This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/s4z6KSPU66aHa9IpWr4h0fSsZEc.roa File: s4z6KSPU66aHa9IpWr4h0fSsZEc.roa (raw, json) Hash identifier: T4mhOBKBFlKgTip//Yw1HwCgxWQpfJTZCSk6zAZ8jes= Subject key identifier: B3:8C:FA:29:23:D4:EB:A6:87:6B:D2:29:5A:BE:21:D1:F4:AC:64:47 Certificate issuer: /CN=aafa45a62c5e850ab9c8726a59a9bfa992d371b2 Certificate serial: 019B775922C51968F066C9480CE7F2D86C87 Authority key identifier: AA:FA:45:A6:2C:5E:85:0A:B9:C8:72:6A:59:A9:BF:A9:92:D3:71:B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvpFpixehQq5yHJqWam_qZLTcbI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/s4z6KSPU66aHa9IpWr4h0fSsZEc.roa Signing time: Thu 01 Jan 2026 02:18:08 +0000 ROA not before: Thu 01 Jan 2026 02:18:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39614 IP address blocks: 185.228.176.0/22 maxlen: 24 213.139.240.0/22 maxlen: 24 2a09:7180::/29 maxlen: 48 2a0c:1d00::/30 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/qvpFpixehQq5yHJqWam_qZLTcbI.crl rsync://rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/qvpFpixehQq5yHJqWam_qZLTcbI.mft rsync://rpki.ripe.net/repository/DEFAULT/qvpFpixehQq5yHJqWam_qZLTcbI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:22:c5:19:68:f0:66:c9:48:0c:e7:f2:d8:6c:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aafa45a62c5e850ab9c8726a59a9bfa992d371b2 Validity Not Before: Jan 1 02:18:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b38cfa2923d4eba6876bd2295abe21d1f4ac6447 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:8f:60:33:18:1b:95:28:34:2e:fc:3e:a9:f3: c5:db:43:d7:e1:a3:17:c4:bf:69:cb:70:7e:16:7b: c2:cf:40:f0:b6:22:b4:1e:77:de:73:2b:7c:ab:0a: 42:f1:a1:be:35:fb:f6:23:6a:c1:77:d6:30:28:87: 10:d1:62:a1:77:7d:47:f9:8a:31:9d:71:61:34:61: fd:52:41:ee:50:c6:8e:f4:0e:8c:c2:72:51:f0:af: 81:f5:54:c9:eb:7d:8e:60:56:12:8b:af:d3:be:28: 84:b9:9d:53:cc:57:0d:33:4a:7b:27:1b:08:94:73: 3a:6f:f3:47:e6:b3:06:4a:57:25:2f:59:73:dd:68: fd:00:26:61:67:55:df:25:c2:99:c7:d1:a5:6e:44: 87:ca:d7:0e:ce:d1:eb:0e:46:4e:03:72:d5:3b:bb: 3b:66:9f:9f:b6:eb:62:7a:18:93:02:00:92:4e:52: a4:d4:4f:d3:c1:4f:99:b2:b6:6a:1b:23:2c:93:24: 06:00:5b:c3:0e:40:b4:ce:00:d8:68:33:a6:59:23: 92:ff:46:2a:7b:23:fd:64:4d:8f:7c:61:3b:61:22: 45:ae:2b:a5:42:53:d8:e0:79:92:f3:f6:ee:0c:59: 46:1a:c0:6f:2c:b3:d0:ff:1f:b1:57:ac:de:b2:31: 70:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:8C:FA:29:23:D4:EB:A6:87:6B:D2:29:5A:BE:21:D1:F4:AC:64:47 X509v3 Authority Key Identifier: keyid:AA:FA:45:A6:2C:5E:85:0A:B9:C8:72:6A:59:A9:BF:A9:92:D3:71:B2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvpFpixehQq5yHJqWam_qZLTcbI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/s4z6KSPU66aHa9IpWr4h0fSsZEc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/97a9aa-6970-49c8-8d0a-2b3ddbcb7238/1/qvpFpixehQq5yHJqWam_qZLTcbI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.228.176.0/22 