This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e44d58-15d5-48c7-be21-f816d3be4012/1/sdMta7c0gW915yu9rkbP8a3pD1A.roa File: sdMta7c0gW915yu9rkbP8a3pD1A.roa (raw, json) Hash identifier: dpcGKoEnYqxFtG+MmQSOKo58GUsu+Url2Igp0+ElIZA= Subject key identifier: B1:D3:2D:6B:B7:34:81:6F:75:E7:2B:BD:AE:46:CF:F1:AD:E9:0F:50 Certificate issuer: /CN=f06de29e9356df44707c8396d918e6b289129c4a Certificate serial: 019B7C1210FAC709CCB097AEA74718AF8680 Authority key identifier: F0:6D:E2:9E:93:56:DF:44:70:7C:83:96:D9:18:E6:B2:89:12:9C:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8G3inpNW30RwfIOW2RjmsokSnEo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e44d58-15d5-48c7-be21-f816d3be4012/1/sdMta7c0gW915yu9rkbP8a3pD1A.roa Signing time: Fri 02 Jan 2026 00:18:37 +0000 ROA not before: Fri 02 Jan 2026 00:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34970 IP address blocks: 95.130.152.0/21 maxlen: 21 185.55.144.0/22 maxlen: 22 194.50.78.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/e44d58-15d5-48c7-be21-f816d3be4012/1/8G3inpNW30RwfIOW2RjmsokSnEo.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/e44d58-15d5-48c7-be21-f816d3be4012/1/8G3inpNW30RwfIOW2RjmsokSnEo.mft rsync://rpki.ripe.net/repository/DEFAULT/8G3inpNW30RwfIOW2RjmsokSnEo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:12:10:fa:c7:09:cc:b0:97:ae:a7:47:18:af:86:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f06de29e9356df44707c8396d918e6b289129c4a Validity Not Before: Jan 2 00:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b1d32d6bb734816f75e72bbdae46cff1ade90f50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:e3:75:b6:b5:69:85:66:13:6a:74:dc:6d:d2: 80:a6:75:85:0c:ba:6d:a5:65:38:1f:86:a7:08:d4: 9b:0f:86:1f:58:73:48:6e:8d:ab:19:a5:e6:01:ae: d3:64:16:97:e5:0c:dd:d7:67:5f:96:c8:5d:89:f7: ed:fb:f7:4a:41:6d:c2:3b:36:46:7a:7b:c7:5b:7a: 16:22:aa:ad:4f:c0:fc:20:6f:c1:60:d5:2b:1c:df: 2c:94:1d:60:bb:d3:a0:96:f0:03:ea:ae:a7:61:32: 24:88:b2:e5:54:16:19:a5:9a:69:6d:dc:d9:41:ba: 5d:72:d5:26:fa:2d:38:6c:4e:16:48:60:35:45:da: 66:3a:e2:e8:a1:21:1e:cb:dd:51:62:bc:07:1a:72: c6:87:c1:5b:d5:24:88:a2:7c:ef:01:b2:3c:85:fc: d0:5e:61:80:bc:e6:1a:33:dd:24:a3:7d:f2:5a:91: 81:fa:23:5c:8b:1d:54:1d:76:9f:1d:6d:01:cf:b9: b9:66:91:e1:8b:8f:80:aa:b6:f3:47:8f:9f:4e:26: e4:4e:3e:65:27:ea:4f:b3:1c:d4:05:1d:cb:75:20: ce:09:a2:6f:06:3d:84:33:22:fd:e5:68:01:83:35: 42:2c:51:08:1f:8b:bd:af:8a:49:3e:a7:18:6c:f8: e3:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:D3:2D:6B:B7:34:81:6F:75:E7:2B:BD:AE:46:CF:F1:AD:E9:0F:50 X509v3 Authority Key Identifier: keyid:F0:6D:E2:9E:93:56:DF:44:70:7C:83:96:D9:18:E6:B2:89:12:9C:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8G3inpNW30RwfIOW2RjmsokSnEo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e44d58-15d5-48c7-be21-f816d3be4012/1/sdMta7c0gW915yu9rkbP8a3pD1A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e44d58-15d5-48c7-be21-f816d3be4012/1/8G3inpNW30RwfIOW2RjmsokSnEo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.130.152.0/21 185.55.144.0/22 194.50.78.