This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/JRpzznWelvDGpNctUx-9YeQj91I.roa File: JRpzznWelvDGpNctUx-9YeQj91I.roa (raw, json) Hash identifier: UWpK2mc+BRq0WDsXbRZApCIJ/yZuMuk8WsuIDijlk30= Subject key identifier: 25:1A:73:CE:75:9E:96:F0:C6:A4:D7:2D:53:1F:BD:61:E4:23:F7:52 Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2 Certificate serial: 019B78349AAE3A22BA2B130BD2C4D082A47E Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/JRpzznWelvDGpNctUx-9YeQj91I.roa Signing time: Thu 01 Jan 2026 06:17:51 +0000 ROA not before: Thu 01 Jan 2026 06:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8289 IP address blocks: 5.157.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:9a:ae:3a:22:ba:2b:13:0b:d2:c4:d0:82:a4:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2 Validity Not Before: Jan 1 06:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=251a73ce759e96f0c6a4d72d531fbd61e423f752 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:7d:3c:9c:68:57:18:32:22:b1:61:0f:c5:56: d4:dd:35:c1:19:34:0a:a4:5a:da:d3:f1:71:4b:13: 86:b7:19:89:34:94:84:88:4f:bd:d8:99:e8:19:90: 7c:dd:4e:ef:f7:ce:ea:55:db:c8:ce:02:24:c5:b6: cf:33:48:d8:94:97:63:21:9c:21:cf:53:1c:71:11: ab:ea:3c:cb:b0:5e:32:13:5c:64:b0:50:eb:0f:ca: 97:69:90:65:e8:0a:6a:2b:6c:d9:00:c3:58:11:c3: c2:81:d3:38:97:e3:3e:c3:4e:02:34:14:a4:1a:81: 79:a0:72:09:a7:d3:a1:fe:e1:e7:9d:5f:6d:35:27: ce:dd:1e:27:53:93:f2:ad:ae:9a:1d:59:c7:e3:f8: ce:27:e7:d9:c8:2c:bb:85:77:35:a9:72:5e:1e:ef: ee:d7:e5:8a:b6:3b:5f:51:76:57:d4:bb:00:62:29: 35:ac:2c:96:90:29:87:82:68:d2:74:66:41:9a:d6: ab:28:a6:95:37:85:7f:2e:a1:f4:5a:df:c1:e5:93: e8:fb:55:7c:c4:4f:5c:58:07:96:c1:1d:c5:63:30: 2c:2e:f5:55:89:eb:d6:b9:32:4e:34:90:7a:8d:b1: 35:46:c3:df:7a:7b:a6:07:00:d8:28:0e:d3:7a:09: b1:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:1A:73:CE:75:9E:96:F0:C6:A4:D7:2D:53:1F:BD:61:E4:23:F7:52 X509v3 Authority Key Identifier: keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/JRpzznWelvDGpNctUx-9YeQj91I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.157.4.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:11:41:69:39:de:6f:44:b7:a4:21:00:90:f4:9d:bc:e2:0e: 5a:55:54:6f:4b:76:07:2f:50:6a:50:7c:1f:c3:bf:33:33:d7: 6f:03:da:ed:cb:ac:de:ce:ca:b5:c8:cc:6c:7c:c8:9c:5f:89: 29:05:68:70:31:49:8d:b2:1c:c1:64:ea:27:1b:1a:ee:d0:b6: 89:6c:9a:c4:62:02:f6:d0:05:cd:56:5b:ed:32:7a:44:32:62: ae:17:64:1b:fa:24:17:b4:f1:59:b0:74:05:c5:c8:a0:08:f7: 1a:22:9b:f0:86:2e:3d:b5:b8:58:21:0c:c8:b5:99:c2:8a:f0: 6c:8f:4d:4a:69:60:9b:22:3a:f5:00:b0:9c:cd:52:df:73:be: 1c:3d:ad:33:86:bb:48:bc:75:a4:f2:f3:70:a7:5a:1d:27:43: d8:fa:59:2f:bb:ff:85:11:6f:95:dd:1c:23:c1:86:99:cc:b1: 96:7e:d3:13:08:fc:5f:4d:2f:ed:f1:92:16:8a:92:b1:b2:19: be:db:2b:6e:b1:4e:fd:d5:b2:c9:7d:b5:7c:f9:97:f3:c6:7f: 58:7a:c4:98:37:b5:f7:67:19:b7:3f:72:92:e4:1e:eb:93:74: a5:83:f0:76:f4:48:61:01:8a:4f:e5:aa:3d:4f:a8:9a:b4:0d: 8f:24:d0:d6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4NJquOiK6KxML0sTQgqR+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy MDdmZDIwHhcNMjYwMTAxMDYxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNTFhNzNjZTc1OWU5NmYwYzZhNGQ3MmQ1MzFmYmQ2MWU0MjNmNzUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApX08nGhXGDIisWEPxVbU3TXBGTQK pFra0/FxSxOGtxmJNJSEiE+92JnoGZB83U7v987qVdvIzgIkxbbPM0jYlJdjIZwh z1MccRGr6jzLsF4yE1xksFDrD8qXaZBl6ApqK2zZAMNYEcPCgdM4l+M+w04CNBSk GoF5oHIJp9Oh/uHnnV9tNSfO3R4nU5Pyra6aHVnH4/jOJ+fZyCy7hXc1qXJeHu/u 1+WKtjtfUXZX1LsAYik1rCyWkCmHgmjSdGZBmtarKKaVN4V/LqH0Wt/B5ZPo+1V8 xE9cWAeWwR3FYzAsLvVVievWuTJONJB6jbE1RsPfenumBwDYKA7Tegmx9wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCUac851npbwxqTXLVMfvWHkI/dSMB8GA1UdIwQY MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt MTVmMTNlM2Y3ZDg1LzEvSlJwenpuV2VsdkRHcE5jdFV4LTlZZVFqOTFJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1 LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABZ0EMA0G CSqGSIb3DQEBCwUAA4IBAQAtEUFpOd5vRLekIQCQ9J284g5aVVRvS3YHL1BqUHwf w78zM9dvA9rty6zezsq1yMxsfMicX4kpBWhwMUmNshzBZOonGxru0LaJbJrEYgL2 0AXNVlvtMnpEMmKuF2Qb+iQXtPFZsHQFxcigCPcaIpvwhi49tbhYIQzItZnCivBs j01KaWCbIjr1ALCczVLfc74cPa0zhrtIvHWk8vNwp1odJ0PY+lkvu/+FEW+V3Rwj wYaZzLGWftMTCPxfTS/t8ZIWipKxshm+2ytusU791bLJfbV8+Zfzxn9YesSYN7X3 Zxm3P3KS5B7rk3Slg/B29EhhAYpP5ao9T6iatA2PJNDW -----END CERTIFICATE-----Generated at Sun Jan 25 20:50:09 2026 by rpki-client