This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/JJfaJkgSEBalqFcc3d6GPKEq5c0.roa File: JJfaJkgSEBalqFcc3d6GPKEq5c0.roa (raw, json) Hash identifier: FuHxoLmlLp5uuetTQ7lUzLqCBx0iP3lbv/wcUM9OYTE= Subject key identifier: 24:97:DA:26:48:12:10:16:A5:A8:57:1C:DD:DE:86:3C:A1:2A:E5:CD Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a Certificate serial: 019B7F1511082E5CB5B25F8BF0321A4023DF Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/JJfaJkgSEBalqFcc3d6GPKEq5c0.roa Signing time: Fri 02 Jan 2026 14:20:45 +0000 ROA not before: Fri 02 Jan 2026 14:20:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204092 IP address blocks: 89.234.186.0/24 maxlen: 24 2a00:5884::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.mft rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 20:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:11:08:2e:5c:b5:b2:5f:8b:f0:32:1a:40:23:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a Validity Not Before: Jan 2 14:20:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2497da2648121016a5a8571cddde863ca12ae5cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:8d:b4:6e:2a:a2:5f:6d:9d:99:d9:da:2e:22: cf:a9:88:1d:bc:a5:e2:d7:12:a2:cc:14:7a:bb:c9: 87:89:5c:69:4d:d9:04:88:21:0d:a7:bf:5b:9d:99: 3c:0f:5f:cd:84:5a:d6:37:bf:d9:e9:a1:d0:74:f6: 29:1c:fb:6b:b2:cd:ca:c0:d1:e6:3e:d2:ea:79:d0: a0:7b:39:82:fb:59:db:29:33:13:de:f8:05:1e:76: 0c:e5:54:17:7f:a0:af:65:05:e4:7c:11:50:11:b3: ba:1b:f7:6a:33:ce:77:f8:97:1a:e9:76:d0:ae:e6: 1e:92:b4:42:3b:f4:14:22:69:5f:9f:53:41:d9:f9: 06:b4:a2:9c:22:06:fa:04:34:1a:04:dd:3c:86:75: 0a:fe:f2:0a:6d:b8:71:c6:92:a9:76:fc:a7:cd:32: 94:fc:b0:85:c6:46:a4:bc:ad:7c:92:b7:23:20:90: c3:b4:0a:d6:a6:11:cb:1b:d7:06:4e:07:ac:fc:c9: b9:74:72:e4:6b:d0:48:2f:8a:3c:ee:d1:72:3d:60: 5f:aa:d8:ec:b6:1e:fa:b5:f4:1d:b3:8c:c8:36:72: d2:18:83:8f:26:b0:a7:87:41:8f:c5:95:e9:5c:58: 3b:71:2c:2a:73:23:e0:37:6f:d4:e6:ec:a9:3b:df: c6:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:97:DA:26:48:12:10:16:A5:A8:57:1C:DD:DE:86:3C:A1:2A:E5:CD X509v3 Authority Key Identifier: keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/JJfaJkgSEBalqFcc3d6GPKEq5c0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.234.186.0/24 IPv6: 2a00:5884::/32 Signature Algorithm: sha256WithRSAEncryption 96:02:f8:c0:77:5b:ab:15:c7:41:03:eb:fa:06:b7:da:c4:f7: 1c:40:c5:c5:4a:99:60:c3:88:88:04:2f:a7:21:ec:ec:f4:6b: d3:79:28:ea:28:e0:e3:a6:64:7c:7f:3b:7f:c2:0a:0c:84:55: 5d:b5:64:62:dc:46:5c:85:69:7f:00:98:6d:5d:9e:11:4e:74: b1:ce:dd:b3:dd:06:62:f9:f1:9a:29:09:7a:2a:0c:c5:3e:f1: 73:11:eb:ff:f5:09:e9:1a:60:37:f8:cb:24:21:57:5b:e3:60: c7:44:b2:15:48:bd:8c:c3:f3:8c:33:f1:48:58:bb:34:6e:05: 21:71:d9:90:67:d0:21:81:6c:58:08:a6:0f:6a:27:ec:9a:91: eb:c9:3b:9a:86:f9:b0:c5:0f:f7:7b:dd:2f:f9:66:a1:8e:a5: 7c:b3:34:26:51:a5:00:e9:f2:ca:f7:3d:88:1a:ef:ce:53:3e: ac:e2:84:10:91:cc:a0:ed:d8:e9:cf:e1:a6:f6:87:ab:5c:d2: 46:b6:0d:bb:07:ef:88:f9:e3:a2:be:dc:29:76:b5:88:a4:0c: 2b:34:44:7b:da:54:75:8c:e7:50:09:ae:27:fd:6c:06:d9:54: 1e:4c:c4:ed:ff:d3:f8:38:c4:bb:ed:6b:55:2a:3f:21:b5:1b: 33:40:46:68 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/FREILly1sl+L8DIaQCPfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw OGNkNGEwHhcNMjYwMTAyMTQyMDQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNDk3ZGEyNjQ4MTIxMDE2YTVhODU3MWNkZGRlODYzY2ExMmFlNWNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv420biqiX22dmdnaLiLPqYgdvKXi 1xKizBR6u8mHiVxpTdkEiCENp79bnZk8D1/NhFrWN7/Z6aHQdPYpHPtrss3KwNHm PtLqedCgezmC+1nbKTMT3vgFHnYM5VQXf6CvZQXkfBFQEbO6G/dqM853+Jca6XbQ ruYekrRCO/QUImlfn1NB2fkGtKKcIgb6BDQaBN08hnUK/vIKbbhxxpKpdvynzTKU /LCFxkakvK18krcjIJDDtArWphHLG9cGTges/Mm5dHLka9BIL4o87tFyPWBfqtjs th76tfQds4zINnLSGIOPJrCnh0GPxZXpXFg7cSwqcyPgN2/U5uypO9/GHwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFCSX2iZIEhAWpahXHN3ehjyhKuXNMB8GA1UdIwQY MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm LTk2NWQ2ZDYwM2JmYS8xL0pKZmFKa2dTRUJhbHFGY2MzZDZHUEtFcTVjMC5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBABZ6row DQQCAAIwBwMFACoAWIQwDQYJKoZIhvcNAQELBQADggEBAJYC+MB3W6sVx0ED6/oG t9rE9xxAxcVKmWDDiIgEL6ch7Oz0a9N5KOoo4OOmZHx/O3/CCgyEVV21ZGLcRlyF aX8AmG1dnhFOdLHO3bPdBmL58ZopCXoqDMU+8XMR6//1CekaYDf4yyQhV1vjYMdE shVIvYzD84wz8UhYuzRuBSFx2ZBn0CGBbFgIpg9qJ+yakevJO5qG+bDFD/d73S/5 ZqGOpXyzNCZRpQDp8sr3PYga785TPqzihBCRzKDt2OnP4ab2h6tc0ka2DbsH74j5 46K+3Cl2tYikDCs0RHvaVHWM51AJrif9bAbZVB5MxO3/0/g4xLvta1UqPyG1GzNA Rmg= -----END CERTIFICATE-----Generated at Mon Jan 26 04:39:00 2026 by rpki-client