This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a27329-3ecf-4885-a773-58e5b76bebb7/1/shN0invCztwI3KX6a_QGu2kjtpU.roa File: shN0invCztwI3KX6a_QGu2kjtpU.roa (raw, json) Hash identifier: C5xwtk8B6GrmB6Pb2tWwcTB63K3NyU431bpj6dpQii4= Subject key identifier: B2:13:74:8A:7B:C2:CE:DC:08:DC:A5:FA:6B:F4:06:BB:69:23:B6:95 Certificate issuer: /CN=03e85fa4be66942e5909fd3a1fd4a0c26e36a0d2 Certificate serial: 019B78A2F1B44BA1395AA826423D5F5F714D Authority key identifier: 03:E8:5F:A4:BE:66:94:2E:59:09:FD:3A:1F:D4:A0:C2:6E:36:A0:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A-hfpL5mlC5ZCf06H9Sgwm42oNI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a27329-3ecf-4885-a773-58e5b76bebb7/1/shN0invCztwI3KX6a_QGu2kjtpU.roa Signing time: Thu 01 Jan 2026 08:18:23 +0000 ROA not before: Thu 01 Jan 2026 08:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39543 IP address blocks: 194.150.84.0/22 maxlen: 22 194.150.84.0/23 maxlen: 23 194.150.84.0/24 maxlen: 24 194.150.85.0/24 maxlen: 24 194.150.86.0/23 maxlen: 23 194.150.86.0/24 maxlen: 24 194.150.87.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a27329-3ecf-4885-a773-58e5b76bebb7/1/A-hfpL5mlC5ZCf06H9Sgwm42oNI.crl rsync://rpki.ripe.net/repository/DEFAULT/55/a27329-3ecf-4885-a773-58e5b76bebb7/1/A-hfpL5mlC5ZCf06H9Sgwm42oNI.mft rsync://rpki.ripe.net/repository/DEFAULT/A-hfpL5mlC5ZCf06H9Sgwm42oNI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:f1:b4:4b:a1:39:5a:a8:26:42:3d:5f:5f:71:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03e85fa4be66942e5909fd3a1fd4a0c26e36a0d2 Validity Not Before: Jan 1 08:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b213748a7bc2cedc08dca5fa6bf406bb6923b695 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:96:5b:4a:10:85:85:a5:04:bd:1d:6d:e8:9a: a2:09:cf:7b:1a:60:81:87:66:ac:be:27:51:c4:cb: a2:e3:ea:08:8b:db:67:34:1a:e2:07:a1:70:66:b2: ef:04:6c:9b:c8:f6:6d:b9:33:61:65:15:b3:73:e3: a7:dd:cc:39:14:8c:91:0b:5e:71:e6:b6:28:a2:ff: 5c:29:f8:ff:c8:20:3d:d5:39:d9:97:c1:18:67:da: b6:25:23:80:ea:a3:8f:a4:56:c3:01:4b:d7:69:d1: 74:bd:7e:e7:1b:15:ad:8e:cd:95:59:d9:de:35:7c: c0:c2:4d:cb:d7:38:d7:44:f2:12:77:ed:e6:12:61: 59:83:3f:19:c3:81:97:72:c1:57:db:c2:15:ea:a2: ff:5f:02:74:5b:17:c7:1b:2a:4a:09:cb:1e:ae:d9: 86:82:b8:ad:c6:d9:a1:e5:d3:fd:ac:fa:da:2a:6a: 03:10:d5:71:44:83:b2:32:ce:ae:5a:22:62:92:ed: 20:e4:7e:8b:cd:fb:33:53:c6:cb:10:1e:8a:a6:5a: 97:a9:ff:a9:ec:6b:29:68:6a:31:93:8f:e1:ce:da: 21:e4:69:d8:30:17:e2:db:bf:71:4d:35:93:6d:cf: 3b:c8:ee:cf:51:17:ca:ad:26:e8:1c:fa:2a:91:34: 0f:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:13:74:8A:7B:C2:CE:DC:08:DC:A5:FA:6B:F4:06:BB:69:23:B6:95 X509v3 Authority Key Identifier: keyid:03:E8:5F:A4:BE:66:94:2E:59:09:FD:3A:1F:D4:A0:C2:6E:36:A0:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A-hfpL5mlC5ZCf06H9Sgwm42oNI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a27329-3ecf-4885-a773-58e5b76bebb7/1/shN0invCztwI3KX6a_QGu2kjtpU.