This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/L40pPH6TicBG2s3pYm_kCH0QuH8.roa File: L40pPH6TicBG2s3pYm_kCH0QuH8.roa (raw, json) Hash identifier: T9wzscjITMGr1trkfg1j7FXPyni8Fc+OiviUYZ5c/0E= Subject key identifier: 2F:8D:29:3C:7E:93:89:C0:46:DA:CD:E9:62:6F:E4:08:7D:10:B8:7F Certificate issuer: /CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00 Certificate serial: 019B7F15A0273FBDD6C791AF5511365DCDA7 Authority key identifier: 5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/L40pPH6TicBG2s3pYm_kCH0QuH8.roa Signing time: Fri 02 Jan 2026 14:21:22 +0000 ROA not before: Fri 02 Jan 2026 14:21:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29695 IP address blocks: 37.97.0.0/18 maxlen: 18 188.228.0.0/17 maxlen: 17 2a00:fd00::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.crl rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.mft rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:a0:27:3f:bd:d6:c7:91:af:55:11:36:5d:cd:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d129b0460cf9ee0500ee880a2cfa1a524e4df00 Validity Not Before: Jan 2 14:21:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=2f8d293c7e9389c046dacde9626fe4087d10b87f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:13:4c:9c:d2:78:df:ca:70:60:8f:c3:24:7a: 6c:f6:63:16:5b:9e:5c:f0:bc:17:7a:6f:61:fb:0a: db:8d:1b:71:7c:d9:a6:39:76:c8:13:8b:fb:57:56: 79:43:8c:17:37:47:9a:98:64:a6:08:a0:d3:36:d1: 4c:37:e3:21:0d:c7:a1:26:78:11:03:77:a2:81:11: e9:c9:6a:b1:d6:46:4e:ad:f0:0e:64:6d:44:b1:c3: 8f:60:80:3c:4f:78:59:85:04:88:4d:86:b1:71:0a: b5:c7:e1:54:c1:75:6c:ec:72:57:73:60:d5:50:29: 26:62:e7:9f:b7:94:cf:47:14:ab:3d:4c:89:5b:c2: 6c:d4:6e:9f:b3:6d:f3:51:b0:fb:5b:19:3b:c0:37: 0d:04:74:e4:9a:43:52:9b:0d:3d:9f:a0:8f:7e:d0: 19:a5:29:da:55:bc:18:cf:d7:8f:27:0e:68:e5:5c: b9:62:f8:b8:7c:4c:f2:b0:4b:02:2f:4b:72:7f:62: e9:65:db:3d:9b:2c:0f:f4:f0:8c:f7:fa:a4:65:cf: 32:d4:16:e5:bf:03:43:09:f2:65:ca:86:52:a5:7e: c9:22:32:f5:8a:c0:fb:4d:d7:0a:4b:21:e9:6b:5c: bf:a7:87:58:7e:b9:0c:72:f4:28:d6:b8:6f:ff:0a: dc:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:8D:29:3C:7E:93:89:C0:46:DA:CD:E9:62:6F:E4:08:7D:10:B8:7F X509v3 Authority Key Identifier: keyid:5D:12:9B:04:60:CF:9E:E0:50:0E:E8:80:A2:CF:A1:A5:24:E4:DF:00 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XRKbBGDPnuBQDuiAos-hpSTk3wA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/L40pPH6TicBG2s3pYm_kCH0QuH8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8557e0-368d-4d8e-9741-a877dd51bc49/1/XRKbBGDPnuBQDuiAos-hpSTk3wA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.97.0.0/18 188.228.0.0/17 