This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/s-krzjzxlyWMOaQcgv5asypyFx0.roa File: s-krzjzxlyWMOaQcgv5asypyFx0.roa (raw, json) Hash identifier: u+SEy60rPDcFIkNaLxbLV2wMnuLL/3Dxezgfctkb+TY= Subject key identifier: B3:E9:2B:CE:3C:F1:97:25:8C:39:A4:1C:82:FE:5A:B3:2A:72:17:1D Certificate issuer: /CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c Certificate serial: 019B7E38E3A48061F12C7371B02341DFA158 Authority key identifier: A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/s-krzjzxlyWMOaQcgv5asypyFx0.roa Signing time: Fri 02 Jan 2026 10:20:15 +0000 ROA not before: Fri 02 Jan 2026 10:20:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 397242 IP address blocks: 37.209.192.0/24 maxlen: 24 37.209.194.0/24 maxlen: 24 37.209.196.0/24 maxlen: 24 37.209.198.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.mft rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:e3:a4:80:61:f1:2c:73:71:b0:23:41:df:a1:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a5ae8a3d8bdaabf4765fda79d55eca8c69c8bf2c Validity Not Before: Jan 2 10:20:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b3e92bce3cf197258c39a41c82fe5ab32a72171d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:a8:97:1c:2c:c9:e0:34:a7:1b:6e:e9:6c:f5: b8:be:92:85:93:41:98:c2:ba:ef:d5:f1:88:32:1e: 18:00:1d:1a:8e:bc:93:b0:a2:fc:55:59:b8:eb:16: ae:05:a4:f7:af:2a:69:86:28:d0:ab:41:ae:80:23: 62:2b:60:43:f6:6b:05:77:ca:10:9d:1a:fa:90:e0: 60:42:34:34:4f:3c:2a:3a:a9:e7:89:b2:29:54:3d: 5b:58:fa:48:1d:d2:0a:d0:44:c6:91:81:9b:99:a5: c5:b6:b5:37:50:3a:0c:42:dc:88:fb:37:5d:64:30: 5d:f1:0c:fe:83:2c:83:43:a6:5e:cb:be:6e:a9:34: 7c:70:2b:ce:1e:82:d6:1c:0d:4e:ac:1e:f1:8e:20: aa:38:4d:12:65:d6:f7:c5:e0:34:4a:bc:be:fd:db: 01:05:35:57:65:a0:13:86:0c:c8:0b:82:7d:c2:5e: 16:b6:5e:8e:7e:d6:98:eb:99:5b:20:50:60:8f:1a: 4c:33:20:cb:48:1c:b5:b1:3e:ad:81:c0:b2:e8:bd: 15:f5:fc:57:8b:62:bc:41:b8:44:a7:60:ff:9c:ac: b3:02:f7:a5:ef:9d:d0:4a:f1:ed:49:7b:4e:72:93: d8:fa:5c:c7:20:ab:48:f1:47:b9:b4:3a:e5:8b:ce: 79:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:E9:2B:CE:3C:F1:97:25:8C:39:A4:1C:82:FE:5A:B3:2A:72:17:1D X509v3 Authority Key Identifier: keyid:A5:AE:8A:3D:8B:DA:AB:F4:76:5F:DA:79:D5:5E:CA:8C:69:C8:BF:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pa6KPYvaq_R2X9p51V7KjGnIvyw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/s-krzjzxlyWMOaQcgv5asypyFx0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/0d280c-9d88-4aea-b521-416f85ee237b/1/pa6KPYvaq_R2X9p51V7KjGnIvyw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.209.192.0/24 