:4E:81:3D:22:54:F9:77:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XX9jQBQHwcx5excDToE9IlT5dz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/IJctrhezjfWjiA84ZaayWYeZh1k.roa Signing time: Fri 02 Jan 2026 06:19:05 +0000 ROA not before: Fri 02 Jan 2026 06:19:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59895 IP address blocks: 185.65.204.0/24 maxlen: 24 185.65.205.0/24 maxlen: 24 185.65.206.0/24 maxlen: 24 185.65.207.0/24 maxlen: 24 194.26.222.0/24 maxlen: 24 2a05:300::/48 maxlen: 48 2a05:300:1::/48 maxlen: 48 2a05:300:2::/48 maxlen: 48 2a05:300:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/XX9jQBQHwcx5excDToE9IlT5dz4.crl rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/XX9jQBQHwcx5excDToE9IlT5dz4.mft rsync://rpki.ripe.net/repository/DEFAULT/XX9jQBQHwcx5excDToE9IlT5dz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:16:2e:ee:92:ff:93:7e:2c:85:54:ea:55:d6:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d7f63401407c1cc797b17034e813d2254f9773e Validity Not Before: Jan 2 06:19:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=20972dae17b38df5a3880f3865a6b25987998759 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:1b:b8:df:eb:ad:45:5a:f4:2f:3f:b2:36:cc: 6c:44:bf:e6:b8:b2:cc:32:5a:d7:5a:f5:87:c1:56: 2c:3e:ec:30:ac:99:e1:91:19:57:85:8c:78:ea:e1: b9:9f:84:da:13:5c:ef:85:62:bc:d4:56:f0:00:ea: c1:43:2b:17:ec:2c:69:f9:31:0f:48:bb:9d:30:af: 89:77:d9:11:e8:8a:ca:a0:2b:c9:67:77:82:29:7f: 81:56:07:e6:de:84:57:ab:02:a1:b1:d1:53:ca:53: 47:6d:0f:35:c2:11:e2:a9:53:1f:d8:3e:7f:a0:c3: 0d:c8:3b:8a:05:17:68:c2:74:f9:1f:db:85:e1:b9: e7:55:ac:83:b4:d3:c0:5f:b7:4e:ae:85:e4:e2:91: e4:92:22:63:04:8d:8f:80:93:ab:2e:8b:de:36:d0: 73:30:e2:c0:a6:aa:a6:c7:4e:d8:e6:7a:54:95:73: c7:15:a7:21:a8:a6:b1:c6:69:91:2b:3c:67:fb:84: aa:6b:1b:fa:05:8a:db:5d:24:08:38:e0:36:c7:0f: 29:70:24:38:51:70:e2:6a:8a:e0:0a:a0:b1:46:34: cd:db:e0:2e:51:21:21:7c:65:2e:37:7c:ee:3f:3e: 92:46:54:19:de:43:3a:24:e3:8f:3a:a3:1b:d8:bc: 5b:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:97:2D:AE:17:B3:8D:F5:A3:88:0F:38:65:A6:B2:59:87:99:87:59 X509v3 Authority Key Identifier: keyid:5D:7F:63:40:14:07:C1:CC:79:7B:17:03:4E:81:3D:22:54:F9:77:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XX9jQBQHwcx5excDToE9IlT5dz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/IJctrhezjfWjiA84ZaayWYeZh1k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/30/550004-e1a6-4569-ae63-33fb1452bb0a/1/XX9jQBQHwcx5excDToE9IlT5dz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.65.204.0/22 194.26.222.0/24 IPv6: 2a05:300::/46 Signature