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:1f:12:0f:9f:19:1c:6b:33:18:62:02:95:8b:20:18:b9:df: a3:ab:b9:c5:e9:33:a9:9b:27:0a:cd:9a:01:30:9b:30:5c:8b: ed:43:a7:13:20:07:ca:b0:55:c3:0b:5e:11:d8:c2:4a:f7:69: 3e:8e:f9:12:0f:11:49:f7:97:96:d0:2c:db:57:4a:50:eb:93: de:52:3c:aa:a7:c8:5d:ad:44:03:e3:ea:13:31:ef:d8:3c:5c: 79:b4:c8:18:e6:8d:6b:7c:9d:e9:f6:67:14:d8:ba:1b:0c:ba: 0d:c0:79:f9:bf:e3:89:1f:74:57:39:71:53:90:08:47:0a:7a: fb:2d:cb:8f:1f:e4:cb:16:6f:9b:3e:df:84:3b:ab:df:c7:97: 98:cf:c5:34:b6:57:b6:8b:a2:44:99:5c:24:42:c3:31:fb:1c: e1:2b:a4:95:a9:f0:46:15:57:2c:6a:46:45:57:35:53:35:94: f1:72:1e:24:0a:16:d4:fb:27:e4:51:02:91:4a:9c:f6:92:6e: 11:45:dc:71:f4:a7:20:a8:4e:47:9e:48:78:6e:4e:4f:26:65: ae:89:86:54:70:85:f0:1b:96:dd:69:3d:bd:29:38:6f:1d:8a: 8f:80:76:2a:61:4e:9e:66:62:f7:e8:a5:a8:80:b4:71:2a:2e: 34:5e:8a:da -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt8EhD6xwnMsJeup0cYr4aAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwNmRlMjllOTM1NmRmNDQ3MDdjODM5NmQ5MThlNmIyODkx MjljNGEwHhcNMjYwMTAyMDAxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMWQzMmQ2YmI3MzQ4MTZmNzVlNzJiYmRhZTQ2Y2ZmMWFkZTkwZjUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyON1trVphWYTanTcbdKApnWFDLpt pWU4H4anCNSbD4YfWHNIbo2rGaXmAa7TZBaX5Qzd12dflshdifft+/dKQW3COzZG envHW3oWIqqtT8D8IG/BYNUrHN8slB1gu9OglvAD6q6nYTIkiLLlVBYZpZppbdzZ QbpdctUm+i04bE4WSGA1RdpmOuLooSEey91RYrwHGnLGh8Fb1SSIonzvAbI8hfzQ XmGAvOYaM90ko33yWpGB+iNcix1UHXafHW0Bz7m5ZpHhi4+AqrbzR4+fTibkTj5l J+pPsxzUBR3LdSDOCaJvBj2EMyL95WgBgzVCLFEIH4u9r4pJPqcYbPjjsQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFLHTLWu3NIFvdecrva5Gz/Gt6Q9QMB8GA1UdIwQY MBaAFPBt4p6TVt9EcHyDltkY5rKJEpxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOEczaW5wTlczMFJ3ZklPVzJSam1zb2tTbkVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9lNDRkNTgtMTVkNS00OGM3LWJlMjEt ZjgxNmQzYmU0MDEyLzEvc2RNdGE3YzBnVzkxNXl1OXJrYlA4YTNwRDFBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi9lNDRkNTgtMTVkNS00OGM3LWJlMjEtZjgxNmQzYmU0MDEy LzEvOEczaW5wTlczMFJ3ZklPVzJSam1zb2tTbkVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDX4KYAwQC uTeQAwQAwjJOMA0GCSqGSIb3DQEBCwUAA4IBAQA6HxIPnxkcazMYYgKViyAYud+j q7nF6TOpmycKzZoBMJswXIvtQ6cTIAfKsFXDC14R2MJK92k+jvkSDxFJ95eW0Czb V0pQ65PeUjyqp8hdrUQD4+oTMe/YPFx5tMgY5o1rfJ3p9mcU2LobDLoNwHn5v+OJ H3RXOXFTkAhHCnr7LcuPH+TLFm+bPt+EO6vfx5eYz8U0tle2i6JEmVwkQsMx+xzh K6SVqfBGFVcsakZFVzVTNZTxch4kChbU+yfkUQKRSpz2km4RRdxx9KcgqE5Hnkh4 bk5PJmWuiYZUcIXwG5bdaT29KThvHYqPgHYqYU6eZmL36KWogLRxKi40Xora -----END CERTIFICATE-----Generated at Sun Jan 25 22:28:51 2026 by rpki-client