This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/ca17f7-c593-474d-8cf0-538b47709956/1/SP1oOwp0hXl1L0PpjGJ2uhrOHbQ.roa File: SP1oOwp0hXl1L0PpjGJ2uhrOHbQ.roa (raw, json) Hash identifier: VQoqVeb1sfiFZgtcNVlhBYDN5Dw/Su2w/ppnhIR9KAU= Subject key identifier: 48:FD:68:3B:0A:74:85:79:75:2F:43:E9:8C:62:76:BA:1A:CE:1D:B4 Certificate issuer: /CN=7078e75635a09dcc03f625a80bfa552b22e3662c Certificate serial: 019B78A21298078A085FD0976B6A47CA07EE Authority key identifier: 70:78:E7:56:35:A0:9D:CC:03:F6:25:A8:0B:FA:55:2B:22:E3:66:2C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHjnVjWgncwD9iWoC_pVKyLjZiw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/ca17f7-c593-474d-8cf0-538b47709956/1/SP1oOwp0hXl1L0PpjGJ2uhrOHbQ.roa Signing time: Thu 01 Jan 2026 08:17:25 +0000 ROA not before: Thu 01 Jan 2026 08:17:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16019 IP address blocks: 46.174.16.0/21 maxlen: 21 46.174.20.0/24 maxlen: 24 46.174.21.0/24 maxlen: 24 46.174.22.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/ca17f7-c593-474d-8cf0-538b47709956/1/cHjnVjWgncwD9iWoC_pVKyLjZiw.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/ca17f7-c593-474d-8cf0-538b47709956/1/cHjnVjWgncwD9iWoC_pVKyLjZiw.mft rsync://rpki.ripe.net/repository/DEFAULT/cHjnVjWgncwD9iWoC_pVKyLjZiw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:12:98:07:8a:08:5f:d0:97:6b:6a:47:ca:07:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7078e75635a09dcc03f625a80bfa552b22e3662c Validity Not Before: Jan 1 08:17:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=48fd683b0a748579752f43e98c6276ba1ace1db4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:61:c0:1a:3b:9c:a5:65:67:3b:d2:7a:a4:c3: 88:3f:87:a0:4d:21:aa:90:f1:3d:46:92:5e:fe:50: 09:e2:f3:54:93:39:a4:dd:8c:ba:52:20:d3:fb:e1: 32:8d:74:e8:4e:a2:86:ff:d0:d5:41:8c:56:61:0a: 17:e8:ed:3f:05:22:bc:c5:8f:7a:57:d9:7e:8a:69: d9:7e:2c:2e:f8:25:52:28:98:16:15:dd:6f:7c:85: 07:82:68:79:a4:15:0f:8f:52:32:9c:5b:40:25:12: 22:0a:18:b8:ca:80:92:5e:a3:75:c0:d2:6c:58:e3: ec:08:0a:64:43:c1:25:a5:a0:a1:9e:90:40:64:7c: 61:70:dc:ea:11:a1:ca:c3:cf:76:ce:d7:7d:e0:e8: 3e:50:33:30:d5:08:3b:03:07:be:34:28:07:ed:8e: 53:38:7e:c4:36:ca:0b:f3:20:e5:7d:f8:3d:54:46: c3:96:7d:ed:9d:db:fa:1d:55:36:f0:35:7b:f7:27: 6f:7f:68:6a:8a:83:65:2f:3a:37:74:e7:92:4d:d0: f6:6c:ea:3a:68:ce:19:32:52:05:1f:63:39:77:74: 0c:7d:9f:83:b9:57:e0:df:7b:c9:72:a0:e8:c7:54: 99:ad:1a:d5:57:36:78:bb:4f:8b:e9:f5:c8:f1:b3: 4c:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:FD:68:3B:0A:74:85:79:75:2F:43:E9:8C:62:76:BA:1A:CE:1D:B4 X509v3 Authority Key Identifier: