This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/54c1d1-363b-45ba-8927-9689fbf6f6ee/1/sCE1yodUvj9BdJNK5llFZ8BEDYY.roa File: sCE1yodUvj9BdJNK5llFZ8BEDYY.roa (raw, json) Hash identifier: 3/B6MniV1srlZK4xMEp39gTJz673XIWVDanm60XM8zU= Subject key identifier: B0:21:35:CA:87:54:BE:3F:41:74:93:4A:E6:59:45:67:C0:44:0D:86 Certificate issuer: /CN=3ebc9e51baab3c3e6ab699fcb443f007f546c3fb Certificate serial: 019B7BA31E79F33C568F63BD0A51C0B264EE Authority key identifier: 3E:BC:9E:51:BA:AB:3C:3E:6A:B6:99:FC:B4:43:F0:07:F5:46:C3:FB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PryeUbqrPD5qtpn8tEPwB_VGw_s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/54c1d1-363b-45ba-8927-9689fbf6f6ee/1/sCE1yodUvj9BdJNK5llFZ8BEDYY.roa Signing time: Thu 01 Jan 2026 22:17:26 +0000 ROA not before: Thu 01 Jan 2026 22:17:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1161 IP address blocks: 131.155.0.0/16 maxlen: 24 192.31.168.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/54c1d1-363b-45ba-8927-9689fbf6f6ee/1/PryeUbqrPD5qtpn8tEPwB_VGw_s.crl rsync://rpki.ripe.net/repository/DEFAULT/18/54c1d1-363b-45ba-8927-9689fbf6f6ee/1/PryeUbqrPD5qtpn8tEPwB_VGw_s.mft rsync://rpki.ripe.net/repository/DEFAULT/PryeUbqrPD5qtpn8tEPwB_VGw_s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:1e:79:f3:3c:56:8f:63:bd:0a:51:c0:b2:64:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ebc9e51baab3c3e6ab699fcb443f007f546c3fb Validity Not Before: Jan 1 22:17:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b02135ca8754be3f4174934ae6594567c0440d86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:a8:1a:1c:c8:31:1a:41:b8:29:80:2c:26:49: 6f:4a:ed:c4:77:82:98:26:f3:9d:3f:42:c8:c3:7d: 78:49:a0:ca:63:62:e2:f9:48:2b:28:bf:73:93:5a: bf:88:70:a8:bc:7a:e8:14:66:3f:b9:f0:b0:97:34: 89:5c:39:2e:6c:1d:7f:d9:79:72:e7:29:81:fd:20: ff:84:b5:72:54:71:84:a8:e8:fd:f1:8e:be:cd:92: aa:a8:b1:68:90:01:94:6e:d6:35:d8:24:d7:63:6d: 0e:37:18:15:2d:c8:36:c5:58:c9:c6:98:80:49:62: 77:d5:d7:e4:54:a9:bb:2f:d8:87:c8:0f:ca:f9:10: 21:03:42:cb:d1:d1:e2:f8:32:14:82:5f:da:ad:09: bb:fe:b2:51:76:7f:97:0b:13:2e:54:a1:31:08:9b: 7f:1e:c2:22:ee:fe:51:d8:dc:3c:98:0d:2f:fb:7a: e6:6f:71:89:36:3b:8e:c3:7d:69:6b:c1:19:33:19: 26:b2:b4:42:34:c7:f9:da:bc:9e:ae:17:b3:3c:54: a2:a6:55:89:c7:7c:0e:5d:fd:87:35:fd:82:30:51: 02:2d:b4:f4:b1:aa:9e:b8:76:fc:ec:1d:ef:d7:20: 9d:74:a5:16:1d:b6:e7:6e:c9:51:00:fe:60:08:e8: d8:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:21:35:CA:87:54:BE:3F:41:74:93:4A:E6:59:45:67:C0:44:0D:86 X509v3 Authority Key Identifier: keyid:3E:BC:9E:51:BA:AB:3C:3E:6A:B6:99:FC:B4:43:F0:07:F5:46:C3:FB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PryeUbqrPD5qtpn8tEPwB_VGw_s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/54c1d1-363b-45ba-8927-9689fbf6f6ee/1/sCE1yodUvj9BdJNK5llFZ8BEDYY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/54c1d1-363b-45ba-8927-9689fbf6f6ee/1/PryeUbqrPD5qtpn8tEPwB_VGw_s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 