This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/sPT_dPM8M-1DZ37Rs-G1BW6_lkg.roa File: sPT_dPM8M-1DZ37Rs-G1BW6_lkg.roa (raw, json) Hash identifier: rvqXHRiB6yIq5Ga7UKUI3l/uI3IYPLJIYXXxgzP0H8o= Subject key identifier: B0:F4:FF:74:F3:3C:33:ED:43:67:7E:D1:B3:E1:B5:05:6E:BF:96:48 Certificate issuer: /CN=0a5f6129142bd0a9dc69dfd402489ff25f5b3ef2 Certificate serial: 019B7CEDD1D93E386531562E2D0FA5A71D06 Authority key identifier: 0A:5F:61:29:14:2B:D0:A9:DC:69:DF:D4:02:48:9F:F2:5F:5B:3E:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cl9hKRQr0Kncad_UAkif8l9bPvI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/sPT_dPM8M-1DZ37Rs-G1BW6_lkg.roa Signing time: Fri 02 Jan 2026 04:18:39 +0000 ROA not before: Fri 02 Jan 2026 04:18:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43341 IP address blocks: 88.150.0.0/17 maxlen: 29 185.188.120.0/22 maxlen: 22 194.45.154.0/24 maxlen: 24 213.211.192.0/18 maxlen: 29 2a03:5080::/32 maxlen: 56 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/Cl9hKRQr0Kncad_UAkif8l9bPvI.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/Cl9hKRQr0Kncad_UAkif8l9bPvI.mft rsync://rpki.ripe.net/repository/DEFAULT/Cl9hKRQr0Kncad_UAkif8l9bPvI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:d1:d9:3e:38:65:31:56:2e:2d:0f:a5:a7:1d:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a5f6129142bd0a9dc69dfd402489ff25f5b3ef2 Validity Not Before: Jan 2 04:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b0f4ff74f33c33ed43677ed1b3e1b5056ebf9648 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:21:f9:92:8c:aa:47:0b:cd:f1:cb:10:e0:dc: 45:28:09:44:00:e3:6a:0e:ef:5d:37:81:76:1d:cc: 02:ba:0c:21:16:b1:93:c0:d0:b5:38:16:c7:cc:46: 3c:12:75:48:29:8c:bd:bb:4f:d9:d4:be:c6:36:81: 20:bb:ae:69:9a:4e:f5:fc:49:6c:d4:41:70:ed:c5: da:93:cd:ff:53:9b:24:32:e0:a1:7c:62:19:a5:df: 90:bd:5b:34:9c:c7:46:44:8c:81:cf:00:17:aa:ef: 65:49:c8:df:d1:6d:bb:e4:40:75:84:6e:cd:92:f1: 30:3d:cc:1d:c2:0c:b2:c4:33:b9:56:f2:2c:8d:99: ce:8c:9b:58:8a:3e:44:bc:e9:64:c9:d7:fc:5e:d5: 11:ea:d5:cd:8f:29:f4:90:55:47:37:49:8e:1d:bb: 58:d1:5e:7a:fd:63:02:ec:1f:35:40:62:70:4b:fc: ed:b4:b5:ca:6f:b2:47:fb:40:ed:84:40:e7:41:cd: b7:c2:b0:99:a7:fc:16:d9:44:db:21:eb:9c:68:71: 09:5b:ef:a0:02:b2:e6:4e:94:9b:36:3b:11:e0:79: df:f9:7c:b2:19:9d:c7:71:9c:85:8b:dc:82:49:0d: f1:4f:d3:2a:02:04:ee:52:b2:6a:ad:6b:07:bd:67: 1f:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:F4:FF:74:F3:3C:33:ED:43:67:7E:D1:B3:E1:B5:05:6E:BF:96:48 X509v3 Authority Key Identifier: keyid:0A:5F:61:29:14:2B:D0:A9:DC:69:DF:D4:02:48:9F:F2:5F:5B:3E:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cl9hKRQr0Kncad_UAkif8l9bPvI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/sPT_dPM8M-1DZ37Rs-G1BW6_lkg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/Cl9hKRQr0Kncad_UAkif8l9bPvI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.150.0.0/17 