This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/sPMgSkKer_29geM5-1T1-keLLGw.roa File: sPMgSkKer_29geM5-1T1-keLLGw.roa (raw, json) Hash identifier: 4QbBQJWJYkQw7XP4lLebE7Woxf8+43i+sSWLrzO/9j0= Subject key identifier: B0:F3:20:4A:42:9E:AF:FD:BD:81:E3:39:FB:54:F5:FA:47:8B:2C:6C Certificate issuer: /CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066 Certificate serial: 019B7D5D2C99E5D988870E2DBEFF2A846CF4 Authority key identifier: AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/sPMgSkKer_29geM5-1T1-keLLGw.roa Signing time: Fri 02 Jan 2026 06:20:16 +0000 ROA not before: Fri 02 Jan 2026 06:20:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16353 IP address blocks: 185.136.72.0/22 maxlen: 22 185.136.72.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/qlTEdj6gGMPccCA9BO_nH9SxsGY.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/qlTEdj6gGMPccCA9BO_nH9SxsGY.mft rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:2c:99:e5:d9:88:87:0e:2d:be:ff:2a:84:6c:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa54c4763ea018c3dc70203d04efe71fd4b1b066 Validity Not Before: Jan 2 06:20:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b0f3204a429eaffdbd81e339fb54f5fa478b2c6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:c7:14:73:e5:46:53:3b:f2:66:70:aa:db:ae: 36:70:c4:cc:a3:c1:0f:3d:16:32:32:29:50:00:8c: 70:e9:bb:95:b2:8e:31:a9:f4:fa:81:97:b5:a8:b6: 64:f7:25:fc:e4:f8:e9:83:03:a2:6c:a0:ba:a6:b7: ba:28:96:55:98:30:40:27:9d:7a:3c:e5:9a:7a:cb: b7:98:a0:0e:30:62:80:f5:8d:0c:c9:9d:11:0b:71: ed:5a:62:a6:b0:c1:95:65:c0:e2:61:e8:05:31:bb: 99:68:87:b9:05:91:15:24:8a:82:d8:0b:9a:2a:7c: 3c:1b:1a:e6:ab:f6:22:bb:8e:5e:19:73:23:82:b3: b8:21:ed:e0:e4:3c:01:3b:92:e2:91:6e:f8:58:4e: 8c:db:7d:01:8c:f2:b1:cc:63:38:ab:e8:aa:7d:7e: 16:3d:a9:bc:04:27:52:59:73:b7:27:a0:27:08:5b: 22:3f:3d:06:34:91:53:79:33:73:5d:9d:de:7b:bd: 41:fa:5c:f3:0e:7c:cd:4b:3a:18:b3:5a:95:25:37: 64:ac:f5:23:d4:a9:b2:65:cf:52:fd:2d:cf:64:e4: b6:96:b4:1f:8e:d7:22:1e:d6:00:21:b6:79:c7:fe: e9:9e:75:ba:a3:b4:17:ba:c7:59:ae:30:bc:25:3d: 0f:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:F3:20:4A:42:9E:AF:FD:BD:81:E3:39:FB:54:F5:FA:47:8B:2C:6C X509v3 Authority Key Identifier: keyid:AA:54:C4:76:3E:A0:18:C3:DC:70:20:3D:04:EF:E7:1F:D4:B1:B0:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlTEdj6gGMPccCA9BO_nH9SxsGY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/sPMgSkKer_29geM5-1T1-keLLGw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/a21c9e-87f1-4983-8394-de37673c409c/1/qlTEdj6gGMPccCA9BO_nH9SxsGY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.136.72.0/22 