Algorithm: sha256WithRSAEncryption 62:2c:40:22:99:42:51:a6:1e:92:e3:c1:79:0b:62:1d:7c:04: 02:60:f0:b3:4b:b4:63:ed:7e:83:a0:37:4d:4d:13:29:4f:be: 89:0e:86:e1:73:a4:f4:86:f1:9b:ee:53:2a:8e:3b:48:07:ee: 3b:7f:bc:db:26:84:6b:be:61:f8:21:24:d6:f2:a1:26:ec:28: 5c:cf:5a:9f:3a:90:21:e9:a1:24:3b:ab:cd:91:59:9a:56:82: 9d:32:8e:a6:7f:f2:42:35:03:6d:24:98:ba:36:96:65:93:83: b6:7b:4c:de:9c:32:dd:d2:1a:13:6a:93:d8:96:cf:f7:49:35: 89:0b:ef:f0:c3:0a:b4:b5:d8:55:bd:e3:6c:b3:54:c7:7e:19: 1a:e1:6c:3a:56:55:ef:cc:6f:d6:4d:f5:18:77:3c:a4:3c:ea: 7f:4f:8c:31:9d:01:22:ae:9d:f1:67:db:88:10:d9:11:83:e9: 11:54:8e:08:d7:d9:18:e3:d6:9e:3c:51:38:3a:75:51:fd:f0: 40:7a:8d:f7:85:7f:bb:26:bc:9f:d5:23:69:59:77:e0:25:e7: f0:65:70:30:fd:99:2d:f0:3d:51:8a:1d:de:fd:fe:31:25:89: 7d:f0:8d:94:92:d3:67:28:a3:c0:c0:5b:16:ca:fd:a0:a3:01: c3:c3:86:38 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt9XBYu7pL/k34shVTqVdbwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkN2Y2MzQwMTQwN2MxY2M3OTdiMTcwMzRlODEzZDIyNTRm OTc3M2UwHhcNMjYwMTAyMDYxOTA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMDk3MmRhZTE3YjM4ZGY1YTM4ODBmMzg2NWE2YjI1OTg3OTk4NzU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRu43+utRVr0Lz+yNsxsRL/muLLM MlrXWvWHwVYsPuwwrJnhkRlXhYx46uG5n4TaE1zvhWK81FbwAOrBQysX7Cxp+TEP SLudMK+Jd9kR6IrKoCvJZ3eCKX+BVgfm3oRXqwKhsdFTylNHbQ81whHiqVMf2D5/ oMMNyDuKBRdownT5H9uF4bnnVayDtNPAX7dOroXk4pHkkiJjBI2PgJOrLoveNtBz MOLApqqmx07Y5npUlXPHFachqKaxxmmRKzxn+4Sqaxv6BYrbXSQIOOA2xw8pcCQ4 UXDiaorgCqCxRjTN2+AuUSEhfGUuN3zuPz6SRlQZ3kM6JOOPOqMb2LxbXQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFCCXLa4Xs431o4gPOGWmslmHmYdZMB8GA1UdIwQY MBaAFF1/Y0AUB8HMeXsXA06BPSJU+Xc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFg5alFCUUh3Y3g1ZXhjRFRvRTlJbFQ1ZHo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81NTAwMDQtZTFhNi00NTY5LWFlNjMt MzNmYjE0NTJiYjBhLzEvSUpjdHJoZXpqZldqaUE4NFphYXlXWWVaaDFrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMC81NTAwMDQtZTFhNi00NTY5LWFlNjMtMzNmYjE0NTJiYjBh LzEvWFg5alFCUUh3Y3g1ZXhjRFRvRTlJbFQ1ZHo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuUHMAwQA whreMA8EAgACMAkDBwIqBQMAAAAwDQYJKoZIhvcNAQELBQADggEBAGIsQCKZQlGm HpLjwXkLYh18BAJg8LNLtGPtfoOgN01NEylPvokOhuFzpPSG8ZvuUyqOO0gH7jt/ vNsmhGu+YfghJNbyoSbsKFzPWp86kCHpoSQ7q82RWZpWgp0yjqZ/8kI1A20kmLo2 lmWTg7Z7TN6cMt3SGhNqk9iWz/dJNYkL7/DDCrS12FW942yzVMd+GRrhbDpWVe/M b9ZN9Rh3PKQ86n9PjDGdASKunfFn24gQ2RGD6RFUjgjX2Rjj1p48UTg6dVH98EB6 jfeFf7smvJ/VI2lZd+Al5/BlcDD9mS3wPVGKHd79/jEliX3wjZSS02coo8DAWxbK /aCjAcPDhjg= -----END CERTIFICATE-----Generated at Sun Jan 25 19:36:44 2026 by rpki-client