This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/S8keSl8NDHVc6KPmbXVZh56DkMo.roa File: S8keSl8NDHVc6KPmbXVZh56DkMo.roa (raw, json) Hash identifier: gehjFU9x+RbJrI179PzTfPP1zreMHK8V8b0riuey5sI= Subject key identifier: 4B:C9:1E:4A:5F:0D:0C:75:5C:E8:A3:E6:6D:75:59:87:9E:83:90:CA Certificate issuer: /CN=95d9fc815e90ca87927907c5eab3fe79ca215eaa Certificate serial: 019B77C6D788C77CF371DF115E1AEA79B998 Authority key identifier: 95:D9:FC:81:5E:90:CA:87:92:79:07:C5:EA:B3:FE:79:CA:21:5E:AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ldn8gV6QyoeSeQfF6rP-ecohXqo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/S8keSl8NDHVc6KPmbXVZh56DkMo.roa Signing time: Thu 01 Jan 2026 04:17:58 +0000 ROA not before: Thu 01 Jan 2026 04:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21362 IP address blocks: 193.109.232.0/24 maxlen: 24 194.187.92.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/ldn8gV6QyoeSeQfF6rP-ecohXqo.crl rsync://rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/ldn8gV6QyoeSeQfF6rP-ecohXqo.mft rsync://rpki.ripe.net/repository/DEFAULT/ldn8gV6QyoeSeQfF6rP-ecohXqo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 07:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:d7:88:c7:7c:f3:71:df:11:5e:1a:ea:79:b9:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=95d9fc815e90ca87927907c5eab3fe79ca215eaa Validity Not Before: Jan 1 04:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4bc91e4a5f0d0c755ce8a3e66d7559879e8390ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:30:70:20:49:78:48:2f:47:b9:56:60:da:6a: 64:2d:a1:93:0a:d0:35:20:eb:b6:9b:81:95:a3:87: 66:ba:4e:50:6b:b7:17:f2:04:10:f6:1d:91:15:e4: a3:40:fa:07:9d:5f:1c:3e:5b:96:9d:52:63:f6:d2: e0:12:3d:04:63:8b:85:be:c6:0f:55:c9:8f:1e:46: 29:60:67:26:ec:7b:36:7b:57:28:65:88:0b:fb:1a: 59:e9:33:67:30:60:da:98:70:ea:fc:5b:3b:18:45: fd:58:ab:07:51:93:af:0c:36:59:d3:30:3c:59:1c: d9:03:3a:7f:98:33:d1:60:b0:89:75:3f:06:44:fc: c8:17:2b:11:5b:8f:0d:7b:b5:6a:db:82:bd:d2:83: 30:a2:54:63:3d:95:5a:4e:6f:cd:f7:ae:38:e5:00: 74:b2:45:bd:9f:23:c5:f1:c4:95:88:dc:de:bd:72: 09:7d:30:54:8e:12:81:dc:a6:97:d6:94:74:1b:df: 1c:4d:af:c4:ad:62:98:9a:85:ce:a8:a3:9d:ea:1c: c9:6f:68:77:4f:bc:e4:1e:ea:a4:59:82:00:72:eb: 84:19:45:a8:26:db:87:b9:32:22:88:bb:38:9b:77: fc:17:09:88:61:e6:92:d1:f9:f5:10:00:d3:0f:c0: 83:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:C9:1E:4A:5F:0D:0C:75:5C:E8:A3:E6:6D:75:59:87:9E:83:90:CA X509v3 Authority Key Identifier: keyid:95:D9:FC:81:5E:90:CA:87:92:79:07:C5:EA:B3:FE:79:CA:21:5E:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ldn8gV6QyoeSeQfF6rP-ecohXqo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/S8keSl8NDHVc6KPmbXVZh56DkMo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/ldn8gV6QyoeSeQfF6rP-ecohXqo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.109.232.0/24 