This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/s4CVi1heGWJbYwCYW_iawkx1Vkw.roa File: s4CVi1heGWJbYwCYW_iawkx1Vkw.roa (raw, json) Hash identifier: PP2ljsLLNht9ow6bvcHANrvhM1dT4caqkcMgRlkhU+U= Subject key identifier: B3:80:95:8B:58:5E:19:62:5B:63:00:98:5B:F8:9A:C2:4C:75:56:4C Certificate issuer: /CN=b27912ffef67078bb06bd4a9021fba96adb180be Certificate serial: 019B7E38F31C88B503DD78C494C7035483F0 Authority key identifier: B2:79:12:FF:EF:67:07:8B:B0:6B:D4:A9:02:1F:BA:96:AD:B1:80:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/snkS_-9nB4uwa9SpAh-6lq2xgL4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/s4CVi1heGWJbYwCYW_iawkx1Vkw.roa Signing time: Fri 02 Jan 2026 10:20:20 +0000 ROA not before: Fri 02 Jan 2026 10:20:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197506 IP address blocks: 31.44.16.0/20 maxlen: 24 45.144.100.0/22 maxlen: 24 2a00:d400::/32 maxlen: 54 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/snkS_-9nB4uwa9SpAh-6lq2xgL4.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/snkS_-9nB4uwa9SpAh-6lq2xgL4.mft rsync://rpki.ripe.net/repository/DEFAULT/snkS_-9nB4uwa9SpAh-6lq2xgL4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:f3:1c:88:b5:03:dd:78:c4:94:c7:03:54:83:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b27912ffef67078bb06bd4a9021fba96adb180be Validity Not Before: Jan 2 10:20:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b380958b585e19625b6300985bf89ac24c75564c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:73:e6:91:67:d1:fe:f3:87:57:f7:a3:48:75: 3a:74:d8:ea:44:f0:76:12:70:0f:b5:6b:02:38:92: f3:2a:0f:61:0b:f2:4b:bb:77:27:23:61:9c:96:b5: c8:ae:8e:29:72:47:52:ad:8c:1a:93:2c:55:30:c1: 8f:b4:a2:95:8a:08:c8:a0:dc:9c:ff:da:1c:54:03: 07:6d:07:7f:f9:39:14:8d:90:18:b2:ed:cc:c2:5f: cd:d6:8c:48:09:e0:be:ac:c9:65:1c:19:21:9e:91: 82:6f:63:85:f9:d0:64:df:6e:e6:9f:8b:be:5b:87: b8:3b:91:6b:c6:c4:24:d7:99:4d:33:7c:ae:50:7f: 39:ac:a6:83:56:66:6f:28:06:19:62:ed:3b:b7:f7: 47:87:38:f1:e6:30:83:7c:db:83:cc:d7:ad:f2:f6: 34:65:3b:37:84:58:0c:81:ec:75:5b:1f:e0:5a:6a: 99:14:85:13:0b:34:64:7b:d9:9f:98:62:ae:c8:a6: b7:62:3b:49:b2:eb:1f:57:43:97:82:1b:e0:ab:fd: 0e:05:67:06:73:95:ce:63:49:8c:db:9b:0d:8a:99: ab:37:24:92:5a:a9:ab:e6:fb:3f:54:3a:ea:1e:5d: 24:97:88:e8:79:b1:fa:b2:e9:fc:57:3e:00:4a:da: 75:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:80:95:8B:58:5E:19:62:5B:63:00:98:5B:F8:9A:C2:4C:75:56:4C X509v3 Authority Key Identifier: keyid:B2:79:12:FF:EF:67:07:8B:B0:6B:D4:A9:02:1F:BA:96:AD:B1:80:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/snkS_-9nB4uwa9SpAh-6lq2xgL4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/s4CVi1heGWJbYwCYW_iawkx1Vkw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2b87c5-380d-476f-a714-5c0d92f9a49f/1/snkS_-9nB4uwa9SpAh-6lq2xgL4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.44.16.0/20 