This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/j14PejNnVbSoAydM85X_n83WDgE.roa File: j14PejNnVbSoAydM85X_n83WDgE.roa (raw, json) Hash identifier: jfj4OGqg5kVl4stoIRYlf4QdlrWh6mPZAlYSQkvc8+k= Subject key identifier: 8F:5E:0F:7A:33:67:55:B4:A8:03:27:4C:F3:95:FF:9F:CD:D6:0E:01 Certificate issuer: /CN=8da03e0d020efc944c1eebdaee5427d365b70076 Certificate serial: 019B77C748EBF776E5A7B30A7905D0660ABD Authority key identifier: 8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/j14PejNnVbSoAydM85X_n83WDgE.roa Signing time: Thu 01 Jan 2026 04:18:27 +0000 ROA not before: Thu 01 Jan 2026 04:18:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202561 IP address blocks: 185.200.36.0/22 maxlen: 24 185.200.36.0/24 maxlen: 24 185.200.37.0/24 maxlen: 24 185.200.38.0/24 maxlen: 24 185.200.39.0/24 maxlen: 24 198.145.118.0/24 maxlen: 24 198.145.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/jaA-DQIO_JRMHuva7lQn02W3AHY.crl rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/jaA-DQIO_JRMHuva7lQn02W3AHY.mft rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:48:eb:f7:76:e5:a7:b3:0a:79:05:d0:66:0a:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8da03e0d020efc944c1eebdaee5427d365b70076 Validity Not Before: Jan 1 04:18:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8f5e0f7a336755b4a803274cf395ff9fcdd60e01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:c7:fd:f3:49:a6:d5:16:0f:42:15:9a:ec:50: 3c:bd:e5:68:b6:23:73:4f:5b:72:79:fe:76:25:fd: d3:39:54:1d:0d:7b:82:35:51:74:dd:bd:99:ef:a6: ff:e3:3e:10:b3:f0:7a:cc:c9:42:a6:ce:01:4f:aa: 2c:bb:27:f1:40:24:7c:b6:09:55:11:5e:f0:ee:10: 89:a9:28:09:80:be:fa:1a:1f:07:47:46:31:4f:3b: fd:1a:2d:35:02:87:00:5f:53:33:ff:f2:12:1b:5f: e5:21:73:0c:60:2f:47:c9:d2:ba:ce:ad:54:fa:8c: 38:67:08:83:d4:64:b7:3d:23:ea:3f:32:59:79:90: a9:9b:7b:4a:67:6a:28:e5:cb:b7:fd:7a:c0:c2:8d: 82:be:54:fa:fe:e9:f0:4c:65:9d:ec:47:61:fe:bc: f9:2a:0d:b6:fe:16:a6:ee:a4:03:33:e0:3c:c7:1a: ae:dd:57:c4:6c:aa:d1:bd:62:54:0e:6e:b7:87:22: 9e:c2:05:4d:9e:46:d6:f3:59:e9:2f:ad:f2:57:a2: 64:25:08:cf:26:c7:1b:2f:d4:57:d1:24:d3:90:6c: ca:9d:14:2f:1a:52:bd:a0:1b:7a:71:4f:30:2e:c7: d5:58:f0:0e:cf:12:ce:61:ee:6f:8c:45:d9:8b:67: fd:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:5E:0F:7A:33:67:55:B4:A8:03:27:4C:F3:95:FF:9F:CD:D6:0E:01 X509v3 Authority Key Identifier: keyid:8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/j14PejNnVbSoAydM85X_n83WDgE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/jaA-DQIO_JRMHuva7lQn02W3AHY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.200.36.0/22 