This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/sP3xxrP16BVYtRejuodDQfjDjnY.roa File: sP3xxrP16BVYtRejuodDQfjDjnY.roa (raw, json) Hash identifier: rhdnZt+TyfSBG9e9GLDjxat3cDe+UxxerHxAqaJJWko= Subject key identifier: B0:FD:F1:C6:B3:F5:E8:15:58:B5:17:A3:BA:87:43:41:F8:C3:8E:76 Certificate issuer: /CN=c9c02d4234f4bc4e87555e41c03779d5620a5155 Certificate serial: 019B7E378931A4251E6A25CED1813ED1694C Authority key identifier: C9:C0:2D:42:34:F4:BC:4E:87:55:5E:41:C0:37:79:D5:62:0A:51:55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ycAtQjT0vE6HVV5BwDd51WIKUVU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/sP3xxrP16BVYtRejuodDQfjDjnY.roa Signing time: Fri 02 Jan 2026 10:18:47 +0000 ROA not before: Fri 02 Jan 2026 10:18:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49775 IP address blocks: 185.194.252.0/22 maxlen: 22 185.194.252.0/23 maxlen: 23 185.194.254.0/23 maxlen: 23 185.194.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/ycAtQjT0vE6HVV5BwDd51WIKUVU.crl rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/ycAtQjT0vE6HVV5BwDd51WIKUVU.mft rsync://rpki.ripe.net/repository/DEFAULT/ycAtQjT0vE6HVV5BwDd51WIKUVU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:89:31:a4:25:1e:6a:25:ce:d1:81:3e:d1:69:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c9c02d4234f4bc4e87555e41c03779d5620a5155 Validity Not Before: Jan 2 10:18:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b0fdf1c6b3f5e81558b517a3ba874341f8c38e76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:22:0f:c4:14:63:0d:37:eb:f3:b4:84:86:6a: 81:fb:9d:10:a1:08:aa:57:69:0d:73:24:dd:a1:ee: 8e:fb:4f:db:46:ba:91:a9:2d:4a:00:7e:71:8e:65: 05:f1:1c:e3:df:ad:e6:80:05:2c:e4:76:b6:20:61: cd:cc:87:26:40:19:d5:0e:2c:9c:b7:ae:d1:b9:15: 90:db:87:43:8b:c1:32:13:13:9e:87:5c:69:88:48: 64:37:1f:d8:0c:ac:d7:0b:ca:04:9f:fa:ec:2a:d0: 2a:45:dd:9e:3e:e9:f4:53:3c:21:95:2b:f2:c7:09: 7b:57:ff:c4:bb:63:36:5d:3d:57:e4:74:05:61:3f: 20:5c:9e:08:66:85:4b:88:56:12:41:8a:bc:bb:3f: 88:e9:f8:4a:bf:9c:c5:b3:f0:c7:37:9c:d6:6e:45: 38:36:d5:ef:56:91:77:47:47:fa:b3:c5:b6:e6:41: a0:92:70:50:7d:c5:06:e4:cf:aa:6b:b2:06:aa:d2: 31:07:46:bb:f2:1c:33:48:e9:fb:01:1d:5f:93:e5: e2:35:6f:73:19:00:db:cc:9d:67:0d:01:41:7d:93: b2:61:62:e6:1d:b8:c8:da:45:6b:fd:31:b4:5e:de: c5:fa:f6:0d:85:0a:2b:ce:08:60:20:10:20:a8:14: 57:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:FD:F1:C6:B3:F5:E8:15:58:B5:17:A3:BA:87:43:41:F8:C3:8E:76 X509v3 Authority Key Identifier: keyid:C9:C0:2D:42:34:F4:BC:4E:87:55:5E:41:C0:37:79:D5:62:0A:51:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ycAtQjT0vE6HVV5BwDd51WIKUVU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/sP3xxrP16BVYtRejuodDQfjDjnY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/ycAtQjT0vE6HVV5BwDd51WIKUVU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.194.252.0/22 