This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/sFO9X8d0Bx_2aIHVFCIHpaGqYP0.roa File: sFO9X8d0Bx_2aIHVFCIHpaGqYP0.roa (raw, json) Hash identifier: oq/KxEUUzKF1vMqboj5ZmQdOj47aimAfTePT45c7Ho8= Subject key identifier: B0:53:BD:5F:C7:74:07:1F:F6:68:81:D5:14:22:07:A5:A1:AA:60:FD Certificate issuer: /CN=5ab2ba9abf81d6cf8033cdcdebc8df8f7e22c28c Certificate serial: 019B7CEE311D783F44D4F331D48CB855FA54 Authority key identifier: 5A:B2:BA:9A:BF:81:D6:CF:80:33:CD:CD:EB:C8:DF:8F:7E:22:C2:8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WrK6mr-B1s-AM83N68jfj34iwow.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/sFO9X8d0Bx_2aIHVFCIHpaGqYP0.roa Signing time: Fri 02 Jan 2026 04:19:03 +0000 ROA not before: Fri 02 Jan 2026 04:19:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200020 IP address blocks: 185.228.200.0/22 maxlen: 24 2a0b:7180::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/WrK6mr-B1s-AM83N68jfj34iwow.crl rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/WrK6mr-B1s-AM83N68jfj34iwow.mft rsync://rpki.ripe.net/repository/DEFAULT/WrK6mr-B1s-AM83N68jfj34iwow.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:31:1d:78:3f:44:d4:f3:31:d4:8c:b8:55:fa:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ab2ba9abf81d6cf8033cdcdebc8df8f7e22c28c Validity Not Before: Jan 2 04:19:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b053bd5fc774071ff66881d5142207a5a1aa60fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:97:55:bc:0c:6b:9e:dd:2b:23:48:a0:2a:67: 60:b1:51:74:ca:ec:fc:f1:de:84:fa:25:b4:05:5c: 24:16:93:36:b9:7b:c8:9a:ae:0d:8d:3a:a3:37:32: 72:83:a1:1e:cb:3e:3d:e1:66:72:f2:13:f6:01:6a: 26:48:e4:35:ad:76:cf:54:57:9d:81:11:dd:28:fc: da:5b:87:18:8b:a2:4f:e5:00:f2:6a:03:0b:6e:84: 66:9e:01:62:ed:1f:d9:7a:95:32:a2:71:25:5d:3f: 79:bc:ae:27:27:24:27:e5:08:11:6d:e7:90:c6:29: a5:7d:28:4c:54:f0:05:ce:9f:a6:eb:f7:82:f8:30: 90:37:fb:8c:e5:2e:8a:0f:28:ed:af:21:fa:d0:97: 3e:a7:11:9f:2c:32:81:dd:28:5f:20:71:6d:4f:3d: d4:72:6b:d2:23:2b:dd:1a:20:9f:5f:4f:47:f1:e6: e0:c4:e9:f6:e8:f3:3c:62:36:0a:56:21:1b:e1:7a: bc:67:f1:14:0d:73:b5:a8:b3:cb:a9:1e:bb:12:70: e1:75:5b:2c:01:42:aa:54:0f:d4:92:a4:43:df:44: f8:fe:77:2e:c7:55:2d:36:a3:d5:ec:88:8e:06:56: 61:2c:6d:57:b7:48:b3:96:d4:fd:b9:78:be:2c:4d: b9:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:53:BD:5F:C7:74:07:1F:F6:68:81:D5:14:22:07:A5:A1:AA:60:FD X509v3 Authority Key Identifier: keyid:5A:B2:BA:9A:BF:81:D6:CF:80:33:CD:CD:EB:C8:DF:8F:7E:22:C2:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WrK6mr-B1s-AM83N68jfj34iwow.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/sFO9X8d0Bx_2aIHVFCIHpaGqYP0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/a608c5-496d-499e-af41-6dfbbde52dea/1/WrK6mr-B1s-AM83N68jfj34iwow.