This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/SaP1nBFhXOE6FH3RW0G8tA8VQjM.roa File: SaP1nBFhXOE6FH3RW0G8tA8VQjM.roa (raw, json) Hash identifier: cTn11+h/p3mDsKapImFbB/2zblLfIwW6K3OdsJp73RA= Subject key identifier: 49:A3:F5:9C:11:61:5C:E1:3A:14:7D:D1:5B:41:BC:B4:0F:15:42:33 Certificate issuer: /CN=4c7844abef711c232c84f83c807a420af3804728 Certificate serial: 019B76EB7814D0639D389AFE186E4B46F917 Authority key identifier: 4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/SaP1nBFhXOE6FH3RW0G8tA8VQjM.roa Signing time: Thu 01 Jan 2026 00:18:21 +0000 ROA not before: Thu 01 Jan 2026 00:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12552 IP address blocks: 5.198.248.0/21 maxlen: 24 31.204.64.0/21 maxlen: 24 130.255.160.0/21 maxlen: 24 141.138.208.0/21 maxlen: 24 159.253.216.0/21 maxlen: 24 185.6.8.0/22 maxlen: 24 185.13.96.0/22 maxlen: 24 185.236.40.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.mft rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:78:14:d0:63:9d:38:9a:fe:18:6e:4b:46:f9:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4c7844abef711c232c84f83c807a420af3804728 Validity Not Before: Jan 1 00:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=49a3f59c11615ce13a147dd15b41bcb40f154233 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:5b:51:e0:fd:b4:24:28:c4:59:c2:0e:81:8b: c1:f6:95:84:03:01:dd:8e:65:92:d3:73:f1:cb:34: a6:ce:25:0b:c8:b5:1b:b8:e0:a2:5f:a1:50:65:ca: 4d:bd:5b:18:38:e8:c8:ff:08:f1:e9:cc:00:60:b7: dd:2d:ca:0c:62:d6:31:f1:32:db:0d:55:1b:15:28: 58:bf:98:7e:61:47:4b:ac:61:bd:68:6c:d2:da:73: bc:18:46:df:fe:04:fd:c7:5a:19:19:2c:45:55:bd: 27:6f:38:05:e8:43:2d:45:8b:98:cb:09:72:b0:cb: da:f4:49:77:e4:a9:f4:f0:19:ba:dd:e3:e9:bd:e7: b6:59:7e:f3:e2:a7:78:96:0c:a8:1a:ea:76:93:f7: b6:36:f4:f9:a6:e8:1d:2c:c8:8f:71:ac:eb:79:bd: f8:cd:85:a8:9c:f7:a9:70:05:ab:2c:bb:48:ea:84: d6:5b:60:a6:5f:f9:9c:9a:21:f7:c3:ff:b4:d5:49: 60:e6:6e:fd:a2:c8:12:32:91:57:82:68:41:f2:6e: b2:ef:ba:3a:7a:09:fe:9f:b0:90:87:0b:ea:9f:65: 7b:ed:5e:18:57:a2:56:e4:95:fe:4f:d9:72:f2:1b: 6e:fa:e9:54:c6:87:9f:3c:f1:90:0d:36:80:96:d5: 00:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:A3:F5:9C:11:61:5C:E1:3A:14:7D:D1:5B:41:BC:B4:0F:15:42:33 X509v3 Authority Key Identifier: keyid:4C:78:44:AB:EF:71:1C:23:2C:84:F8:3C:80:7A:42:0A:F3:80:47:28 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THhEq-9xHCMshPg8gHpCCvOARyg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/SaP1nBFhXOE6FH3RW0G8tA8VQjM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/8d55c0-9aa0-4be7-82a8-dab6b83cf7ec/1/THhEq-9xHCMshPg8gHpCCvOARyg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.198.248.0/21 31.204.64.0/21 130.255.160.0/21 141.138.208.0/21 159.253.216.0/21 185.6.8.0/22 185.13.96.0/22 185.236.40.