This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/sH_i52u9I2QPQooV8iPsfP3TRkE.roa File: sH_i52u9I2QPQooV8iPsfP3TRkE.roa (raw, json) Hash identifier: 3i21QPZ/ky3oP395rnMd9Ue3A3mgKCo4RMpPmWOaqwk= Subject key identifier: B0:7F:E2:E7:6B:BD:23:64:0F:42:8A:15:F2:23:EC:7C:FD:D3:46:41 Certificate issuer: /CN=ba970de126b3a0b548dad76f5efa88855c6f1ff2 Certificate serial: 019B7B363966D0BD88D9275167AF16575F00 Authority key identifier: BA:97:0D:E1:26:B3:A0:B5:48:DA:D7:6F:5E:FA:88:85:5C:6F:1F:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/sH_i52u9I2QPQooV8iPsfP3TRkE.roa Signing time: Thu 01 Jan 2026 20:18:29 +0000 ROA not before: Thu 01 Jan 2026 20:18:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57913 IP address blocks: 37.61.228.0/24 maxlen: 24 81.30.109.0/24 maxlen: 24 2a13:f600::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.crl rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.mft rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:39:66:d0:bd:88:d9:27:51:67:af:16:57:5f:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba970de126b3a0b548dad76f5efa88855c6f1ff2 Validity Not Before: Jan 1 20:18:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b07fe2e76bbd23640f428a15f223ec7cfdd34641 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:54:18:68:ac:2e:62:a2:7d:87:f9:e2:b7:6f: 23:4d:fe:2d:cf:62:2d:44:8a:ed:83:33:b8:88:a9: a0:93:29:f0:af:e9:92:1a:05:14:00:ab:d1:89:8f: f6:11:cf:b1:a4:0e:b3:c0:84:ce:6b:1b:76:e3:66: 4b:ab:cb:d2:cc:b3:38:5f:01:15:1a:74:f8:02:5b: d3:14:f6:81:d3:b8:32:8c:f2:0e:89:43:bd:c9:8a: 3e:10:78:9a:87:c5:7e:a8:ab:f9:7f:96:9f:73:6d: e1:0a:c6:9b:16:1b:c5:80:32:59:c8:93:dd:27:c4: 91:e8:2b:aa:7e:a4:7f:b2:79:c5:9b:4f:85:8c:ac: d7:77:59:e2:7b:67:75:f8:0f:9e:be:8a:91:0e:1a: 1a:9d:c3:a1:41:3c:09:2d:f8:b4:12:7f:ae:06:6a: c6:9b:10:01:be:24:1b:15:05:c2:6d:53:b8:41:1e: 6a:a1:ed:57:4b:0e:7f:bf:7b:17:57:75:c9:65:94: 7f:78:63:5d:d6:33:66:20:a4:29:9e:a6:54:a6:2d: 1b:ca:48:7d:84:5d:41:4e:fe:af:ee:3e:00:0d:a9: cb:f5:e9:75:f3:4c:3c:0a:6c:27:32:87:82:2c:54: 6e:8d:d6:11:5e:4a:06:7a:10:45:8c:15:e4:4a:e8: b4:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:7F:E2:E7:6B:BD:23:64:0F:42:8A:15:F2:23:EC:7C:FD:D3:46:41 X509v3 Authority Key Identifier: keyid:BA:97:0D:E1:26:B3:A0:B5:48:DA:D7:6F:5E:FA:88:85:5C:6F:1F:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/upcN4SazoLVI2tdvXvqIhVxvH_I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/sH_i52u9I2QPQooV8iPsfP3TRkE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/af72e8-f0d2-4d66-b520-3aba595b58a8/1/upcN4SazoLVI2tdvXvqIhVxvH_I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.61.228.0/24 