IPv6: 2a00:fd00::/32 Signature Algorithm: sha256WithRSAEncryption 4b:e7:29:99:ae:77:7b:48:0f:3f:9b:82:22:8a:fd:75:70:71: 92:b4:5f:8e:a7:ae:a8:ff:3b:2e:52:c0:78:12:29:7e:85:9d: 01:65:cc:db:76:ee:51:dc:cb:18:cc:56:70:d9:83:df:a2:59: fa:79:1c:55:9f:c8:40:98:3e:71:21:85:a1:5b:23:4f:40:96: 8a:ae:dc:1e:a7:6d:f4:ff:e5:91:2f:a6:5f:8e:f1:0c:4e:44: 1f:b4:73:b7:dc:48:82:45:46:ba:26:32:4f:c6:16:f1:0f:e1: a4:27:8f:71:85:74:33:ff:33:ab:2a:4c:a0:19:f2:77:d2:19: f3:53:05:bd:d9:aa:3c:43:e4:3b:0a:d3:6e:b0:57:af:de:37: 73:28:05:69:4a:27:70:9b:86:b9:e7:2d:83:08:8d:81:71:04: 38:9d:0a:06:cd:54:da:d1:50:19:e7:3e:98:f0:cd:f1:ed:8b: 20:c4:7a:f4:5c:85:16:7b:76:b7:73:9d:be:95:39:41:c5:df: ed:12:d0:03:4c:f3:be:91:7d:6e:84:8e:ec:9c:3e:12:7c:f5: 8b:07:e9:5d:ff:a4:d1:16:a7:39:19:01:23:02:f2:d1:77:0a: 3b:4b:37:f5:f6:6c:80:f6:a5:9c:f0:0e:38:59:b2:9c:d2:43: f5:64:80:08 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt/FaAnP73Wx5GvVRE2Xc2nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkMTI5YjA0NjBjZjllZTA1MDBlZTg4MGEyY2ZhMWE1MjRl NGRmMDAwHhcNMjYwMTAyMTQyMTIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyZjhkMjkzYzdlOTM4OWMwNDZkYWNkZTk2MjZmZTQwODdkMTBiODdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RNMnNJ438pwYI/DJHps9mMWW55c 8LwXem9h+wrbjRtxfNmmOXbIE4v7V1Z5Q4wXN0eamGSmCKDTNtFMN+MhDcehJngR A3eigRHpyWqx1kZOrfAOZG1EscOPYIA8T3hZhQSITYaxcQq1x+FUwXVs7HJXc2DV UCkmYueft5TPRxSrPUyJW8Js1G6fs23zUbD7Wxk7wDcNBHTkmkNSmw09n6CPftAZ pSnaVbwYz9ePJw5o5Vy5Yvi4fEzysEsCL0tyf2LpZds9mywP9PCM9/qkZc8y1Bbl vwNDCfJlyoZSpX7JIjL1isD7TdcKSyHpa1y/p4dYfrkMcvQo1rhv/wrcZwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFC+NKTx+k4nARtrN6WJv5Ah9ELh/MB8GA1UdIwQY MBaAFF0SmwRgz57gUA7ogKLPoaUk5N8AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFJLYkJHRFBudUJRRHVpQW9zLWhwU1RrM3dBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi84NTU3ZTAtMzY4ZC00ZDhlLTk3NDEt YTg3N2RkNTFiYzQ5LzEvTDQwcFBINlRpY0JHMnMzcFltX2tDSDBRdUg4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi84NTU3ZTAtMzY4ZC00ZDhlLTk3NDEtYTg3N2RkNTFiYzQ5 LzEvWFJLYkJHRFBudUJRRHVpQW9zLWhwU1RrM3dBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGJWEAAwQH vOQAMA0EAgACMAcDBQAqAP0AMA0GCSqGSIb3DQEBCwUAA4IBAQBL5ymZrnd7SA8/ m4Iiiv11cHGStF+Op66o/zsuUsB4Eil+hZ0BZczbdu5R3MsYzFZw2YPfoln6eRxV n8hAmD5xIYWhWyNPQJaKrtwep230/+WRL6ZfjvEMTkQftHO33EiCRUa6JjJPxhbx D+GkJ49xhXQz/zOrKkygGfJ30hnzUwW92ao8Q+Q7CtNusFev3jdzKAVpSidwm4a5 5y2DCI2BcQQ4nQoGzVTa0VAZ5z6Y8M3x7YsgxHr0XIUWe3a3c52+lTlBxd/tEtAD TPO+kX1uhI7snD4SfPWLB+ld/6TRFqc5GQEjAvLRdwo7Szf19myA9qWc8A44WbKc 0kP1ZIAI -----END CERTIFICATE-----Generated at Mon Jan 26 00:14:06 2026 by rpki-client