This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/Sg_4XUAI-4zoY2AzgRoGFITRYgE.roa File: Sg_4XUAI-4zoY2AzgRoGFITRYgE.roa (raw, json) Hash identifier: J1EWDPsgpuehOfFX0CglsLJx+tt5cw97sY3WgurbJXo= Subject key identifier: 4A:0F:F8:5D:40:08:FB:8C:E8:63:60:33:81:1A:06:14:84:D1:62:01 Certificate issuer: /CN=5d82ca6f8eb685a573e5d1d91f8f06121ab02a37 Certificate serial: 019B7EA4F63666B8DDB8575D2604C4A476B6 Authority key identifier: 5D:82:CA:6F:8E:B6:85:A5:73:E5:D1:D9:1F:8F:06:12:1A:B0:2A:37 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYLKb462haVz5dHZH48GEhqwKjc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/Sg_4XUAI-4zoY2AzgRoGFITRYgE.roa Signing time: Fri 02 Jan 2026 12:18:18 +0000 ROA not before: Fri 02 Jan 2026 12:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198949 IP address blocks: 91.231.192.0/22 maxlen: 22 91.231.192.0/24 maxlen: 24 91.231.193.0/24 maxlen: 24 91.231.194.0/24 maxlen: 24 91.231.195.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/XYLKb462haVz5dHZH48GEhqwKjc.crl rsync://rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/XYLKb462haVz5dHZH48GEhqwKjc.mft rsync://rpki.ripe.net/repository/DEFAULT/XYLKb462haVz5dHZH48GEhqwKjc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:f6:36:66:b8:dd:b8:57:5d:26:04:c4:a4:76:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d82ca6f8eb685a573e5d1d91f8f06121ab02a37 Validity Not Before: Jan 2 12:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4a0ff85d4008fb8ce8636033811a061484d16201 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:8b:36:61:26:da:04:77:38:7f:bf:3d:05:fa: 25:79:9f:73:ab:9d:1b:21:b4:fb:0f:97:7d:f3:61: 01:c7:f1:04:02:bc:fc:35:70:18:f7:9a:70:9c:ab: 0b:84:0e:98:a4:49:18:f7:58:ab:74:ca:3d:64:42: c8:7e:03:2f:18:28:73:bf:d8:1b:41:7d:75:19:ea: da:ee:fd:46:12:72:69:1a:9f:2e:8e:73:0f:17:51: 7e:76:75:9f:44:82:97:7a:35:ed:7c:79:b6:78:05: b0:97:d3:c8:49:69:8d:5a:3c:47:bd:02:b6:9e:17: ce:45:9d:9f:02:db:0c:79:7d:89:b6:77:62:8d:45: e0:65:c7:fb:f7:1c:0a:7c:3d:da:60:f9:3d:32:ec: c1:c7:65:eb:22:08:61:df:e6:43:35:98:31:47:18: 60:ab:93:61:61:49:34:d5:94:43:6d:91:b2:8a:7f: 7d:73:ab:5b:ce:5c:b8:55:12:34:d3:9e:ba:ef:12: 65:7d:9b:e7:7d:3f:c8:1f:4f:2b:fe:05:4e:41:46: b1:9a:34:91:01:b8:24:ef:e4:73:3b:28:62:f5:ec: a8:ad:9c:39:d6:27:a6:97:74:35:8a:a9:f7:11:22: 43:26:95:ad:95:7c:30:c4:64:a0:34:14:96:f8:24: b8:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:0F:F8:5D:40:08:FB:8C:E8:63:60:33:81:1A:06:14:84:D1:62:01 X509v3 Authority Key Identifier: keyid:5D:82:CA:6F:8E:B6:85:A5:73:E5:D1:D9:1F:8F:06:12:1A:B0:2A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYLKb462haVz5dHZH48GEhqwKjc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/Sg_4XUAI-4zoY2AzgRoGFITRYgE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/63/d54bc0-f781-48b0-9f6d-b5f0d21053f8/1/XYLKb462haVz5dHZH48GEhqwKjc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.231.192.0/22 