This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/shP3TLWgIzhBPl8vk0hNXUGvS7k.roa File: shP3TLWgIzhBPl8vk0hNXUGvS7k.roa (raw, json) Hash identifier: eHzcxg9xXH5KClR02rFR+4dyWGXrRQKP2BbGxdLk69I= Subject key identifier: B2:13:F7:4C:B5:A0:23:38:41:3E:5F:2F:93:48:4D:5D:41:AF:4B:B9 Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Certificate serial: 019B7EA759FFF6C70FA33E789D12AE664532 Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/shP3TLWgIzhBPl8vk0hNXUGvS7k.roa Signing time: Fri 02 Jan 2026 12:20:55 +0000 ROA not before: Fri 02 Jan 2026 12:20:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12380 IP address blocks: 80.248.144.0/20 maxlen: 20 89.20.16.0/20 maxlen: 20 212.58.192.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 15:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:59:ff:f6:c7:0f:a3:3e:78:9d:12:ae:66:45:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09 Validity Not Before: Jan 2 12:20:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b213f74cb5a02338413e5f2f93484d5d41af4bb9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:fd:67:b3:eb:fc:11:92:f2:f5:19:2f:09:fd: 9f:fe:45:e5:b5:4e:16:f1:ed:7e:22:3a:2c:de:d0: 2f:d4:35:29:cd:74:71:01:11:3f:95:3b:f5:60:a6: 08:ac:c8:31:e9:50:94:f0:98:ba:9c:a9:9d:8d:19: 2d:14:05:95:15:7e:27:e3:05:26:d3:f5:d0:1f:ee: 49:b5:5d:9d:02:c3:43:e9:31:73:39:30:d6:31:42: 6a:cb:65:4d:b6:50:50:b3:cd:f6:a6:6b:c0:76:9c: d9:fd:b3:42:5f:cb:35:11:05:e8:42:f0:68:14:e6: 7d:5f:db:da:e9:c3:0f:f5:92:3b:98:7a:12:db:08: 16:39:08:a5:c0:56:1e:cc:68:ef:0d:38:6b:d2:7d: 0b:41:88:e5:04:4d:03:4d:0c:a1:6a:01:ce:78:01: af:cb:33:7d:1c:58:34:68:a6:94:9b:56:65:02:0a: 27:2d:84:8f:96:45:3b:37:58:3f:2d:5f:d4:be:59: 8e:69:55:ce:05:a9:cf:a2:f3:8b:3e:c3:c0:1d:18: f3:f8:97:5d:7b:d4:4a:55:e9:0a:fb:d9:b9:dc:7b: 2e:5d:13:9b:4f:22:72:ca:e0:c8:2b:45:13:50:e4: e8:a8:01:76:b9:26:29:6e:9e:d0:5d:34:67:7b:ba: c0:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:13:F7:4C:B5:A0:23:38:41:3E:5F:2F:93:48:4D:5D:41:AF:4B:B9 X509v3 Authority Key Identifier: keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/shP3TLWgIzhBPl8vk0hNXUGvS7k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.248.144.0/20 89.20.16.0/20 212.58.192.0/19 Signature Algorithm: sha256WithRSAEncryption 42:c8:40:9d:73:6e:9d:93:79:c0:58:d1:a0:d5:0a:9d:d9:0e: 9b:84:00:0d:76:a4:7d:15:70:d0:53:42:9b:02:9e:bf:54:92: 16:3b:c5:02:ea:ba:4e:f4:ee:64:6c:e8:35:d8:33:ad:91:3f: f0:03:b3:9b:9e:45:d7:1a:08:ce:ed:e0:ec:76:af:94:d5:84: 80:d6:b4:09:de:31:d5:7a:11:c3:6c:76:4f:f6:6f:0b:ca:5c: 93:7d:25:6d:f3:7c:fe:f4:06:8d:40:b1:8d:60:ed:bc:08:de: 3c:02:85:c0:5e:0f:58:1e:ae:a8:e8:8e:6d:f8:70:43:e3:43: 19:b8:10:58:b4:77:fb:28:77:11:d8:94:98:fe:2c:b4:8e:93: b4:a4:e2:55:01:28:4e:02:a0:41:4b:7e:ed:a5:09:6f:cc:47: 9b:51:57:2e:19:d8:c2:22:04:9f:5a:22:8f:26:94:ed:c7:6e: 4a:d6:5e:f6:f9:ab:0f:4d:0f:e2:d1:fc:e1:7c:14:bc:99:05: 8d:d6:2d:9f:42:ac:1e:97:86:b4:a2:9f:dc:f1:a6:fd:2c:e7: 4c:f0:53:c6:99:af:fd:b2:22:ce:18:24:4c:86:51:de:87:c1: 3a:99:5b:02:1e:45:8e:e7:9b:3e:22:2d:70:b4:38:3a:57:05: 66:c7:17:29 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+p1n/9scPoz54nRKuZkUyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx ZTZjMDkwHhcNMjYwMTAyMTIyMDU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMjEzZjc0Y2I1YTAyMzM4NDEzZTVmMmY5MzQ4NGQ1ZDQxYWY0YmI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmP1ns+v8EZLy9RkvCf2f/kXltU4W 8e1+Ijos3tAv1DUpzXRxARE/lTv1YKYIrMgx6VCU8Ji6nKmdjRktFAWVFX4n4wUm 0/XQH+5JtV2dAsND6TFzOTDWMUJqy2VNtlBQs832pmvAdpzZ/bNCX8s1EQXoQvBo FOZ9X9va6cMP9ZI7mHoS2wgWOQilwFYezGjvDThr0n0LQYjlBE0DTQyhagHOeAGv yzN9HFg0aKaUm1ZlAgonLYSPlkU7N1g/LV/UvlmOaVXOBanPovOLPsPAHRjz+Jdd e9RKVekK+9m53HsuXRObTyJyyuDIK0UTUOToqAF2uSYpbp7QXTRne7rA6QIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFLIT90y1oCM4QT5fL5NITV1Br0u5MB8GA1UdIwQY MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt NWE4NmMyNzU3YzFlLzEvc2hQM1RMV2dJemhCUGw4dmswaE5YVUd2UzdrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUPiQAwQE WRQQAwQF1DrAMA0GCSqGSIb3DQEBCwUAA4IBAQBCyECdc26dk3nAWNGg1Qqd2Q6b hAANdqR9FXDQU0KbAp6/VJIWO8UC6rpO9O5kbOg12DOtkT/wA7ObnkXXGgjO7eDs dq+U1YSA1rQJ3jHVehHDbHZP9m8LylyTfSVt83z+9AaNQLGNYO28CN48AoXAXg9Y Hq6o6I5t+HBD40MZuBBYtHf7KHcR2JSY/iy0jpO0pOJVAShOAqBBS37tpQlvzEeb UVcuGdjCIgSfWiKPJpTtx25K1l72+asPTQ/i0fzhfBS8mQWN1i2fQqwel4a0op/c 8ab9LOdM8FPGma/9siLOGCRMhlHeh8E6mVsCHkWO55s+Ii1wtDg6VwVmxxcp -----END CERTIFICATE-----Generated at Mon Jan 26 01:41:28 2026 by rpki-client