185.188.120.0/22 194.45.154.0/24 213.211.192.0/18 IPv6: 2a03:5080::/32 Signature Algorithm: sha256WithRSAEncryption 27:23:36:42:11:01:10:c2:83:41:3a:1b:70:f5:b5:e0:76:19: 15:61:d0:7f:16:d9:6d:62:15:67:ac:90:b7:f5:9e:c5:8a:dd: 4e:b8:5c:08:8c:db:27:3c:20:cf:64:40:4e:50:65:3a:db:03: 3d:61:c9:72:2f:95:1a:92:2e:99:05:5f:03:7f:b0:b8:f6:ce: 41:86:cc:95:dc:b6:7c:46:fd:5b:0c:ea:15:53:f6:d9:9c:3a: d1:7a:54:8b:2b:f6:4e:63:e6:91:0d:86:a2:bf:89:12:76:3d: 42:53:ad:8f:5f:26:09:6a:e4:9f:f7:eb:80:d7:0c:c7:fa:42: 33:fb:2d:76:b4:dd:80:f1:82:d3:ee:db:a7:2a:6b:99:2f:c8: ff:91:d6:7e:fe:36:8f:a0:c4:73:c4:29:b2:a0:4a:1e:b6:ea: 15:9b:7a:5d:60:f1:a6:dc:f9:59:2d:7c:cc:1c:77:42:09:42: ca:d7:2a:bf:ff:6e:dd:8a:b0:7c:3f:84:b8:24:65:92:26:ac: 6f:63:50:e1:71:89:7b:88:1f:f3:6e:e4:a6:40:22:81:c4:d6: c6:66:b1:1f:7e:49:63:c3:19:92:d6:7f:47:cb:a3:09:23:ba: 00:0f:d5:76:db:a2:ed:d5:e6:61:e6:c6:a6:9f:29:c0:8e:30: cf:f6:f0:3c -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt87dHZPjhlMVYuLQ+lpx0GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhNWY2MTI5MTQyYmQwYTlkYzY5ZGZkNDAyNDg5ZmYyNWY1 YjNlZjIwHhcNMjYwMTAyMDQxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMGY0ZmY3NGYzM2MzM2VkNDM2NzdlZDFiM2UxYjUwNTZlYmY5NjQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiH5koyqRwvN8csQ4NxFKAlEAONq Du9dN4F2HcwCugwhFrGTwNC1OBbHzEY8EnVIKYy9u0/Z1L7GNoEgu65pmk71/Els 1EFw7cXak83/U5skMuChfGIZpd+QvVs0nMdGRIyBzwAXqu9lScjf0W275EB1hG7N kvEwPcwdwgyyxDO5VvIsjZnOjJtYij5EvOlkydf8XtUR6tXNjyn0kFVHN0mOHbtY 0V56/WMC7B81QGJwS/zttLXKb7JH+0DthEDnQc23wrCZp/wW2UTbIeucaHEJW++g ArLmTpSbNjsR4Hnf+XyyGZ3HcZyFi9yCSQ3xT9MqAgTuUrJqrWsHvWcfeQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFLD0/3TzPDPtQ2d+0bPhtQVuv5ZIMB8GA1UdIwQY MBaAFApfYSkUK9Cp3Gnf1AJIn/JfWz7yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2w5aEtSUXIwS25jYWRfVUFraWY4bDliUHZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wYWQyNjQtM2E1MC00NTYzLWEzNWEt MGQyYmJlNThjMTQ1LzEvc1BUX2RQTThNLTFEWjM3UnMtRzFCVzZfbGtnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi8wYWQyNjQtM2E1MC00NTYzLWEzNWEtMGQyYmJlNThjMTQ1 LzEvQ2w5aEtSUXIwS25jYWRfVUFraWY4bDliUHZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQHWJYAAwQC ubx4AwQAwi2aAwQG1dPAMA0EAgACMAcDBQAqA1CAMA0GCSqGSIb3DQEBCwUAA4IB AQAnIzZCEQEQwoNBOhtw9bXgdhkVYdB/FtltYhVnrJC39Z7Fit1OuFwIjNsnPCDP ZEBOUGU62wM9YclyL5Uaki6ZBV8Df7C49s5BhsyV3LZ8Rv1bDOoVU/bZnDrRelSL K/ZOY+aRDYaiv4kSdj1CU62PXyYJauSf9+uA1wzH+kIz+y12tN2A8YLT7tunKmuZ L8j/kdZ+/jaPoMRzxCmyoEoetuoVm3pdYPGm3PlZLXzMHHdCCULK1yq//27dirB8 P4S4JGWSJqxvY1DhcYl7iB/zbuSmQCKBxNbGZrEffkljwxmS1n9Hy6MJI7oAD9V2 26Lt1eZh5samnynAjjDP9vA8 -----END CERTIFICATE-----Generated at Tue Feb 10 00:01:39 2026 by rpki-client