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:4b:2f:13:0f:a9:c2:e0:30:7b:04:62:e0:22:93:34:4a:9e: 46:4e:16:f4:ea:04:5c:27:ce:5f:ec:e8:33:b4:f9:e1:93:27: e1:cc:5b:a3:6f:26:4a:12:e6:1c:8a:8b:2e:94:7d:77:a8:8f: 54:13:bd:ba:36:ad:76:f5:9d:c8:e3:e6:b2:5f:62:46:15:53: ce:44:36:3f:7c:4d:a2:6e:23:32:62:54:6a:07:16:ac:7d:0f: dd:9d:36:95:cf:67:c3:e8:16:2c:f8:26:90:8a:ca:3b:b8:6b: 0c:ab:40:de:ec:9f:3b:f2:b9:26:88:3e:e6:47:fe:c3:2d:e0: 16:af:f1:91:a3:13:d3:5a:ae:d6:21:4c:d6:16:35:11:db:b5: e7:ec:79:4b:b7:35:90:4a:61:0c:2f:b0:9d:c1:02:f4:55:14: 52:ec:28:07:55:7a:c4:10:51:e0:31:6e:32:83:c9:d8:9c:52: f4:88:90:13:88:33:5c:21:c9:30:f3:da:2a:d7:1c:a3:d6:2b: 84:58:5b:18:41:61:3c:09:d1:5b:b7:b0:3b:8c:28:13:d5:c9: ef:4f:34:28:da:95:ab:3f:fe:7d:0b:98:37:98:cf:83:52:62: ca:b2:64:ce:d9:41:1d:d6:d7:37:f0:28:3a:a8:4f:69:7d:af: 0e:a0:f6:41 -----BEGIN CERTIFICATE----- MIIFJzCCBA+gAwIBAgISAZt263gU0GOdOJr+GG5LRvkXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjNzg0NGFiZWY3MTFjMjMyYzg0ZjgzYzgwN2E0MjBhZjM4 MDQ3MjgwHhcNMjYwMTAxMDAxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0OWEzZjU5YzExNjE1Y2UxM2ExNDdkZDE1YjQxYmNiNDBmMTU0MjMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtltR4P20JCjEWcIOgYvB9pWEAwHd jmWS03PxyzSmziULyLUbuOCiX6FQZcpNvVsYOOjI/wjx6cwAYLfdLcoMYtYx8TLb DVUbFShYv5h+YUdLrGG9aGzS2nO8GEbf/gT9x1oZGSxFVb0nbzgF6EMtRYuYywly sMva9El35Kn08Bm63ePpvee2WX7z4qd4lgyoGup2k/e2NvT5pugdLMiPcazreb34 zYWonPepcAWrLLtI6oTWW2CmX/mcmiH3w/+01Ulg5m79osgSMpFXgmhB8m6y77o6 egn+n7CQhwvqn2V77V4YV6JW5JX+T9ly8htu+ulUxoefPPGQDTaAltUATwIDAQAB o4ICMzCCAi8wHQYDVR0OBBYEFEmj9ZwRYVzhOhR90VtBvLQPFUIzMB8GA1UdIwQY MBaAFEx4RKvvcRwjLIT4PIB6QgrzgEcoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgt ZGFiNmI4M2NmN2VjLzEvU2FQMW5CRmhYT0U2RkgzUlcwRzh0QThWUWpNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi84ZDU1YzAtOWFhMC00YmU3LTgyYTgtZGFiNmI4M2NmN2Vj LzEvVEhoRXEtOXhIQ01zaFBnOGdIcENDdk9BUnlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDBcb4AwQD H8xAAwQDgv+gAwQDjYrQAwQDn/3YAwQCuQYIAwQCuQ1gAwQAuewoMA0GCSqGSIb3 DQEBCwUAA4IBAQArSy8TD6nC4DB7BGLgIpM0Sp5GThb06gRcJ85f7OgztPnhkyfh zFujbyZKEuYciosulH13qI9UE726Nq129Z3I4+ayX2JGFVPORDY/fE2ibiMyYlRq BxasfQ/dnTaVz2fD6BYs+CaQiso7uGsMq0De7J878rkmiD7mR/7DLeAWr/GRoxPT Wq7WIUzWFjUR27Xn7HlLtzWQSmEML7CdwQL0VRRS7CgHVXrEEFHgMW4yg8nYnFL0 iJATiDNcIckw89oq1xyj1iuEWFsYQWE8CdFbt7A7jCgT1cnvTzQo2pWrP/59C5g3 mM+DUmLKsmTO2UEd1tc38Cg6qE9pfa8OoPZB -----END CERTIFICATE-----Generated at Sun Jan 25 16:38:05 2026 by rpki-client