194.187.92.0/22 Signature Algorithm: sha256WithRSAEncryption 02:82:8c:0a:8c:47:a4:de:2d:9a:d2:22:9b:a5:ed:87:0c:09: 86:5b:b1:70:c8:61:12:f0:c6:87:d6:a8:0f:fd:96:0d:37:96: ac:78:d2:9a:5f:b4:17:a5:b7:07:dd:8d:99:90:b8:74:a5:0a: 32:a3:77:7a:37:f7:a9:fa:6c:3d:6f:d3:d1:0e:f2:73:5c:e0: 14:e8:88:92:07:bd:96:4e:03:a3:bc:83:3b:02:71:e0:b7:2d: a0:6f:26:18:3c:68:a7:fb:51:96:e9:b8:b9:cf:c4:04:24:d2: 51:07:c9:c7:9a:44:78:6d:fa:7e:78:34:64:19:9e:1c:d9:f4: 97:1d:a5:e2:dc:61:04:30:97:57:03:46:79:62:88:eb:a2:d5: 25:96:b4:4d:94:d7:54:56:ab:36:7f:5e:b0:25:b3:7d:d4:db: b2:f4:e6:c7:c8:9f:9f:ce:c4:b4:9a:3e:6e:09:18:d4:e6:8a: e5:4e:fb:e6:1b:c8:5c:85:d4:4c:5d:2d:be:e1:79:68:7c:d1: df:78:36:02:9e:22:b6:49:e5:d0:cb:d2:b9:ea:2c:8c:92:ed: 1d:61:84:df:5e:2a:59:1b:a2:72:aa:c0:31:c6:48:c3:91:17: 1f:d4:d5:11:e3:9d:fd:eb:d6:49:9a:a4:83:0e:46:4d:bf:83: cf:54:5f:c5 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3xteIx3zzcd8RXhrqebmYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk1ZDlmYzgxNWU5MGNhODc5Mjc5MDdjNWVhYjNmZTc5Y2Ey MTVlYWEwHhcNMjYwMTAxMDQxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YmM5MWU0YTVmMGQwYzc1NWNlOGEzZTY2ZDc1NTk4NzllODM5MGNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTBwIEl4SC9HuVZg2mpkLaGTCtA1 IOu2m4GVo4dmuk5Qa7cX8gQQ9h2RFeSjQPoHnV8cPluWnVJj9tLgEj0EY4uFvsYP VcmPHkYpYGcm7Hs2e1coZYgL+xpZ6TNnMGDamHDq/Fs7GEX9WKsHUZOvDDZZ0zA8 WRzZAzp/mDPRYLCJdT8GRPzIFysRW48Ne7Vq24K90oMwolRjPZVaTm/N96445QB0 skW9nyPF8cSViNzevXIJfTBUjhKB3KaX1pR0G98cTa/ErWKYmoXOqKOd6hzJb2h3 T7zkHuqkWYIAcuuEGUWoJtuHuTIiiLs4m3f8FwmIYeaS0fn1EADTD8CD7wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFEvJHkpfDQx1XOij5m11WYeeg5DKMB8GA1UdIwQY MBaAFJXZ/IFekMqHknkHxeqz/nnKIV6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbGRuOGdWNlF5b2VTZVFmRjZyUC1lY29oWHFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85Y2FhNTAtYTUxMC00MTdhLWI1ODkt OGNlNDE3OTIzMmM4LzEvUzhrZVNsOE5ESFZjNktQbWJYVlpoNTZEa01vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNS85Y2FhNTAtYTUxMC00MTdhLWI1ODktOGNlNDE3OTIzMmM4 LzEvbGRuOGdWNlF5b2VTZVFmRjZyUC1lY29oWHFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW3oAwQC wrtcMA0GCSqGSIb3DQEBCwUAA4IBAQACgowKjEek3i2a0iKbpe2HDAmGW7FwyGES 8MaH1qgP/ZYNN5aseNKaX7QXpbcH3Y2ZkLh0pQoyo3d6N/ep+mw9b9PRDvJzXOAU 6IiSB72WTgOjvIM7AnHgty2gbyYYPGin+1GW6bi5z8QEJNJRB8nHmkR4bfp+eDRk GZ4c2fSXHaXi3GEEMJdXA0Z5YojrotUllrRNlNdUVqs2f16wJbN91Nuy9ObHyJ+f zsS0mj5uCRjU5orlTvvmG8hchdRMXS2+4XlofNHfeDYCniK2SeXQy9K56iyMku0d YYTfXipZG6JyqsAxxkjDkRcf1NUR453969ZJmqSDDkZNv4PPVF/F -----END CERTIFICATE-----Generated at Mon Jan 26 16:23:28 2026 by rpki-client