This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/sfEXc4wY-pXhuYqaE9QZpaIZSqY.roa File: sfEXc4wY-pXhuYqaE9QZpaIZSqY.roa (raw, json) Hash identifier: njFcyKEx7yKnKI3LIuKB6v9ru42euT2yptaAKjD9IBw= Subject key identifier: B1:F1:17:73:8C:18:FA:95:E1:B9:8A:9A:13:D4:19:A5:A2:19:4A:A6 Certificate issuer: /CN=3ec14cc607d1f0283848f9a815dbe675e2339a7e Certificate serial: 019B7DCA630E8397AA73FD9C8296FC62021F Authority key identifier: 3E:C1:4C:C6:07:D1:F0:28:38:48:F9:A8:15:DB:E6:75:E2:33:9A:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsFMxgfR8Cg4SPmoFdvmdeIzmn4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/sfEXc4wY-pXhuYqaE9QZpaIZSqY.roa Signing time: Fri 02 Jan 2026 08:19:34 +0000 ROA not before: Fri 02 Jan 2026 08:19:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209327 IP address blocks: 85.209.116.0/22 maxlen: 22 2a09:94c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/PsFMxgfR8Cg4SPmoFdvmdeIzmn4.crl rsync://rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/PsFMxgfR8Cg4SPmoFdvmdeIzmn4.mft rsync://rpki.ripe.net/repository/DEFAULT/PsFMxgfR8Cg4SPmoFdvmdeIzmn4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:63:0e:83:97:aa:73:fd:9c:82:96:fc:62:02:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ec14cc607d1f0283848f9a815dbe675e2339a7e Validity Not Before: Jan 2 08:19:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b1f117738c18fa95e1b98a9a13d419a5a2194aa6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:19:7f:37:ae:6e:6c:be:b9:65:6b:22:99:8a: 0e:5d:90:62:83:d1:e6:1d:fc:5f:e1:40:fc:53:d5: f9:94:5c:34:bf:23:67:4c:df:37:01:29:f9:b8:3f: 09:d6:7d:68:29:77:fc:d5:4c:30:80:7c:4b:ef:64: 69:3c:63:bd:05:55:70:2b:08:a1:43:df:4d:67:c8: 8c:fd:14:43:51:c5:c8:d4:5b:07:ea:f2:4a:f3:97: af:ea:f7:04:a3:07:c1:19:70:ff:33:7f:b8:57:dd: 2d:1d:d9:96:d4:2f:18:09:56:45:be:33:d9:3d:b7: 3d:43:f7:f2:8e:8c:38:ba:b5:29:ca:54:a0:28:8b: ba:05:6f:6e:b1:bd:fb:ab:4b:29:49:e9:bb:f6:91: 06:d4:51:68:97:e2:7e:2d:db:2b:a7:8d:33:7d:a8: 80:65:05:59:05:dc:61:89:2e:1c:28:42:62:c9:78: 51:23:a8:df:2c:e5:6f:17:57:ed:2e:b6:97:a7:84: da:84:b2:25:c8:2e:f2:fc:e2:db:54:e4:b7:53:e5: 19:8e:56:56:c2:19:7f:f6:4f:58:73:96:97:36:1b: fc:8b:f0:74:a6:15:d6:dd:65:a0:b5:32:5b:7b:d8: 2a:c6:18:bb:c7:d2:f0:fe:9e:08:97:25:4a:72:8d: cd:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:F1:17:73:8C:18:FA:95:E1:B9:8A:9A:13:D4:19:A5:A2:19:4A:A6 X509v3 Authority Key Identifier: keyid:3E:C1:4C:C6:07:D1:F0:28:38:48:F9:A8:15:DB:E6:75:E2:33:9A:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsFMxgfR8Cg4SPmoFdvmdeIzmn4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/sfEXc4wY-pXhuYqaE9QZpaIZSqY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/754bd6-fd6a-4dc6-a927-769a0c5eea0d/1/PsFMxgfR8Cg4SPmoFdvmdeIzmn4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.209.116.0/22 