37.209.194.0/24 37.209.196.0/24 37.209.198.0/24 Signature Algorithm: sha256WithRSAEncryption 4b:5e:67:b8:8d:f3:3a:30:13:cd:79:e2:f7:d3:43:e8:24:cb: 3b:17:46:bc:d7:6e:31:87:f5:74:6e:0a:89:13:29:09:7c:bc: d1:f4:55:9b:07:19:4b:7a:91:c9:bd:7e:f8:ab:78:b9:55:0f: b9:26:52:96:3a:fe:e2:20:87:88:db:b2:08:c5:a9:b0:44:ec: 9b:42:87:9f:63:24:b3:6f:b2:f4:b8:8c:7b:22:2d:d9:8b:5c: c8:31:fc:98:8c:57:25:28:22:09:b4:3a:98:e5:81:82:ef:77: c8:e0:af:47:27:13:1c:26:eb:39:6e:9c:a0:3b:46:3f:8c:a6: 38:6f:bc:41:5a:69:f4:e5:7c:16:ee:6f:aa:00:d6:de:9e:c1: e2:35:2b:9d:a6:6d:7f:02:6e:7e:86:00:fe:1b:e3:6a:16:4f: 2d:29:8b:1c:21:64:eb:81:18:43:fd:bf:84:50:ab:78:eb:f0: d7:ff:d1:57:2b:0f:de:88:ac:78:c3:aa:04:2f:8e:92:20:b8: 3a:60:df:d8:02:c4:54:ba:09:80:18:4a:a0:bc:0f:71:63:85: 24:b7:60:5f:15:40:f6:e7:53:7f:2b:46:5d:72:28:f4:5f:a0: dd:a1:01:e5:cd:90:75:26:14:a1:c8:4f:a3:45:06:47:bf:11: 8c:95:e0:b5 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt+OOOkgGHxLHNxsCNB36FYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1YWU4YTNkOGJkYWFiZjQ3NjVmZGE3OWQ1NWVjYThjNjlj OGJmMmMwHhcNMjYwMTAyMTAyMDE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiM2U5MmJjZTNjZjE5NzI1OGMzOWE0MWM4MmZlNWFiMzJhNzIxNzFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qiXHCzJ4DSnG27pbPW4vpKFk0GY wrrv1fGIMh4YAB0ajryTsKL8VVm46xauBaT3rypphijQq0GugCNiK2BD9msFd8oQ nRr6kOBgQjQ0TzwqOqnnibIpVD1bWPpIHdIK0ETGkYGbmaXFtrU3UDoMQtyI+zdd ZDBd8Qz+gyyDQ6Zey75uqTR8cCvOHoLWHA1OrB7xjiCqOE0SZdb3xeA0Sry+/dsB BTVXZaAThgzIC4J9wl4Wtl6OftaY65lbIFBgjxpMMyDLSBy1sT6tgcCy6L0V9fxX i2K8QbhEp2D/nKyzAvel753QSvHtSXtOcpPY+lzHIKtI8Ue5tDrli8552wIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFLPpK8488ZcljDmkHIL+WrMqchcdMB8GA1UdIwQY MBaAFKWuij2L2qv0dl/aedVeyoxpyL8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEt NDE2Zjg1ZWUyMzdiLzEvcy1rcnpqenhseVdNT2FRY2d2NWFzeXB5RngwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8wZDI4MGMtOWQ4OC00YWVhLWI1MjEtNDE2Zjg1ZWUyMzdi LzEvcGE2S1BZdmFxX1IyWDlwNTFWN0tqR25Jdnl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJdHAAwQA JdHCAwQAJdHEAwQAJdHGMA0GCSqGSIb3DQEBCwUAA4IBAQBLXme4jfM6MBPNeeL3 00PoJMs7F0a8124xh/V0bgqJEykJfLzR9FWbBxlLepHJvX74q3i5VQ+5JlKWOv7i IIeI27IIxamwROybQoefYySzb7L0uIx7Ii3Zi1zIMfyYjFclKCIJtDqY5YGC73fI 4K9HJxMcJus5bpygO0Y/jKY4b7xBWmn05XwW7m+qANbensHiNSudpm1/Am5+hgD+ G+NqFk8tKYscIWTrgRhD/b+EUKt46/DX/9FXKw/eiKx4w6oEL46SILg6YN/YAsRU ugmAGEqgvA9xY4Ukt2BfFUD251N/K0Zdcij0X6DdoQHlzZB1JhShyE+jRQZHvxGM leC1 -----END CERTIFICATE-----Generated at Sun Jan 25 10:53:15 2026 by rpki-client