Signature Algorithm: sha256WithRSAEncryption 00:29:80:4d:16:47:96:5e:b8:97:2a:1b:48:93:8e:34:3c:ab: e7:0e:6f:92:3f:4b:1f:a0:57:d1:b6:55:a5:fb:15:e1:f9:2b: 4e:0a:23:3f:32:b7:0e:40:29:df:db:4a:e8:d3:fe:db:3c:74: a9:f1:6b:27:36:5f:c0:bf:75:af:a4:d4:a2:39:5f:28:ae:e1: 1e:6f:14:d1:ea:e9:88:e2:1d:a3:ba:37:6b:70:e9:5e:31:f3: 7e:04:69:dc:20:cd:a9:c4:cc:21:33:8b:f2:05:aa:8b:92:fe: 40:6e:c8:fc:6c:d2:23:dd:f6:de:85:b8:74:6f:c8:36:6d:56: 09:1b:24:3d:fe:7d:6b:ac:e1:e6:3e:87:cf:3c:46:6a:ee:69: 9e:54:79:86:4a:6c:16:0a:03:da:7e:e2:65:90:60:4e:28:d0: f3:a6:91:ee:d9:10:76:09:a5:52:b2:25:22:47:a5:9a:c3:05: c7:f6:ea:89:5f:d2:61:b7:3e:73:49:95:87:ec:ed:a2:39:90: 00:8b:5b:8d:23:27:3a:1f:a9:a6:57:b1:47:c3:20:2b:19:2f: b5:d4:1e:3e:bf:56:a8:3c:c7:87:b4:8a:3c:20:57:04:9d:dd: 56:81:8b:51:ac:dd:21:63:a5:ac:a6:e9:1c:8e:06:cb:0b:77: da:c5:10:f4 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pPY2ZrjduFddJgTEpHa2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVkODJjYTZmOGViNjg1YTU3M2U1ZDFkOTFmOGYwNjEyMWFi MDJhMzcwHhcNMjYwMTAyMTIxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YTBmZjg1ZDQwMDhmYjhjZTg2MzYwMzM4MTFhMDYxNDg0ZDE2MjAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4s2YSbaBHc4f789BfoleZ9zq50b IbT7D5d982EBx/EEArz8NXAY95pwnKsLhA6YpEkY91irdMo9ZELIfgMvGChzv9gb QX11Gera7v1GEnJpGp8ujnMPF1F+dnWfRIKXejXtfHm2eAWwl9PISWmNWjxHvQK2 nhfORZ2fAtsMeX2JtndijUXgZcf79xwKfD3aYPk9MuzBx2XrIghh3+ZDNZgxRxhg q5NhYUk01ZRDbZGyin99c6tbzly4VRI005667xJlfZvnfT/IH08r/gVOQUaxmjSR Abgk7+RzOyhi9eyorZw51ieml3Q1iqn3ESJDJpWtlXwwxGSgNBSW+CS4ywIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFEoP+F1ACPuM6GNgM4EaBhSE0WIBMB8GA1UdIwQY MBaAFF2Cym+OtoWlc+XR2R+PBhIasCo3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWFlMS2I0NjJoYVZ6NWRIWkg0OEdFaHF3S2pjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9kNTRiYzAtZjc4MS00OGIwLTlmNmQt YjVmMGQyMTA1M2Y4LzEvU2dfNFhVQUktNHpvWTJBemdSb0dGSVRSWWdFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82My9kNTRiYzAtZjc4MS00OGIwLTlmNmQtYjVmMGQyMTA1M2Y4 LzEvWFlMS2I0NjJoYVZ6NWRIWkg0OEdFaHF3S2pjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW+fAMA0G CSqGSIb3DQEBCwUAA4IBAQAAKYBNFkeWXriXKhtIk440PKvnDm+SP0sfoFfRtlWl +xXh+StOCiM/MrcOQCnf20ro0/7bPHSp8WsnNl/Av3WvpNSiOV8oruEebxTR6umI 4h2jujdrcOleMfN+BGncIM2pxMwhM4vyBaqLkv5Absj8bNIj3fbehbh0b8g2bVYJ GyQ9/n1rrOHmPofPPEZq7mmeVHmGSmwWCgPafuJlkGBOKNDzppHu2RB2CaVSsiUi R6WawwXH9uqJX9Jhtz5zSZWH7O2iOZAAi1uNIyc6H6mmV7FHwyArGS+11B4+v1ao PMeHtIo8IFcEnd1WgYtRrN0hY6WspukcjgbLC3faxRD0 -----END CERTIFICATE-----Generated at Wed Jan 7 22:29:19 2026 by rpki-client