IPv6: 2a09:94c0::/29 Signature Algorithm: sha256WithRSAEncryption 09:92:8e:04:4e:ad:af:10:f7:e7:77:88:2c:2a:d4:47:5f:dd: 80:39:8b:70:ef:cd:32:08:76:33:9d:d7:1c:86:49:ab:be:f6: 2c:3d:d3:05:70:5f:08:96:35:dd:b9:8e:1e:9a:78:62:ee:80: 18:ff:a0:73:e5:38:d3:24:6b:50:db:25:35:cb:cf:90:e4:a8: d7:57:79:3d:de:04:e9:04:62:4a:73:1b:c4:17:1a:f6:c0:a8: 72:5a:39:54:62:7d:a0:0d:b8:76:66:25:e3:b0:76:36:46:3f: 95:96:13:7f:51:17:05:f2:f1:9f:56:96:6f:e6:38:8b:75:ec: ea:83:15:a2:c4:55:ae:5e:44:4d:95:39:70:cf:8c:9f:9b:f5: 1b:7b:43:6c:f5:e3:98:7e:fd:ca:f1:17:7e:bf:f3:34:82:56: e0:de:c3:82:5f:2b:e0:c4:ec:d7:11:fc:0c:68:83:62:6e:97: f0:7a:ea:d4:59:13:64:5b:fd:a9:7d:98:84:ed:bf:03:42:a7: 22:7a:57:d2:7e:69:78:2c:db:c2:be:d2:0b:78:a0:4a:00:0f: 15:a3:7e:b0:1a:28:17:a6:16:cd:ae:f1:8d:eb:c9:bf:2a:c3: c2:20:b2:90:6a:2a:44:90:b4:50:90:ed:0e:d2:42:30:5e:e6: d9:67:ce:0d -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9ymMOg5eqc/2cgpb8YgIfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlYzE0Y2M2MDdkMWYwMjgzODQ4ZjlhODE1ZGJlNjc1ZTIz MzlhN2UwHhcNMjYwMTAyMDgxOTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMWYxMTc3MzhjMThmYTk1ZTFiOThhOWExM2Q0MTlhNWEyMTk0YWE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Rl/N65ubL65ZWsimYoOXZBig9Hm Hfxf4UD8U9X5lFw0vyNnTN83ASn5uD8J1n1oKXf81UwwgHxL72RpPGO9BVVwKwih Q99NZ8iM/RRDUcXI1FsH6vJK85ev6vcEowfBGXD/M3+4V90tHdmW1C8YCVZFvjPZ Pbc9Q/fyjow4urUpylSgKIu6BW9usb37q0spSem79pEG1FFol+J+Ldsrp40zfaiA ZQVZBdxhiS4cKEJiyXhRI6jfLOVvF1ftLraXp4TahLIlyC7y/OLbVOS3U+UZjlZW whl/9k9Yc5aXNhv8i/B0phXW3WWgtTJbe9gqxhi7x9Lw/p4IlyVKco3NswIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLHxF3OMGPqV4bmKmhPUGaWiGUqmMB8GA1UdIwQY MBaAFD7BTMYH0fAoOEj5qBXb5nXiM5p+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHNGTXhnZlI4Q2c0U1Btb0Zkdm1kZUl6bW40LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83NTRiZDYtZmQ2YS00ZGM2LWE5Mjct NzY5YTBjNWVlYTBkLzEvc2ZFWGM0d1ktcFhodVlxYUU5UVpwYUlaU3FZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy83NTRiZDYtZmQ2YS00ZGM2LWE5MjctNzY5YTBjNWVlYTBk LzEvUHNGTXhnZlI4Q2c0U1Btb0Zkdm1kZUl6bW40LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdF0MA0E AgACMAcDBQMqCZTAMA0GCSqGSIb3DQEBCwUAA4IBAQAJko4ETq2vEPfnd4gsKtRH X92AOYtw780yCHYzndcchkmrvvYsPdMFcF8IljXduY4emnhi7oAY/6Bz5TjTJGtQ 2yU1y8+Q5KjXV3k93gTpBGJKcxvEFxr2wKhyWjlUYn2gDbh2ZiXjsHY2Rj+VlhN/ URcF8vGfVpZv5jiLdezqgxWixFWuXkRNlTlwz4yfm/Ube0Ns9eOYfv3K8Rd+v/M0 glbg3sOCXyvgxOzXEfwMaINibpfweurUWRNkW/2pfZiE7b8DQqcielfSfml4LNvC vtILeKBKAA8Vo36wGigXphbNrvGN68m/KsPCILKQaipEkLRQkO0O0kIwXubZZ84N -----END CERTIFICATE-----Generated at Mon Feb 2 08:07:47 2026 by rpki-client