This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/SNT8hJvMVBfYKWPwF8E6mRsCbIk.roa File: SNT8hJvMVBfYKWPwF8E6mRsCbIk.roa (raw, json) Hash identifier: fIUVYcxClsJOGEyEKMH1vBZ+eD6MkSZpeWY8XXK6vEA= Subject key identifier: 48:D4:FC:84:9B:CC:54:17:D8:29:63:F0:17:C1:3A:99:1B:02:6C:89 Certificate issuer: /CN=1d65b7b7b898faaee70767d09715c436a83fcdc2 Certificate serial: 019B77594793F853E0647C9223E074D692CD Authority key identifier: 1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/SNT8hJvMVBfYKWPwF8E6mRsCbIk.roa Signing time: Thu 01 Jan 2026 02:18:18 +0000 ROA not before: Thu 01 Jan 2026 02:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211095 IP address blocks: 185.68.234.0/24 maxlen: 24 185.68.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HWW3t7iY-q7nB2fQlxXENqg_zcI.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HWW3t7iY-q7nB2fQlxXENqg_zcI.mft rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:47:93:f8:53:e0:64:7c:92:23:e0:74:d6:92:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1d65b7b7b898faaee70767d09715c436a83fcdc2 Validity Not Before: Jan 1 02:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=48d4fc849bcc5417d82963f017c13a991b026c89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:2b:e9:a3:3d:36:ce:b4:a5:56:16:1f:c4:76: c9:29:56:be:38:e8:08:8c:bb:b1:74:7e:7d:91:02: 15:7e:d5:d2:5a:dc:89:d4:4a:b7:0e:ba:9e:1f:a5: e8:0c:f3:fd:be:7f:70:c2:1d:9e:2c:20:1e:87:fd: 81:5d:c9:f3:e8:a2:59:4c:c4:be:95:b3:c0:19:35: 63:9e:9d:b2:cc:9f:52:7c:9e:26:98:f3:b3:85:a3: 1a:ab:2e:37:d4:22:25:93:84:f2:06:e7:86:9f:2a: 9c:b0:d6:49:47:28:06:32:d5:bf:79:f0:5d:ff:78: 55:13:d6:88:4e:c7:2a:eb:77:f0:e9:10:a3:7f:53: 24:73:a8:a4:77:ef:1e:1c:e2:e9:dd:b4:cf:0c:c7: 71:f7:d8:8b:07:86:54:32:49:3f:82:87:6f:a4:8d: 71:3d:1e:c1:ae:d9:e7:c0:94:cf:04:63:8a:df:e9: ec:06:5b:c3:df:13:29:87:7b:f8:1d:68:b0:b4:26: bc:3b:fb:2d:7a:1a:40:9f:78:5a:0d:54:1f:32:81: 98:e5:3f:ee:ac:83:74:c1:b9:b5:63:72:7b:6e:41: e2:1c:db:44:ac:b0:b9:09:b7:6f:25:45:9e:a0:a6: e2:85:1a:a3:13:03:ff:d8:fb:59:b5:67:f5:71:62: 40:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:D4:FC:84:9B:CC:54:17:D8:29:63:F0:17:C1:3A:99:1B:02:6C:89 X509v3 Authority Key Identifier: keyid:1D:65:B7:B7:B8:98:FA:AE:E7:07:67:D0:97:15:C4:36:A8:3F:CD:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HWW3t7iY-q7nB2fQlxXENqg_zcI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/SNT8hJvMVBfYKWPwF8E6mRsCbIk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/deaef1-6241-49ab-9825-8fc373757684/1/HWW3t7iY-q7nB2fQlxXENqg_zcI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.68.234.0/23 