This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/SSZdn02qDEwwqUSfTnOV3zXUcLo.roa File: SSZdn02qDEwwqUSfTnOV3zXUcLo.roa (raw, json) Hash identifier: y3a3/hKTKamWecmVmVYjV0+wFS3yke4xPMfZhOZPAII= Subject key identifier: 49:26:5D:9F:4D:AA:0C:4C:30:A9:44:9F:4E:73:95:DF:35:D4:70:BA Certificate issuer: /CN=7af6779e62b4612887fe6f8d4e9c0e3731f6e108 Certificate serial: 019B7F8321C3464D400048CC037EAEA98048 Authority key identifier: 7A:F6:77:9E:62:B4:61:28:87:FE:6F:8D:4E:9C:0E:37:31:F6:E1:08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evZ3nmK0YSiH_m-NTpwONzH24Qg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/SSZdn02qDEwwqUSfTnOV3zXUcLo.roa Signing time: Fri 02 Jan 2026 16:20:58 +0000 ROA not before: Fri 02 Jan 2026 16:20:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208236 IP address blocks: 45.150.152.0/22 maxlen: 24 2a0f:d600::/29 maxlen: 48 2a0f:d606::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/evZ3nmK0YSiH_m-NTpwONzH24Qg.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/evZ3nmK0YSiH_m-NTpwONzH24Qg.mft rsync://rpki.ripe.net/repository/DEFAULT/evZ3nmK0YSiH_m-NTpwONzH24Qg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:21:c3:46:4d:40:00:48:cc:03:7e:ae:a9:80:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7af6779e62b4612887fe6f8d4e9c0e3731f6e108 Validity Not Before: Jan 2 16:20:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=49265d9f4daa0c4c30a9449f4e7395df35d470ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:81:33:00:2d:1e:48:1f:c9:1e:03:6c:a6:6d: 8e:80:6f:6e:0d:a1:72:ab:59:0e:65:d5:b7:33:72: af:99:39:78:f4:74:0c:7b:50:f0:11:bb:b1:8e:60: 63:28:ea:e2:dc:18:16:31:2b:ce:5b:9d:d3:78:36: b6:c1:6a:0c:05:ca:06:1d:d8:92:4a:48:46:6b:7f: d7:2e:84:13:6e:ee:61:1d:76:b0:1a:d3:d9:77:ea: bc:39:b4:91:db:6a:2f:41:e7:61:bf:67:1b:1a:20: 41:c3:44:e2:45:58:b8:30:66:2c:52:5b:98:e3:27: d7:1b:9b:68:30:cb:c5:13:37:5a:cb:1a:90:3f:dd: c0:3c:dc:e6:81:fc:a1:b5:a8:7a:5a:64:5a:a3:18: bb:b6:70:13:d1:f2:72:de:f3:43:4e:97:4b:49:7b: e3:ea:49:3f:b7:11:d5:dc:1e:ac:7e:a4:b3:f2:5e: b4:90:9b:99:aa:db:15:8f:76:bb:0b:97:02:d6:65: 10:c3:ae:95:b0:23:d8:f5:ed:b0:9c:d8:1a:e4:eb: bc:85:8a:a6:93:99:1e:a0:2e:d8:10:57:1c:59:7f: d4:35:50:39:c5:c4:9d:6c:d9:ed:a0:7e:81:80:a8: 5c:b1:78:8b:25:83:02:ff:ec:3b:5e:49:11:48:43: 2a:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:26:5D:9F:4D:AA:0C:4C:30:A9:44:9F:4E:73:95:DF:35:D4:70:BA X509v3 Authority Key Identifier: keyid:7A:F6:77:9E:62:B4:61:28:87:FE:6F:8D:4E:9C:0E:37:31:F6:E1:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evZ3nmK0YSiH_m-NTpwONzH24Qg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/SSZdn02qDEwwqUSfTnOV3zXUcLo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/evZ3nmK0YSiH_m-NTpwONzH24Qg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.150.152.0/22 