81.30.109.0/24 IPv6: 2a13:f600::/29 Signature Algorithm: sha256WithRSAEncryption d7:59:56:91:2c:0a:77:20:e6:5e:eb:bf:29:1f:fd:dc:fd:40: f3:f3:ed:67:69:ea:d9:78:6e:11:62:1e:7e:3b:44:7e:e8:20: a8:55:12:8d:42:61:5d:6a:a9:66:2d:e2:82:0a:a4:b1:13:4f: 72:06:5a:f9:7c:39:a9:d1:d2:c5:b1:2c:62:c3:16:2b:62:6c: 31:82:c8:b9:0c:0f:7a:67:b7:ef:e8:48:4a:3d:b7:ae:4f:30: 38:0a:64:d0:bf:56:c2:3b:2e:62:99:a4:41:0c:5e:75:2f:7b: 7d:26:84:46:dc:d5:1e:b1:70:a5:c7:11:f6:6a:07:ef:cd:b2: 15:55:3d:ab:a3:30:9b:91:a5:bc:01:17:cb:65:a5:b4:32:f5: ab:50:49:04:12:99:8a:42:d3:23:ad:2d:b8:d5:34:70:fe:a0: de:10:c4:1a:23:2c:d3:54:2a:14:90:2c:f4:4c:69:67:f0:95: f1:23:8d:bd:3d:55:e3:4d:3d:19:26:4f:e3:96:a8:9c:1a:06: 27:90:81:2a:cd:b1:28:5d:e3:07:4c:e2:b9:a1:f3:6f:25:d4: 85:29:b6:03:47:7d:0c:16:f5:36:b4:a2:c5:1b:d5:ae:d4:c6: f9:da:a8:46:e9:7c:f0:fc:5e:89:3a:de:87:f8:7e:4c:a6:d1: 51:60:24:05 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt7Njlm0L2I2SdRZ68WV18AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhOTcwZGUxMjZiM2EwYjU0OGRhZDc2ZjVlZmE4ODg1NWM2 ZjFmZjIwHhcNMjYwMTAxMjAxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMDdmZTJlNzZiYmQyMzY0MGY0MjhhMTVmMjIzZWM3Y2ZkZDM0NjQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp1QYaKwuYqJ9h/nit28jTf4tz2It RIrtgzO4iKmgkynwr+mSGgUUAKvRiY/2Ec+xpA6zwITOaxt242ZLq8vSzLM4XwEV GnT4AlvTFPaB07gyjPIOiUO9yYo+EHiah8V+qKv5f5afc23hCsabFhvFgDJZyJPd J8SR6CuqfqR/snnFm0+FjKzXd1nie2d1+A+evoqRDhoancOhQTwJLfi0En+uBmrG mxABviQbFQXCbVO4QR5qoe1XSw5/v3sXV3XJZZR/eGNd1jNmIKQpnqZUpi0bykh9 hF1BTv6v7j4ADanL9el180w8CmwnMoeCLFRujdYRXkoGehBFjBXkSui0FQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLB/4udrvSNkD0KKFfIj7Hz900ZBMB8GA1UdIwQY MBaAFLqXDeEms6C1SNrXb176iIVcbx/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXBjTjRTYXpvTFZJMnRkdlh2cUloVnh2SF9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hZjcyZTgtZjBkMi00ZDY2LWI1MjAt M2FiYTU5NWI1OGE4LzEvc0hfaTUydTlJMlFQUW9vVjhpUHNmUDNUUmtFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9hZjcyZTgtZjBkMi00ZDY2LWI1MjAtM2FiYTU5NWI1OGE4 LzEvdXBjTjRTYXpvTFZJMnRkdlh2cUloVnh2SF9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAJT3kAwQA UR5tMA0EAgACMAcDBQMqE/YAMA0GCSqGSIb3DQEBCwUAA4IBAQDXWVaRLAp3IOZe 678pH/3c/UDz8+1naerZeG4RYh5+O0R+6CCoVRKNQmFdaqlmLeKCCqSxE09yBlr5 fDmp0dLFsSxiwxYrYmwxgsi5DA96Z7fv6EhKPbeuTzA4CmTQv1bCOy5imaRBDF51 L3t9JoRG3NUesXClxxH2agfvzbIVVT2rozCbkaW8ARfLZaW0MvWrUEkEEpmKQtMj rS241TRw/qDeEMQaIyzTVCoUkCz0TGln8JXxI429PVXjTT0ZJk/jlqicGgYnkIEq zbEoXeMHTOK5ofNvJdSFKbYDR30MFvU2tKLFG9Wu1Mb52qhG6Xzw/F6JOt6H+H5M ptFRYCQF -----END CERTIFICATE-----Generated at Mon Feb 2 08:03:04 2026 by rpki-client