This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/RP8MgkKEHlqeBOnUZe0z_Y0SQKk.roa File: RP8MgkKEHlqeBOnUZe0z_Y0SQKk.roa (raw, json) Hash identifier: Ptm5tesi9injee8NYFqMkun/MxMMcArohdb5avPOa5I= Subject key identifier: 44:FF:0C:82:42:84:1E:5A:9E:04:E9:D4:65:ED:33:FD:8D:12:40:A9 Certificate issuer: /CN=bda61043542485096b0df4351cc0da977f3770dd Certificate serial: 019B7DCA61D3426BA77D969736EC0258BB36 Authority key identifier: BD:A6:10:43:54:24:85:09:6B:0D:F4:35:1C:C0:DA:97:7F:37:70:DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vaYQQ1QkhQlrDfQ1HMDal383cN0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/RP8MgkKEHlqeBOnUZe0z_Y0SQKk.roa Signing time: Fri 02 Jan 2026 08:19:33 +0000 ROA not before: Fri 02 Jan 2026 08:19:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2852 IP address blocks: 147.32.0.0/16 maxlen: 24 193.84.104.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.mft rsync://rpki.ripe.net/repository/DEFAULT/vaYQQ1QkhQlrDfQ1HMDal383cN0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 23:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:61:d3:42:6b:a7:7d:96:97:36:ec:02:58:bb:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bda61043542485096b0df4351cc0da977f3770dd Validity Not Before: Jan 2 08:19:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=44ff0c8242841e5a9e04e9d465ed33fd8d1240a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:8f:b8:d7:d3:d2:c5:db:eb:28:00:93:63:73: 96:b3:94:1a:ac:53:43:77:a9:05:06:9f:a6:b5:37: 1c:ed:36:96:0d:77:01:9a:df:84:86:8d:ee:a4:52: ce:e8:17:44:bd:ea:08:ed:09:6d:50:e3:ea:2d:4e: 5d:c0:9d:c4:52:e8:59:5b:4f:96:38:12:7b:0c:e7: 76:49:4d:e4:3c:6a:b0:d6:5f:f3:0b:eb:b6:8c:39: bc:c5:aa:d4:dd:1b:94:7f:05:87:a2:cf:63:3c:a5: 21:16:b5:75:3f:6b:20:fa:12:6e:c1:18:8a:70:cf: f7:ef:b6:84:26:dc:9b:09:f1:98:98:77:95:5a:ee: 63:44:dc:b4:7d:4a:e1:ca:7d:20:20:aa:c3:e6:7d: 49:f5:c5:a7:dd:27:80:69:64:b1:54:aa:58:19:19: 8f:84:a9:32:f4:80:80:2f:bf:b3:62:24:18:b9:11: e9:a7:eb:a9:ca:fc:ea:20:af:65:81:2e:89:57:ba: 68:a7:35:8e:c5:ca:8d:65:1c:e0:5b:dc:5e:70:4f: e1:3e:e9:8b:e7:7b:12:72:33:33:b2:3c:9a:dc:ce: 4b:d4:30:12:9c:5f:88:b7:54:98:46:dc:05:fd:16: ae:45:97:11:cd:2e:94:16:4d:f0:95:f6:3c:5d:4b: 17:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:FF:0C:82:42:84:1E:5A:9E:04:E9:D4:65:ED:33:FD:8D:12:40:A9 X509v3 Authority Key Identifier: keyid:BD:A6:10:43:54:24:85:09:6B:0D:F4:35:1C:C0:DA:97:7F:37:70:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vaYQQ1QkhQlrDfQ1HMDal383cN0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/RP8MgkKEHlqeBOnUZe0z_Y0SQKk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 