This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/ARLz7Zks6T2ea2WJuFF8R65OsN4.roa File: ARLz7Zks6T2ea2WJuFF8R65OsN4.roa (raw, json) Hash identifier: EuNQEWpBjjFCuwDTuWkj3hxC9qM3sJIuMmnx6xbp4NA= Subject key identifier: 01:12:F3:ED:99:2C:E9:3D:9E:6B:65:89:B8:51:7C:47:AE:4E:B0:DE Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986 Certificate serial: 019B7F810D685D47D1F02B9DD42D8124480C Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/ARLz7Zks6T2ea2WJuFF8R65OsN4.roa Signing time: Fri 02 Jan 2026 16:18:42 +0000 ROA not before: Fri 02 Jan 2026 16:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 33823 IP address blocks: 89.39.203.0/24 maxlen: 24 2a0e:4840::/32 maxlen: 48 2a0e:4844::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.mft rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:81:0d:68:5d:47:d1:f0:2b:9d:d4:2d:81:24:48:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986 Validity Not Before: Jan 2 16:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0112f3ed992ce93d9e6b6589b8517c47ae4eb0de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:01:b2:23:70:59:4f:f2:67:91:06:c9:6a:b0: 19:3a:cb:37:47:f3:12:cc:c3:5b:e5:ae:a3:a7:b8: 59:ce:33:f4:35:dc:69:5d:ae:72:a3:b3:b3:ab:45: 78:f1:e7:08:4e:0b:09:9b:08:63:f7:48:c4:e4:7e: 48:65:56:2d:d0:d2:6a:70:e2:50:d1:3d:21:70:d2: c3:cf:21:fb:b0:28:0d:0e:a8:a2:bf:ff:fa:fb:20: 4e:37:8e:bd:47:a8:38:92:ee:91:91:84:f5:2c:08: c2:a7:8c:d7:dd:73:d7:8e:cc:a1:7c:27:30:65:4d: 14:d9:2e:0a:1f:a4:02:9e:d0:26:e6:28:49:b5:c4: 00:44:78:15:5d:25:13:cd:89:83:e1:d9:a0:ce:4b: 69:b8:75:4e:7f:2d:88:e1:0b:95:86:96:46:c7:c3: a9:08:04:3c:72:12:ac:e3:88:6a:ee:f5:f0:9c:81: dd:60:df:38:3e:6a:78:03:29:f4:22:d2:5d:f2:0c: 46:c1:65:7f:78:21:de:19:93:e0:52:d9:96:b3:32: 38:2b:d8:72:81:b0:60:2f:13:41:17:d2:3c:6d:17: db:0c:a7:08:f0:ab:c9:44:86:a9:e8:eb:b8:4b:d2: ac:ee:56:a9:71:66:54:67:03:95:26:34:10:13:0f: 95:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:12:F3:ED:99:2C:E9:3D:9E:6B:65:89:B8:51:7C:47:AE:4E:B0:DE X509v3 Authority Key Identifier: keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/ARLz7Zks6T2ea2WJuFF8R65OsN4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.39.203.0/24 IPv6: 2a0e:4840::/32 2a0e:4844::/32 Signature Algorithm: sha256WithRSAEncryption de:61:50:6b:e0:f9:fd:5c:0f:2f:fd:91:43:81:cc:e2:6c:64: 6d:d0:38:90:dd:cf:8a:dd:2c:c2:d1:77:1d:84:b3:b7:aa:5d: e8:1f:ee:35:c7:85:64:3e:d0:2c:47:b0:aa:14:10:a6:39:b2: ef:44:c7:fb:00:fd:b7:42:ae:9e:3a:91:e7:7d:04:f0:6a:23: a8:16:78:d2:e0:77:e4:ad:26:d6:52:56:37:96:5c:4b:4c:ec: 7b:57:3d:a6:14:9b:3c:d1:c6:9d:ed:69:c2:ac:bc:d4:37:2d: fb:72:4e:ae:7f:e4:c5:e7:73:2c:9a:ff:5c:10:ad:15:73:ce: 1b:90:76:59:77:22:c2:f1:fc:11:9d:7c:51:0a:a8:c6:a4:32: 80:13:d5:d8:fe:42:bc:18:2a:d0:d8:c1:64:ca:ad:dc:c0:a1: d5:9e:70:a7:b3:8d:42:e2:d8:4a:ea:d5:04:0c:f1:bf:56:05: 94:a1:1c:72:27:dd:fe:71:c8:30:e4:74:41:ef:d8:4c:67:61: c0:24:aa:8f:66:e2:89:0e:d5:c3:be:70:23:8d:bc:91:e7:a8: 41:97:8f:5e:60:0e:4e:e2:0a:f1:73:cd:2c:c1:b6:5b:e4:b8: ea:f0:be:c9:bb:e7:6c:c1:43:a4:18:b6:67:fb:b7:96:6a:68: 60:c2:e6:c6 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgISAZt/gQ1oXUfR8Cud1C2BJEgMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw YmQ5ODYwHhcNMjYwMTAyMTYxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMTEyZjNlZDk5MmNlOTNkOWU2YjY1ODliODUxN2M0N2FlNGViMGRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAGyI3BZT/JnkQbJarAZOss3R/MS zMNb5a6jp7hZzjP0NdxpXa5yo7Ozq0V48ecITgsJmwhj90jE5H5IZVYt0NJqcOJQ 0T0hcNLDzyH7sCgNDqiiv//6+yBON469R6g4ku6RkYT1LAjCp4zX3XPXjsyhfCcw ZU0U2S4KH6QCntAm5ihJtcQARHgVXSUTzYmD4dmgzktpuHVOfy2I4QuVhpZGx8Op CAQ8chKs44hq7vXwnIHdYN84Pmp4Ayn0ItJd8gxGwWV/eCHeGZPgUtmWszI4K9hy gbBgLxNBF9I8bRfbDKcI8KvJRIap6Ou4S9Ks7lapcWZUZwOVJjQQEw+V4wIDAQAB o4ICHzCCAhswHQYDVR0OBBYEFAES8+2ZLOk9nmtlibhRfEeuTrDeMB8GA1UdIwQY MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt ZjUyNTgxNjQwMmJkLzEvQVJMejdaa3M2VDJlYTJXSnVGRjhSNjVPc040LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAWSfLMBQE AgACMA4DBQAqDkhAAwUAKg5IRDANBgkqhkiG9w0BAQsFAAOCAQEA3mFQa+D5/VwP L/2RQ4HM4mxkbdA4kN3Pit0swtF3HYSzt6pd6B/uNceFZD7QLEewqhQQpjmy70TH +wD9t0KunjqR530E8GojqBZ40uB35K0m1lJWN5ZcS0zse1c9phSbPNHGne1pwqy8 1Dct+3JOrn/kxedzLJr/XBCtFXPOG5B2WXciwvH8EZ18UQqoxqQygBPV2P5CvBgq 0NjBZMqt3MCh1Z5wp7ONQuLYSurVBAzxv1YFlKEccifd/nHIMOR0Qe/YTGdhwCSq j2biiQ7Vw75wI428keeoQZePXmAOTuIK8XPNLMG2W+S46vC+ybvnbMFDpBi2Z/u3 lmpoYMLmxg== -----END CERTIFICATE-----Generated at Sun Jan 25 13:02:16 2026 by rpki-client