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a27329-3ecf-4885-a773-58e5b76bebb7/1/A-hfpL5mlC5ZCf06H9Sgwm42oNI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.150.84.0/22 Signature Algorithm: sha256WithRSAEncryption ad:f8:ce:13:b1:e5:1a:5a:da:31:23:8b:fa:51:7a:b0:7e:37: be:6c:83:13:39:ef:60:7a:27:45:4e:28:db:6f:73:15:4d:00: 6d:35:a3:e4:4b:80:73:a7:c2:46:26:d4:da:85:2f:f4:1e:83: 9f:c6:fc:79:e1:df:3f:56:3d:d6:7a:ba:18:aa:2e:05:37:b4: 6c:df:fe:9e:80:fe:61:83:6a:05:84:a0:ae:9a:3a:50:29:f5: 53:e5:78:2e:77:a4:2c:15:7f:e4:0c:4b:2e:fc:bd:ad:6f:30: 24:6d:1e:14:1f:6b:80:d2:50:cd:3a:3a:73:f7:fa:7b:9b:83: 16:b9:8a:cc:a3:b8:c7:4c:a0:2e:53:02:a8:9e:87:fa:bd:89: d5:2a:c6:09:24:f9:1d:d0:5b:29:cf:1f:d1:30:a1:48:17:35: a9:79:7e:b6:46:12:b5:a4:48:92:63:a0:42:b9:64:8c:2d:58: 2f:68:d8:b1:ca:76:eb:a4:61:46:92:03:6b:0e:6f:59:01:7f: 00:51:54:8a:08:7f:04:dc:19:88:72:8d:4e:3d:80:7e:a3:85: 15:7a:5f:63:04:99:d0:48:df:ae:47:a6:e1:f7:6a:1a:fe:d2: 94:9c:c2:8f:99:12:ad:4d:30:2c:33:15:a9:a3:a2:0b:07:b7: 6d:19:0c:cd -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4ovG0S6E5WqgmQj1fX3FNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzZTg1ZmE0YmU2Njk0MmU1OTA5ZmQzYTFmZDRhMGMyNmUz NmEwZDIwHhcNMjYwMTAxMDgxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMjEzNzQ4YTdiYzJjZWRjMDhkY2E1ZmE2YmY0MDZiYjY5MjNiNjk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZZbShCFhaUEvR1t6JqiCc97GmCB h2asvidRxMui4+oIi9tnNBriB6FwZrLvBGybyPZtuTNhZRWzc+On3cw5FIyRC15x 5rYoov9cKfj/yCA91TnZl8EYZ9q2JSOA6qOPpFbDAUvXadF0vX7nGxWtjs2VWdne NXzAwk3L1zjXRPISd+3mEmFZgz8Zw4GXcsFX28IV6qL/XwJ0WxfHGypKCcsertmG gritxtmh5dP9rPraKmoDENVxRIOyMs6uWiJiku0g5H6LzfszU8bLEB6KplqXqf+p 7GspaGoxk4/hztoh5GnYMBfi279xTTWTbc87yO7PURfKrSboHPoqkTQPOQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLITdIp7ws7cCNyl+mv0BrtpI7aVMB8GA1UdIwQY MBaAFAPoX6S+ZpQuWQn9Oh/UoMJuNqDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQS1oZnBMNW1sQzVaQ2YwNkg5U2d3bTQyb05JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hMjczMjktM2VjZi00ODg1LWE3NzMt NThlNWI3NmJlYmI3LzEvc2hOMGludkN6dHdJM0tYNmFfUUd1MmtqdHBVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS9hMjczMjktM2VjZi00ODg1LWE3NzMtNThlNWI3NmJlYmI3 LzEvQS1oZnBMNW1sQzVaQ2YwNkg5U2d3bTQyb05JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpZUMA0G CSqGSIb3DQEBCwUAA4IBAQCt+M4TseUaWtoxI4v6UXqwfje+bIMTOe9geidFTijb b3MVTQBtNaPkS4Bzp8JGJtTahS/0HoOfxvx54d8/Vj3WeroYqi4FN7Rs3/6egP5h g2oFhKCumjpQKfVT5Xgud6QsFX/kDEsu/L2tbzAkbR4UH2uA0lDNOjpz9/p7m4MW uYrMo7jHTKAuUwKonof6vYnVKsYJJPkd0Fspzx/RMKFIFzWpeX62RhK1pEiSY6BC uWSMLVgvaNixynbrpGFGkgNrDm9ZAX8AUVSKCH8E3BmIco1OPYB+o4UVel9jBJnQ SN+uR6bh92oa/tKUnMKPmRKtTTAsMxWpo6ILB7dtGQzN -----END CERTIFICATE-----Generated at Sun Jan 25 20:30:19 2026 by rpki-client