This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/AgJDjffcx13iFGg7O-6BTWa5Mi8.roa File: AgJDjffcx13iFGg7O-6BTWa5Mi8.roa (raw, json) Hash identifier: F0nKF0WSY8oAZJYmoA/vzmlCpRXcrLqKk16YPUwPz6o= Subject key identifier: 02:02:43:8D:F7:DC:C7:5D:E2:14:68:3B:3B:EE:81:4D:66:B9:32:2F Certificate issuer: /CN=39704769d087d9fe8f790a6555cb4fbefcd24d38 Certificate serial: 019B7DC87AE27E2B88AD32D8F57047798ECA Authority key identifier: 39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/AgJDjffcx13iFGg7O-6BTWa5Mi8.roa Signing time: Fri 02 Jan 2026 08:17:29 +0000 ROA not before: Fri 02 Jan 2026 08:17:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35133 IP address blocks: 2.58.57.0/24 maxlen: 24 2.58.59.0/24 maxlen: 24 2a09:e240:2::/48 maxlen: 48 2a09:e240:22::/48 maxlen: 48 2a09:e240:1337::/48 maxlen: 48 2a09:e244::/33 maxlen: 33 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.mft rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:c8:7a:e2:7e:2b:88:ad:32:d8:f5:70:47:79:8e:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39704769d087d9fe8f790a6555cb4fbefcd24d38 Validity Not Before: Jan 2 08:17:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0202438df7dcc75de214683b3bee814d66b9322f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:6a:34:43:1a:03:31:b5:0d:84:1e:5b:90:1f: 8b:ba:25:0c:fd:69:3d:cb:4e:fb:c2:0e:cc:30:eb: 3b:c9:c6:f4:a9:a2:7e:10:69:a4:f3:16:41:af:49: 3d:55:32:a4:97:7f:90:e5:46:25:47:b5:86:ff:4f: 5e:a5:c1:2b:c0:9b:8c:b3:d9:e1:0d:2a:21:86:2c: 36:a4:83:42:59:ed:a8:94:61:b1:3f:89:fb:37:de: 96:e6:77:87:fb:9e:c8:ab:ec:31:50:4f:a2:4e:06: bf:4c:0b:1e:f2:56:db:59:93:66:84:18:2b:7a:a6: a9:63:bf:93:db:2c:07:d9:94:f5:85:83:dd:70:b5: 7b:38:b9:59:34:95:94:82:a8:9f:bf:71:df:1f:d5: fd:19:4b:c0:cd:f9:16:45:a6:3f:3c:68:6c:e8:cf: ad:7a:2e:7e:5c:7f:ec:f7:bd:e0:40:a4:1b:51:15: 74:ad:e6:31:13:57:1e:32:1a:60:61:35:39:10:5c: 44:37:3a:f0:45:c3:61:c8:67:50:f9:65:3a:ba:34: ab:fb:bd:6a:6e:3a:ce:cf:32:bf:74:ad:fb:0a:ca: f1:1b:35:0c:d0:aa:60:a3:85:87:c7:24:8d:30:ea: 41:cb:78:27:c9:80:78:c1:8d:0e:1d:86:4a:fd:29: 1a:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:02:43:8D:F7:DC:C7:5D:E2:14:68:3B:3B:EE:81:4D:66:B9:32:2F X509v3 Authority Key Identifier: keyid:39:70:47:69:D0:87:D9:FE:8F:79:0A:65:55:CB:4F:BE:FC:D2:4D:38 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXBHadCH2f6PeQplVctPvvzSTTg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/AgJDjffcx13iFGg7O-6BTWa5Mi8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/3eaeb4-fb99-4993-8122-e45350414ddf/1/OXBHadCH2f6PeQplVctPvvzSTTg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.57.0/24 