This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/j0nf_y6uB0VgXHQDlN6OhEbU5jU.roa File: j0nf_y6uB0VgXHQDlN6OhEbU5jU.roa (raw, json) Hash identifier: SKADJBgkOhviqwy7f7gDKRZV4Zt1/yBSufcp/4OhY7k= Subject key identifier: 8F:49:DF:FF:2E:AE:07:45:60:5C:74:03:94:DE:8E:84:46:D4:E6:35 Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c Certificate serial: 019B7DCB29A43EA18B989D526ABF15A99F06 Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/j0nf_y6uB0VgXHQDlN6OhEbU5jU.roa Signing time: Fri 02 Jan 2026 08:20:24 +0000 ROA not before: Fri 02 Jan 2026 08:20:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35470 IP address blocks: 217.170.21.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:29:a4:3e:a1:8b:98:9d:52:6a:bf:15:a9:9f:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c Validity Not Before: Jan 2 08:20:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8f49dfff2eae0745605c740394de8e8446d4e635 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:90:e5:e9:1e:3b:26:c5:dd:97:fb:59:1c:d3: 11:58:91:0f:1b:a3:44:4d:ea:37:23:74:f7:58:20: c6:0c:95:5e:dc:b9:ff:eb:13:bd:ef:6a:2a:8f:2a: 69:eb:aa:bd:8c:02:3e:ca:12:02:52:f7:db:15:c6: b4:26:12:4a:24:f5:2a:ef:92:87:76:42:f0:21:12: ec:dc:77:03:2d:d2:fd:88:59:8d:27:02:da:13:5f: b3:60:42:ae:00:75:8c:9c:aa:6e:4c:d8:f3:d9:e7: 5d:f6:ae:ec:65:6c:7b:01:75:cb:93:6d:96:cf:90: 7d:23:59:cd:c5:4e:3b:d9:46:cc:63:e4:c0:22:7f: 52:5f:92:92:7e:09:a9:e5:43:7a:c6:16:fe:ce:6b: 76:f8:12:81:da:29:d1:8a:c6:ff:e6:7e:6a:17:f0: 5b:b9:63:3f:26:e8:c0:6c:83:a9:73:12:fb:a1:af: 6d:e2:8d:95:83:56:17:16:84:c9:5a:5e:ee:2d:bd: 3c:37:6e:eb:89:47:3a:c9:f9:f0:e9:d6:f2:06:e4: 2e:38:c7:48:b7:ae:4d:21:1d:31:d1:e2:83:9a:76: 62:d8:c2:d0:cf:b4:e4:91:34:dd:8f:1f:53:da:85: 2a:d1:51:d3:0e:95:c5:3f:74:f5:80:5a:a3:61:fb: da:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:49:DF:FF:2E:AE:07:45:60:5C:74:03:94:DE:8E:84:46:D4:E6:35 X509v3 Authority Key Identifier: keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/j0nf_y6uB0VgXHQDlN6OhEbU5jU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.170.21.0/24 Signature Algorithm: sha256WithRSAEncryption 46:b5:dd:67:38:9c:a7:37:3b:2e:4c:fe:f3:f7:89:fc:6e:c0: c6:73:e3:14:dd:09:84:12:14:62:f5:43:83:5b:25:9c:e3:bc: 6f:ba:35:a3:56:59:56:5b:09:14:b5:3c:b3:f5:ca:cb:11:d1: 37:92:61:34:31:42:55:e0:28:80:db:ce:42:4e:fb:69:b8:e8: ea:d5:40:56:95:c0:ca:b8:93:c0:68:0c:4c:72:98:67:da:c6: 87:69:23:55:f5:f6:13:a7:b5:d0:51:a3:8f:a4:50:dd:02:9e: e5:87:c0:57:c4:d3:2f:c6:3f:e5:fc:5d:fb:ca:87:4d:7c:87: b0:4e:78:01:9f:91:75:f1:46:50:0d:8d:29:a9:9d:38:fd:7b: 44:ee:71:96:a4:00:5d:bd:dc:52:84:b0:55:d8:ce:f9:d2:b7: 47:03:f4:1b:b3:d5:35:96:e7:c7:b5:59:d3:3e:97:e9:b5:8c: 08:aa:39:42:a7:e6:5c:7e:1b:1b:70:0f:09:b4:67:e3:bb:39: 12:0a:3e:ef:3b:92:16:b3:8d:53:c0:1c:cd:f4:1a:d7:b8:b1: 06:43:1a:9f:a2:9a:60:29:82:a6:2e:a9:63:49:a6:b1:53:e2: c0:b5:87:36:c1:04:ea:24:f4:82:00:a7:00:53:d4:31:c1:41: a7:46:3c:94 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yymkPqGLmJ1Sar8VqZ8GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj YTU3NWMwHhcNMjYwMTAyMDgyMDI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZjQ5ZGZmZjJlYWUwNzQ1NjA1Yzc0MDM5NGRlOGU4NDQ2ZDRlNjM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75Dl6R47JsXdl/tZHNMRWJEPG6NE Teo3I3T3WCDGDJVe3Ln/6xO972oqjypp66q9jAI+yhICUvfbFca0JhJKJPUq75KH dkLwIRLs3HcDLdL9iFmNJwLaE1+zYEKuAHWMnKpuTNjz2edd9q7sZWx7AXXLk22W z5B9I1nNxU472UbMY+TAIn9SX5KSfgmp5UN6xhb+zmt2+BKB2inRisb/5n5qF/Bb uWM/JujAbIOpcxL7oa9t4o2Vg1YXFoTJWl7uLb08N27riUc6yfnw6dbyBuQuOMdI t65NIR0x0eKDmnZi2MLQz7TkkTTdjx9T2oUq0VHTDpXFP3T1gFqjYfvaawIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFI9J3/8urgdFYFx0A5TejoRG1OY1MB8GA1UdIwQY MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt ZmMxMjFjODAwYjMwLzEvajBuZl95NnVCMFZnWEhRRGxONk9oRWJVNWpVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2aoVMA0G CSqGSIb3DQEBCwUAA4IBAQBGtd1nOJynNzsuTP7z94n8bsDGc+MU3QmEEhRi9UOD WyWc47xvujWjVllWWwkUtTyz9crLEdE3kmE0MUJV4CiA285CTvtpuOjq1UBWlcDK uJPAaAxMcphn2saHaSNV9fYTp7XQUaOPpFDdAp7lh8BXxNMvxj/l/F37yodNfIew TngBn5F18UZQDY0pqZ04/XtE7nGWpABdvdxShLBV2M750rdHA/Qbs9U1lufHtVnT PpfptYwIqjlCp+ZcfhsbcA8JtGfjuzkSCj7vO5IWs41TwBzN9BrXuLEGQxqfoppg KYKmLqljSaaxU+LAtYc2wQTqJPSCAKcAU9QxwUGnRjyU -----END CERTIFICATE-----Generated at Sun Jan 25 19:40:01 2026 by rpki-client