This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/A0jJG1saLwhFpwXvphN5KLkIp7E.roa File: A0jJG1saLwhFpwXvphN5KLkIp7E.roa (raw, json) Hash identifier: zfUzOQxZDjIQpzcBLbTZxhWmdADgguB1bEK9a5hzld0= Subject key identifier: 03:48:C9:1B:5B:1A:2F:08:45:A7:05:EF:A6:13:79:28:B9:08:A7:B1 Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5 Certificate serial: 019B77C70C75108FF3DF15F0CA718C7BCD7A Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/A0jJG1saLwhFpwXvphN5KLkIp7E.roa Signing time: Thu 01 Jan 2026 04:18:11 +0000 ROA not before: Thu 01 Jan 2026 04:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57928 IP address blocks: 37.157.8.0/23 maxlen: 24 37.157.10.0/24 maxlen: 24 37.157.12.0/22 maxlen: 24 193.41.95.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.mft rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:0c:75:10:8f:f3:df:15:f0:ca:71:8c:7b:cd:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5 Validity Not Before: Jan 1 04:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0348c91b5b1a2f0845a705efa6137928b908a7b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:48:7c:d2:60:19:65:b9:2a:3a:3d:d4:8c:38: c8:a7:67:58:8e:41:d5:7e:7e:ef:1c:40:13:f4:eb: ab:ff:54:84:5e:75:7b:d1:dd:d0:7f:5b:76:b6:34: 36:a7:01:3f:cb:4d:10:c7:8e:f3:f1:2d:df:8d:fd: b0:a2:9f:29:13:02:7b:2b:04:77:3a:e5:ba:21:8c: 0d:21:a9:32:47:35:a4:63:70:bb:2b:20:6f:8b:8a: 89:4c:c7:c8:7e:9c:54:a1:47:8f:01:df:d0:a4:26: 98:22:c7:0d:87:e4:d9:71:fe:d4:d5:37:02:48:30: ce:62:be:20:f0:11:06:b9:a0:ab:92:3a:d9:5d:cd: 17:5b:d1:6d:fe:c9:32:19:25:c6:9e:bd:17:a1:7f: ac:12:d5:48:42:bd:32:4d:92:4a:b3:a3:92:43:2b: 98:8e:04:57:09:b7:95:51:d3:9a:42:b0:8a:d8:df: bc:26:f9:14:cb:46:3c:1d:35:3e:d8:b7:97:af:95: 3b:43:f8:61:c3:a4:53:3a:cd:ff:e4:25:36:ab:fe: 0e:6d:f3:cb:8d:19:fb:d1:40:6b:6f:11:b1:68:73: fe:f0:b7:db:cc:6b:59:52:d5:ee:e5:9b:2f:c3:29: 5c:6d:28:c7:fc:f4:64:8f:09:5b:1f:94:df:88:26: e6:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:48:C9:1B:5B:1A:2F:08:45:A7:05:EF:A6:13:79:28:B9:08:A7:B1 X509v3 Authority Key Identifier: keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/A0jJG1saLwhFpwXvphN5KLkIp7E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.157.8.0-37.157.10.255 37.157.12.0/22 193.41.95.0/24 Signature Algorithm: sha256WithRSAEncryption 20:22:66:cd:d0:6e:f6:f8:12:f7:ee:94:c8:8d:3e:7f:21:5e: d1:ce:0f:bc:8b:f8:7b:ce:8b:26:9f:ef:74:b2:39:f3:4a:ad: c8:31:84:8f:ea:15:d8:99:db:10:71:1e:7f:22:21:e8:ad:e3: 0f:9d:8f:89:4d:ba:f4:f7:e0:65:42:00:63:ef:d3:ea:80:a4: 66:22:ea:2a:c4:f2:1e:89:96:a7:35:23:e9:79:d9:1c:2f:e0: c3:99:23:01:ce:cf:6a:c5:8f:cd:ce:6a:96:46:3f:a1:59:57: 7a:62:6b:11:75:cf:0e:cf:da:02:f0:67:30:95:c8:bd:4b:5a: 2f:26:e2:f0:c7:ee:65:25:2c:23:2a:f4:ae:83:8c:3c:63:77: ad:90:9e:33:b1:27:7d:8e:e4:2c:ff:a1:38:a0:3f:bf:4d:d2: f1:b5:f6:86:45:27:09:c4:2b:12:fd:88:74:7e:89:ab:6d:22: 40:f1:f2:ff:ca:6c:94:fc:38:1f:98:1c:e5:c4:c7:d1:d3:6c: 52:4b:73:94:3e:ee:c1:25:4d:6d:93:23:c8:77:84:d0:06:73: 79:34:33:6c:ec:7d:e4:67:9d:2d:e5:f2:a7:08:29:f9:aa:6c: d4:02:22:d1:27:a1:7a:b6:72:d4:2c:d5:5e:4d:87:b7:9d:6a: 4c:8f:35:75 -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZt3xwx1EI/z3xXwynGMe816MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3 ODZlZjUwHhcNMjYwMTAxMDQxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMzQ4YzkxYjViMWEyZjA4NDVhNzA1ZWZhNjEzNzkyOGI5MDhhN2IxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUh80mAZZbkqOj3UjDjIp2dYjkHV fn7vHEAT9Our/1SEXnV70d3Qf1t2tjQ2pwE/y00Qx47z8S3fjf2wop8pEwJ7KwR3 OuW6IYwNIakyRzWkY3C7KyBvi4qJTMfIfpxUoUePAd/QpCaYIscNh+TZcf7U1TcC SDDOYr4g8BEGuaCrkjrZXc0XW9Ft/skyGSXGnr0XoX+sEtVIQr0yTZJKs6OSQyuY jgRXCbeVUdOaQrCK2N+8JvkUy0Y8HTU+2LeXr5U7Q/hhw6RTOs3/5CU2q/4ObfPL jRn70UBrbxGxaHP+8LfbzGtZUtXu5ZsvwylcbSjH/PRkjwlbH5TfiCbmJQIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFANIyRtbGi8IRacF76YTeSi5CKexMB8GA1UdIwQY MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It NjFlN2Y0MGQ1ZGQ2LzEvQTBqSkcxc2FMd2hGcHdYdnBoTjVLTGtJcDdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2 LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAMlnQgD BAAlnQoDBAIlnQwDBADBKV8wDQYJKoZIhvcNAQELBQADggEBACAiZs3Qbvb4Evfu lMiNPn8hXtHOD7yL+HvOiyaf73SyOfNKrcgxhI/qFdiZ2xBxHn8iIeit4w+dj4lN uvT34GVCAGPv0+qApGYi6irE8h6Jlqc1I+l52Rwv4MOZIwHOz2rFj83OapZGP6FZ V3piaxF1zw7P2gLwZzCVyL1LWi8m4vDH7mUlLCMq9K6DjDxjd62QnjOxJ32O5Cz/ oTigP79N0vG19oZFJwnEKxL9iHR+iattIkDx8v/KbJT8OB+YHOXEx9HTbFJLc5Q+ 7sElTW2TI8h3hNAGc3k0M2zsfeRnnS3l8qcIKfmqbNQCItEnoXq2ctQs1V5Nh7ed akyPNXU= -----END CERTIFICATE-----Generated at Sun Jan 25 19:10:38 2026 by rpki-client