This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/jukzqBN3MLbeKVI2HbGH1M6Rq9E.roa File: jukzqBN3MLbeKVI2HbGH1M6Rq9E.roa (raw, json) Hash identifier: 3VyrLTv5msCiOqxXAT5r6HeXGSHnowkLXALYkydr0XI= Subject key identifier: 8E:E9:33:A8:13:77:30:B6:DE:29:52:36:1D:B1:87:D4:CE:91:AB:D1 Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d Certificate serial: 019B7AC825635CB504147AF150F7B38F2541 Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/jukzqBN3MLbeKVI2HbGH1M6Rq9E.roa Signing time: Thu 01 Jan 2026 18:18:15 +0000 ROA not before: Thu 01 Jan 2026 18:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1239 IP address blocks: 86.38.145.0/24 maxlen: 24 86.38.191.0/24 maxlen: 24 89.117.212.0/24 maxlen: 24 89.117.214.0/24 maxlen: 24 89.117.251.0/24 maxlen: 24 217.9.246.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:25:63:5c:b5:04:14:7a:f1:50:f7:b3:8f:25:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d Validity Not Before: Jan 1 18:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8ee933a8137730b6de2952361db187d4ce91abd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:40:32:49:c1:31:8a:da:ca:ce:4c:77:c4:60: b8:83:61:c2:e4:21:7e:6b:a1:8a:5c:0d:97:d5:b0: ba:ed:d5:23:bc:8e:e1:95:98:e8:d9:28:e6:29:0b: a4:0b:14:65:0e:02:a2:e6:22:7b:53:01:2b:62:b7: 29:62:a0:7b:2e:a9:6e:63:69:f9:cd:80:d6:ca:7a: 1f:0b:ef:12:84:3d:9f:6a:dc:bf:7e:c3:cf:70:5f: f8:01:94:bf:1d:5b:72:8a:39:90:3b:c7:9d:d4:aa: dc:ee:78:e2:d5:53:d5:77:96:63:e5:72:d7:7c:cb: 6d:7a:2f:88:39:76:4d:73:77:8d:10:8a:8d:d5:01: ab:4d:0e:c2:96:85:dd:1a:96:74:ce:e0:68:d9:00: e4:60:dd:ff:fb:49:06:6c:b8:7d:1f:19:51:e6:5b: 00:cc:37:a6:2d:36:a5:10:64:cc:ff:33:2a:2c:6a: d9:21:ba:c3:7e:4f:fd:dd:d3:a5:5a:04:74:5b:bb: 0e:7d:a7:4c:12:46:df:57:35:13:4d:fd:4f:80:a8: c0:60:93:5a:59:46:5b:a2:d5:aa:76:d6:86:13:0a: 21:c1:43:3d:3b:18:b6:ca:26:f8:a6:02:20:3f:97: c3:80:aa:1d:8e:df:14:ea:af:25:4f:43:8d:83:39: f9:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:E9:33:A8:13:77:30:B6:DE:29:52:36:1D:B1:87:D4:CE:91:AB:D1 X509v3 Authority Key Identifier: keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/jukzqBN3MLbeKVI2HbGH1M6Rq9E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.38.145.0/24 86.38.191.0/24 89.117.212.0/24 89.117.214.0/24 89.117.251.0/24 217.9.246.0/24 Signature Algorithm: sha256WithRSAEncryption 67:cf:a3:f8:c7:a1:e3:07:93:06:f8:b1:ab:d4:da:35:24:d1: ce:6b:b6:b6:4c:79:8f:2b:43:db:1b:34:0f:f6:61:25:28:c7: e9:c1:53:87:e1:9c:09:a8:b0:a0:1e:55:d5:48:cd:c9:a3:25: 39:a9:5f:8a:47:f7:f4:07:44:e2:49:48:28:dc:dd:15:ef:d8: 17:10:0e:cb:03:8d:d5:d8:fd:6a:cb:d1:1c:81:24:07:e7:85: cc:d7:fe:fa:51:57:ae:7a:4a:be:22:78:9d:ee:79:69:3e:4a: 7f:43:c9:ed:43:6f:45:d7:7f:a6:93:16:81:5e:0e:bc:c6:d8: f6:b9:2a:54:f4:a0:96:c6:6f:14:10:51:11:dc:95:fc:8e:36: 6d:d4:df:17:75:70:fb:9a:c1:90:49:50:ac:b9:6c:83:e7:22: 82:4a:f4:ab:51:30:48:f9:e7:d5:da:03:04:36:2b:24:60:8f: e8:d4:52:f5:e5:b2:71:85:75:a5:f2:2f:b6:e9:a5:13:63:ae: 73:47:dc:3e:66:42:f5:3b:9a:4f:c1:c0:1e:b4:14:3b:17:74: f8:92:85:c6:bd:ba:fb:e3:ff:10:b3:fa:93:fe:b3:99:8d:cd: 7e:8c:dc:83:91:82:96:10:04:55:3f:7e:05:ac:6c:b9:68:29: 81:7d:64:0e -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt6yCVjXLUEFHrxUPezjyVBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3 MTE4MGQwHhcNMjYwMTAxMTgxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZWU5MzNhODEzNzczMGI2ZGUyOTUyMzYxZGIxODdkNGNlOTFhYmQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UAyScExitrKzkx3xGC4g2HC5CF+ a6GKXA2X1bC67dUjvI7hlZjo2SjmKQukCxRlDgKi5iJ7UwErYrcpYqB7LqluY2n5 zYDWynofC+8ShD2faty/fsPPcF/4AZS/HVtyijmQO8ed1Krc7nji1VPVd5Zj5XLX fMttei+IOXZNc3eNEIqN1QGrTQ7CloXdGpZ0zuBo2QDkYN3/+0kGbLh9HxlR5lsA zDemLTalEGTM/zMqLGrZIbrDfk/93dOlWgR0W7sOfadMEkbfVzUTTf1PgKjAYJNa WUZbotWqdtaGEwohwUM9Oxi2yib4pgIgP5fDgKodjt8U6q8lT0ONgzn5XQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFI7pM6gTdzC23ilSNh2xh9TOkavRMB8GA1UdIwQY MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt MDQ2ODA0MjQ4NmRjLzEvanVrenFCTjNNTGJlS1ZJMkhiR0gxTTZScTlFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAViaRAwQA Via/AwQAWXXUAwQAWXXWAwQAWXX7AwQA2Qn2MA0GCSqGSIb3DQEBCwUAA4IBAQBn z6P4x6HjB5MG+LGr1No1JNHOa7a2THmPK0PbGzQP9mElKMfpwVOH4ZwJqLCgHlXV SM3JoyU5qV+KR/f0B0TiSUgo3N0V79gXEA7LA43V2P1qy9EcgSQH54XM1/76UVeu ekq+Inid7nlpPkp/Q8ntQ29F13+mkxaBXg68xtj2uSpU9KCWxm8UEFER3JX8jjZt 1N8XdXD7msGQSVCsuWyD5yKCSvSrUTBI+efV2gMENiskYI/o1FL15bJxhXWl8i+2 6aUTY65zR9w+ZkL1O5pPwcAetBQ7F3T4koXGvbr74/8Qs/qT/rOZjc1+jNyDkYKW EARVP34FrGy5aCmBfWQO -----END CERTIFICATE-----Generated at Sun Jan 25 10:06:35 2026 by rpki-client