This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/PAmMhsul5P89-VhNcq3crzJ90f0.roa File: PAmMhsul5P89-VhNcq3crzJ90f0.roa (raw, json) Hash identifier: mfNGAH6crVwcFMqvVu8Cc2Z1H9JYisKpDcjm1q7tavk= Subject key identifier: 3C:09:8C:86:CB:A5:E4:FF:3D:F9:58:4D:72:AD:DC:AF:32:7D:D1:FD Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e Certificate serial: 019BDA2C6870FF675F74E2565C19DEF1AB53 Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/PAmMhsul5P89-VhNcq3crzJ90f0.roa Signing time: Tue 20 Jan 2026 06:51:41 +0000 ROA not before: Tue 20 Jan 2026 06:51:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48040 IP address blocks: 31.172.65.0/24 maxlen: 24 81.85.79.0/24 maxlen: 24 199.68.198.0/24 maxlen: 24 199.68.199.0/24 maxlen: 24 2a02:6b40:800e::/48 maxlen: 48 2a02:6b40:800f::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:da:2c:68:70:ff:67:5f:74:e2:56:5c:19:de:f1:ab:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e Validity Not Before: Jan 20 06:51:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3c098c86cba5e4ff3df9584d72addcaf327dd1fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:c5:1e:ea:1e:2d:64:7e:ea:7b:14:46:6f:a8: 82:87:b3:77:3b:6c:7e:26:48:fc:58:9e:03:34:5b: e8:0d:c6:57:e4:e4:03:5d:3c:85:68:87:e2:58:18: e4:93:71:b3:d0:fa:d1:53:4c:3f:48:d3:cf:8e:a9: c1:b4:bb:27:72:38:00:73:5c:c6:d3:36:e1:b6:e3: e6:be:2c:82:1d:99:3e:73:5d:ce:c6:d4:0a:f9:22: 88:a7:a7:a4:0c:95:e3:f0:ac:14:a1:d8:9a:15:c0: e1:bf:b8:24:7e:d4:7b:ef:8c:de:25:f1:a6:5c:83: a0:db:e5:c9:a5:45:88:bd:dc:07:cf:5c:a8:01:5d: 2e:7b:d6:41:cb:1c:93:ba:d6:a1:3c:68:68:1c:b3: 65:b9:01:4a:42:96:69:57:d9:df:8a:cd:04:a2:28: 9d:ed:97:29:15:bf:f9:3d:05:90:86:90:54:8f:76: c9:ab:3a:22:1f:5f:94:d6:84:60:7f:e5:3b:a3:b1: 6f:62:28:0b:4d:4e:ec:64:29:01:e0:6c:5e:bf:14: f1:ca:67:03:29:2f:6d:7e:3b:50:9a:04:41:43:7f: e8:2d:71:19:2a:c4:42:e5:10:4f:9a:62:08:ac:27: 1c:b0:dc:83:2a:76:e2:07:34:9f:f2:1f:a7:2d:53: 1b:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:09:8C:86:CB:A5:E4:FF:3D:F9:58:4D:72:AD:DC:AF:32:7D:D1:FD X509v3 Authority Key Identifier: keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/PAmMhsul5P89-VhNcq3crzJ90f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.172.65.0/24 81.85.79.0/24 199.68.198.0/23 IPv6: 2a02:6b40:800e::/47 Signature Algorithm: sha256WithRSAEncryption 6d:8f:1d:d0:06:5c:f2:d5:0a:80:f4:cc:01:84:02:d6:4a:f0: 9e:54:cb:68:40:fc:8c:2c:c0:c9:a9:e3:f8:2b:f8:23:ef:02: 8e:61:70:9c:38:74:a9:83:6a:7d:8f:47:ab:53:c0:0a:5e:8f: 58:4d:69:da:c2:b9:87:f5:f3:42:79:68:25:6f:75:5e:66:4e: c0:5f:21:a4:62:24:69:1c:2a:d3:c9:16:c1:3b:12:df:b5:ab: 20:99:51:b2:8b:da:31:6e:0d:38:ce:a4:a6:cb:c6:96:65:8d: 99:a2:6b:cc:18:2b:94:98:cc:3b:6d:79:29:33:9d:8d:a9:d2: 41:31:18:78:a5:12:df:16:53:d2:da:31:e3:c3:d9:c0:02:97: 6b:92:c4:43:91:e9:37:47:64:2c:ef:32:ab:e9:d1:5c:9c:b3: b2:42:3e:bf:77:6a:b7:43:50:2a:bb:db:95:e0:97:a5:ad:42: 89:63:88:8d:2c:89:b6:7c:43:63:60:a8:e6:ac:2d:2c:2e:67: 09:29:45:8a:e9:e6:ae:b7:04:ae:6b:60:91:e8:dd:34:7c:70: 27:e5:42:dd:b1:2b:d0:4c:62:ab:c1:e6:e7:11:bd:eb:31:bb: 6a:02:e1:75:7e:a4:37:4e:d7:00:0f:1d:e9:a2:c9:b6:a3:09: 29:bd:51:5a -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZvaLGhw/2dfdOJWXBne8atTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1 ZDAwN2UwHhcNMjYwMTIwMDY1MTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYzA5OGM4NmNiYTVlNGZmM2RmOTU4NGQ3MmFkZGNhZjMyN2RkMWZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcUe6h4tZH7qexRGb6iCh7N3O2x+ Jkj8WJ4DNFvoDcZX5OQDXTyFaIfiWBjkk3Gz0PrRU0w/SNPPjqnBtLsncjgAc1zG 0zbhtuPmviyCHZk+c13OxtQK+SKIp6ekDJXj8KwUodiaFcDhv7gkftR774zeJfGm XIOg2+XJpUWIvdwHz1yoAV0ue9ZByxyTutahPGhoHLNluQFKQpZpV9nfis0Eoiid 7ZcpFb/5PQWQhpBUj3bJqzoiH1+U1oRgf+U7o7FvYigLTU7sZCkB4GxevxTxymcD KS9tfjtQmgRBQ3/oLXEZKsRC5RBPmmIIrCccsNyDKnbiBzSf8h+nLVMb/QIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFDwJjIbLpeT/PflYTXKt3K8yfdH9MB8GA1UdIwQY MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt MWZiYzY0MWI1MGIxLzEvUEFtTWhzdWw1UDg5LVZoTmNxM2Nyeko5MGYwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAH6xBAwQA UVVPAwQBx0TGMA8EAgACMAkDBwEqAmtAgA4wDQYJKoZIhvcNAQELBQADggEBAG2P HdAGXPLVCoD0zAGEAtZK8J5Uy2hA/IwswMmp4/gr+CPvAo5hcJw4dKmDan2PR6tT wApej1hNadrCuYf180J5aCVvdV5mTsBfIaRiJGkcKtPJFsE7Et+1qyCZUbKL2jFu DTjOpKbLxpZljZmia8wYK5SYzDtteSkznY2p0kExGHilEt8WU9LaMePD2cACl2uS xEOR6TdHZCzvMqvp0Vycs7JCPr93ardDUCq725Xgl6WtQoljiI0sibZ8Q2NgqOas LSwuZwkpRYrp5q63BK5rYJHo3TR8cCflQt2xK9BMYqvB5ucRvesxu2oC4XV+pDdO 1wAPHemiybajCSm9UVo= -----END CERTIFICATE-----Generated at Sun Jan 25 22:15:37 2026 by rpki-client