198.145.118.0/23 Signature Algorithm: sha256WithRSAEncryption 3e:5e:af:50:ee:74:e5:91:74:7f:4e:92:6f:b7:9f:18:cb:3d: 34:b4:bf:77:36:4c:25:1c:41:7e:73:57:fd:79:f4:8e:75:59: ec:51:dd:73:8e:ae:61:11:fd:01:1a:1c:92:ae:0d:a0:45:f3: b5:53:90:2b:3e:a6:ce:70:69:b7:31:3f:7b:a1:62:ce:1c:b2: 4f:bd:0f:68:4d:17:3e:06:d8:5e:1f:98:44:a8:40:c3:d8:7c: 66:4e:89:46:7a:d3:dc:0a:e4:14:20:8c:c9:b1:30:04:54:59: 07:93:8e:fb:c3:83:b2:e4:15:bb:99:35:e9:f0:29:eb:49:26: c0:22:29:db:a0:e0:7a:f8:84:37:bb:5b:3f:2a:80:b6:67:bc: 4e:2a:51:4d:1c:20:2c:b7:f3:cf:c9:d6:85:e8:33:c3:f0:0f: 43:f4:90:88:ef:03:ef:cc:36:e1:92:39:04:73:0a:6b:58:03: 07:c1:06:c7:be:b2:0c:b0:e0:31:b6:2f:85:71:19:52:3b:c0: b2:0e:64:96:6d:73:90:45:90:7c:ad:fc:35:df:3d:aa:02:ea: 1a:74:1f:6c:35:bb:66:3a:31:39:16:64:4a:a1:b5:cf:2b:e7: 20:ef:23:bb:4d:31:33:80:46:8f:f4:ef:43:f7:0b:ce:15:d2: 0a:87:d8:70 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3x0jr93blp7MKeQXQZgq9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhkYTAzZTBkMDIwZWZjOTQ0YzFlZWJkYWVlNTQyN2QzNjVi NzAwNzYwHhcNMjYwMTAxMDQxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4ZjVlMGY3YTMzNjc1NWI0YTgwMzI3NGNmMzk1ZmY5ZmNkZDYwZTAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Mf980mm1RYPQhWa7FA8veVotiNz T1tyef52Jf3TOVQdDXuCNVF03b2Z76b/4z4Qs/B6zMlCps4BT6osuyfxQCR8tglV EV7w7hCJqSgJgL76Gh8HR0YxTzv9Gi01AocAX1Mz//ISG1/lIXMMYC9HydK6zq1U +ow4ZwiD1GS3PSPqPzJZeZCpm3tKZ2oo5cu3/XrAwo2CvlT6/unwTGWd7Edh/rz5 Kg22/ham7qQDM+A8xxqu3VfEbKrRvWJUDm63hyKewgVNnkbW81npL63yV6JkJQjP JscbL9RX0STTkGzKnRQvGlK9oBt6cU8wLsfVWPAOzxLOYe5vjEXZi2f9vQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFI9eD3ozZ1W0qAMnTPOV/5/N1g4BMB8GA1UdIwQY MBaAFI2gPg0CDvyUTB7r2u5UJ9NltwB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjkt ZmI3ZDdkY2EzNGE3LzEvajE0UGVqTm5WYlNvQXlkTTg1WF9uODNXRGdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjktZmI3ZDdkY2EzNGE3 LzEvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucgkAwQB xpF2MA0GCSqGSIb3DQEBCwUAA4IBAQA+Xq9Q7nTlkXR/TpJvt58Yyz00tL93Nkwl HEF+c1f9efSOdVnsUd1zjq5hEf0BGhySrg2gRfO1U5ArPqbOcGm3MT97oWLOHLJP vQ9oTRc+BtheH5hEqEDD2HxmTolGetPcCuQUIIzJsTAEVFkHk477w4Oy5BW7mTXp 8CnrSSbAIinboOB6+IQ3u1s/KoC2Z7xOKlFNHCAst/PPydaF6DPD8A9D9JCI7wPv zDbhkjkEcwprWAMHwQbHvrIMsOAxti+FcRlSO8CyDmSWbXOQRZB8rfw13z2qAuoa dB9sNbtmOjE5FmRKobXPK+cg7yO7TTEzgEaP9O9D9wvOFdIKh9hw -----END CERTIFICATE-----Generated at Sun Jan 25 22:14:51 2026 by rpki-client