This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/33AkLs4T5_ew6mnnyWq5Pd5URH0.roa File: 33AkLs4T5_ew6mnnyWq5Pd5URH0.roa (raw, json) Hash identifier: D7jZ0XkJNtIAmG30h9W8QSsDeq/g0BH6iSc+/oPyUco= Subject key identifier: DF:70:24:2E:CE:13:E7:F7:B0:EA:69:E7:C9:6A:B9:3D:DE:54:44:7D Certificate issuer: /CN=aa3aed91f29b2cc7d3e05f240d99137581d9b5b3 Certificate serial: 019B7E38933573AB51E6A8EBD99175B3B548 Authority key identifier: AA:3A:ED:91:F2:9B:2C:C7:D3:E0:5F:24:0D:99:13:75:81:D9:B5:B3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/33AkLs4T5_ew6mnnyWq5Pd5URH0.roa Signing time: Fri 02 Jan 2026 10:19:55 +0000 ROA not before: Fri 02 Jan 2026 10:19:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15412 IP address blocks: 62.216.128.0/19 maxlen: 24 80.77.0.0/20 maxlen: 24 85.95.24.0/22 maxlen: 24 89.17.96.0/19 maxlen: 19 2001:1a00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.crl rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.mft rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:93:35:73:ab:51:e6:a8:eb:d9:91:75:b3:b5:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa3aed91f29b2cc7d3e05f240d99137581d9b5b3 Validity Not Before: Jan 2 10:19:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=df70242ece13e7f7b0ea69e7c96ab93dde54447d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:69:12:e1:af:d8:9d:c2:5f:b7:c2:3a:ac:23: 76:42:1d:1b:f1:09:73:75:de:a3:c4:7a:42:dd:8e: d7:6e:93:c1:e8:8a:56:0d:a0:ef:d2:8a:dc:8e:d3: 0a:98:45:f2:8b:cd:ef:d1:1c:61:b4:5a:72:86:d1: a4:b9:d1:aa:ae:46:2f:bc:9f:12:5a:cc:1d:51:85: a6:80:66:92:39:60:a5:49:62:a1:0d:b0:7f:c5:3c: 3f:e3:34:ff:60:08:90:fb:9e:37:2a:48:0d:4a:bb: 5d:cd:f1:6e:a5:db:31:5a:20:e0:f7:19:c2:ef:8f: 53:40:ab:90:66:1e:81:39:39:26:96:94:85:6b:a7: cc:39:7d:21:d0:c2:ff:b7:cb:8e:e5:2c:33:c9:3e: 85:04:6b:07:71:51:c1:a3:1e:87:6e:0d:93:c5:a0: ef:18:f2:92:4c:46:76:e6:39:6b:bb:0a:fb:0f:f2: 73:3d:b5:39:b2:a1:24:0d:12:59:22:91:4f:f1:c2: 3e:55:42:3e:dd:b0:11:5d:e0:f3:4a:05:03:25:54: 63:bd:ed:0d:82:9f:03:93:e9:76:7d:75:29:9f:c9: 2b:1d:18:41:ac:0a:b6:a3:02:8a:52:49:aa:ca:c7: 92:f0:9a:fe:af:62:bf:48:e2:da:37:55:8f:8e:c8: 6d:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:70:24:2E:CE:13:E7:F7:B0:EA:69:E7:C9:6A:B9:3D:DE:54:44:7D X509v3 Authority Key Identifier: keyid:AA:3A:ED:91:F2:9B:2C:C7:D3:E0:5F:24:0D:99:13:75:81:D9:B5:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjrtkfKbLMfT4F8kDZkTdYHZtbM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/33AkLs4T5_ew6mnnyWq5Pd5URH0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e0f63-ef7a-4662-b046-04e1eb2a9328/1/qjrtkfKbLMfT4F8kDZkTdYHZtbM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 