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.228.200.0/22 IPv6: 2a0b:7180::/32 Signature Algorithm: sha256WithRSAEncryption 54:8a:a0:95:46:0f:7a:ae:c5:d7:8f:3c:de:23:c0:2b:82:b4: 1f:10:d1:aa:62:12:06:cf:36:c3:f9:cb:2b:21:0f:9d:d1:43: 6c:47:83:57:7b:06:df:88:a0:aa:c7:e0:49:ba:6b:08:6a:14: 49:25:4b:5f:9a:72:01:f4:40:de:95:fc:d4:2c:f7:66:db:3d: d0:96:7e:79:8f:5f:29:ca:be:9c:91:65:e4:c0:42:82:e5:30: 18:54:3f:4b:c5:4a:3c:1d:8e:08:04:9e:31:2b:e0:31:44:6b: 92:50:93:09:9b:0a:e3:9a:3d:d9:ea:83:0a:4c:47:d7:14:65: 4b:81:8a:45:3b:e1:f1:75:ab:64:2e:22:59:64:79:e7:af:ef: 69:0d:8d:ca:50:70:31:53:2c:b9:f7:a4:89:07:86:c0:51:97: 9e:bd:11:88:d6:96:ac:03:ca:be:3c:d0:19:af:5a:a3:31:e3: 0c:35:4b:94:3f:e8:e5:fb:13:8d:59:83:b8:d6:19:84:9a:c0: 40:89:33:3e:97:10:9d:ca:84:82:45:95:1d:3b:71:98:45:a8: 08:50:6b:49:12:5a:c4:a3:50:9d:c5:9e:c7:cb:2b:04:e1:f2: a2:13:2f:c0:77:f5:83:20:28:67:52:dc:72:8b:26:81:79:4e: 20:10:fc:2a -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt87jEdeD9E1PMx1Iy4VfpUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVhYjJiYTlhYmY4MWQ2Y2Y4MDMzY2RjZGViYzhkZjhmN2Uy MmMyOGMwHhcNMjYwMTAyMDQxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMDUzYmQ1ZmM3NzQwNzFmZjY2ODgxZDUxNDIyMDdhNWExYWE2MGZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA85dVvAxrnt0rI0igKmdgsVF0yuz8 8d6E+iW0BVwkFpM2uXvImq4NjTqjNzJyg6Eeyz494WZy8hP2AWomSOQ1rXbPVFed gRHdKPzaW4cYi6JP5QDyagMLboRmngFi7R/ZepUyonElXT95vK4nJyQn5QgRbeeQ ximlfShMVPAFzp+m6/eC+DCQN/uM5S6KDyjtryH60Jc+pxGfLDKB3ShfIHFtTz3U cmvSIyvdGiCfX09H8ebgxOn26PM8YjYKViEb4Xq8Z/EUDXO1qLPLqR67EnDhdVss AUKqVA/UkqRD30T4/ncux1UtNqPV7IiOBlZhLG1Xt0izltT9uXi+LE25XwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLBTvV/HdAcf9miB1RQiB6WhqmD9MB8GA1UdIwQY MBaAFFqyupq/gdbPgDPNzevI349+IsKMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvV3JLNm1yLUIxcy1BTTgzTjY4amZqMzRpd293LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hNjA4YzUtNDk2ZC00OTllLWFmNDEt NmRmYmJkZTUyZGVhLzEvc0ZPOVg4ZDBCeF8yYUlIVkZDSUhwYUdxWVAwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Zi9hNjA4YzUtNDk2ZC00OTllLWFmNDEtNmRmYmJkZTUyZGVh LzEvV3JLNm1yLUIxcy1BTTgzTjY4amZqMzRpd293LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueTIMA0E AgACMAcDBQAqC3GAMA0GCSqGSIb3DQEBCwUAA4IBAQBUiqCVRg96rsXXjzzeI8Ar grQfENGqYhIGzzbD+csrIQ+d0UNsR4NXewbfiKCqx+BJumsIahRJJUtfmnIB9EDe lfzULPdm2z3Qln55j18pyr6ckWXkwEKC5TAYVD9LxUo8HY4IBJ4xK+AxRGuSUJMJ mwrjmj3Z6oMKTEfXFGVLgYpFO+HxdatkLiJZZHnnr+9pDY3KUHAxUyy596SJB4bA UZeevRGI1pasA8q+PNAZr1qjMeMMNUuUP+jl+xONWYO41hmEmsBAiTM+lxCdyoSC RZUdO3GYRagIUGtJElrEo1CdxZ7HyysE4fKiEy/Ad/WDIChnUtxyiyaBeU4gEPwq -----END CERTIFICATE-----Generated at Sun Jan 25 15:12:43 2026 by rpki-client