This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/sMNPbaJ2swpQDptjsmEdLRBAjsE.roa File: sMNPbaJ2swpQDptjsmEdLRBAjsE.roa (raw, json) Hash identifier: wMrNQ1Dt9RdtalTcVqalUbl+Cb5VgC4Yw+MpJfT4roY= Subject key identifier: B0:C3:4F:6D:A2:76:B3:0A:50:0E:9B:63:B2:61:1D:2D:10:40:8E:C1 Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288 Certificate serial: 019B7BA3E5339F37B687971912DC9B361F12 Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/sMNPbaJ2swpQDptjsmEdLRBAjsE.roa Signing time: Thu 01 Jan 2026 22:18:17 +0000 ROA not before: Thu 01 Jan 2026 22:18:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 138190 IP address blocks: 82.144.171.0/24 maxlen: 24 2001:1aa1:22::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.mft rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 03:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:e5:33:9f:37:b6:87:97:19:12:dc:9b:36:1f:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288 Validity Not Before: Jan 1 22:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b0c34f6da276b30a500e9b63b2611d2d10408ec1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:86:32:59:8b:0a:50:49:30:02:03:bf:41:d7: 77:7c:bc:cd:42:a3:e3:80:51:9d:d4:08:95:74:ee: 39:81:91:28:0e:4a:9a:0e:c0:3f:64:88:0a:bd:00: 25:ff:2d:e4:55:e7:37:80:34:44:c8:53:38:0f:22: e4:37:c7:1c:a3:25:7a:01:08:26:a6:ce:62:77:46: 0c:b8:28:f0:32:ff:68:52:9b:11:af:f9:11:b9:d4: 3e:24:94:5f:79:d4:08:ae:70:24:66:62:86:99:0c: 1c:98:4d:eb:fa:c5:46:1f:dd:2c:03:00:ef:f4:10: 02:91:ef:0e:e7:9e:00:e1:3a:bb:b5:33:f0:67:9c: ad:2c:23:1c:be:90:c5:54:e4:c8:d8:c3:cc:cf:11: eb:19:51:ff:f1:dc:55:e3:2a:23:ff:a8:2c:6f:04: 79:6b:51:72:15:75:4c:88:96:a3:63:66:0f:48:f0: 25:fe:de:b3:fb:01:77:68:d3:70:d1:a3:bf:43:3d: 78:f4:2b:89:a2:e3:e1:bd:a6:9d:9b:fd:56:83:65: a9:69:a4:4b:fe:12:10:aa:87:ca:6f:39:42:ff:ad: 45:35:1c:00:8b:11:f7:2b:8e:54:4f:2b:bd:8f:32: 46:81:6d:e1:55:8d:89:82:e4:f9:8f:35:60:32:ba: 65:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:C3:4F:6D:A2:76:B3:0A:50:0E:9B:63:B2:61:1D:2D:10:40:8E:C1 X509v3 Authority Key Identifier: keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/sMNPbaJ2swpQDptjsmEdLRBAjsE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.144.171.0/24 IPv6: 2001:1aa1:22::/48 Signature Algorithm: sha256WithRSAEncryption a4:ee:91:6a:84:e0:88:1b:ab:39:be:0d:f0:1e:5d:6c:d5:3e: 3b:95:2f:78:83:64:c0:bb:8e:61:0a:b3:0e:44:08:ce:5d:f7: 7b:18:d5:28:2d:6f:3b:df:3a:da:f8:f4:04:4f:ed:9f:ef:f6: 87:6d:dd:36:4a:b2:25:ba:33:c1:ee:55:3c:dd:e2:93:af:89: 4c:e4:ae:25:e6:4e:6b:d7:86:d7:75:2d:66:41:09:84:4a:f9: 00:f9:b6:cf:c8:29:92:44:4b:7c:7c:99:ef:1a:90:3f:88:06: fa:fb:de:a0:e6:07:af:c1:33:1b:b3:c2:bd:82:2b:3b:d8:12: fc:63:f6:a1:43:5e:e0:31:30:39:9a:ba:52:7b:c4:3f:00:b3: a0:8a:a1:cd:6d:c2:63:e0:29:a0:1f:71:ff:e1:60:4b:22:ea: a6:58:03:1b:b1:bf:31:6e:d2:ea:72:36:15:6d:5d:b2:44:e8: cc:29:ad:fc:73:84:bf:53:d8:ac:8e:9d:c7:ef:29:c5:fa:9a: ae:bc:58:a7:ef:05:71:c3:1b:ef:4e:a1:be:f4:c4:7e:02:b6: 0f:67:f5:55:20:61:e0:3b:43:66:bf:c1:e1:d6:41:2c:74:31: b0:d6:af:70:b3:19:04:9a:dc:48:1f:b1:1f:64:33:c7:48:17: 83:6e:c9:60 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt7o+Uznze2h5cZEtybNh8SMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5 ZDQyODgwHhcNMjYwMTAxMjIxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMGMzNGY2ZGEyNzZiMzBhNTAwZTliNjNiMjYxMWQyZDEwNDA4ZWMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4YyWYsKUEkwAgO/Qdd3fLzNQqPj gFGd1AiVdO45gZEoDkqaDsA/ZIgKvQAl/y3kVec3gDREyFM4DyLkN8ccoyV6AQgm ps5id0YMuCjwMv9oUpsRr/kRudQ+JJRfedQIrnAkZmKGmQwcmE3r+sVGH90sAwDv 9BACke8O554A4Tq7tTPwZ5ytLCMcvpDFVOTI2MPMzxHrGVH/8dxV4yoj/6gsbwR5 a1FyFXVMiJajY2YPSPAl/t6z+wF3aNNw0aO/Qz149CuJouPhvaadm/1Wg2WpaaRL /hIQqofKbzlC/61FNRwAixH3K45UTyu9jzJGgW3hVY2JguT5jzVgMrplbwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFLDDT22idrMKUA6bY7JhHS0QQI7BMB8GA1UdIwQY MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It ZWNjNDliZGMyYWQ4LzEvc01OUGJhSjJzd3BRRHB0anNtRWRMUkJBanNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4 LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAUpCrMA8E AgACMAkDBwAgARqhACIwDQYJKoZIhvcNAQELBQADggEBAKTukWqE4Igbqzm+DfAe XWzVPjuVL3iDZMC7jmEKsw5ECM5d93sY1SgtbzvfOtr49ARP7Z/v9odt3TZKsiW6 M8HuVTzd4pOviUzkriXmTmvXhtd1LWZBCYRK+QD5ts/IKZJES3x8me8akD+IBvr7 3qDmB6/BMxuzwr2CKzvYEvxj9qFDXuAxMDmaulJ7xD8As6CKoc1twmPgKaAfcf/h YEsi6qZYAxuxvzFu0upyNhVtXbJE6MwprfxzhL9T2KyOncfvKcX6mq68WKfvBXHD G+9Oob70xH4Ctg9n9VUgYeA7Q2a/weHWQSx0MbDWr3CzGQSa3EgfsR9kM8dIF4Nu yWA= -----END CERTIFICATE-----Generated at Sun Jan 25 12:18:28 2026 by rpki-client