This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/sstchpp41wfR36zmN_VppKaWZCM.roa File: sstchpp41wfR36zmN_VppKaWZCM.roa (raw, json) Hash identifier: BT2ePRQ519c4Xbc7A10/SCSBxkC+28CQt52Y0dXyeNU= Subject key identifier: B2:CB:5C:86:9A:78:D7:07:D1:DF:AC:E6:37:F5:69:A4:A6:96:64:23 Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d Certificate serial: 019B7AC83013CAC46B62D4A7B441BCD09B9E Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/sstchpp41wfR36zmN_VppKaWZCM.roa Signing time: Thu 01 Jan 2026 18:18:18 +0000 ROA not before: Thu 01 Jan 2026 18:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204746 IP address blocks: 86.38.35.0/24 maxlen: 24 89.117.223.0/24 maxlen: 24 89.117.243.0/24 maxlen: 24 89.117.246.0/24 maxlen: 24 185.189.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:30:13:ca:c4:6b:62:d4:a7:b4:41:bc:d0:9b:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d Validity Not Before: Jan 1 18:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b2cb5c869a78d707d1dface637f569a4a6966423 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:d3:87:ca:5f:61:ef:4b:3d:36:1f:97:12:da: f7:52:c2:4a:78:ee:0a:d1:50:29:ce:c9:b7:65:48: a4:fc:3a:ff:d2:65:42:18:d8:9e:df:29:7e:15:5f: 50:02:c1:c8:e7:41:82:3b:b4:af:b3:62:0a:08:a7: 4d:7a:f6:51:33:a8:4d:9e:39:e0:1a:a7:23:16:92: 45:31:70:3a:83:a5:14:33:e1:46:a0:41:ee:5b:e6: 56:f4:5f:58:e8:84:82:d8:7a:e4:d5:a5:58:3a:d1: 25:41:75:b3:80:8b:df:b1:1d:1b:38:20:31:fe:bf: 32:2a:52:09:02:1d:2b:69:dc:c6:0f:71:96:92:2c: 74:88:2e:4a:84:97:bb:0d:f6:c9:98:eb:e3:71:57: 11:f9:a8:ec:2d:88:48:1c:ec:24:d2:d0:37:da:66: 87:00:72:10:d5:b9:66:37:33:a6:be:2c:3b:18:4a: 54:ee:d1:09:0a:e4:a5:72:bc:9e:83:11:08:9e:b7: ba:58:2a:88:da:09:36:57:44:58:1a:dd:15:66:c7: 39:58:be:dd:02:a0:4c:f2:65:51:66:70:7b:2c:58: 56:77:a5:d7:09:d5:ee:2f:f8:ff:76:bd:8d:93:f1: 71:cf:55:03:07:ff:7b:e7:7d:e0:b8:8e:f1:3c:9c: 1d:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:CB:5C:86:9A:78:D7:07:D1:DF:AC:E6:37:F5:69:A4:A6:96:64:23 X509v3 Authority Key Identifier: keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/sstchpp41wfR36zmN_VppKaWZCM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.38.35.0/24 89.117.223.0/24 89.117.243.0/24 89.117.246.0/24 185.189.153.0/24 Signature Algorithm: sha256WithRSAEncryption 81:f0:e7:cd:92:14:06:8e:62:62:5f:08:05:7d:b2:c9:35:16: b7:f5:03:7b:07:b8:15:d6:bc:a5:fc:d0:b6:b3:31:54:d8:c5: 39:75:a4:92:b4:9a:c0:50:b7:9a:e3:f9:e1:f5:5c:40:28:8a: d9:b1:f5:85:4b:c3:6f:da:bd:c6:ef:e9:76:a1:49:62:63:75: c9:c5:d6:e8:21:90:fc:75:c0:78:c5:93:fd:be:04:78:83:be: b6:43:70:97:93:f6:00:6d:31:56:de:24:a0:16:ad:c3:bf:a3: a4:73:3b:76:e1:8d:43:bf:65:b9:4d:ee:dd:65:ba:fc:6d:ca: 04:0d:01:57:ca:35:2d:83:9d:84:76:96:1f:ff:8b:06:6c:9b: 84:5c:72:48:15:88:64:71:26:67:ea:6c:f9:c5:d1:dc:e0:8a: 3e:de:d3:3a:f0:82:81:1c:02:7d:53:29:87:18:4c:b1:51:b8: 49:13:a3:80:54:06:1f:3d:30:0a:e7:bb:48:f5:75:d5:80:1e: f1:8a:26:d4:b4:52:54:a8:e0:c4:a9:31:d3:3a:23:18:70:95: 55:36:8d:d0:87:81:41:6a:f6:73:59:71:18:b1:07:bd:25:af: 4a:9c:c9:78:a4:67:17:42:8e:ad:99:a2:d2:f7:98:a7:bb:92: 21:2c:df:47 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt6yDATysRrYtSntEG80JueMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3 MTE4MGQwHhcNMjYwMTAxMTgxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMmNiNWM4NjlhNzhkNzA3ZDFkZmFjZTYzN2Y1NjlhNGE2OTY2NDIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNOHyl9h70s9Nh+XEtr3UsJKeO4K 0VApzsm3ZUik/Dr/0mVCGNie3yl+FV9QAsHI50GCO7Svs2IKCKdNevZRM6hNnjng GqcjFpJFMXA6g6UUM+FGoEHuW+ZW9F9Y6ISC2Hrk1aVYOtElQXWzgIvfsR0bOCAx /r8yKlIJAh0radzGD3GWkix0iC5KhJe7DfbJmOvjcVcR+ajsLYhIHOwk0tA32maH AHIQ1blmNzOmviw7GEpU7tEJCuSlcryegxEInre6WCqI2gk2V0RYGt0VZsc5WL7d AqBM8mVRZnB7LFhWd6XXCdXuL/j/dr2Nk/Fxz1UDB/97533guI7xPJwdGQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFLLLXIaaeNcH0d+s5jf1aaSmlmQjMB8GA1UdIwQY MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt MDQ2ODA0MjQ4NmRjLzEvc3N0Y2hwcDQxd2ZSMzZ6bU5fVnBwS2FXWkNNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAViYjAwQA WXXfAwQAWXXzAwQAWXX2AwQAub2ZMA0GCSqGSIb3DQEBCwUAA4IBAQCB8OfNkhQG jmJiXwgFfbLJNRa39QN7B7gV1ryl/NC2szFU2MU5daSStJrAULea4/nh9VxAKIrZ sfWFS8Nv2r3G7+l2oUliY3XJxdboIZD8dcB4xZP9vgR4g762Q3CXk/YAbTFW3iSg Fq3Dv6Okczt24Y1Dv2W5Te7dZbr8bcoEDQFXyjUtg52EdpYf/4sGbJuEXHJIFYhk cSZn6mz5xdHc4Io+3tM68IKBHAJ9UymHGEyxUbhJE6OAVAYfPTAK57tI9XXVgB7x iibUtFJUqODEqTHTOiMYcJVVNo3Qh4FBavZzWXEYsQe9Ja9KnMl4pGcXQo6tmaLS 95inu5IhLN9H -----END CERTIFICATE-----Generated at Sun Jan 25 08:47:38 2026 by rpki-client