This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Suv0I4ayHzN4lP_lkAXuSi3V61U.roa File: Suv0I4ayHzN4lP_lkAXuSi3V61U.roa (raw, json) Hash identifier: YlOWWNru5HT/UWDEz5GtvLppmUuFBSSele43SCrsB6Y= Subject key identifier: 4A:EB:F4:23:86:B2:1F:33:78:94:FF:E5:90:05:EE:4A:2D:D5:EB:55 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5AD80ED3944347AAC3351A0A980540 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Suv0I4ayHzN4lP_lkAXuSi3V61U.roa Signing time: Thu 01 Jan 2026 16:18:52 +0000 ROA not before: Thu 01 Jan 2026 16:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214432 IP address blocks: 81.168.32.0/24 maxlen: 24 82.152.127.0/24 maxlen: 24 82.152.179.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:d8:0e:d3:94:43:47:aa:c3:35:1a:0a:98:05:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4aebf42386b21f337894ffe59005ee4a2dd5eb55 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:12:d7:92:a9:ec:ae:ea:e4:65:d1:ef:88:91: c9:a4:4b:96:a8:3a:c8:d6:73:39:b8:fc:12:60:81: 32:4f:66:c8:c4:28:9f:7d:ea:02:f0:c7:11:da:88: ee:fc:b5:ca:c5:d6:73:91:f9:5d:f4:82:02:02:a9: 6d:c5:0d:a5:05:34:12:02:2b:5f:a3:40:9b:7a:65: 89:1b:69:df:3f:5e:4f:19:01:37:24:66:9e:00:b9: 73:80:7a:70:68:3c:3e:7f:a0:05:a7:08:fa:12:e6: b8:3f:0e:55:7b:86:b9:63:94:bd:29:c3:41:e8:f6: 0d:87:40:ac:1f:ed:d8:52:63:c8:f5:68:f5:22:6f: 2b:77:a7:d6:09:74:39:17:cd:86:a5:83:39:53:f9: 81:c9:a7:f9:f8:e5:87:8d:97:73:ec:03:c5:15:53: 02:34:fb:65:ee:5e:b9:f8:70:84:16:f6:26:cb:ac: e9:60:38:93:c7:0b:b5:dd:e1:8a:20:04:05:8d:57: 6a:aa:30:ba:41:e9:e9:1f:2b:b5:33:e7:7c:38:82: 4a:78:8d:ef:04:af:2d:ec:6d:e5:5c:27:4e:71:56: 89:e1:fa:26:88:e4:78:ef:4f:68:2b:f8:05:41:b6: b1:2f:0c:da:5f:d8:8a:be:b3:27:d3:2d:95:7d:b9: b9:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:EB:F4:23:86:B2:1F:33:78:94:FF:E5:90:05:EE:4A:2D:D5:EB:55 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Suv0I4ayHzN4lP_lkAXuSi3V61U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.168.32.0/24 82.152.127.0/24 82.152.179.0/24 Signature Algorithm: sha256WithRSAEncryption 69:96:c8:64:57:9b:7e:17:c0:06:47:e7:7d:87:2f:1e:89:79: 4f:2a:c7:1d:e7:11:25:15:28:bf:96:9d:c9:a2:e7:86:f0:1d: b8:ec:d0:d3:c0:67:c1:2f:d5:5b:56:81:3a:f4:76:c0:53:34: ef:71:e2:00:86:d5:1b:c2:36:fd:c3:bf:0c:96:1b:64:4b:a5: f9:c1:1f:7b:7c:0a:89:bd:4b:9a:f8:51:61:bd:04:ed:a0:51: 72:9b:15:1e:81:9e:1b:7e:6a:2d:50:e3:d9:9b:47:97:de:4d: 6c:b0:39:96:03:a2:7b:ca:c0:0b:5c:3c:3f:0d:13:5e:b0:6a: ac:4d:18:2d:2f:67:11:b2:0f:f6:71:19:89:89:bf:a7:25:29: 64:2c:6b:d0:0b:e8:b7:22:de:ac:1d:f5:b0:cf:23:3d:8a:a3: 7f:60:bb:b9:65:75:dc:ea:6d:d3:b9:b6:88:25:bc:68:1e:f5: 9b:44:ff:16:34:22:1e:bd:5d:82:cf:5a:40:bb:fe:80:dc:0b: 56:39:00:e7:95:20:c1:ed:6e:37:3d:87:42:1f:b6:4b:ad:c3: 52:36:7a:9d:33:14:bc:2b:61:96:bd:1b:a5:9f:0b:19:3e:3f: f5:7f:04:55:58:56:7f:60:f2:08:d8:89:be:ba:7b:d9:c4:39: d5:6a:53:1d -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt6WtgO05RDR6rDNRoKmAVAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YWViZjQyMzg2YjIxZjMzNzg5NGZmZTU5MDA1ZWU0YTJkZDVlYjU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxLXkqnsrurkZdHviJHJpEuWqDrI 1nM5uPwSYIEyT2bIxCiffeoC8McR2oju/LXKxdZzkfld9IICAqltxQ2lBTQSAitf o0CbemWJG2nfP15PGQE3JGaeALlzgHpwaDw+f6AFpwj6Eua4Pw5Ve4a5Y5S9KcNB 6PYNh0CsH+3YUmPI9Wj1Im8rd6fWCXQ5F82GpYM5U/mByaf5+OWHjZdz7APFFVMC NPtl7l65+HCEFvYmy6zpYDiTxwu13eGKIAQFjVdqqjC6QenpHyu1M+d8OIJKeI3v BK8t7G3lXCdOcVaJ4fomiOR4709oK/gFQbaxLwzaX9iKvrMn0y2Vfbm55QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFErr9COGsh8zeJT/5ZAF7kot1etVMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvU3V2MEk0YXlIek40bFBfbGtBWHVTaTNWNjFVLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUaggAwQA Uph/AwQAUpizMA0GCSqGSIb3DQEBCwUAA4IBAQBplshkV5t+F8AGR+d9hy8eiXlP Kscd5xElFSi/lp3JoueG8B247NDTwGfBL9VbVoE69HbAUzTvceIAhtUbwjb9w78M lhtkS6X5wR97fAqJvUua+FFhvQTtoFFymxUegZ4bfmotUOPZm0eX3k1ssDmWA6J7 ysALXDw/DRNesGqsTRgtL2cRsg/2cRmJib+nJSlkLGvQC+i3It6sHfWwzyM9iqN/ YLu5ZXXc6m3TubaIJbxoHvWbRP8WNCIevV2Cz1pAu/6A3AtWOQDnlSDB7W43PYdC H7ZLrcNSNnqdMxS8K2GWvRulnwsZPj/1fwRVWFZ/YPII2Im+unvZxDnValMd -----END CERTIFICATE-----Generated at Sun Jan 25 08:48:29 2026 by rpki-client