This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sahMIYfgNiRQvn3AfrEGzOK6N2s.roa File: sahMIYfgNiRQvn3AfrEGzOK6N2s.roa (raw, json) Hash identifier: /HUqJt/Nt/dBCPN71lmKkoY+AnTVDEEYGrqhaZ9Knw8= Subject key identifier: B1:A8:4C:21:87:E0:36:24:50:BE:7D:C0:7E:B1:06:CC:E2:BA:37:6B Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Certificate serial: 019B77C6859C4102AE836DB0057326398DFC Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sahMIYfgNiRQvn3AfrEGzOK6N2s.roa Signing time: Thu 01 Jan 2026 04:17:37 +0000 ROA not before: Thu 01 Jan 2026 04:17:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34471 IP address blocks: 37.72.16.0/24 maxlen: 24 84.232.104.0/24 maxlen: 24 84.236.158.0/24 maxlen: 24 176.227.155.0/24 maxlen: 24 178.156.34.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:85:9c:41:02:ae:83:6d:b0:05:73:26:39:8d:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Validity Not Before: Jan 1 04:17:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b1a84c2187e0362450be7dc07eb106cce2ba376b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:1a:51:03:a9:a5:c0:48:a8:4f:ba:8c:68:8f: b6:e0:06:cf:4c:68:8e:72:b3:91:fc:38:b0:64:94: ec:56:50:9a:03:0c:2c:a8:3c:c4:8a:67:85:5a:35: 66:ff:68:d3:8e:18:6e:00:0e:03:01:20:ec:eb:62: c4:ab:2d:7b:c7:19:c5:c5:9d:ee:a7:d6:3f:6a:3f: 6e:1f:bf:cc:c2:e9:b0:06:5e:4b:1f:10:3c:97:b3: 77:99:5f:84:4d:fa:0a:c0:e7:9f:ad:a9:83:0b:21: 3b:b4:e2:6a:14:b0:5e:86:66:69:1e:40:41:b1:1f: b9:03:b5:db:6a:02:76:57:68:06:da:91:9e:1d:63: 51:8f:21:4e:32:99:33:ea:13:8e:c6:40:88:35:25: 11:cf:47:3c:08:ed:03:6a:d6:50:7b:fe:c0:08:4a: f8:2c:e1:a7:eb:af:8a:2e:b1:be:a6:32:05:f8:20: 65:1f:de:de:96:34:0d:ce:88:f0:dc:4f:d8:f6:44: aa:4a:2b:16:c1:92:ca:94:f3:cf:d4:74:40:7a:32: 23:0f:c0:bb:5d:7c:38:35:46:e8:75:d8:22:d8:fe: 31:32:87:70:f9:46:e1:bf:f4:eb:be:96:f8:c1:18: d9:b1:b1:81:1c:9a:0b:b1:8d:fd:f7:eb:f3:45:55: da:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:A8:4C:21:87:E0:36:24:50:BE:7D:C0:7E:B1:06:CC:E2:BA:37:6B X509v3 Authority Key Identifier: keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sahMIYfgNiRQvn3AfrEGzOK6N2s.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.72.16.0/24 84.232.104.0/24 84.236.158.0/24 176.227.155.0/24 178.156.34.0/24 Signature Algorithm: sha256WithRSAEncryption 91:4d:65:87:cb:2d:91:df:6d:6c:e5:8b:43:ac:d1:da:98:c5: 83:f7:af:35:4c:77:3f:1b:8f:8a:37:61:e2:26:4a:ad:6d:5a: 7a:0a:60:d4:a4:55:52:39:d2:1f:b2:a8:e1:b4:24:3e:21:a9: 22:80:fd:b4:78:d3:85:d6:da:fd:f4:17:9f:fb:5e:1e:74:0c: 67:e3:d0:f8:6c:96:f5:f0:8e:e7:3f:08:d4:cf:ce:f0:a1:fc: fa:5e:1a:57:92:bf:65:2a:45:e7:0b:bb:8c:d2:2a:63:07:d7: 19:35:d2:f6:3c:94:c9:c8:8b:5d:40:93:1f:34:2f:7f:26:40: 1b:c0:92:79:d7:c7:ba:39:9f:3f:a7:bf:10:32:b5:d7:1e:14: f0:ab:98:df:f8:41:53:ee:14:05:c6:ac:90:e9:48:66:1a:81: ce:0a:7f:f8:d2:87:84:c5:f9:4b:10:4d:1c:b0:e7:25:5d:1f: dc:82:ea:65:e1:fa:9e:64:31:2b:2b:01:ab:6d:d5:c7:1c:60: c2:5d:d0:52:f1:f6:49:c2:35:e4:14:17:61:11:98:24:76:1e: b9:cf:71:eb:89:61:a0:8c:ab:73:8b:b6:9f:43:7b:31:c5:c3: ae:75:d3:9d:65:ef:d6:45:f0:86:b4:93:4b:33:bf:32:da:ba: 9c:0c:b8:4a -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt3xoWcQQKug22wBXMmOY38MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy MGI3M2UwHhcNMjYwMTAxMDQxNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMWE4NGMyMTg3ZTAzNjI0NTBiZTdkYzA3ZWIxMDZjY2UyYmEzNzZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxpRA6mlwEioT7qMaI+24AbPTGiO crOR/DiwZJTsVlCaAwwsqDzEimeFWjVm/2jTjhhuAA4DASDs62LEqy17xxnFxZ3u p9Y/aj9uH7/MwumwBl5LHxA8l7N3mV+ETfoKwOeframDCyE7tOJqFLBehmZpHkBB sR+5A7XbagJ2V2gG2pGeHWNRjyFOMpkz6hOOxkCINSURz0c8CO0DatZQe/7ACEr4 LOGn66+KLrG+pjIF+CBlH97eljQNzojw3E/Y9kSqSisWwZLKlPPP1HRAejIjD8C7 XXw4NUboddgi2P4xModw+Ubhv/Trvpb4wRjZsbGBHJoLsY399+vzRVXaDQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFLGoTCGH4DYkUL59wH6xBsziujdrMB8GA1UdIwQY MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt Y2YwNmQxOTgzYmExLzEvc2FoTUlZZmdOaVJRdm4zQWZyRUd6T0s2TjJzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJUgQAwQA VOhoAwQAVOyeAwQAsOObAwQAspwiMA0GCSqGSIb3DQEBCwUAA4IBAQCRTWWHyy2R 321s5YtDrNHamMWD9681THc/G4+KN2HiJkqtbVp6CmDUpFVSOdIfsqjhtCQ+Iaki gP20eNOF1tr99Bef+14edAxn49D4bJb18I7nPwjUz87wofz6XhpXkr9lKkXnC7uM 0ipjB9cZNdL2PJTJyItdQJMfNC9/JkAbwJJ518e6OZ8/p78QMrXXHhTwq5jf+EFT 7hQFxqyQ6UhmGoHOCn/40oeExflLEE0csOclXR/cgupl4fqeZDErKwGrbdXHHGDC XdBS8fZJwjXkFBdhEZgkdh65z3HriWGgjKtzi7afQ3sxxcOuddOdZe/WRfCGtJNL M78y2rqcDLhK -----END CERTIFICATE-----Generated at Sun Jan 25 10:10:03 2026 by rpki-client