This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/jDqKUZBODUjBnVNebvS0O1uTYVg.roa File: jDqKUZBODUjBnVNebvS0O1uTYVg.roa (raw, json) Hash identifier: +/llkkAW3JdOUYZ8UHsLUQJmNLSLCBnzHv87Ol04gZU= Subject key identifier: 8C:3A:8A:51:90:4E:0D:48:C1:9D:53:5E:6E:F4:B4:3B:5B:93:61:58 Certificate issuer: /CN=58d2d2715f43f747bea762dce166bca4b8e965eb Certificate serial: 019B76EB4761D9F7C67CA1D444B52F77D827 Authority key identifier: 58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/jDqKUZBODUjBnVNebvS0O1uTYVg.roa Signing time: Thu 01 Jan 2026 00:18:09 +0000 ROA not before: Thu 01 Jan 2026 00:18:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6724 IP address blocks: 81.169.128.0/17 maxlen: 24 85.214.0.0/15 maxlen: 24 192.67.198.0/24 maxlen: 24 193.141.3.0/24 maxlen: 24 194.45.97.0/24 maxlen: 24 2a01:238::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.mft rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 00:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:47:61:d9:f7:c6:7c:a1:d4:44:b5:2f:77:d8:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=58d2d2715f43f747bea762dce166bca4b8e965eb Validity Not Before: Jan 1 00:18:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8c3a8a51904e0d48c19d535e6ef4b43b5b936158 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:65:82:93:f3:cc:93:16:bf:8e:27:bd:5c:da: 62:4c:aa:32:80:27:bc:35:f0:3d:d1:20:ba:d2:13: 36:c2:8d:83:12:03:53:62:8a:d7:60:00:f0:00:c4: 2d:13:43:f7:73:cc:61:be:72:57:f7:b9:79:bf:04: 63:e2:de:8b:f8:34:5d:73:1c:66:a8:1d:ae:df:34: 40:8e:43:b6:7d:58:b1:55:56:ee:07:05:b1:87:7d: e9:a2:3c:3d:51:1b:86:78:ae:03:fa:74:95:f8:24: 54:bc:16:b2:2f:a2:ff:66:22:e7:2b:cd:f3:2e:92: d7:34:ea:30:89:ed:e5:6e:18:0f:d2:f3:d4:77:e7: a9:09:f0:8c:ec:c3:83:b3:34:6e:4b:eb:34:dd:b5: ef:90:46:1b:36:c0:21:ae:dd:37:1f:d5:49:ec:d7: 8b:fa:da:15:ca:cd:af:8b:cd:f1:e5:3b:a2:0c:a7: b1:d7:ba:90:5e:b4:dc:10:fa:7e:be:fe:45:f4:96: d1:07:db:57:a2:44:d0:01:6c:4e:cd:82:c0:e3:8c: 57:bf:79:1c:da:3c:ce:ff:0e:68:52:cf:7a:46:e2: 8a:ac:6c:30:a1:5b:4c:07:2a:e4:aa:41:ad:17:bf: d3:58:f6:25:60:a7:9d:c2:1b:af:6b:ac:77:29:2b: bf:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:3A:8A:51:90:4E:0D:48:C1:9D:53:5E:6E:F4:B4:3B:5B:93:61:58 X509v3 Authority Key Identifier: keyid:58:D2:D2:71:5F:43:F7:47:BE:A7:62:DC:E1:66:BC:A4:B8:E9:65:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WNLScV9D90e-p2Lc4Wa8pLjpZes.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/jDqKUZBODUjBnVNebvS0O1uTYVg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d67b7b-c798-4901-80f9-e3834516fc08/1/WNLScV9D90e-p2Lc4Wa8pLjpZes.