Signature Algorithm: sha256WithRSAEncryption 2a:0f:86:25:76:6d:2a:90:f6:53:67:f3:35:a7:fa:69:ca:9a: 0d:e2:0c:6f:aa:7f:9a:ec:a7:3e:9a:11:c9:b0:72:ef:b9:a1: 7f:71:48:bf:2b:f4:6a:7c:8c:70:17:7c:04:0f:6e:21:7d:7c: 82:6a:cd:81:ef:6c:7b:b6:e1:a1:2e:fe:6a:f1:1b:1e:27:b2: 8c:ce:26:83:c6:bc:e3:00:65:bd:de:32:09:8b:51:29:8b:a5: 83:a7:c0:c9:01:7b:d3:bd:a4:ac:93:f0:c0:25:4d:6f:04:f3: a7:68:a6:83:62:e2:07:57:a0:d2:e6:6c:d4:25:26:61:10:f6: 40:2c:2c:fd:34:0d:8c:b1:af:81:86:ec:25:99:fa:99:95:0a: ab:fc:d2:54:3a:18:1c:ec:c7:ee:04:ab:a5:6d:38:d6:41:57: 0d:61:ed:1a:3e:2e:4f:90:cb:b1:c5:5b:95:71:73:8e:6f:51: ab:ba:90:f5:c3:d4:54:8c:b3:00:52:f1:55:15:ef:cd:ba:47: 30:06:6c:f6:5b:ae:06:28:6a:5c:cb:2e:7f:c3:60:e4:de:d2: d5:f0:a9:53:d6:68:19:d4:65:d5:ee:c6:74:d2:c3:85:d6:48: 0f:39:7a:95:14:ca:d2:1f:b9:35:31:e0:6c:a7:c4:ad:85:35: 76:33:a7:b7 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+N4kxpCUeaiXO0YE+0WlMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM5YzAyZDQyMzRmNGJjNGU4NzU1NWU0MWMwMzc3OWQ1NjIw YTUxNTUwHhcNMjYwMTAyMTAxODQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMGZkZjFjNmIzZjVlODE1NThiNTE3YTNiYTg3NDM0MWY4YzM4ZTc2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiIPxBRjDTfr87SEhmqB+50QoQiq V2kNcyTdoe6O+0/bRrqRqS1KAH5xjmUF8Rzj363mgAUs5Ha2IGHNzIcmQBnVDiyc t67RuRWQ24dDi8EyExOeh1xpiEhkNx/YDKzXC8oEn/rsKtAqRd2ePun0UzwhlSvy xwl7V//Eu2M2XT1X5HQFYT8gXJ4IZoVLiFYSQYq8uz+I6fhKv5zFs/DHN5zWbkU4 NtXvVpF3R0f6s8W25kGgknBQfcUG5M+qa7IGqtIxB0a78hwzSOn7AR1fk+XiNW9z GQDbzJ1nDQFBfZOyYWLmHbjI2kVr/TG0Xt7F+vYNhQorzghgIBAgqBRXZwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLD98caz9egVWLUXo7qHQ0H4w452MB8GA1UdIwQY MBaAFMnALUI09LxOh1VeQcA3edViClFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWNBdFFqVDB2RTZIVlY1QndEZDUxV0lLVVZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS82ODUyMzItZjVlOS00MWQ2LWI5NGUt MWE2Y2U1ZmFmOTE2LzEvc1AzeHhyUDE2QlZZdFJlanVvZERRZmpEam5ZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS82ODUyMzItZjVlOS00MWQ2LWI5NGUtMWE2Y2U1ZmFmOTE2 LzEveWNBdFFqVDB2RTZIVlY1QndEZDUxV0lLVVZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucL8MA0G CSqGSIb3DQEBCwUAA4IBAQAqD4Yldm0qkPZTZ/M1p/ppypoN4gxvqn+a7Kc+mhHJ sHLvuaF/cUi/K/RqfIxwF3wED24hfXyCas2B72x7tuGhLv5q8RseJ7KMziaDxrzj AGW93jIJi1Epi6WDp8DJAXvTvaSsk/DAJU1vBPOnaKaDYuIHV6DS5mzUJSZhEPZA LCz9NA2Msa+BhuwlmfqZlQqr/NJUOhgc7MfuBKulbTjWQVcNYe0aPi5PkMuxxVuV cXOOb1GrupD1w9RUjLMAUvFVFe/NukcwBmz2W64GKGpcyy5/w2Dk3tLV8KlT1mgZ 1GXV7sZ00sOF1kgPOXqVFMrSH7k1MeBsp8SthTV2M6e3 -----END CERTIFICATE-----Generated at Mon Feb 9 22:30:54 2026 by rpki-client