This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/SqqfV0cqdsmTEBKuOvF0JJEbDoo.roa File: SqqfV0cqdsmTEBKuOvF0JJEbDoo.roa (raw, json) Hash identifier: bMcPfDE84mvLVznq47OZBYkUC9R902MrAMG5aI6NhzY= Subject key identifier: 4A:AA:9F:57:47:2A:76:C9:93:10:12:AE:3A:F1:74:24:91:1B:0E:8A Certificate issuer: /CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7 Certificate serial: 019B78A31C0E7B69CB2084FFD9AC3C5CB7F9 Authority key identifier: 71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/SqqfV0cqdsmTEBKuOvF0JJEbDoo.roa Signing time: Thu 01 Jan 2026 08:18:34 +0000 ROA not before: Thu 01 Jan 2026 08:18:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215224 IP address blocks: 45.8.178.0/24 maxlen: 24 45.12.32.0/24 maxlen: 24 45.12.33.0/24 maxlen: 24 45.142.0.0/24 maxlen: 24 45.142.3.0/24 maxlen: 24 45.148.147.0/24 maxlen: 24 185.224.217.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.mft rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 17:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:1c:0e:7b:69:cb:20:84:ff:d9:ac:3c:5c:b7:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71bddeaf0f30fbdaf9e75b92ac7d5bd13f285de7 Validity Not Before: Jan 1 08:18:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4aaa9f57472a76c9931012ae3af17424911b0e8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:81:12:27:0e:39:3d:58:49:ee:11:fb:5a:a3: 53:aa:a2:3b:39:4e:39:6d:0c:78:42:45:90:6b:89: d3:c3:48:d6:c5:22:41:3e:a4:40:40:2d:6a:1c:93: cb:04:aa:08:ad:fb:0b:29:dc:e2:05:62:76:3d:5b: d3:8a:8c:5f:cb:b5:a4:5f:32:1e:87:5b:cd:c8:5a: 22:ea:7b:6d:29:4b:d9:94:a5:c4:7b:a5:ef:7e:12: b3:5e:45:47:e7:83:5e:60:71:30:b1:30:d6:b1:af: e1:4f:b6:7b:98:39:c5:7d:d5:b6:13:7b:58:2e:86: 47:d8:9c:3a:73:10:52:83:e0:22:71:5e:d4:0b:4b: 51:53:fd:84:d9:5a:5c:0e:81:34:2e:5c:c1:31:d3: 0e:8b:69:fb:57:2d:e5:04:a0:28:df:57:2d:b5:85: 60:81:0b:9d:8e:53:93:76:bc:4a:d1:19:3d:a7:ed: 8f:af:fe:35:1d:a3:d5:96:f0:ea:e2:ac:d8:a4:ea: 6a:6b:9c:45:e2:c4:f6:f2:fb:a4:2c:f9:07:27:3d: 90:b8:dd:aa:f4:05:5d:2b:50:7a:ec:c2:1a:6e:71: 43:a4:05:c8:2b:86:05:1c:db:39:df:19:84:08:b4: de:7e:bf:ba:80:b1:f3:c7:ed:52:63:de:f5:34:96: 06:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:AA:9F:57:47:2A:76:C9:93:10:12:AE:3A:F1:74:24:91:1B:0E:8A X509v3 Authority Key Identifier: keyid:71:BD:DE:AF:0F:30:FB:DA:F9:E7:5B:92:AC:7D:5B:D1:3F:28:5D:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb3erw8w-9r551uSrH1b0T8oXec.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/SqqfV0cqdsmTEBKuOvF0JJEbDoo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/814ec5-9e41-4b5a-a6fe-477231191a35/1/cb3erw8w-9r551uSrH1b0T8oXec.