131.155.0.0/16 192.31.168.0/22 Signature Algorithm: sha256WithRSAEncryption 08:89:59:1f:a3:cc:19:ee:ba:6b:44:84:00:b0:b7:a5:d7:b1: 18:e1:50:6f:d9:ac:94:eb:36:42:b4:9e:ed:22:4e:a1:76:9f: d8:7f:3a:8f:ad:65:15:8d:69:da:d5:0c:a5:ad:74:e6:b1:d9: 59:48:7c:5d:ae:30:70:5f:07:86:49:fc:f8:58:60:57:ba:01: 81:66:b3:06:b2:8f:58:74:5e:7a:e5:f6:dc:53:01:4a:94:f0: bc:e6:26:ee:6a:f5:9b:7c:1a:ee:12:7a:ef:79:d8:5f:ec:a5: c7:34:b4:f6:e4:fb:db:09:0d:df:5b:13:f4:a0:39:04:67:c7: 19:15:5d:c1:08:0d:02:06:ee:22:64:db:b2:5c:f9:0f:d4:17: 45:8c:ce:22:ce:8f:2c:70:04:d7:50:9d:a4:0a:76:2b:39:8f: 95:f3:63:8b:95:c0:39:54:b2:49:ec:fb:db:c5:4b:f9:29:c3: 77:14:7f:76:23:ab:64:c6:f0:b3:7b:46:a0:3f:37:a7:00:14: 34:f6:5f:bd:64:26:c7:f8:71:27:82:21:9d:27:4a:a1:80:e7: 23:7d:1e:e1:d4:eb:8d:f0:12:c8:e4:b4:dd:a0:3a:25:ef:20: 5b:44:34:93:5e:59:61:95:f8:5c:48:ca:ea:40:f0:b5:ab:f8: 05:10:9e:b0 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgISAZt7ox558zxWj2O9ClHAsmTuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlYmM5ZTUxYmFhYjNjM2U2YWI2OTlmY2I0NDNmMDA3ZjU0 NmMzZmIwHhcNMjYwMTAxMjIxNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMDIxMzVjYTg3NTRiZTNmNDE3NDkzNGFlNjU5NDU2N2MwNDQwZDg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlagaHMgxGkG4KYAsJklvSu3Ed4KY JvOdP0LIw314SaDKY2Li+UgrKL9zk1q/iHCovHroFGY/ufCwlzSJXDkubB1/2Xly 5ymB/SD/hLVyVHGEqOj98Y6+zZKqqLFokAGUbtY12CTXY20ONxgVLcg2xVjJxpiA SWJ31dfkVKm7L9iHyA/K+RAhA0LL0dHi+DIUgl/arQm7/rJRdn+XCxMuVKExCJt/ HsIi7v5R2Nw8mA0v+3rmb3GJNjuOw31pa8EZMxkmsrRCNMf52ryerhezPFSiplWJ x3wOXf2HNf2CMFECLbT0saqeuHb87B3v1yCddKUWHbbnbslRAP5gCOjYcwIDAQAB o4ICDjCCAgowHQYDVR0OBBYEFLAhNcqHVL4/QXSTSuZZRWfARA2GMB8GA1UdIwQY MBaAFD68nlG6qzw+araZ/LRD8Af1RsP7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHJ5ZVVicXJQRDVxdHBuOHRFUHdCX1ZHd19zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC81NGMxZDEtMzYzYi00NWJhLTg5Mjct OTY4OWZiZjZmNmVlLzEvc0NFMXlvZFV2ajlCZEpOSzVsbEZaOEJFRFlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC81NGMxZDEtMzYzYi00NWJhLTg5MjctOTY4OWZiZjZmNmVl LzEvUHJ5ZVVicXJQRDVxdHBuOHRFUHdCX1ZHd19zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAg5sDBALA H6gwDQYJKoZIhvcNAQELBQADggEBAAiJWR+jzBnuumtEhACwt6XXsRjhUG/ZrJTr NkK0nu0iTqF2n9h/Oo+tZRWNadrVDKWtdOax2VlIfF2uMHBfB4ZJ/PhYYFe6AYFm swayj1h0Xnrl9txTAUqU8LzmJu5q9Zt8Gu4Seu952F/spcc0tPbk+9sJDd9bE/Sg OQRnxxkVXcEIDQIG7iJk27Jc+Q/UF0WMziLOjyxwBNdQnaQKdis5j5XzY4uVwDlU skns+9vFS/kpw3cUf3Yjq2TG8LN7RqA/N6cAFDT2X71kJsf4cSeCIZ0nSqGA5yN9 HuHU643wEsjktN2gOiXvIFtENJNeWWGV+FxIyupA8LWr+AUQnrA= -----END CERTIFICATE-----Generated at Sun Jan 25 16:54:06 2026 by rpki-client