2.58.59.0/24 IPv6: 2a09:e240:2::/48 2a09:e240:22::/48 2a09:e240:1337::/48 2a09:e244::/33 Signature Algorithm: sha256WithRSAEncryption a0:41:c7:63:b9:b3:69:ef:e4:6f:1d:62:ab:8e:0d:17:57:c5: e2:c5:5c:9f:7e:93:74:a7:7c:88:54:9d:ac:a6:7d:10:8e:4a: 56:94:4e:93:d8:4b:d6:0b:c4:81:c4:a2:a3:1c:24:62:93:7f: 0b:56:a6:b2:60:60:b6:38:80:2e:d3:a7:be:d6:12:4b:ae:14: 96:4e:80:3a:85:9b:6d:e6:09:bd:a5:c4:d1:81:74:9e:df:23: 54:17:d1:62:e1:93:69:67:f3:2f:8b:71:e1:e6:f7:c0:8b:71: ac:d1:0e:da:fc:05:7c:fb:23:4d:5e:8a:ef:9b:3b:8a:86:97: 22:e1:e4:bd:a6:a4:62:57:5f:7d:11:f6:47:97:fc:15:8a:d3: c0:bc:35:72:3f:71:e7:6c:db:11:ef:11:b9:45:ba:0d:bc:be: 93:7a:d8:7e:41:18:b9:be:42:99:2c:ee:df:8f:91:6f:b9:15: 9c:5f:3d:e0:38:8e:eb:f7:a2:05:e8:43:cb:ac:3f:26:de:72: fa:a3:d5:2d:4d:88:92:de:fa:84:f7:9f:10:35:59:74:5e:58: 6c:f6:fc:87:0a:cd:15:14:59:e7:7b:c3:e4:91:b9:97:d9:ee: 0e:d0:71:fc:7e:3a:c9:3d:ca:ba:03:bc:91:aa:c1:80:67:98: 26:52:db:2b -----BEGIN CERTIFICATE----- MIIFLjCCBBagAwIBAgISAZt9yHrifiuIrTLY9XBHeY7KMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM5NzA0NzY5ZDA4N2Q5ZmU4Zjc5MGE2NTU1Y2I0ZmJlZmNk MjRkMzgwHhcNMjYwMTAyMDgxNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMjAyNDM4ZGY3ZGNjNzVkZTIxNDY4M2IzYmVlODE0ZDY2YjkzMjJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmo0QxoDMbUNhB5bkB+LuiUM/Wk9 y077wg7MMOs7ycb0qaJ+EGmk8xZBr0k9VTKkl3+Q5UYlR7WG/09epcErwJuMs9nh DSohhiw2pINCWe2olGGxP4n7N96W5neH+57Iq+wxUE+iTga/TAse8lbbWZNmhBgr eqapY7+T2ywH2ZT1hYPdcLV7OLlZNJWUgqifv3HfH9X9GUvAzfkWRaY/PGhs6M+t ei5+XH/s973gQKQbURV0reYxE1ceMhpgYTU5EFxENzrwRcNhyGdQ+WU6ujSr+71q bjrOzzK/dK37CsrxGzUM0Kpgo4WHxySNMOpBy3gnyYB4wY0OHYZK/Ska6QIDAQAB o4ICOjCCAjYwHQYDVR0OBBYEFAICQ4333Mdd4hRoOzvugU1muTIvMB8GA1UdIwQY MBaAFDlwR2nQh9n+j3kKZVXLT7780k04MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjIt ZTQ1MzUwNDE0ZGRmLzEvQWdKRGpmZmN4MTNpRkdnN08tNkJUV2E1TWk4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8zZWFlYjQtZmI5OS00OTkzLTgxMjItZTQ1MzUwNDE0ZGRm LzEvT1hCSGFkQ0gyZjZQZVFwbFZjdFB2dnpTVFRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzASBAIAATAMAwQAAjo5AwQA Ajo7MCkEAgACMCMDBwAqCeJAAAIDBwAqCeJAACIDBwAqCeJAEzcDBgcqCeJEADAN BgkqhkiG9w0BAQsFAAOCAQEAoEHHY7mzae/kbx1iq44NF1fF4sVcn36TdKd8iFSd rKZ9EI5KVpROk9hL1gvEgcSioxwkYpN/C1amsmBgtjiALtOnvtYSS64Ulk6AOoWb beYJvaXE0YF0nt8jVBfRYuGTaWfzL4tx4eb3wItxrNEO2vwFfPsjTV6K75s7ioaX IuHkvaakYldffRH2R5f8FYrTwLw1cj9x52zbEe8RuUW6Dby+k3rYfkEYub5CmSzu 34+Rb7kVnF894DiO6/eiBehDy6w/Jt5y+qPVLU2Ikt76hPefEDVZdF5YbPb8hwrN FRRZ53vD5JG5l9nuDtBx/H46yT3KugO8karBgGeYJlLbKw== -----END CERTIFICATE-----Generated at Mon Jan 26 03:27:28 2026 by rpki-client