IPv6: 2a0f:d600::/29 Signature Algorithm: sha256WithRSAEncryption 69:7f:9e:bd:17:b4:77:a8:7f:c2:c7:73:d4:18:93:3d:2d:08: 41:54:3c:3f:b1:c1:0d:1c:d5:df:61:75:e7:76:a0:f8:de:a8: 49:5f:7d:e8:4e:bc:65:0a:be:d2:5b:1c:6d:e2:f6:d1:7e:ee: f4:ae:01:9c:56:38:60:2b:e5:6b:16:1a:f4:50:9c:2f:c5:47: 0f:4e:69:4d:2e:89:38:b3:95:fd:a4:ec:2f:b8:27:e2:5a:e8: 7b:b7:e4:17:35:87:5f:6d:d6:fe:84:64:d6:8d:12:57:c8:0d: 12:9f:4e:b8:f2:5a:79:ab:98:b1:8d:34:a3:28:63:35:c4:3b: b0:b4:55:ff:2a:1b:ab:c6:31:74:84:fa:9d:cb:28:3e:1f:4a: 5d:33:0e:90:ea:97:a7:fa:6e:14:bf:17:00:4d:57:bf:48:31: 87:b7:7d:b8:86:ac:69:ab:9b:c6:98:96:90:8d:45:03:17:30: 31:af:47:e8:25:28:26:8f:26:eb:2a:67:ee:5e:a6:d6:53:5e: 53:14:39:54:52:9d:b6:e4:a1:ea:4e:b8:d4:0e:44:0b:c8:b9: 8e:1f:45:17:b2:4b:a8:4f:27:35:9d:44:88:aa:d2:a7:b5:ba: 50:22:b7:54:24:cb:ef:23:96:cc:73:db:e9:3c:ae:2f:98:a6: 87:b9:f0:48 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/gyHDRk1AAEjMA36uqYBIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdhZjY3NzllNjJiNDYxMjg4N2ZlNmY4ZDRlOWMwZTM3MzFm NmUxMDgwHhcNMjYwMTAyMTYyMDU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0OTI2NWQ5ZjRkYWEwYzRjMzBhOTQ0OWY0ZTczOTVkZjM1ZDQ3MGJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4EzAC0eSB/JHgNspm2OgG9uDaFy q1kOZdW3M3KvmTl49HQMe1DwEbuxjmBjKOri3BgWMSvOW53TeDa2wWoMBcoGHdiS SkhGa3/XLoQTbu5hHXawGtPZd+q8ObSR22ovQedhv2cbGiBBw0TiRVi4MGYsUluY 4yfXG5toMMvFEzdayxqQP93APNzmgfyhtah6WmRaoxi7tnAT0fJy3vNDTpdLSXvj 6kk/txHV3B6sfqSz8l60kJuZqtsVj3a7C5cC1mUQw66VsCPY9e2wnNga5Ou8hYqm k5keoC7YEFccWX/UNVA5xcSdbNntoH6BgKhcsXiLJYMC/+w7XkkRSEMqsQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFEkmXZ9NqgxMMKlEn05zld811HC6MB8GA1UdIwQY MBaAFHr2d55itGEoh/5vjU6cDjcx9uEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZXZaM25tSzBZU2lIX20tTlRwd09OekgyNFFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zMGIxMjQtODdmMi00YzdhLWJjMGUt NzkwNzc1Yzc3OWM1LzEvU1NaZG4wMnFERXd3cVVTZlRuT1YzelhVY0xvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZS8zMGIxMjQtODdmMi00YzdhLWJjMGUtNzkwNzc1Yzc3OWM1 LzEvZXZaM25tSzBZU2lIX20tTlRwd09OekgyNFFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZaYMA0E AgACMAcDBQMqD9YAMA0GCSqGSIb3DQEBCwUAA4IBAQBpf569F7R3qH/Cx3PUGJM9 LQhBVDw/scENHNXfYXXndqD43qhJX33oTrxlCr7SWxxt4vbRfu70rgGcVjhgK+Vr Fhr0UJwvxUcPTmlNLok4s5X9pOwvuCfiWuh7t+QXNYdfbdb+hGTWjRJXyA0Sn064 8lp5q5ixjTSjKGM1xDuwtFX/KhurxjF0hPqdyyg+H0pdMw6Q6pen+m4UvxcATVe/ SDGHt324hqxpq5vGmJaQjUUDFzAxr0foJSgmjybrKmfuXqbWU15TFDlUUp225KHq TrjUDkQLyLmOH0UXskuoTyc1nUSIqtKntbpQIrdUJMvvI5bMc9vpPK4vmKaHufBI -----END CERTIFICATE-----Generated at Tue Feb 10 01:44:24 2026 by rpki-client