Signature Algorithm: sha256WithRSAEncryption b2:0c:4f:56:dc:f7:9e:f8:2c:6a:ec:a6:0d:9d:11:41:6a:4f: 25:18:b7:63:10:5a:7c:4c:9c:92:53:5a:2e:0d:63:bd:e1:37: 3c:50:5a:a1:a5:5a:54:55:fa:25:c3:0b:1f:e8:55:66:b7:98: 57:23:39:8f:a4:17:e6:76:77:09:67:b0:8d:2f:60:1b:67:6e: 25:c0:64:cb:9f:13:07:2e:d8:9e:93:06:b5:2e:26:e5:a6:d1: 56:b3:7b:60:24:a9:cf:21:64:52:64:89:c5:94:fb:fe:a9:e1: db:56:91:e3:de:0f:8a:dd:3e:9c:fe:1b:c2:39:81:74:54:9e: 8b:9c:a3:31:56:c5:c8:48:b1:ff:a6:8e:05:c8:50:b5:cb:c9: 23:c0:f6:88:0a:96:27:6f:61:a7:0b:53:ca:42:21:0d:04:6a: 61:d0:91:1b:f5:c4:44:9c:18:4e:57:d1:e0:bb:38:1f:6d:f3: f3:9c:63:31:55:18:93:57:7e:ba:fe:f6:8f:3a:a9:69:53:f5: 42:0b:b3:70:9b:40:dd:5f:99:1e:09:64:f8:91:36:02:fb:5e: f1:e1:8e:19:cb:df:fa:f3:d8:c2:36:ed:8b:a5:24:50:c6:8a: bf:a9:34:4b:05:66:a7:b8:0c:88:f7:fe:05:bd:55:67:06:ba: bc:a2:ee:b4 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9XSyZ5dmIhw4tvv8qhGz0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhNTRjNDc2M2VhMDE4YzNkYzcwMjAzZDA0ZWZlNzFmZDRi MWIwNjYwHhcNMjYwMTAyMDYyMDE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMGYzMjA0YTQyOWVhZmZkYmQ4MWUzMzlmYjU0ZjVmYTQ3OGIyYzZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8cUc+VGUzvyZnCq2642cMTMo8EP PRYyMilQAIxw6buVso4xqfT6gZe1qLZk9yX85PjpgwOibKC6pre6KJZVmDBAJ516 POWaesu3mKAOMGKA9Y0MyZ0RC3HtWmKmsMGVZcDiYegFMbuZaIe5BZEVJIqC2Aua Knw8Gxrmq/Yiu45eGXMjgrO4Ie3g5DwBO5LikW74WE6M230BjPKxzGM4q+iqfX4W Pam8BCdSWXO3J6AnCFsiPz0GNJFTeTNzXZ3ee71B+lzzDnzNSzoYs1qVJTdkrPUj 1KmyZc9S/S3PZOS2lrQfjtciHtYAIbZ5x/7pnnW6o7QXusdZrjC8JT0PewIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLDzIEpCnq/9vYHjOftU9fpHiyxsMB8GA1UdIwQY MBaAFKpUxHY+oBjD3HAgPQTv5x/UsbBmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQt ZGUzNzY3M2M0MDljLzEvc1BNZ1NrS2VyXzI5Z2VNNS0xVDEta2VMTEd3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS9hMjFjOWUtODdmMS00OTgzLTgzOTQtZGUzNzY3M2M0MDlj LzEvcWxURWRqNmdHTVBjY0NBOUJPX25IOVN4c0dZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYhIMA0G CSqGSIb3DQEBCwUAA4IBAQCyDE9W3Pee+Cxq7KYNnRFBak8lGLdjEFp8TJySU1ou DWO94Tc8UFqhpVpUVfolwwsf6FVmt5hXIzmPpBfmdncJZ7CNL2AbZ24lwGTLnxMH Ltiekwa1LiblptFWs3tgJKnPIWRSZInFlPv+qeHbVpHj3g+K3T6c/hvCOYF0VJ6L nKMxVsXISLH/po4FyFC1y8kjwPaICpYnb2GnC1PKQiENBGph0JEb9cREnBhOV9Hg uzgfbfPznGMxVRiTV366/vaPOqlpU/VCC7Nwm0DdX5keCWT4kTYC+17x4Y4Zy9/6 89jCNu2LpSRQxoq/qTRLBWanuAyI9/4FvVVnBrq8ou60 -----END CERTIFICATE-----Generated at Sun Jan 25 16:12:04 2026 by rpki-client