147.32.0.0/16 193.84.104.0/22 Signature Algorithm: sha256WithRSAEncryption 4f:89:36:ea:bd:a7:77:a6:cb:e7:92:7a:1f:53:4b:a5:d1:fd: 9a:53:6e:77:1d:3f:f7:0d:c3:76:4a:4a:a0:c0:ae:5b:be:78: b6:b0:c3:88:26:dc:56:37:6a:90:30:fa:4c:d5:9d:24:cf:52: 00:b3:58:b4:ba:da:79:af:50:fe:5b:f1:6f:93:5a:51:a4:a6: 1d:36:a6:b1:3b:ee:e0:29:fe:5d:7c:15:0f:a0:2f:28:1d:77: b0:1c:1f:9b:00:40:3a:6e:a8:d3:40:81:bc:d8:9e:ce:c9:50: af:19:3b:85:41:1a:91:35:67:48:31:f7:e4:a6:1f:da:4f:3b: 35:5c:af:d3:07:5a:aa:2c:d2:1d:dd:f1:d2:bb:9a:e7:13:f1: e9:c5:16:e7:52:0a:eb:83:f1:a7:f2:fb:ae:0a:c7:27:da:ff: ed:c4:f6:df:0b:6c:29:15:b5:e4:bc:75:ae:85:90:8b:38:45: 04:72:dc:aa:9b:26:01:e5:24:9e:14:2c:e8:2b:c6:94:c7:4a: 11:fa:f2:6f:17:4c:43:52:d3:e9:1c:0b:f7:14:b0:b4:6f:20: a6:e8:02:f7:71:8e:9b:16:52:8e:2e:65:51:21:89:33:8b:7c: 13:8c:b4:db:50:f8:69:f1:4a:0d:0a:97:b1:73:f9:a1:57:98: c5:88:80:94 -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgISAZt9ymHTQmunfZaXNuwCWLs2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkYTYxMDQzNTQyNDg1MDk2YjBkZjQzNTFjYzBkYTk3N2Yz NzcwZGQwHhcNMjYwMTAyMDgxOTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NGZmMGM4MjQyODQxZTVhOWUwNGU5ZDQ2NWVkMzNmZDhkMTI0MGE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4+419PSxdvrKACTY3OWs5QarFND d6kFBp+mtTcc7TaWDXcBmt+Eho3upFLO6BdEveoI7QltUOPqLU5dwJ3EUuhZW0+W OBJ7DOd2SU3kPGqw1l/zC+u2jDm8xarU3RuUfwWHos9jPKUhFrV1P2sg+hJuwRiK cM/377aEJtybCfGYmHeVWu5jRNy0fUrhyn0gIKrD5n1J9cWn3SeAaWSxVKpYGRmP hKky9ICAL7+zYiQYuRHpp+upyvzqIK9lgS6JV7popzWOxcqNZRzgW9xecE/hPumL 53sScjMzsjya3M5L1DASnF+It1SYRtwF/RauRZcRzS6UFk3wlfY8XUsXqwIDAQAB o4ICDjCCAgowHQYDVR0OBBYEFET/DIJChB5angTp1GXtM/2NEkCpMB8GA1UdIwQY MBaAFL2mEENUJIUJaw30NRzA2pd/N3DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmFZUVExUWtoUWxyRGZRMUhNRGFsMzgzY04wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8xOTY2ODktMmRiNy00ZTgwLWI5MmMt M2EyYWQ4OGRlYWRlLzEvUlA4TWdrS0VIbHFlQk9uVVplMHpfWTBTUUtrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS8xOTY2ODktMmRiNy00ZTgwLWI5MmMtM2EyYWQ4OGRlYWRl LzEvdmFZUVExUWtoUWxyRGZRMUhNRGFsMzgzY04wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAkyADBALB VGgwDQYJKoZIhvcNAQELBQADggEBAE+JNuq9p3emy+eSeh9TS6XR/ZpTbncdP/cN w3ZKSqDArlu+eLaww4gm3FY3apAw+kzVnSTPUgCzWLS62nmvUP5b8W+TWlGkph02 prE77uAp/l18FQ+gLygdd7AcH5sAQDpuqNNAgbzYns7JUK8ZO4VBGpE1Z0gx9+Sm H9pPOzVcr9MHWqos0h3d8dK7mucT8enFFudSCuuD8afy+64Kxyfa/+3E9t8LbCkV teS8da6FkIs4RQRy3KqbJgHlJJ4ULOgrxpTHShH68m8XTENS0+kcC/cUsLRvIKbo AvdxjpsWUo4uZVEhiTOLfBOMtNtQ+GnxSg0Kl7Fz+aFXmMWIgJQ= -----END CERTIFICATE-----Generated at Mon Jan 26 09:22:49 2026 by rpki-client