This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/sH1teYqG2FqEXd7RfMCaBcOnmaw.roa File: sH1teYqG2FqEXd7RfMCaBcOnmaw.roa (raw, json) Hash identifier: suxWcXpZV2IMJ73fGzjwM37LJ58quwhaki1YE7N0sRY= Subject key identifier: B0:7D:6D:79:8A:86:D8:5A:84:5D:DE:D1:7C:C0:9A:05:C3:A7:99:AC Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be Certificate serial: 019B7EA57A815B628E80CB2E31B07F36AADB Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/sH1teYqG2FqEXd7RfMCaBcOnmaw.roa Signing time: Fri 02 Jan 2026 12:18:52 +0000 ROA not before: Fri 02 Jan 2026 12:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48823 IP address blocks: 95.129.48.0/21 maxlen: 24 134.0.24.0/21 maxlen: 24 185.11.136.0/22 maxlen: 24 2a03:2900::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.mft rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:7a:81:5b:62:8e:80:cb:2e:31:b0:7f:36:aa:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be Validity Not Before: Jan 2 12:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b07d6d798a86d85a845dded17cc09a05c3a799ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:7a:c4:b8:93:9b:c0:44:d6:9a:08:79:09:a7: c0:4f:12:e2:e6:8a:a9:91:6f:e6:fc:6a:6c:64:ca: a7:67:ea:a9:9f:90:72:23:e5:a8:87:4c:f7:fb:15: 95:1d:87:72:6b:84:ae:3d:69:1f:01:ca:b3:c8:77: 86:5c:c7:5a:7f:9a:a4:dc:41:d2:b8:33:da:d1:fd: 47:22:8e:61:fd:64:b3:3a:6b:c2:ff:79:1c:bd:10: ed:2d:40:64:e9:2f:a1:1e:41:6d:8e:19:0a:27:d0: ec:ba:92:95:cb:48:91:7e:64:2f:53:e5:54:ea:8a: 72:3d:49:49:70:86:7c:d9:2c:c6:3f:c4:ad:2a:3b: d3:e5:95:2f:69:9b:a6:76:8e:4d:c8:87:e6:8c:6c: a3:e5:99:7c:07:f4:f9:cc:2a:d2:5e:a9:92:95:31: c3:f3:05:82:d2:2f:90:97:60:83:e8:f2:fe:76:aa: 9a:84:96:60:8f:46:20:e4:e7:01:3b:6a:71:94:12: 5e:7f:6f:53:d8:88:8c:a7:3c:db:77:bf:86:a8:04: cf:42:72:24:30:6b:2d:12:dd:46:a4:60:7d:f7:8e: b9:73:09:85:1c:c0:a6:4d:59:2e:e4:f8:77:28:00: 09:80:5e:4f:a2:83:b5:2e:6b:2f:ad:2d:c6:85:fe: 26:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:7D:6D:79:8A:86:D8:5A:84:5D:DE:D1:7C:C0:9A:05:C3:A7:99:AC X509v3 Authority Key Identifier: keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/sH1teYqG2FqEXd7RfMCaBcOnmaw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.129.48.0/21 134.0.24.0/21 185.11.136.0/22 IPv6: 2a03:2900::/32 Signature Algorithm: sha256WithRSAEncryption 77:a5:fa:c4:17:3f:9b:f8:ec:bd:0c:d6:f3:18:0c:2a:98:a1: 33:55:63:07:92:b7:61:45:0d:21:49:56:d8:cb:61:b0:ff:07: 8f:4b:5a:5c:56:90:41:89:26:9f:5e:7b:30:bb:be:6b:a7:cb: 5f:35:6d:03:da:9a:64:6c:19:48:9a:4f:bf:3d:32:00:31:6b: ee:c1:4d:5b:ca:a0:96:76:44:0c:39:ba:06:a4:4d:57:88:de: 8d:9f:45:72:f0:a8:be:9d:86:d0:f3:87:9e:bd:c7:53:58:26: 74:00:49:cd:36:ea:c9:ba:71:b5:77:d7:33:18:79:f2:c1:76: ac:53:14:99:91:4b:10:36:af:64:99:79:e6:b4:d4:82:37:41: 02:ec:8d:d2:d1:aa:9c:24:db:42:9b:03:60:06:c3:57:2f:4b: f8:73:40:ae:8b:d8:b9:47:af:79:bb:12:e4:b4:4d:ba:a9:b3: a0:20:90:75:01:9e:59:7a:34:d0:ce:13:35:a4:0d:33:e2:45: 09:03:94:ee:d2:12:3b:17:8c:4a:1a:d9:48:a1:79:f4:c3:49: cf:9e:8b:80:ed:bf:cd:5f:a1:0f:fc:28:6b:5f:e7:99:ef:a5: 6c:43:0f:f8:51:4f:09:2f:20:ed:65:de:47:ef:a6:fd:c5:78: df:58:4a:67 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgISAZt+pXqBW2KOgMsuMbB/NqrbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4 NTE4YmUwHhcNMjYwMTAyMTIxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMDdkNmQ3OThhODZkODVhODQ1ZGRlZDE3Y2MwOWEwNWMzYTc5OWFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHrEuJObwETWmgh5CafATxLi5oqp kW/m/GpsZMqnZ+qpn5ByI+Woh0z3+xWVHYdya4SuPWkfAcqzyHeGXMdaf5qk3EHS uDPa0f1HIo5h/WSzOmvC/3kcvRDtLUBk6S+hHkFtjhkKJ9DsupKVy0iRfmQvU+VU 6opyPUlJcIZ82SzGP8StKjvT5ZUvaZumdo5NyIfmjGyj5Zl8B/T5zCrSXqmSlTHD 8wWC0i+Ql2CD6PL+dqqahJZgj0Yg5OcBO2pxlBJef29T2IiMpzzbd7+GqATPQnIk MGstEt1GpGB99465cwmFHMCmTVku5Ph3KAAJgF5PooO1LmsvrS3Ghf4m+wIDAQAB o4ICJDCCAiAwHQYDVR0OBBYEFLB9bXmKhthahF3e0XzAmgXDp5msMB8GA1UdIwQY MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt MGUyZDY5N2IyN2UzLzEvc0gxdGVZcUcyRnFFWGQ3UmZNQ2FCY09ubWF3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDX4EwAwQD hgAYAwQCuQuIMA0EAgACMAcDBQAqAykAMA0GCSqGSIb3DQEBCwUAA4IBAQB3pfrE Fz+b+Oy9DNbzGAwqmKEzVWMHkrdhRQ0hSVbYy2Gw/wePS1pcVpBBiSafXnswu75r p8tfNW0D2ppkbBlImk+/PTIAMWvuwU1byqCWdkQMOboGpE1XiN6Nn0Vy8Ki+nYbQ 84eevcdTWCZ0AEnNNurJunG1d9czGHnywXasUxSZkUsQNq9kmXnmtNSCN0EC7I3S 0aqcJNtCmwNgBsNXL0v4c0Cui9i5R695uxLktE26qbOgIJB1AZ5ZejTQzhM1pA0z 4kUJA5Tu0hI7F4xKGtlIoXn0w0nPnouA7b/NX6EP/ChrX+eZ76VsQw/4UU8JLyDt Zd5H76b9xXjfWEpn -----END CERTIFICATE-----Generated at Sun Jan 25 19:35:15 2026 by rpki-client