This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a8bda7-2450-4ea5-827c-0f7589bc0ce0/1/jDh_e5jFCb4SZSQr89DNuyR1GmA.roa File: jDh_e5jFCb4SZSQr89DNuyR1GmA.roa (raw, json) Hash identifier: OOgQec1GLUpiwLdlG2tPvtCo/oWMRbASwbpSjxC/PqM= Subject key identifier: 8C:38:7F:7B:98:C5:09:BE:12:65:24:2B:F3:D0:CD:BB:24:75:1A:60 Certificate issuer: /CN=41b0355793511416f14705b5e69575e0912031c1 Certificate serial: 019B7F07DBB2E0FD0C37F441410B68761614 Authority key identifier: 41:B0:35:57:93:51:14:16:F1:47:05:B5:E6:95:75:E0:91:20:31:C1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QbA1V5NRFBbxRwW15pV14JEgMcE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a8bda7-2450-4ea5-827c-0f7589bc0ce0/1/jDh_e5jFCb4SZSQr89DNuyR1GmA.roa Signing time: Fri 02 Jan 2026 14:06:20 +0000 ROA not before: Fri 02 Jan 2026 14:06:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48660 IP address blocks: 78.111.111.0/24 maxlen: 24 109.104.120.0/24 maxlen: 24 178.251.238.0/24 maxlen: 24 185.139.5.0/24 maxlen: 24 217.195.202.0/24 maxlen: 24 217.195.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a8bda7-2450-4ea5-827c-0f7589bc0ce0/1/QbA1V5NRFBbxRwW15pV14JEgMcE.crl rsync://rpki.ripe.net/repository/DEFAULT/53/a8bda7-2450-4ea5-827c-0f7589bc0ce0/1/QbA1V5NRFBbxRwW15pV14JEgMcE.mft rsync://rpki.ripe.net/repository/DEFAULT/QbA1V5NRFBbxRwW15pV14JEgMcE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 11:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:07:db:b2:e0:fd:0c:37:f4:41:41:0b:68:76:16:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41b0355793511416f14705b5e69575e0912031c1 Validity Not Before: Jan 2 14:06:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8c387f7b98c509be1265242bf3d0cdbb24751a60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:ee:2c:db:f5:d9:0f:a3:63:72:73:b4:24:6a: e6:cc:30:33:78:20:0c:e8:24:77:c5:c9:97:42:eb: a6:66:24:8c:dd:19:16:32:77:18:d3:74:a2:db:d7: 77:3d:8c:ca:99:36:4a:1e:17:9c:f5:ef:0e:f9:57: 17:22:20:dd:59:bf:d1:c6:1b:f4:ea:09:9d:fe:7a: 6f:41:38:5f:89:42:dc:7b:de:1f:4a:ca:d4:a4:ec: 9f:22:98:31:26:eb:4a:35:68:82:83:6e:c6:29:51: d5:ee:3a:b6:dd:0f:b0:5d:9f:e9:90:73:64:e3:6b: 18:71:a2:0e:c7:ac:07:2a:5a:a5:44:8a:ec:df:80: 22:7c:27:34:6b:9e:50:32:71:fc:ba:b6:9b:32:ed: 9d:38:e3:3f:3a:e2:9f:cd:ef:92:6e:59:b0:e6:2b: 71:08:f1:ba:83:e2:59:90:c4:da:d0:d2:65:83:2d: 2d:b3:de:dd:cd:f8:3f:30:c2:0a:fb:f3:dc:71:9b: 05:e8:fe:79:7d:0d:d5:25:ba:90:8c:0d:87:17:87: 6e:84:6d:f5:e9:0d:98:2e:73:0d:c8:5e:8b:f1:e5: a0:80:41:1d:a9:fd:7c:78:d7:4e:6a:56:22:29:75: e1:37:a0:03:7f:86:21:dd:7c:a1:92:4b:31:1e:b6: 50:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:38:7F:7B:98:C5:09:BE:12:65:24:2B:F3:D0:CD:BB:24:75:1A:60 X509v3 Authority Key Identifier: keyid:41:B0:35:57:93:51:14:16:F1:47:05:B5:E6:95:75:E0:91:20:31:C1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QbA1V5NRFBbxRwW15pV14JEgMcE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a8bda7-2450-4ea5-827c-0f7589bc0ce0/1/jDh_e5jFCb4SZSQr89DNuyR1GmA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a8bda7-2450-4ea5-827c-0f7589bc0ce0/1/QbA1V5NRFBbxRwW15pV14JEgMcE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.111.111.0/24 109.104.120.0/24 178.251.238.0/24 185.139.5.0/24 217.195.202.0/24 217.195.207.0/24 Signature Algorithm: sha256WithRSAEncryption be:06:18:f7:b1:4b:0d:58:32:90:82:31:d9:8d:16:61:45:2c: 79:b0:59:60:e7:27:3a:5a:e3:f7:6a:88:15:15:b3:dd:e0:79: ad:3c:d6:ca:10:7e:72:ad:c8:92:2e:90:31:e9:9f:d2:2b:97: 1c:bc:42:ff:30:54:40:3a:68:60:ea:36:df:1f:58:a5:df:0f: 8d:ae:76:40:2a:2e:32:d6:f0:f0:e8:d9:34:6e:d2:93:5a:ee: bf:7d:b1:c7:6b:61:f7:09:a1:1c:10:3e:30:21:f6:60:fc:e2: 98:0f:58:e6:d8:77:99:9e:b8:60:74:9b:c2:50:93:f2:7c:6d: 2a:65:4c:62:a5:dc:02:cc:dc:e9:50:df:c8:2c:c5:8c:48:06: c3:a0:9a:4d:a5:4c:16:e7:86:e5:81:2d:10:6d:07:bd:74:95: 12:56:ea:3b:87:5d:9e:1a:0e:09:d8:4b:10:80:6a:5a:ee:87: 18:20:f0:52:72:db:17:15:ae:7f:85:9c:4c:52:ce:dc:cc:81: 37:be:1a:2d:95:ec:94:1f:d9:d8:1e:0a:c0:2b:68:35:63:bb: 84:a7:7f:74:55:b5:94:af:13:34:3b:de:59:89:e9:d9:a9:4e: c8:f3:9b:cc:0c:ae:12:dc:05:57:bc:7a:8e:c3:00:4e:8c:c8: 6a:51:f6:5d -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt/B9uy4P0MN/RBQQtodhYUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxYjAzNTU3OTM1MTE0MTZmMTQ3MDViNWU2OTU3NWUwOTEy MDMxYzEwHhcNMjYwMTAyMTQwNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YzM4N2Y3Yjk4YzUwOWJlMTI2NTI0MmJmM2QwY2RiYjI0NzUxYTYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxu4s2/XZD6NjcnO0JGrmzDAzeCAM 6CR3xcmXQuumZiSM3RkWMncY03Si29d3PYzKmTZKHhec9e8O+VcXIiDdWb/Rxhv0 6gmd/npvQThfiULce94fSsrUpOyfIpgxJutKNWiCg27GKVHV7jq23Q+wXZ/pkHNk 42sYcaIOx6wHKlqlRIrs34AifCc0a55QMnH8urabMu2dOOM/OuKfze+Sblmw5itx CPG6g+JZkMTa0NJlgy0ts97dzfg/MMIK+/PccZsF6P55fQ3VJbqQjA2HF4duhG31 6Q2YLnMNyF6L8eWggEEdqf18eNdOalYiKXXhN6ADf4Yh3XyhkksxHrZQvQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFIw4f3uYxQm+EmUkK/PQzbskdRpgMB8GA1UdIwQY MBaAFEGwNVeTURQW8UcFteaVdeCRIDHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWJBMVY1TlJGQmJ4UndXMTVwVjE0SkVnTWNFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hOGJkYTctMjQ1MC00ZWE1LTgyN2Mt MGY3NTg5YmMwY2UwLzEvakRoX2U1akZDYjRTWlNRcjg5RE51eVIxR21BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9hOGJkYTctMjQ1MC00ZWE1LTgyN2MtMGY3NTg5YmMwY2Uw LzEvUWJBMVY1TlJGQmJ4UndXMTVwVjE0SkVnTWNFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATm9vAwQA bWh4AwQAsvvuAwQAuYsFAwQA2cPKAwQA2cPPMA0GCSqGSIb3DQEBCwUAA4IBAQC+ Bhj3sUsNWDKQgjHZjRZhRSx5sFlg5yc6WuP3aogVFbPd4HmtPNbKEH5yrciSLpAx 6Z/SK5ccvEL/MFRAOmhg6jbfH1il3w+NrnZAKi4y1vDw6Nk0btKTWu6/fbHHa2H3 CaEcED4wIfZg/OKYD1jm2HeZnrhgdJvCUJPyfG0qZUxipdwCzNzpUN/ILMWMSAbD oJpNpUwW54blgS0QbQe9dJUSVuo7h12eGg4J2EsQgGpa7ocYIPBSctsXFa5/hZxM Us7czIE3vhotleyUH9nYHgrAK2g1Y7uEp390VbWUrxM0O95ZienZqU7I85vMDK4S 3AVXvHqOwwBOjMhqUfZd -----END CERTIFICATE-----Generated at Sun Jan 25 22:13:18 2026 by rpki-client