Signature Algorithm: sha256WithRSAEncryption b3:98:9e:88:0e:bc:b3:34:23:67:c3:9a:c7:74:04:b0:36:6a: 6b:39:f6:a2:12:ae:4e:bd:79:5f:2c:4a:ff:96:8f:76:f8:0f: c3:e6:c9:b9:51:ab:3f:95:12:eb:8b:65:10:96:75:8b:a1:35: e0:54:fe:e0:79:22:c0:fb:b6:0e:b5:f4:18:2a:00:5f:d6:3d: e8:b5:fe:49:d2:4b:2a:0e:c7:3e:3c:8b:a5:ca:cd:3d:df:0e: fb:cc:c5:cc:d6:28:68:f3:9c:b6:4c:25:63:52:93:7d:44:4c: 14:82:6b:1d:52:ea:6f:97:88:95:f5:ff:cc:55:d6:76:26:95: 21:61:a5:13:7d:aa:9f:28:ed:13:23:58:76:49:09:93:b0:35: da:b2:95:f8:a4:9f:95:4f:76:33:c4:d6:e9:b6:58:db:fc:d7: 74:a2:cf:5b:c5:cf:24:f5:71:a4:dc:28:57:93:03:31:8f:1f: 1e:df:6e:31:90:75:21:8f:9e:14:fb:75:33:24:08:67:99:b6: 6e:df:67:22:e2:09:69:f4:8d:b4:e8:83:8c:3b:87:ec:0c:be: 2d:d0:47:c0:cc:61:89:5b:db:bf:fa:b4:97:04:ed:0e:85:f8: c8:9a:d4:ac:62:ca:4f:b5:da:fa:7b:2f:c8:fc:89:05:e0:df: ee:4c:58:93 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3WUeT+FPgZHySI+B01pLNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFkNjViN2I3Yjg5OGZhYWVlNzA3NjdkMDk3MTVjNDM2YTgz ZmNkYzIwHhcNMjYwMTAxMDIxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0OGQ0ZmM4NDliY2M1NDE3ZDgyOTYzZjAxN2MxM2E5OTFiMDI2Yzg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSvpoz02zrSlVhYfxHbJKVa+OOgI jLuxdH59kQIVftXSWtyJ1Eq3DrqeH6XoDPP9vn9wwh2eLCAeh/2BXcnz6KJZTMS+ lbPAGTVjnp2yzJ9SfJ4mmPOzhaMaqy431CIlk4TyBueGnyqcsNZJRygGMtW/efBd /3hVE9aITscq63fw6RCjf1Mkc6ikd+8eHOLp3bTPDMdx99iLB4ZUMkk/godvpI1x PR7BrtnnwJTPBGOK3+nsBlvD3xMph3v4HWiwtCa8O/stehpAn3haDVQfMoGY5T/u rIN0wbm1Y3J7bkHiHNtErLC5CbdvJUWeoKbihRqjEwP/2PtZtWf1cWJAOwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFEjU/ISbzFQX2Clj8BfBOpkbAmyJMB8GA1UdIwQY MBaAFB1lt7e4mPqu5wdn0JcVxDaoP83CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFdXM3Q3aVktcTduQjJmUWx4WEVOcWdfemNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kZWFlZjEtNjI0MS00OWFiLTk4MjUt OGZjMzczNzU3Njg0LzEvU05UOGhKdk1WQmZZS1dQd0Y4RTZtUnNDYklrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy9kZWFlZjEtNjI0MS00OWFiLTk4MjUtOGZjMzczNzU3Njg0 LzEvSFdXM3Q3aVktcTduQjJmUWx4WEVOcWdfemNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuUTqMA0G CSqGSIb3DQEBCwUAA4IBAQCzmJ6IDryzNCNnw5rHdASwNmprOfaiEq5OvXlfLEr/ lo92+A/D5sm5Uas/lRLri2UQlnWLoTXgVP7geSLA+7YOtfQYKgBf1j3otf5J0ksq Dsc+PIulys093w77zMXM1iho85y2TCVjUpN9REwUgmsdUupvl4iV9f/MVdZ2JpUh YaUTfaqfKO0TI1h2SQmTsDXaspX4pJ+VT3YzxNbptljb/Nd0os9bxc8k9XGk3ChX kwMxjx8e324xkHUhj54U+3UzJAhnmbZu32ci4glp9I206IOMO4fsDL4t0EfAzGGJ W9u/+rSXBO0OhfjImtSsYspPtdr6ey/I/IkF4N/uTFiT -----END CERTIFICATE-----Generated at Sun Jan 25 17:19:45 2026 by rpki-client