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.169.128.0/17 85.214.0.0/15 192.67.198.0/24 193.141.3.0/24 194.45.97.0/24 IPv6: 2a01:238::/29 Signature Algorithm: sha256WithRSAEncryption 11:ea:b8:f6:06:f2:50:39:ab:1b:40:60:5a:78:02:8f:eb:53: a6:f4:ee:89:50:99:f1:ea:d8:b5:11:1c:c9:a7:1f:3b:c8:65: a7:bb:b2:44:b4:b3:60:10:9b:b8:6d:f9:7a:f4:2a:54:1a:29: 6b:71:de:e9:e0:65:51:63:8b:14:34:15:74:88:5b:42:3d:34: bb:5b:19:29:f1:89:90:e0:1f:0f:4a:a6:f4:c0:f8:8a:52:0d: 63:5c:c2:66:30:5c:c2:cf:7f:2f:b4:02:b7:ab:a5:bf:04:76: 05:76:98:ad:d2:b8:e1:bc:aa:66:fb:46:b9:95:34:06:b7:1d: 81:11:e6:9f:6a:4a:e0:db:67:e0:2d:4e:87:d4:ab:56:1c:13: a3:bc:90:bc:24:a8:3f:65:cb:6a:94:28:64:bc:3b:6b:5c:8e: 2f:7c:3e:12:bf:ba:ef:22:1f:17:cb:dc:88:c4:88:67:ad:a4: 57:63:b0:e7:ee:f9:d1:87:38:2e:b7:87:0c:0b:55:62:cb:fe: 0d:fb:a5:28:1f:f4:29:52:93:27:a2:7a:1a:f3:fe:59:c5:aa: a2:b0:d1:0e:ac:44:cd:26:9c:bb:ec:a0:5c:cc:92:9b:10:c5: b2:47:1f:51:ba:a4:b7:42:7d:d2:be:00:51:2b:9e:29:b7:ee: 7a:a7:5e:95 -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgISAZt260dh2ffGfKHURLUvd9gnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDU4ZDJkMjcxNWY0M2Y3NDdiZWE3NjJkY2UxNjZiY2E0Yjhl OTY1ZWIwHhcNMjYwMTAxMDAxODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YzNhOGE1MTkwNGUwZDQ4YzE5ZDUzNWU2ZWY0YjQzYjViOTM2MTU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmWCk/PMkxa/jie9XNpiTKoygCe8 NfA90SC60hM2wo2DEgNTYorXYADwAMQtE0P3c8xhvnJX97l5vwRj4t6L+DRdcxxm qB2u3zRAjkO2fVixVVbuBwWxh33pojw9URuGeK4D+nSV+CRUvBayL6L/ZiLnK83z LpLXNOowie3lbhgP0vPUd+epCfCM7MODszRuS+s03bXvkEYbNsAhrt03H9VJ7NeL +toVys2vi83x5TuiDKex17qQXrTcEPp+vv5F9JbRB9tXokTQAWxOzYLA44xXv3kc 2jzO/w5oUs96RuKKrGwwoVtMByrkqkGtF7/TWPYlYKedwhuva6x3KSu/2wIDAQAB o4ICLzCCAiswHQYDVR0OBBYEFIw6ilGQTg1IwZ1TXm70tDtbk2FYMB8GA1UdIwQY MBaAFFjS0nFfQ/dHvqdi3OFmvKS46WXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjkt ZTM4MzQ1MTZmYzA4LzEvakRxS1VaQk9EVWpCblZOZWJ2UzBPMXVUWVZnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS9kNjdiN2ItYzc5OC00OTAxLTgwZjktZTM4MzQ1MTZmYzA4 LzEvV05MU2NWOUQ5MGUtcDJMYzRXYThwTGpwWmVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQHUamAAwMB VdYDBADAQ8YDBADBjQMDBADCLWEwDQQCAAIwBwMFAyoBAjgwDQYJKoZIhvcNAQEL BQADggEBABHquPYG8lA5qxtAYFp4Ao/rU6b07olQmfHq2LURHMmnHzvIZae7skS0 s2AQm7ht+Xr0KlQaKWtx3ungZVFjixQ0FXSIW0I9NLtbGSnxiZDgHw9KpvTA+IpS DWNcwmYwXMLPfy+0Arerpb8EdgV2mK3SuOG8qmb7RrmVNAa3HYER5p9qSuDbZ+At TofUq1YcE6O8kLwkqD9ly2qUKGS8O2tcji98PhK/uu8iHxfL3IjEiGetpFdjsOfu +dGHOC63hwwLVWLL/g37pSgf9ClSkyeiehrz/lnFqqKw0Q6sRM0mnLvsoFzMkpsQ xbJHH1G6pLdCfdK+AFErnim37nqnXpU= -----END CERTIFICATE-----Generated at Mon Jan 26 11:06:00 2026 by rpki-client