This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SdNMgtOh3nkDg5jv8oWGw4hHstc.roa File: SdNMgtOh3nkDg5jv8oWGw4hHstc.roa (raw, json) Hash identifier: YLD7nAwB0+rTkUr9Fbr4R6loRfNzONsigRhR+OXWKlk= Subject key identifier: 49:D3:4C:82:D3:A1:DE:79:03:83:98:EF:F2:85:86:C3:88:47:B2:D7 Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Certificate serial: 019B78A34A888BC31C571028DC5D6BDDD840 Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SdNMgtOh3nkDg5jv8oWGw4hHstc.roa Signing time: Thu 01 Jan 2026 08:18:45 +0000 ROA not before: Thu 01 Jan 2026 08:18:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214417 IP address blocks: 87.121.221.0/24 maxlen: 24 185.252.177.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 02:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:4a:88:8b:c3:1c:57:10:28:dc:5d:6b:dd:d8:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Validity Not Before: Jan 1 08:18:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=49d34c82d3a1de79038398eff28586c38847b2d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:93:32:cd:d0:b0:dc:b4:e3:c6:3a:af:38:1a: 77:14:3c:e5:7a:19:c0:7f:97:ad:4f:70:54:42:5c: 35:5f:d0:8b:b5:87:01:f8:e0:13:fb:74:de:1d:7a: 1d:34:01:21:13:b7:5c:6f:85:b4:da:a0:dc:1a:86: 88:9a:b8:42:09:63:93:5d:a1:60:02:66:f8:d4:76: e8:2f:15:a2:dd:7d:1b:b9:4d:34:7a:ec:a1:07:9e: 0f:69:07:8f:e3:38:0f:b3:2b:d4:c1:d5:18:4e:a1: 0b:82:ea:66:66:4e:b9:32:d7:dc:5c:7d:eb:3a:c3: 3c:06:4b:ac:69:a2:ce:2b:19:5c:5d:f1:3d:73:3d: ea:7f:62:ad:97:16:63:37:ae:62:2a:3b:f1:fa:ce: 7f:c1:3a:f3:19:ad:50:ea:e5:71:0d:07:a8:54:b9: be:8f:d2:1e:43:da:6e:ea:01:29:2f:7c:f8:0f:35: d8:59:ea:20:33:c3:6c:cd:21:c3:af:8d:4b:4a:21: ac:53:c2:4d:15:3c:ec:51:77:2f:ea:e9:ec:11:71: ac:f2:eb:41:07:08:8a:51:c2:5a:60:ba:a9:5d:2c: 58:7b:39:26:63:6f:b7:39:8f:bc:d1:7f:fa:bd:c7: bb:21:16:c5:f9:cb:0f:5b:e4:70:68:c5:20:79:af: a4:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:D3:4C:82:D3:A1:DE:79:03:83:98:EF:F2:85:86:C3:88:47:B2:D7 X509v3 Authority Key Identifier: keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SdNMgtOh3nkDg5jv8oWGw4hHstc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.121.221.0/24 185.252.177.0/24 Signature Algorithm: sha256WithRSAEncryption 34:96:e9:55:79:cd:3f:e0:d1:68:f5:11:20:25:6c:21:c9:ee: 5f:0b:d7:a1:38:3c:e2:a7:5d:98:28:90:ab:32:23:84:5a:f6: 6f:a9:38:ad:67:a6:26:f9:1a:7e:3f:03:66:7e:6a:28:01:f5: e0:2f:24:07:e6:b0:63:2c:22:05:c9:66:bd:8e:00:80:05:ff: a1:43:9e:58:cc:ad:91:ba:25:ab:78:e6:7d:fe:3a:11:6a:13: 8e:cd:ff:46:2b:c9:94:49:75:1c:27:09:18:35:a8:fd:46:2b: 59:91:8b:7f:8c:b4:09:3d:b8:10:4f:2f:90:36:32:4f:80:f9: 33:98:3f:12:a0:9c:b4:45:35:c0:f7:1a:41:06:80:95:34:2a: 78:9a:22:ee:ac:ec:e4:5f:1a:0f:5f:59:60:37:7d:f7:c1:85: 1f:3c:51:93:ea:a4:f6:7f:a5:35:88:d7:ed:ec:a8:ff:39:16: 95:f1:9d:cc:55:f2:c3:2b:cc:a8:92:23:65:67:60:fd:3b:95: a6:65:a6:d3:02:8c:fe:cd:96:87:45:c8:07:bc:7c:9a:f1:de: ac:f0:a0:58:13:67:38:68:0f:c6:a9:49:e6:49:69:6b:c0:0a: 71:44:78:c1:0a:9d:60:ff:4e:56:02:1b:68:96:c3:95:8d:37: 74:a3:55:17 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4o0qIi8McVxAo3F1r3dhAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3 NzVlOWQwHhcNMjYwMTAxMDgxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0OWQzNGM4MmQzYTFkZTc5MDM4Mzk4ZWZmMjg1ODZjMzg4NDdiMmQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZMyzdCw3LTjxjqvOBp3FDzlehnA f5etT3BUQlw1X9CLtYcB+OAT+3TeHXodNAEhE7dcb4W02qDcGoaImrhCCWOTXaFg Amb41HboLxWi3X0buU00euyhB54PaQeP4zgPsyvUwdUYTqELgupmZk65MtfcXH3r OsM8BkusaaLOKxlcXfE9cz3qf2KtlxZjN65iKjvx+s5/wTrzGa1Q6uVxDQeoVLm+ j9IeQ9pu6gEpL3z4DzXYWeogM8NszSHDr41LSiGsU8JNFTzsUXcv6unsEXGs8utB BwiKUcJaYLqpXSxYezkmY2+3OY+80X/6vce7IRbF+csPW+RwaMUgea+kzQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFEnTTILTod55A4OY7/KFhsOIR7LXMB8GA1UdIwQY MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct Y2QzY2E1OTc1NzEyLzEvU2ROTWd0T2gzbmtEZzVqdjhvV0d3NGhIc3RjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV3ndAwQA ufyxMA0GCSqGSIb3DQEBCwUAA4IBAQA0lulVec0/4NFo9REgJWwhye5fC9ehODzi p12YKJCrMiOEWvZvqTitZ6Ym+Rp+PwNmfmooAfXgLyQH5rBjLCIFyWa9jgCABf+h Q55YzK2RuiWreOZ9/joRahOOzf9GK8mUSXUcJwkYNaj9RitZkYt/jLQJPbgQTy+Q NjJPgPkzmD8SoJy0RTXA9xpBBoCVNCp4miLurOzkXxoPX1lgN333wYUfPFGT6qT2 f6U1iNft7Kj/ORaV8Z3MVfLDK8yokiNlZ2D9O5WmZabTAoz+zZaHRcgHvHya8d6s 8KBYE2c4aA/GqUnmSWlrwApxRHjBCp1g/05WAhtolsOVjTd0o1UX -----END CERTIFICATE-----Generated at Fri Jan 2 12:07:58 2026 by rpki-client