This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/0JgDt3i_Pnuh9krPjzNeMq8un4E.roa File: 0JgDt3i_Pnuh9krPjzNeMq8un4E.roa (raw, json) Hash identifier: 8rurD+AjaAV28krVdAh9BeQ4Bjdsbjm+BdrFzIixPG4= Subject key identifier: D0:98:03:B7:78:BF:3E:7B:A1:F6:4A:CF:8F:33:5E:32:AF:2E:9F:81 Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c Certificate serial: 019B7E38DE47EF80E17DCC89ABAF1F225750 Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/0JgDt3i_Pnuh9krPjzNeMq8un4E.roa Signing time: Fri 02 Jan 2026 10:20:14 +0000 ROA not before: Fri 02 Jan 2026 10:20:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 397232 IP address blocks: 37.209.192.0/24 maxlen: 24 37.209.194.0/24 maxlen: 24 37.209.196.0/24 maxlen: 24 37.209.198.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:de:47:ef:80:e1:7d:cc:89:ab:af:1f:22:57:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c Validity Not Before: Jan 2 10:20:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d09803b778bf3e7ba1f64acf8f335e32af2e9f81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:67:ce:26:33:ab:58:50:2e:d5:d0:cc:2f:0a: 93:39:7f:9a:1f:b4:41:80:ef:2d:76:73:e3:40:ea: 40:73:b6:c3:1c:e2:44:d4:52:22:3f:62:86:ed:f5: c9:0d:29:ca:45:60:65:cf:be:f4:f7:7f:6c:82:69: b5:3a:e5:05:2d:4c:2e:c5:07:d5:a7:0a:94:ee:fa: 85:a4:5a:d0:6d:cf:3c:80:a9:32:d9:9f:b5:64:b1: b5:10:c2:61:4a:82:57:86:79:e4:75:62:87:46:c7: bb:55:51:33:ae:a7:7a:ee:1b:8b:72:c7:17:ea:1f: ea:ec:73:93:d0:a3:64:b7:37:4f:d5:77:6b:ac:cf: 60:c2:05:c5:bb:50:54:8c:8e:de:07:62:ca:65:1a: ef:89:15:cf:c8:64:ed:2c:84:56:60:b3:b1:8b:69: 54:32:dc:81:96:99:34:55:c4:1c:9d:6a:2a:b9:74: 65:df:33:f4:bc:01:51:82:74:f1:47:ad:c3:74:50: 2f:92:63:05:76:6f:c1:e0:6b:f3:30:b5:bc:c3:35: 7f:db:42:63:98:86:c5:c9:79:eb:1b:f3:74:51:22: 0a:f5:a9:f3:1d:14:42:fa:8b:37:df:28:08:1b:85: 78:27:8e:9f:e9:0b:37:06:f9:90:24:b1:df:9a:ec: 87:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:98:03:B7:78:BF:3E:7B:A1:F6:4A:CF:8F:33:5E:32:AF:2E:9F:81 X509v3 Authority Key Identifier: keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/0JgDt3i_Pnuh9krPjzNeMq8un4E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.209.192.0/24 37.209.194.0/24 37.209.196.0/24 37.209.198.0/24 Signature Algorithm: sha256WithRSAEncryption 28:4a:1c:5f:be:c6:34:ad:30:aa:92:58:71:96:37:75:56:03: d8:5c:e6:e2:5c:85:53:4e:21:9a:33:b6:b8:31:8c:f0:0b:48: a4:24:c6:87:6d:bb:1b:0d:0b:ff:12:9b:8e:02:0f:42:e8:e2: 7c:cb:42:e0:23:f4:cf:03:a3:59:38:d3:99:35:bd:a6:71:51: bb:15:8c:8a:12:9a:b8:5b:e0:fe:68:ac:15:94:fc:d2:9a:c8: 6d:5f:7c:42:fa:b1:97:c2:13:1b:f2:b3:47:4f:b6:4e:d8:0c: ea:e1:e7:b4:bb:5e:53:93:b6:d9:bf:f4:20:2a:14:3a:de:29: 6f:15:32:61:00:95:81:ec:2c:c1:8e:90:2d:31:c8:65:5a:01: 01:da:b8:72:25:d9:e5:a9:3a:6d:4b:dd:33:0a:94:19:a4:36: 8f:57:53:7a:c0:7d:4a:3e:17:0a:ba:9c:c3:84:16:40:a9:52: 56:c4:a2:83:b3:46:21:31:58:b3:7b:03:e7:09:17:c7:05:62: 8a:fa:57:bf:df:4c:61:98:b1:9a:de:f2:60:87:4c:70:cd:bb: 3a:1c:1d:c6:9d:c1:4f:0a:e8:86:60:2a:8f:42:44:55:57:2e: e0:5f:e5:2e:12:2b:d4:43:af:12:6b:2a:e6:04:33:0d:13:c3: c4:1c:49:ff -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt+ON5H74DhfcyJq68fIldQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj OGJmMmMwHhcNMjYwMTAyMTAyMDE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMDk4MDNiNzc4YmYzZTdiYTFmNjRhY2Y4ZjMzNWUzMmFmMmU5ZjgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmfOJjOrWFAu1dDMLwqTOX+aH7RB gO8tdnPjQOpAc7bDHOJE1FIiP2KG7fXJDSnKRWBlz770939sgmm1OuUFLUwuxQfV pwqU7vqFpFrQbc88gKky2Z+1ZLG1EMJhSoJXhnnkdWKHRse7VVEzrqd67huLcscX 6h/q7HOT0KNktzdP1XdrrM9gwgXFu1BUjI7eB2LKZRrviRXPyGTtLIRWYLOxi2lU MtyBlpk0VcQcnWoquXRl3zP0vAFRgnTxR63DdFAvkmMFdm/B4GvzMLW8wzV/20Jj mIbFyXnrG/N0USIK9anzHRRC+os33ygIG4V4J46f6Qs3BvmQJLHfmuyHDwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFNCYA7d4vz57ofZKz48zXjKvLp+BMB8GA1UdIwQY MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt NDE2Zjg1ZWUyMzdiLzEvMEpnRHQzaV9QbnVoOWtyUGp6TmVNcTh1bjRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQAoShxfvsY0rTCqklhx ljd1VgPYXObiXIVTTiGaM7a4MYzwC0ikJMaHbbsbDQv/EpuOAg9C6OJ8y0LgI/TP A6NZONOZNb2mcVG7FYyKEpq4W+D+aKwVlPzSmshtX3xC+rGXwhMb8rNHT7ZO2Azq 4ee0u15Tk7bZv/QgKhQ63ilvFTJhAJWB7CzBjpAtMchlWgEB2rhyJdnlqTptS90z CpQZpDaPV1N6wH1KPhcKupzDhBZAqVJWxKKDs0YhMVizewPnCRfHBWKK+le/30xh mLGa3vJgh0xwzbs6HB3GncFPCuiGYCqPQkRVVy7gX+UuEivUQ68SayrmBDMNE8PE HEn/ -----END CERTIFICATE-----Generated at Sun Jan 25 13:42:33 2026 by rpki-client