This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/sA3Dmsjhczkn9qpwBamSZmm-lVw.roa File: sA3Dmsjhczkn9qpwBamSZmm-lVw.roa (raw, json) Hash identifier: DFip9+zx1R4Mf+WpB6IaXYYQSm6Zjj++egneA6hOFqA= Subject key identifier: B0:0D:C3:9A:C8:E1:73:39:27:F6:AA:70:05:A9:92:66:69:BE:95:5C Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c Certificate serial: 019B7DCB6EBFC3065062C95017834F89F29A Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/sA3Dmsjhczkn9qpwBamSZmm-lVw.roa Signing time: Fri 02 Jan 2026 08:20:42 +0000 ROA not before: Fri 02 Jan 2026 08:20:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57724 IP address blocks: 185.149.120.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:6e:bf:c3:06:50:62:c9:50:17:83:4f:89:f2:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c Validity Not Before: Jan 2 08:20:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b00dc39ac8e1733927f6aa7005a9926669be955c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:3d:af:4c:22:e0:6b:dd:a2:f9:bf:6d:5a:fc: f2:38:e1:b9:7a:f8:4e:d7:e5:8f:50:b9:9d:4b:df: 3b:0e:a1:1d:3c:ba:65:49:21:f2:99:be:43:fe:ca: bc:89:ca:92:94:c2:3b:8b:72:96:ea:42:5a:7e:52: e1:13:9b:9a:5a:0a:27:40:0d:38:89:f6:42:7e:42: fc:cd:64:fb:d2:2c:14:48:c6:5c:c0:a8:a2:04:14: 61:2f:a7:40:e3:49:0d:f6:2b:32:cb:6c:6d:2f:01: ad:3d:d2:f4:e5:19:5f:60:6d:4a:af:56:23:18:cd: 48:b4:41:13:1a:ee:7a:de:e2:f7:90:46:7d:6d:f0: 09:0f:f4:b0:22:1b:31:37:a4:4a:2a:2c:02:a0:e2: ab:7d:15:a1:b8:cf:93:15:40:22:2a:a4:ae:01:e8: 7e:5c:d2:f7:fc:e3:e8:b8:d3:bd:22:89:48:fe:0c: 48:f9:7e:72:78:f7:18:7e:50:08:36:5e:de:36:bd: 0d:f6:dc:e7:b5:ad:79:41:47:b1:39:68:6b:39:c5: 42:1b:1d:25:5d:a6:a5:71:7b:f3:1f:ae:cd:31:d3: 90:1b:95:15:59:1d:a3:fc:3b:4d:b2:9b:7d:c5:0c: 10:2b:4e:d7:f7:58:07:26:ac:38:57:4c:01:09:cb: 6d:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:0D:C3:9A:C8:E1:73:39:27:F6:AA:70:05:A9:92:66:69:BE:95:5C X509v3 Authority Key Identifier: keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/sA3Dmsjhczkn9qpwBamSZmm-lVw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.149.120.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:01:1c:55:96:fc:ce:92:55:58:9d:6e:aa:ee:11:a6:f9:50: aa:31:37:fa:1e:6e:6d:90:89:b5:97:44:7d:82:a2:a8:ce:79: e5:fb:d1:20:b1:3c:80:3c:77:b0:a0:5f:e3:4b:28:f9:18:1e: 5d:4a:92:96:ca:3a:83:92:e1:12:58:80:2d:f8:af:93:8b:68: dd:4d:e2:97:5d:cf:9c:6a:63:77:31:35:bf:1f:ca:97:3a:40: 65:f3:eb:38:4d:aa:e9:3e:f0:ba:89:dc:1a:f1:ca:db:24:ab: 18:85:27:ae:e0:ef:63:16:23:17:05:b6:66:65:e5:f7:34:11: 6d:c7:a8:e0:ca:39:fd:6b:e7:10:3b:66:4e:a4:d8:4c:e4:aa: cf:c2:13:cf:67:2b:8c:a0:b9:d5:3c:b3:1b:27:4c:d6:dc:ea: 51:22:21:1f:61:f4:7e:32:db:fd:d7:76:57:eb:82:ed:6b:29: 16:27:bc:0e:9c:c7:10:76:bc:5c:54:ed:42:1b:4d:53:16:10: 5b:d2:13:14:e6:ce:5e:80:43:81:fb:82:d8:d6:43:b6:5b:12: 77:2e:c9:89:b7:5c:85:0a:3b:6a:a4:00:e6:e8:53:06:64:a2: b5:53:82:9f:0b:a4:fd:4f:b6:f5:c3:0c:07:f2:c6:7a:ea:f5: 95:3c:1f:c5 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9y26/wwZQYslQF4NPifKaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4 ZmNjNGMwHhcNMjYwMTAyMDgyMDQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMDBkYzM5YWM4ZTE3MzM5MjdmNmFhNzAwNWE5OTI2NjY5YmU5NTVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwD2vTCLga92i+b9tWvzyOOG5evhO 1+WPULmdS987DqEdPLplSSHymb5D/sq8icqSlMI7i3KW6kJaflLhE5uaWgonQA04 ifZCfkL8zWT70iwUSMZcwKiiBBRhL6dA40kN9isyy2xtLwGtPdL05RlfYG1Kr1Yj GM1ItEETGu563uL3kEZ9bfAJD/SwIhsxN6RKKiwCoOKrfRWhuM+TFUAiKqSuAeh+ XNL3/OPouNO9IolI/gxI+X5yePcYflAINl7eNr0N9tznta15QUexOWhrOcVCGx0l XaalcXvzH67NMdOQG5UVWR2j/DtNspt9xQwQK07X91gHJqw4V0wBCcttLQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLANw5rI4XM5J/aqcAWpkmZpvpVcMB8GA1UdIwQY MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt MjM5ZDJmZTM5OGIxLzEvc0EzRG1zamhjemtuOXFwd0JhbVNabW0tbFZ3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZV4MA0G CSqGSIb3DQEBCwUAA4IBAQCNARxVlvzOklVYnW6q7hGm+VCqMTf6Hm5tkIm1l0R9 gqKoznnl+9EgsTyAPHewoF/jSyj5GB5dSpKWyjqDkuESWIAt+K+Ti2jdTeKXXc+c amN3MTW/H8qXOkBl8+s4TarpPvC6idwa8crbJKsYhSeu4O9jFiMXBbZmZeX3NBFt x6jgyjn9a+cQO2ZOpNhM5KrPwhPPZyuMoLnVPLMbJ0zW3OpRIiEfYfR+Mtv913ZX 64LtaykWJ7wOnMcQdrxcVO1CG01TFhBb0hMU5s5egEOB+4LY1kO2WxJ3LsmJt1yF CjtqpADm6FMGZKK1U4KfC6T9T7b1wwwH8sZ66vWVPB/F -----END CERTIFICATE-----Generated at Tue Jan 20 02:46:30 2026 by rpki-client