45.144.100.0/22 IPv6: 2a00:d400::/32 Signature Algorithm: sha256WithRSAEncryption 2e:58:53:57:ef:db:b0:9d:e1:0b:3c:ff:7f:d4:8b:24:8f:ce: a5:3e:aa:c7:3f:bd:03:7e:6e:34:ee:8a:17:5d:d5:12:e6:bb: c1:f4:b1:5d:b0:10:50:82:47:db:3c:2d:42:16:5f:36:0a:2d: b7:4b:22:6d:dc:a0:e7:5b:f6:ac:d7:17:e3:4a:5f:44:65:41: d8:af:82:9a:b7:f1:cc:8d:d9:a5:75:fb:14:71:4b:a1:59:c3: c5:91:3e:d4:4e:d0:69:14:04:63:b7:81:15:5f:d6:f1:c6:c9: 60:64:ff:23:48:c4:c3:f6:96:e2:89:2d:57:93:b8:7a:e7:f7: fc:bb:3b:20:5d:43:2a:62:33:e9:fa:88:f7:6f:7a:83:1e:a5: ac:16:74:3f:13:fc:c1:09:fc:0c:7e:f0:a3:4d:e6:ff:eb:30: 44:7e:f5:30:69:41:c5:e8:51:21:44:78:75:c9:79:8c:b2:69: 9c:5b:87:22:30:df:eb:6b:60:a0:2b:80:8f:65:f1:2b:22:f3: b1:b2:f4:b7:75:d6:23:67:63:1d:c6:70:78:22:af:34:2f:4e: c6:32:7c:45:3f:91:26:8f:44:f6:25:30:b7:5c:b3:68:4d:9f: ad:34:8f:33:6b:7c:c9:24:24:72:ee:fd:22:c9:74:50:69:2a: b8:29:3b:22 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+OPMciLUD3XjElMcDVIPwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIyNzkxMmZmZWY2NzA3OGJiMDZiZDRhOTAyMWZiYTk2YWRi MTgwYmUwHhcNMjYwMTAyMTAyMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMzgwOTU4YjU4NWUxOTYyNWI2MzAwOTg1YmY4OWFjMjRjNzU1NjRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnPmkWfR/vOHV/ejSHU6dNjqRPB2 EnAPtWsCOJLzKg9hC/JLu3cnI2GclrXIro4pckdSrYwakyxVMMGPtKKVigjIoNyc /9ocVAMHbQd/+TkUjZAYsu3Mwl/N1oxICeC+rMllHBkhnpGCb2OF+dBk327mn4u+ W4e4O5FrxsQk15lNM3yuUH85rKaDVmZvKAYZYu07t/dHhzjx5jCDfNuDzNet8vY0 ZTs3hFgMgex1Wx/gWmqZFIUTCzRke9mfmGKuyKa3YjtJsusfV0OXghvgq/0OBWcG c5XOY0mM25sNipmrNySSWqmr5vs/VDrqHl0kl4joebH6sun8Vz4AStp1NQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLOAlYtYXhliW2MAmFv4msJMdVZMMB8GA1UdIwQY MBaAFLJ5Ev/vZweLsGvUqQIfupatsYC+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc25rU18tOW5CNHV3YTlTcEFoLTZscTJ4Z0w0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yYjg3YzUtMzgwZC00NzZmLWE3MTQt NWMwZDkyZjlhNDlmLzEvczRDVmkxaGVHV0piWXdDWVdfaWF3a3gxVmt3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC8yYjg3YzUtMzgwZC00NzZmLWE3MTQtNWMwZDkyZjlhNDlm LzEvc25rU18tOW5CNHV3YTlTcEFoLTZscTJ4Z0w0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEHywQAwQC LZBkMA0EAgACMAcDBQAqANQAMA0GCSqGSIb3DQEBCwUAA4IBAQAuWFNX79uwneEL PP9/1Iskj86lPqrHP70Dfm407ooXXdUS5rvB9LFdsBBQgkfbPC1CFl82Ci23SyJt 3KDnW/as1xfjSl9EZUHYr4Kat/HMjdmldfsUcUuhWcPFkT7UTtBpFARjt4EVX9bx xslgZP8jSMTD9pbiiS1Xk7h65/f8uzsgXUMqYjPp+oj3b3qDHqWsFnQ/E/zBCfwM fvCjTeb/6zBEfvUwaUHF6FEhRHh1yXmMsmmcW4ciMN/ra2CgK4CPZfErIvOxsvS3 ddYjZ2MdxnB4Iq80L07GMnxFP5Emj0T2JTC3XLNoTZ+tNI8za3zJJCRy7v0iyXRQ aSq4KTsi -----END CERTIFICATE-----Generated at Mon Feb 9 18:44:19 2026 by rpki-client