This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/jaZZIPaePJPu0ozcRQcxpeC9OGk.roa File: jaZZIPaePJPu0ozcRQcxpeC9OGk.roa (raw, json) Hash identifier: UzwtVe+1ET6sqDNyn+jHWQug7bRb6m7cB5+R/hyELRc= Subject key identifier: 8D:A6:59:20:F6:9E:3C:93:EE:D2:8C:DC:45:07:31:A5:E0:BD:38:69 Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813 Certificate serial: 019B7B3595E5C23558BD3ACD2C8E87B7EB4D Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/jaZZIPaePJPu0ozcRQcxpeC9OGk.roa Signing time: Thu 01 Jan 2026 20:17:47 +0000 ROA not before: Thu 01 Jan 2026 20:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49040 IP address blocks: 85.217.238.0/24 maxlen: 24 85.217.239.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.mft rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:95:e5:c2:35:58:bd:3a:cd:2c:8e:87:b7:eb:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813 Validity Not Before: Jan 1 20:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8da65920f69e3c93eed28cdc450731a5e0bd3869 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:6d:bb:64:2a:6d:2a:58:32:9c:69:63:6c:f0: d0:45:d3:44:ca:55:a7:7e:23:b5:1d:22:d8:c4:a1: b5:ea:59:04:a5:88:2d:0e:35:2f:56:b4:2f:9b:4b: b7:2b:d5:c3:29:25:ee:51:19:75:37:86:22:a7:9d: 99:66:40:3c:d8:bb:a3:84:a0:b0:03:be:91:fa:98: 71:ba:19:a6:df:98:39:8a:a6:b6:ec:73:75:97:42: b5:2e:2b:97:ba:a8:66:94:48:11:76:49:04:4b:b3: 07:9d:c0:f4:a5:e8:ff:61:f7:7d:3e:8c:97:ee:bc: a8:0e:1a:8a:f9:51:fd:c1:63:74:75:3c:8d:b1:7e: 50:95:2d:56:60:5c:0b:e6:5d:9b:dc:ca:6b:95:97: 05:29:fa:fd:85:b3:84:da:e6:ca:b8:ba:fd:ab:90: e9:6e:30:6c:61:9c:40:94:4f:c9:5f:3d:29:b7:4a: 37:54:41:c6:cc:c5:e6:11:af:27:cd:02:11:fb:41: 90:b2:9e:26:be:f6:e4:4d:8d:27:68:96:28:05:c4: 8d:da:8d:bc:df:0b:cf:45:ae:5e:08:bc:e6:85:88: 56:0e:ed:8a:3d:e2:64:2c:e7:12:11:d0:55:b4:f8: ab:6b:de:20:1b:2a:9c:b2:30:f2:37:7b:3e:d8:52: 26:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:A6:59:20:F6:9E:3C:93:EE:D2:8C:DC:45:07:31:A5:E0:BD:38:69 X509v3 Authority Key Identifier: keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/jaZZIPaePJPu0ozcRQcxpeC9OGk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.217.238.0/23 Signature Algorithm: sha256WithRSAEncryption 93:24:30:51:eb:cb:44:26:08:f8:77:22:de:49:7f:ef:7c:d7: 18:09:f9:e2:5c:5d:88:db:e1:fd:b2:d5:fb:cb:d6:e7:dc:95: 9e:52:a1:34:5c:75:8e:d3:28:0f:30:0a:5a:c6:cd:49:2a:44: e2:1b:e8:22:81:b5:7a:57:11:6b:33:77:4d:6e:1c:40:03:1d: 29:a1:af:ba:10:1a:8b:03:9b:c8:6b:07:6e:c3:89:d6:0b:cd: 51:a1:38:ac:da:ac:ce:d2:d1:bf:e2:57:1c:0e:f1:13:aa:af: d5:32:c2:58:e9:6d:50:eb:a6:84:76:c4:e2:c3:54:3d:56:ca: 35:2c:f4:db:db:9f:84:5a:44:b6:3d:0b:4a:f9:8e:13:d6:24: c0:81:87:48:94:23:fe:83:2f:1e:f0:e4:5d:4c:8a:2e:e4:40: 7e:a6:1e:c7:2a:29:22:03:a8:83:6e:7c:34:b2:a0:32:e9:1d: 26:31:a2:e5:53:00:24:49:03:c2:f6:7c:3f:a5:da:8d:02:86: 3e:7f:4c:dd:da:75:b5:f0:e0:9b:74:40:73:2c:5d:a4:fa:7f: ee:2f:cc:74:18:f3:ea:4d:e5:8b:7e:f0:e5:e8:34:93:9d:20: 69:1c:57:86:1f:66:16:d3:4b:6c:75:11:c5:39:e3:3b:7c:d3: 5b:b5:6a:08 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt7NZXlwjVYvTrNLI6Ht+tNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey NTY4MTMwHhcNMjYwMTAxMjAxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZGE2NTkyMGY2OWUzYzkzZWVkMjhjZGM0NTA3MzFhNWUwYmQzODY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuW27ZCptKlgynGljbPDQRdNEylWn fiO1HSLYxKG16lkEpYgtDjUvVrQvm0u3K9XDKSXuURl1N4Yip52ZZkA82LujhKCw A76R+phxuhmm35g5iqa27HN1l0K1LiuXuqhmlEgRdkkES7MHncD0pej/Yfd9PoyX 7ryoDhqK+VH9wWN0dTyNsX5QlS1WYFwL5l2b3MprlZcFKfr9hbOE2ubKuLr9q5Dp bjBsYZxAlE/JXz0pt0o3VEHGzMXmEa8nzQIR+0GQsp4mvvbkTY0naJYoBcSN2o28 3wvPRa5eCLzmhYhWDu2KPeJkLOcSEdBVtPira94gGyqcsjDyN3s+2FImYQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFI2mWSD2njyT7tKM3EUHMaXgvThpMB8GA1UdIwQY MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt NjRkMjljODZiZjNlLzEvamFaWklQYWVQSlB1MG96Y1JRY3hwZUM5T0drLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdnuMA0G CSqGSIb3DQEBCwUAA4IBAQCTJDBR68tEJgj4dyLeSX/vfNcYCfniXF2I2+H9stX7 y9bn3JWeUqE0XHWO0ygPMApaxs1JKkTiG+gigbV6VxFrM3dNbhxAAx0poa+6EBqL A5vIawduw4nWC81RoTis2qzO0tG/4lccDvETqq/VMsJY6W1Q66aEdsTiw1Q9Vso1 LPTb25+EWkS2PQtK+Y4T1iTAgYdIlCP+gy8e8ORdTIou5EB+ph7HKikiA6iDbnw0 sqAy6R0mMaLlUwAkSQPC9nw/pdqNAoY+f0zd2nW18OCbdEBzLF2k+n/uL8x0GPPq TeWLfvDl6DSTnSBpHFeGH2YW00tsdRHFOeM7fNNbtWoI -----END CERTIFICATE-----Generated at Sun Jan 25 17:33:38 2026 by rpki-client