62.216.128.0/19 80.77.0.0/20 85.95.24.0/22 89.17.96.0/19 IPv6: 2001:1a00::/32 Signature Algorithm: sha256WithRSAEncryption 13:6c:0d:79:56:a3:8d:8a:e4:27:0f:a9:07:39:f0:80:44:c9: 35:c3:d5:92:4d:d7:1f:e9:c8:df:35:e4:aa:89:b2:b1:a5:9a: fe:85:f1:ce:c4:92:20:e0:8e:de:95:3a:55:84:7a:39:e9:97: c3:b7:1b:73:5f:2e:b6:2a:a6:f8:c1:1a:e4:a0:b5:9a:40:e0: 02:32:b3:b9:31:d0:21:00:c7:cb:ba:79:a1:fe:c5:49:20:55: 7f:b7:e3:b3:d9:7f:df:7f:ff:95:80:e2:a7:18:f8:3a:5a:36: e0:66:f9:ed:96:35:72:51:bd:d8:f3:8d:da:ea:a3:2f:9a:25: 83:8d:bf:44:39:ba:a2:7f:53:71:26:c3:1c:7a:53:0a:e1:b0: 46:ec:9b:f7:91:1a:da:62:c7:d5:4e:52:8a:89:57:a1:ce:ba: 56:9e:16:da:94:56:3b:12:ef:2c:42:1e:c9:4d:2a:f3:0b:dc: 87:0d:64:06:64:11:d0:73:d5:88:e3:a5:3b:dd:7a:b3:01:55: 9a:e6:9f:51:cf:ca:0a:e9:8c:2a:58:dd:99:70:c8:0a:bc:07: ae:72:07:a9:9a:55:11:2d:7d:be:25:cd:ea:67:a2:c2:75:cc: 7d:ab:63:90:c5:4b:6b:bc:95:f5:e9:7d:c6:83:08:7a:25:2b: 52:40:f9:94 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt+OJM1c6tR5qjr2ZF1s7VIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhM2FlZDkxZjI5YjJjYzdkM2UwNWYyNDBkOTkxMzc1ODFk OWI1YjMwHhcNMjYwMTAyMTAxOTU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZjcwMjQyZWNlMTNlN2Y3YjBlYTY5ZTdjOTZhYjkzZGRlNTQ0NDdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGkS4a/YncJft8I6rCN2Qh0b8Qlz dd6jxHpC3Y7XbpPB6IpWDaDv0orcjtMKmEXyi83v0RxhtFpyhtGkudGqrkYvvJ8S WswdUYWmgGaSOWClSWKhDbB/xTw/4zT/YAiQ+543KkgNSrtdzfFupdsxWiDg9xnC 749TQKuQZh6BOTkmlpSFa6fMOX0h0ML/t8uO5SwzyT6FBGsHcVHBox6Hbg2TxaDv GPKSTEZ25jlruwr7D/JzPbU5sqEkDRJZIpFP8cI+VUI+3bARXeDzSgUDJVRjve0N gp8Dk+l2fXUpn8krHRhBrAq2owKKUkmqyseS8Jr+r2K/SOLaN1WPjshttQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFN9wJC7OE+f3sOpp58lquT3eVER9MB8GA1UdIwQY MBaAFKo67ZHymyzH0+BfJA2ZE3WB2bWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWpydGtmS2JMTWZUNEY4a0Raa1RkWUhadGJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTBmNjMtZWY3YS00NjYyLWIwNDYt MDRlMWViMmE5MzI4LzEvMzNBa0xzNFQ1X2V3Nm1ubnlXcTVQZDVVUkgwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My84ZTBmNjMtZWY3YS00NjYyLWIwNDYtMDRlMWViMmE5MzI4 LzEvcWpydGtmS2JMTWZUNEY4a0Raa1RkWUhadGJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFPtiAAwQE UE0AAwQCVV8YAwQFWRFgMA0EAgACMAcDBQAgARoAMA0GCSqGSIb3DQEBCwUAA4IB AQATbA15VqONiuQnD6kHOfCARMk1w9WSTdcf6cjfNeSqibKxpZr+hfHOxJIg4I7e lTpVhHo56ZfDtxtzXy62Kqb4wRrkoLWaQOACMrO5MdAhAMfLunmh/sVJIFV/t+Oz 2X/ff/+VgOKnGPg6WjbgZvntljVyUb3Y843a6qMvmiWDjb9EObqif1NxJsMcelMK 4bBG7Jv3kRraYsfVTlKKiVehzrpWnhbalFY7Eu8sQh7JTSrzC9yHDWQGZBHQc9WI 46U73XqzAVWa5p9Rz8oK6YwqWN2ZcMgKvAeucgepmlURLX2+Jc3qZ6LCdcx9q2OQ xUtrvJX16X3Ggwh6JStSQPmU -----END CERTIFICATE-----Generated at Sun Jan 25 15:01:11 2026 by rpki-client