This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/JIuy1yADZ-WZO4oAxQqNA1Wq5AE.roa File: JIuy1yADZ-WZO4oAxQqNA1Wq5AE.roa (raw, json) Hash identifier: Z5LJLNpxBzdsKbIiGUAut0ZaWggo2BNQFiKt/gU6WAI= Subject key identifier: 24:8B:B2:D7:20:03:67:E5:99:3B:8A:00:C5:0A:8D:03:55:AA:E4:01 Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8 Certificate serial: 019B7A5A73DEEC64A00D2DCEFC86F71030EC Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/JIuy1yADZ-WZO4oAxQqNA1Wq5AE.roa Signing time: Thu 01 Jan 2026 16:18:26 +0000 ROA not before: Thu 01 Jan 2026 16:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15542 IP address blocks: 185.200.96.0/22 maxlen: 24 212.92.64.0/19 maxlen: 24 212.115.192.0/19 maxlen: 24 213.34.224.0/19 maxlen: 24 217.63.64.0/19 maxlen: 24 217.102.240.0/20 maxlen: 24 2a02:f68::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.mft rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 19:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:73:de:ec:64:a0:0d:2d:ce:fc:86:f7:10:30:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8 Validity Not Before: Jan 1 16:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=248bb2d7200367e5993b8a00c50a8d0355aae401 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:84:f5:ac:3d:04:6c:96:00:d2:7f:53:2a:a1: ae:9b:c3:ca:8a:99:0d:02:d4:c5:93:4b:70:86:08: 65:f2:6b:47:c7:82:ce:f3:b1:d8:c1:d0:f1:21:7e: f8:22:14:11:41:b2:7b:b1:a8:78:62:19:77:77:48: 51:3a:3f:60:d4:a0:b3:98:92:8c:c3:47:21:d6:40: 2f:c0:0f:e4:f6:10:5f:7d:de:80:21:6b:d5:4a:a0: 5c:99:b0:99:b6:4f:23:f1:e0:5c:64:8d:17:b0:27: ad:a0:d8:d2:5c:dc:ba:dc:de:72:2e:13:ec:da:6c: 18:31:01:06:1f:e5:4d:e2:c2:8b:8e:c7:db:f9:f8: d7:96:07:58:06:07:9e:0a:23:a7:c0:af:cf:6f:72: d8:5f:d4:b2:e2:8b:3d:f8:7e:0c:23:db:f2:56:b6: 61:97:cf:78:c9:d7:7d:8c:4d:72:d2:70:b2:21:76: aa:fd:71:13:57:fc:3d:00:17:e0:7b:2e:68:f3:0e: e8:bc:85:ee:56:23:68:eb:7a:7d:54:d9:a3:a3:64: 83:73:1a:a7:d6:f2:a1:ea:ce:ca:51:33:1f:ce:c9: da:a4:66:84:25:81:ab:0a:ca:08:c6:32:2c:4a:3a: cb:9b:25:d4:67:75:55:82:da:21:59:da:a4:4c:87: 26:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:8B:B2:D7:20:03:67:E5:99:3B:8A:00:C5:0A:8D:03:55:AA:E4:01 X509v3 Authority Key Identifier: keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/JIuy1yADZ-WZO4oAxQqNA1Wq5AE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.200.96.0/22 212.92.64.0/19 212.115.192.0/19 213.34.224.0/19 217.63.64.0/19 217.102.240.0/20 IPv6: 2a02:f68::/29 Signature Algorithm: sha256WithRSAEncryption 99:dd:6a:92:10:b8:2c:da:fb:82:e9:5e:ed:45:b5:fc:b7:9f: ef:cb:43:43:01:23:02:cc:1a:5c:d5:0b:2e:c0:64:78:0d:e1: c0:48:01:e3:df:00:e2:41:ae:ea:b8:0a:9f:e3:44:c7:4e:4a: 40:5c:86:c0:c1:13:dd:17:bc:9a:e5:11:9e:d6:2d:f7:89:72: 25:3c:b3:1c:66:47:6c:02:90:6e:46:b4:80:a9:64:7c:c2:e0: ae:74:d6:b6:9b:31:a8:b9:42:77:9e:24:22:1c:8c:44:ee:27: dd:dc:46:cd:8f:98:b3:9a:bf:a7:41:6d:e8:60:27:d9:20:00: 9e:fa:51:86:04:f3:0a:a7:25:4a:77:12:4a:07:c5:d0:bb:2d: 62:b4:39:08:af:f1:17:23:29:c5:34:50:cc:07:a2:95:eb:a4: 81:c0:b7:a3:63:bf:db:ed:55:e3:9b:8e:fe:fc:8e:3c:72:31: 17:85:72:67:90:53:9d:6e:42:9e:42:0d:8a:8f:77:86:1f:97: 39:7f:36:28:ad:6d:48:f8:64:6f:37:a0:4a:83:9c:6c:0e:b9: 78:3a:e5:84:9d:07:eb:cd:d1:22:14:4d:af:a2:bd:d4:c5:6e: 73:74:b1:42:df:50:b7:24:06:3b:71:f6:93:a0:53:72:fb:40: 54:08:2a:25 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt6WnPe7GSgDS3O/Ib3EDDsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxYTRhNjAxY2EzNWM2YzgzNzZiODlhYWY0NDNiNjNlYTQz OWNkYjgwHhcNMjYwMTAxMTYxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyNDhiYjJkNzIwMDM2N2U1OTkzYjhhMDBjNTBhOGQwMzU1YWFlNDAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoT1rD0EbJYA0n9TKqGum8PKipkN AtTFk0twhghl8mtHx4LO87HYwdDxIX74IhQRQbJ7sah4Yhl3d0hROj9g1KCzmJKM w0ch1kAvwA/k9hBffd6AIWvVSqBcmbCZtk8j8eBcZI0XsCetoNjSXNy63N5yLhPs 2mwYMQEGH+VN4sKLjsfb+fjXlgdYBgeeCiOnwK/Pb3LYX9Sy4os9+H4MI9vyVrZh l894ydd9jE1y0nCyIXaq/XETV/w9ABfgey5o8w7ovIXuViNo63p9VNmjo2SDcxqn 1vKh6s7KUTMfzsnapGaEJYGrCsoIxjIsSjrLmyXUZ3VVgtohWdqkTIcmdwIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFCSLstcgA2flmTuKAMUKjQNVquQBMB8GA1UdIwQY MBaAFLGkpgHKNcbIN2uJqvRDtj6kOc24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAt M2E1NjI4Y2M4MWQ5LzEvSkl1eTF5QURaLVdaTzRvQXhRcU5BMVdxNUFFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZC9kZmVjNDAtYjg2ZS00OTRjLWJhMTAtM2E1NjI4Y2M4MWQ5 LzEvc2FTbUFjbzF4c2czYTRtcTlFTzJQcVE1emJnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCuchgAwQF 1FxAAwQF1HPAAwQF1SLgAwQF2T9AAwQE2WbwMA0EAgACMAcDBQMqAg9oMA0GCSqG SIb3DQEBCwUAA4IBAQCZ3WqSELgs2vuC6V7tRbX8t5/vy0NDASMCzBpc1QsuwGR4 DeHASAHj3wDiQa7quAqf40THTkpAXIbAwRPdF7ya5RGe1i33iXIlPLMcZkdsApBu RrSAqWR8wuCudNa2mzGouUJ3niQiHIxE7ifd3EbNj5izmr+nQW3oYCfZIACe+lGG BPMKpyVKdxJKB8XQuy1itDkIr/EXIynFNFDMB6KV66SBwLejY7/b7VXjm47+/I48 cjEXhXJnkFOdbkKeQg2Kj3eGH5c5fzYorW1I+GRvN6BKg5xsDrl4OuWEnQfrzdEi FE2vor3UxW5zdLFC31C3JAY7cfaToFNy+0BUCCol -----END CERTIFICATE-----Generated at Mon Jan 26 02:43:56 2026 by rpki-client