This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5oIhvgvUYi22TvuuA3KdTvLZHgA.roa File: 5oIhvgvUYi22TvuuA3KdTvLZHgA.roa (raw, json) Hash identifier: f40gzXEd5E6x+E9GGk/ldPIzgFuUAFvKS+kErw+10qg= Subject key identifier: E6:82:21:BE:0B:D4:62:2D:B6:4E:FB:AE:03:72:9D:4E:F2:D9:1E:00 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5A8F3922B5B72B5A8D9B2C2EE221C4 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5oIhvgvUYi22TvuuA3KdTvLZHgA.roa Signing time: Thu 01 Jan 2026 16:18:33 +0000 ROA not before: Thu 01 Jan 2026 16:18:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 973 IP address blocks: 82.153.224.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 04:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:8f:39:22:b5:b7:2b:5a:8d:9b:2c:2e:e2:21:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e68221be0bd4622db64efbae03729d4ef2d91e00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:5c:9f:8b:0f:cc:24:a0:2f:bf:f7:74:17:7d: 34:21:af:3b:2b:55:d1:ca:5b:65:3c:b5:bd:23:6f: 5b:6a:93:12:d0:a3:05:05:3d:d5:d8:55:22:c9:9b: b9:8b:b1:66:39:7f:d7:c4:a2:59:75:53:d1:52:7f: 0e:61:0e:18:a7:76:0b:1d:54:61:56:07:0b:fd:7a: dc:2b:26:0b:56:c3:85:8e:3d:cb:96:a3:9f:5e:58: 6a:f2:60:3e:d8:80:6c:d3:a5:5a:28:99:9a:be:c9: a7:d8:9f:58:e9:a8:60:40:4e:15:1c:6d:c2:fa:da: fe:e5:d2:3d:ac:64:4b:48:73:ac:d2:41:32:a5:cd: 41:34:3d:20:d7:87:96:e4:7d:20:56:dc:68:26:44: 0e:bf:ec:6e:c4:3d:d1:ad:6d:1a:2a:18:18:2c:cb: 7d:bb:fb:14:11:c3:38:74:1e:ab:35:1c:bd:c0:f6: 03:e3:08:3f:16:fd:b0:db:a3:5d:dc:dc:77:34:bd: d7:53:41:29:da:cb:1c:08:be:36:0c:29:f4:77:b1: 17:4e:8a:c4:ff:f0:93:c8:ae:07:87:c8:c9:2f:c6: 2e:68:24:44:f5:56:cf:ae:01:8d:94:94:4b:bc:4e: 04:05:97:53:2a:fb:d7:aa:02:ff:4a:92:f6:2a:0b: d2:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:82:21:BE:0B:D4:62:2D:B6:4E:FB:AE:03:72:9D:4E:F2:D9:1E:00 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5oIhvgvUYi22TvuuA3KdTvLZHgA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.153.224.0/24 Signature Algorithm: sha256WithRSAEncryption 69:51:05:3b:eb:46:ca:5e:de:08:73:38:d2:f3:2a:bb:ec:4a: 11:4e:1c:d3:3e:82:4e:16:4a:1f:1f:d3:ad:20:b6:6d:6d:be: 73:87:d1:f4:ca:b4:75:36:38:09:60:16:b9:34:eb:b1:57:61: 3f:43:44:50:bc:87:8c:a0:87:94:41:f4:df:e3:92:9a:81:f4: 7f:ed:d5:9f:3a:1b:d5:b4:b1:dd:d3:1d:d7:e5:fe:07:00:95: ab:b2:68:b3:27:cb:fd:61:ac:85:0f:dc:9c:71:49:09:b9:87: 7a:20:6f:6c:80:69:e5:4d:49:0e:78:2e:33:53:9f:19:00:2c: eb:0a:7c:c4:10:37:69:9e:f4:27:34:4e:66:23:4c:1d:4c:5f: 40:ec:90:c7:51:db:bf:c8:d1:3e:38:e1:50:7b:89:4e:85:60: 2f:32:bd:fc:e4:98:4c:41:e2:64:98:86:87:7f:f2:fd:01:d6: 3c:34:c4:84:82:07:db:71:48:91:89:ac:11:f6:36:a0:8f:27: d0:e8:02:53:b6:3d:84:14:74:aa:fe:20:9d:79:6c:d6:5c:15: 71:1e:9b:de:af:0c:8f:3e:73:38:c3:2a:ee:ac:56:66:dc:84: 85:df:8c:21:93:06:0a:66:5a:bf:f1:f2:eb:2e:31:a3:52:fa: 62:0c:2e:7c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6Wo85IrW3K1qNmywu4iHEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlNjgyMjFiZTBiZDQ2MjJkYjY0ZWZiYWUwMzcyOWQ0ZWYyZDkxZTAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Fyfiw/MJKAvv/d0F300Ia87K1XR yltlPLW9I29bapMS0KMFBT3V2FUiyZu5i7FmOX/XxKJZdVPRUn8OYQ4Yp3YLHVRh VgcL/XrcKyYLVsOFjj3LlqOfXlhq8mA+2IBs06VaKJmavsmn2J9Y6ahgQE4VHG3C +tr+5dI9rGRLSHOs0kEypc1BND0g14eW5H0gVtxoJkQOv+xuxD3RrW0aKhgYLMt9 u/sUEcM4dB6rNRy9wPYD4wg/Fv2w26Nd3Nx3NL3XU0Ep2sscCL42DCn0d7EXTorE //CTyK4Hh8jJL8YuaCRE9VbPrgGNlJRLvE4EBZdTKvvXqgL/SpL2KgvSRwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOaCIb4L1GIttk77rgNynU7y2R4AMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvNW9JaHZndlVZaTIyVHZ1dUEzS2RUdkxaSGdBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpngMA0G CSqGSIb3DQEBCwUAA4IBAQBpUQU760bKXt4IczjS8yq77EoRThzTPoJOFkofH9Ot ILZtbb5zh9H0yrR1NjgJYBa5NOuxV2E/Q0RQvIeMoIeUQfTf45KagfR/7dWfOhvV tLHd0x3X5f4HAJWrsmizJ8v9YayFD9yccUkJuYd6IG9sgGnlTUkOeC4zU58ZACzr CnzEEDdpnvQnNE5mI0wdTF9A7JDHUdu/yNE+OOFQe4lOhWAvMr385JhMQeJkmIaH f/L9AdY8NMSEggfbcUiRiawR9jagjyfQ6AJTtj2EFHSq/iCdeWzWXBVxHpverwyP PnM4wyrurFZm3ISF34whkwYKZlq/8fLrLjGjUvpiDC58 -----END CERTIFICATE-----Generated at Sun Jan 25 14:37:53 2026 by rpki-client