This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/aOE6ABSZYDrwHqX0GtKP4yVMn4E.roa File: aOE6ABSZYDrwHqX0GtKP4yVMn4E.roa (raw, json) Hash identifier: hS/lZIFnL6s3O1iQAeU4NIFW/EmeY34qv/wGghzDiNw= Subject key identifier: 68:E1:3A:00:14:99:60:3A:F0:1E:A5:F4:1A:D2:8F:E3:25:4C:9F:81 Certificate issuer: /CN=246f9be783d73d95ab8aa54619e60f9011c04d67 Certificate serial: 019B7910AD2E3269369123A41C868B2DA538 Authority key identifier: 24:6F:9B:E7:83:D7:3D:95:AB:8A:A5:46:19:E6:0F:90:11:C0:4D:67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JG-b54PXPZWriqVGGeYPkBHATWc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/aOE6ABSZYDrwHqX0GtKP4yVMn4E.roa Signing time: Thu 01 Jan 2026 10:18:14 +0000 ROA not before: Thu 01 Jan 2026 10:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197937 IP address blocks: 185.7.172.0/24 maxlen: 24 2a13:83c0::/29 maxlen: 29 2a13:83c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/JG-b54PXPZWriqVGGeYPkBHATWc.crl rsync://rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/JG-b54PXPZWriqVGGeYPkBHATWc.mft rsync://rpki.ripe.net/repository/DEFAULT/JG-b54PXPZWriqVGGeYPkBHATWc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:ad:2e:32:69:36:91:23:a4:1c:86:8b:2d:a5:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=246f9be783d73d95ab8aa54619e60f9011c04d67 Validity Not Before: Jan 1 10:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=68e13a001499603af01ea5f41ad28fe3254c9f81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:ed:e9:a6:69:b7:b2:97:da:57:2a:46:7e:19: 3c:f7:0f:49:46:0f:dd:05:4a:ea:e2:a7:ef:1b:30: 68:1a:88:bb:ea:cf:14:78:48:80:fe:22:2d:5b:ef: c7:8d:83:2b:e0:11:dd:aa:b7:74:91:3c:02:2b:43: ec:79:cc:bc:23:7f:f6:01:12:f7:1e:88:c4:ed:c4: 9d:36:7a:3b:05:99:73:18:09:06:73:a0:cd:41:6f: fa:f1:6b:fb:51:1d:30:42:d4:1d:48:69:ec:9f:ba: 48:9c:1f:d0:68:06:87:10:da:b9:6b:1c:0f:cd:8b: c0:72:4b:bf:93:19:94:69:83:a1:d7:54:44:4e:87: fc:f9:11:c9:4f:94:b8:88:f9:07:1e:df:4c:49:58: bc:e4:1e:fc:eb:3b:bf:d6:b0:c7:2f:ca:47:70:63: fe:f7:25:89:07:52:bb:57:21:db:e0:c2:9c:96:8d: c6:38:13:96:58:78:0d:a2:8c:35:bd:71:9f:a2:ab: 10:de:af:45:be:22:82:99:6e:38:b6:41:8a:e8:db: 4a:ac:7e:b7:5f:ae:5f:19:93:ba:d0:09:18:62:f3: 5d:6c:9c:ef:84:dc:b5:fa:20:77:e8:da:52:63:12: 40:27:a3:59:c4:47:df:b5:ca:41:93:82:69:2c:10: 4e:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:E1:3A:00:14:99:60:3A:F0:1E:A5:F4:1A:D2:8F:E3:25:4C:9F:81 X509v3 Authority Key Identifier: keyid:24:6F:9B:E7:83:D7:3D:95:AB:8A:A5:46:19:E6:0F:90:11:C0:4D:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JG-b54PXPZWriqVGGeYPkBHATWc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/aOE6ABSZYDrwHqX0GtKP4yVMn4E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/baa372-823b-4b07-9aab-cbbd01f2b91c/1/JG-b54PXPZWriqVGGeYPkBHATWc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.7.172.0/24 