213.139.240.0/22 IPv6: 2a09:7180::/29 2a0c:1d00::/30 Signature Algorithm: sha256WithRSAEncryption a4:a1:76:34:51:a5:74:e5:04:34:a8:da:6f:c9:e6:f7:ef:2b: 70:7e:1a:9a:9f:92:01:b8:e3:3a:73:f0:d7:3f:5c:a6:e1:da: 7c:1c:d1:3f:ec:c6:b5:f7:b9:e9:50:a1:ee:c9:fd:fa:5d:2d: 2e:60:fd:18:08:24:60:a2:91:52:ed:3c:c0:cc:b4:43:6c:f0: da:fd:ae:62:bd:22:a9:f0:46:cf:54:76:60:58:25:26:9a:c0: 24:b9:88:7f:84:fc:16:64:e9:c4:84:3f:ef:a6:c7:0e:66:6c: d3:2e:4a:c2:f2:61:aa:50:84:63:26:15:04:62:82:4b:45:e7: df:f5:7f:59:09:77:53:f5:31:2e:6f:5a:e4:06:1c:19:ec:f8: ed:ea:48:8d:db:fc:dc:8d:15:0f:84:ed:68:2a:35:0d:89:7c: c2:4b:99:8c:41:db:d4:33:ce:da:dc:63:fc:38:8a:0b:5c:39: d7:77:8c:f3:ee:19:53:1e:27:1c:05:2d:23:f1:db:d0:71:b8: 0b:22:8c:03:6b:4e:03:87:ed:9e:87:c4:af:a6:6c:f0:b6:04: 25:d9:ae:1d:e0:54:e5:02:78:bc:5a:98:1f:d2:e4:47:bd:70: 16:8e:3f:a8:ee:73:8f:33:ea:c1:3a:e2:a2:f9:99:f1:1d:21: 72:de:4a:ef -----BEGIN CERTIFICATE----- MIIFGTCCBAGgAwIBAgISAZt3WSLFGWjwZslIDOfy2GyHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFhZmE0NWE2MmM1ZTg1MGFiOWM4NzI2YTU5YTliZmE5OTJk MzcxYjIwHhcNMjYwMTAxMDIxODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMzhjZmEyOTIzZDRlYmE2ODc2YmQyMjk1YWJlMjFkMWY0YWM2NDQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuo9gMxgblSg0Lvw+qfPF20PX4aMX xL9py3B+FnvCz0DwtiK0Hnfecyt8qwpC8aG+Nfv2I2rBd9YwKIcQ0WKhd31H+Yox nXFhNGH9UkHuUMaO9A6MwnJR8K+B9VTJ632OYFYSi6/TviiEuZ1TzFcNM0p7JxsI lHM6b/NH5rMGSlclL1lz3Wj9ACZhZ1XfJcKZx9GlbkSHytcOztHrDkZOA3LVO7s7 Zp+ftutiehiTAgCSTlKk1E/TwU+ZsrZqGyMskyQGAFvDDkC0zgDYaDOmWSOS/0Yq eyP9ZE2PfGE7YSJFriulQlPY4HmS8/buDFlGGsBvLLPQ/x+xV6zesjFwtwIDAQAB o4ICJTCCAiEwHQYDVR0OBBYEFLOM+ikj1Oumh2vSKVq+IdH0rGRHMB8GA1UdIwQY MBaAFKr6RaYsXoUKuchyalmpv6mS03GyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcXZwRnBpeGVoUXE1eUhKcVdhbV9xWkxUY2JJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy85N2E5YWEtNjk3MC00OWM4LThkMGEt MmIzZGRiY2I3MjM4LzEvczR6NktTUFU2NmFIYTlJcFdyNGgwZlNzWkVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy85N2E5YWEtNjk3MC00OWM4LThkMGEtMmIzZGRiY2I3MjM4 LzEvcXZwRnBpeGVoUXE1eUhKcVdhbV9xWkxUY2JJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCueSwAwQC 1YvwMBQEAgACMA4DBQMqCXGAAwUCKgwdADANBgkqhkiG9w0BAQsFAAOCAQEApKF2 NFGldOUENKjab8nm9+8rcH4amp+SAbjjOnPw1z9cpuHafBzRP+zGtfe56VCh7sn9 +l0tLmD9GAgkYKKRUu08wMy0Q2zw2v2uYr0iqfBGz1R2YFglJprAJLmIf4T8FmTp xIQ/76bHDmZs0y5KwvJhqlCEYyYVBGKCS0Xn3/V/WQl3U/UxLm9a5AYcGez47epI jdv83I0VD4TtaCo1DYl8wkuZjEHb1DPO2txj/DiKC1w513eM8+4ZUx4nHAUtI/Hb 0HG4CyKMA2tOA4ftnofEr6Zs8LYEJdmuHeBU5QJ4vFqYH9LkR71wFo4/qO5zjzPq wTriovmZ8R0hct5K7w== -----END CERTIFICATE-----Generated at Tue Feb 10 02:29:53 2026 by rpki-client