keyid:70:78:E7:56:35:A0:9D:CC:03:F6:25:A8:0B:FA:55:2B:22:E3:66:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHjnVjWgncwD9iWoC_pVKyLjZiw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/ca17f7-c593-474d-8cf0-538b47709956/1/SP1oOwp0hXl1L0PpjGJ2uhrOHbQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/ca17f7-c593-474d-8cf0-538b47709956/1/cHjnVjWgncwD9iWoC_pVKyLjZiw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.174.16.0/21 Signature Algorithm: sha256WithRSAEncryption 50:c8:ef:25:e7:75:f8:ed:0d:45:93:2b:75:53:46:6c:0c:b5: 04:8a:eb:8c:e0:fa:e9:1e:06:54:1f:f0:a4:1c:bc:e1:6a:c2: d3:24:80:4e:5a:0a:48:39:d2:b1:c7:aa:28:65:02:5e:56:69: 4e:d3:d1:58:9f:68:6a:c3:45:b5:e2:3f:dc:6a:93:31:3f:2e: 16:fb:9a:0d:fe:e3:ad:3f:99:12:e4:d3:e2:b0:9a:1f:8e:85: fc:14:f0:cb:ff:ba:e5:c7:4b:e4:fe:ff:12:f1:da:97:78:08: 45:ec:d1:4c:0d:2e:28:2a:5e:d8:c2:1c:c7:78:72:89:72:0c: 2d:98:ba:81:8b:82:2a:6f:e0:fd:61:63:b5:37:e7:e8:5f:d8: ec:c9:b5:8e:10:77:a6:c3:74:21:3a:5c:4e:24:10:c9:29:cb: 26:63:c2:2c:b6:21:ea:c3:67:27:c9:02:a6:d7:b1:6f:93:b0: 15:44:82:25:96:c4:00:6f:45:83:86:3e:63:82:3a:d8:44:a4: 74:b4:c8:96:7c:60:5e:e1:a3:08:53:ff:e6:b1:fd:a0:57:28: ee:08:e7:0d:42:3b:8e:40:b0:f8:1a:7f:cb:62:5b:9d:2d:00: 5a:7e:ed:10:40:f6:1d:05:6e:ee:fb:a2:35:bf:5f:53:de:be: a1:22:be:22 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4ohKYB4oIX9CXa2pHygfuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwNzhlNzU2MzVhMDlkY2MwM2Y2MjVhODBiZmE1NTJiMjJl MzY2MmMwHhcNMjYwMTAxMDgxNzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0OGZkNjgzYjBhNzQ4NTc5NzUyZjQzZTk4YzYyNzZiYTFhY2UxZGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2HAGjucpWVnO9J6pMOIP4egTSGq kPE9RpJe/lAJ4vNUkzmk3Yy6UiDT++EyjXToTqKG/9DVQYxWYQoX6O0/BSK8xY96 V9l+imnZfiwu+CVSKJgWFd1vfIUHgmh5pBUPj1IynFtAJRIiChi4yoCSXqN1wNJs WOPsCApkQ8ElpaChnpBAZHxhcNzqEaHKw892ztd94Og+UDMw1Qg7Awe+NCgH7Y5T OH7ENsoL8yDlffg9VEbDln3tndv6HVU28DV79ydvf2hqioNlLzo3dOeSTdD2bOo6 aM4ZMlIFH2M5d3QMfZ+DuVfg33vJcqDox1SZrRrVVzZ4u0+L6fXI8bNMTQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFEj9aDsKdIV5dS9D6Yxidroazh20MB8GA1UdIwQY MBaAFHB451Y1oJ3MA/YlqAv6VSsi42YsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0hqblZqV2duY3dEOWlXb0NfcFZLeUxqWml3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYTE3ZjctYzU5My00NzRkLThjZjAt NTM4YjQ3NzA5OTU2LzEvU1Axb093cDBoWGwxTDBQcGpHSjJ1aHJPSGJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi9jYTE3ZjctYzU5My00NzRkLThjZjAtNTM4YjQ3NzA5OTU2 LzEvY0hqblZqV2duY3dEOWlXb0NfcFZLeUxqWml3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLq4QMA0G CSqGSIb3DQEBCwUAA4IBAQBQyO8l53X47Q1Fkyt1U0ZsDLUEiuuM4PrpHgZUH/Ck HLzhasLTJIBOWgpIOdKxx6ooZQJeVmlO09FYn2hqw0W14j/capMxPy4W+5oN/uOt P5kS5NPisJofjoX8FPDL/7rlx0vk/v8S8dqXeAhF7NFMDS4oKl7YwhzHeHKJcgwt mLqBi4Iqb+D9YWO1N+foX9jsybWOEHemw3QhOlxOJBDJKcsmY8IstiHqw2cnyQKm 17Fvk7AVRIIllsQAb0WDhj5jgjrYRKR0tMiWfGBe4aMIU//msf2gVyjuCOcNQjuO QLD4Gn/LYludLQBafu0QQPYdBW7u+6I1v19T3r6hIr4i -----END CERTIFICATE-----Generated at Sun Jan 25 21:05:06 2026 by rpki-client