IPv6: 2a13:83c0::/29 Signature Algorithm: sha256WithRSAEncryption b2:a8:21:17:ac:01:72:95:8b:f1:3e:fd:03:f6:9e:12:c3:af: b3:7b:a5:28:29:0e:2a:cb:56:f0:23:62:77:5c:a7:76:86:e2: 1a:11:0e:83:9b:be:d1:b6:70:61:c5:8e:3b:ca:ad:ea:3b:88: a6:90:67:0d:63:75:8c:4e:74:50:f5:74:8d:4a:fb:8f:2b:3f: f5:b1:ae:0c:54:9e:91:10:f6:62:7f:b3:cd:a3:fc:5c:c5:04: 16:96:94:21:d7:59:03:ae:37:2e:aa:67:39:64:cb:c1:99:17: 9d:5e:ab:ef:9f:85:19:0e:e6:e4:56:e7:34:5e:0a:d1:a7:40: 14:e1:53:2c:4a:ff:74:01:42:9b:c4:f4:11:a2:d1:91:d3:bc: 56:49:d9:d0:8e:d4:ae:6c:2c:45:03:62:c3:1f:85:e8:a6:90: ac:4e:a9:2c:49:9a:da:7f:1a:db:d7:21:2f:64:0d:ce:61:48: 09:dc:f1:10:97:50:73:cc:a7:7b:33:60:54:41:54:f5:76:19: 83:6c:c2:5d:92:87:2d:d2:c8:51:a5:43:46:8a:46:ba:2d:6f: cd:66:33:14:b2:8c:1c:1c:30:72:ae:b8:1b:d0:f0:59:66:39: 43:31:7f:68:bd:2c:3c:9d:c8:93:1f:6d:5c:3a:89:df:eb:97: 04:c4:01:22 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5EK0uMmk2kSOkHIaLLaU4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI0NmY5YmU3ODNkNzNkOTVhYjhhYTU0NjE5ZTYwZjkwMTFj MDRkNjcwHhcNMjYwMTAxMTAxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OGUxM2EwMDE0OTk2MDNhZjAxZWE1ZjQxYWQyOGZlMzI1NGM5ZjgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0u3ppmm3spfaVypGfhk89w9JRg/d BUrq4qfvGzBoGoi76s8UeEiA/iItW+/HjYMr4BHdqrd0kTwCK0Psecy8I3/2ARL3 HojE7cSdNno7BZlzGAkGc6DNQW/68Wv7UR0wQtQdSGnsn7pInB/QaAaHENq5axwP zYvAcku/kxmUaYOh11RETof8+RHJT5S4iPkHHt9MSVi85B786zu/1rDHL8pHcGP+ 9yWJB1K7VyHb4MKclo3GOBOWWHgNoow1vXGfoqsQ3q9FviKCmW44tkGK6NtKrH63 X65fGZO60AkYYvNdbJzvhNy1+iB36NpSYxJAJ6NZxEfftcpBk4JpLBBOkwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFGjhOgAUmWA68B6l9BrSj+MlTJ+BMB8GA1UdIwQY MBaAFCRvm+eD1z2Vq4qlRhnmD5ARwE1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSkctYjU0UFhQWldyaXFWR0dlWVBrQkhBVFdjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iYWEzNzItODIzYi00YjA3LTlhYWIt Y2JiZDAxZjJiOTFjLzEvYU9FNkFCU1pZRHJ3SHFYMEd0S1A0eVZNbjRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9iYWEzNzItODIzYi00YjA3LTlhYWItY2JiZDAxZjJiOTFj LzEvSkctYjU0UFhQWldyaXFWR0dlWVBrQkhBVFdjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuQesMA0E AgACMAcDBQMqE4PAMA0GCSqGSIb3DQEBCwUAA4IBAQCyqCEXrAFylYvxPv0D9p4S w6+ze6UoKQ4qy1bwI2J3XKd2huIaEQ6Dm77RtnBhxY47yq3qO4imkGcNY3WMTnRQ 9XSNSvuPKz/1sa4MVJ6REPZif7PNo/xcxQQWlpQh11kDrjcuqmc5ZMvBmRedXqvv n4UZDubkVuc0XgrRp0AU4VMsSv90AUKbxPQRotGR07xWSdnQjtSubCxFA2LDH4Xo ppCsTqksSZrafxrb1yEvZA3OYUgJ3PEQl1BzzKd7M2BUQVT1dhmDbMJdkoct0shR pUNGika6LW/NZjMUsowcHDByrrgb0PBZZjlDMX9ovSw8nciTH21cOonf65cExAEi -----END CERTIFICATE-----Generated at Sun Jan 25 15:28:55 2026 by rpki-client