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.8.178.0/24 45.12.32.0/23 45.142.0.0/24 45.142.3.0/24 45.148.147.0/24 185.224.217.0/24 Signature Algorithm: sha256WithRSAEncryption ac:27:97:a8:23:ce:a0:54:85:8d:ee:0c:9e:3c:cb:da:52:d9: 7e:ab:88:0b:69:8e:65:fd:9d:84:84:e1:bc:b2:2e:16:6c:96: 71:c0:d9:a9:45:e2:5e:f9:cc:8f:4a:96:86:ac:9f:b9:23:19: c6:1e:7d:16:63:c0:d0:8f:47:28:49:86:ae:7f:46:ab:41:68: 4e:82:4f:01:a1:70:98:dd:7f:b2:ac:2e:d2:3f:59:bb:08:84: a8:0e:c8:53:d5:8f:7f:5d:0c:a4:31:f3:20:fd:f4:4a:1f:b7: 1f:a5:73:ec:42:5b:3f:12:f2:f4:a9:37:51:e3:e4:9d:59:01: 84:06:66:75:a8:bc:9d:18:66:bf:6a:15:96:07:19:81:fa:7a: 62:bc:7d:c3:13:68:22:86:38:a8:0f:c3:76:d7:58:9f:1c:e2: 1b:ad:58:8a:72:2c:a8:25:0c:7d:2b:00:d8:b1:33:e5:6a:df: b8:82:0a:39:c1:c7:14:ee:73:a2:97:5b:b8:fa:33:15:36:36: 84:4f:fb:68:3f:e6:a7:2c:9f:d1:b0:60:23:be:d0:49:f1:47: d3:f7:5c:f4:43:71:b9:b5:4e:28:a8:59:87:46:0a:50:61:2a: 76:fa:77:45:52:7e:2b:11:f2:48:02:02:e9:da:0b:36:50:d3: 4f:e8:73:56 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt4oxwOe2nLIIT/2aw8XLf5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxYmRkZWFmMGYzMGZiZGFmOWU3NWI5MmFjN2Q1YmQxM2Yy ODVkZTcwHhcNMjYwMTAxMDgxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YWFhOWY1NzQ3MmE3NmM5OTMxMDEyYWUzYWYxNzQyNDkxMWIwZThhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoESJw45PVhJ7hH7WqNTqqI7OU45 bQx4QkWQa4nTw0jWxSJBPqRAQC1qHJPLBKoIrfsLKdziBWJ2PVvTioxfy7WkXzIe h1vNyFoi6nttKUvZlKXEe6XvfhKzXkVH54NeYHEwsTDWsa/hT7Z7mDnFfdW2E3tY LoZH2Jw6cxBSg+AicV7UC0tRU/2E2VpcDoE0LlzBMdMOi2n7Vy3lBKAo31cttYVg gQudjlOTdrxK0Rk9p+2Pr/41HaPVlvDq4qzYpOpqa5xF4sT28vukLPkHJz2QuN2q 9AVdK1B67MIabnFDpAXIK4YFHNs53xmECLTefr+6gLHzx+1SY971NJYG6QIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFEqqn1dHKnbJkxASrjrxdCSRGw6KMB8GA1UdIwQY MBaAFHG93q8PMPva+edbkqx9W9E/KF3nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUt NDc3MjMxMTkxYTM1LzEvU3FxZlYwY3Fkc21URUJLdU92RjBKSkViRG9vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS84MTRlYzUtOWU0MS00YjVhLWE2ZmUtNDc3MjMxMTkxYTM1 LzEvY2IzZXJ3OHctOXI1NTF1U3JIMWIwVDhvWGVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQiyAwQB LQwgAwQALY4AAwQALY4DAwQALZSTAwQAueDZMA0GCSqGSIb3DQEBCwUAA4IBAQCs J5eoI86gVIWN7gyePMvaUtl+q4gLaY5l/Z2EhOG8si4WbJZxwNmpReJe+cyPSpaG rJ+5IxnGHn0WY8DQj0coSYauf0arQWhOgk8BoXCY3X+yrC7SP1m7CISoDshT1Y9/ XQykMfMg/fRKH7cfpXPsQls/EvL0qTdR4+SdWQGEBmZ1qLydGGa/ahWWBxmB+npi vH3DE2gihjioD8N211ifHOIbrViKciyoJQx9KwDYsTPlat+4ggo5wccU7nOil1u4 +jMVNjaET/toP+anLJ/RsGAjvtBJ8UfT91z0Q3G5tU4oqFmHRgpQYSp2+ndFUn4r EfJIAgLp2gs2UNNP6HNW -----END CERTIFICATE-----Generated at Tue Jan 20 00:56:45 2026 by rpki-client