This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/1-saNr9bJQcaz_u-tEhmxvX4a2ak.roa File: 1-saNr9bJQcaz_u-tEhmxvX4a2ak.roa (raw, json) Hash identifier: 7zorjeV3sNrZB4yYlvElYM8rv3jdfw+76Izue9A3V6I= Subject key identifier: FA:C6:8D:AF:D6:C9:41:C6:B3:FE:EF:AD:12:19:B1:BD:7E:1A:D9:A9 Certificate issuer: /CN=19cdd8206c1e352c5065e481797ef77af0c3de8d Certificate serial: 019B7BA3A13634BE0AD49BC8AA00062C9F09 Authority key identifier: 19:CD:D8:20:6C:1E:35:2C:50:65:E4:81:79:7E:F7:7A:F0:C3:DE:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gc3YIGweNSxQZeSBeX73evDD3o0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/1-saNr9bJQcaz_u-tEhmxvX4a2ak.roa Signing time: Thu 01 Jan 2026 22:17:59 +0000 ROA not before: Thu 01 Jan 2026 22:17:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51669 IP address blocks: 31.129.128.0/19 maxlen: 19 31.129.128.0/22 maxlen: 22 31.129.132.0/22 maxlen: 22 31.129.133.0/24 maxlen: 24 31.129.134.0/24 maxlen: 24 31.129.136.0/22 maxlen: 22 31.129.140.0/22 maxlen: 22 31.129.144.0/22 maxlen: 22 31.129.148.0/22 maxlen: 22 31.129.150.0/24 maxlen: 24 31.129.151.0/24 maxlen: 24 31.129.152.0/22 maxlen: 22 31.129.156.0/22 maxlen: 22 31.129.156.0/24 maxlen: 24 176.120.176.0/20 maxlen: 20 176.120.176.0/22 maxlen: 22 176.120.180.0/22 maxlen: 22 176.120.184.0/22 maxlen: 22 176.120.188.0/22 maxlen: 22 176.120.190.0/24 maxlen: 24 178.159.48.0/20 maxlen: 20 178.159.48.0/22 maxlen: 22 178.159.52.0/22 maxlen: 22 178.159.56.0/22 maxlen: 22 178.159.60.0/22 maxlen: 22 185.63.216.0/23 maxlen: 23 185.63.216.0/24 maxlen: 24 185.63.217.0/24 maxlen: 24 185.63.218.0/23 maxlen: 23 185.63.218.0/24 maxlen: 24 185.63.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/Gc3YIGweNSxQZeSBeX73evDD3o0.crl rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/Gc3YIGweNSxQZeSBeX73evDD3o0.mft rsync://rpki.ripe.net/repository/DEFAULT/Gc3YIGweNSxQZeSBeX73evDD3o0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:a1:36:34:be:0a:d4:9b:c8:aa:00:06:2c:9f:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=19cdd8206c1e352c5065e481797ef77af0c3de8d Validity Not Before: Jan 1 22:17:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fac68dafd6c941c6b3feefad1219b1bd7e1ad9a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e1:b5:08:aa:a8:ed:8e:68:75:bc:19:e8:d0: 27:22:f1:88:fe:d5:e2:7b:cc:7e:4b:42:04:8c:12: 42:4a:eb:f3:bc:9f:78:9f:b5:58:93:b6:16:a7:77: e1:0b:f3:58:5f:c6:fb:35:4c:8b:3a:bd:14:a9:6e: 29:f4:8f:9e:2c:72:2d:d0:87:b2:04:08:50:3b:f1: 25:fd:04:46:7a:06:df:6b:5f:35:d5:d0:5c:d3:b0: 9b:ae:6d:d5:c7:a2:54:92:85:e4:b5:b5:b7:0b:70: d2:63:c6:5c:87:fd:be:d1:51:b8:4e:64:cf:d5:50: 01:bf:a1:0d:3c:5a:0b:a9:8e:16:96:ce:43:41:61: 03:a6:dd:ce:7b:be:80:e9:66:61:c6:5d:c5:9b:0b: 8d:40:cd:7d:cb:76:d0:70:9a:0f:eb:dd:13:2d:bd: 1f:c6:41:3c:5b:0d:2e:10:21:74:8c:c7:dc:cc:f6: 8c:0c:c8:f1:06:d7:33:d9:db:93:57:e1:c3:1e:70: 05:d8:c2:a5:a4:53:2e:8f:11:4c:80:1c:0e:d3:f3: 73:ec:9c:b5:8d:2b:5a:60:5c:0f:fa:a9:eb:32:ef: 96:e2:59:d9:df:14:42:4a:6f:db:61:76:4f:5c:f6: 98:42:a4:77:03:17:a6:7d:36:2d:2e:ac:fb:7f:16: db:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:C6:8D:AF:D6:C9:41:C6:B3:FE:EF:AD:12:19:B1:BD:7E:1A:D9:A9 X509v3 Authority Key Identifier: keyid:19:CD:D8:20:6C:1E:35:2C:50:65:E4:81:79:7E:F7:7A:F0:C3:DE:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gc3YIGweNSxQZeSBeX73evDD3o0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/1-saNr9bJQcaz_u-tEhmxvX4a2ak.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/Gc3YIGweNSxQZeSBeX73evDD3o0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.129.128.0/19 176.120.176.0/20 178.159.48.0/20 185.63.216.0/22 Signature Algorithm: sha256WithRSAEncryption b2:4b:61:e3:5f:11:47:cd:f3:fc:04:83:29:4d:54:ea:0d:b3: 5a:1b:58:72:04:bd:66:b3:f8:39:8f:d0:48:a3:d8:d1:7e:3c: c1:3c:77:86:02:12:31:a5:ff:09:4c:7f:88:c4:95:97:eb:ff: a7:c9:8f:17:9b:22:ac:40:77:32:31:fe:b4:7b:56:87:a3:81: 52:40:0f:a4:86:58:5a:62:f0:50:80:a6:ec:2a:45:0b:31:2e: dd:7c:4b:db:bf:a9:0d:e7:64:03:2d:fd:c2:fb:56:0e:6f:e7: 36:21:d6:f7:2d:dc:1e:c1:63:22:db:dc:8a:50:39:c8:69:5c: ec:ae:c3:a7:97:d8:9d:d5:e7:a2:7f:c8:1b:0a:ec:bb:4f:b7: b9:09:1d:19:69:1f:f2:21:21:dd:11:62:40:b0:dc:9b:5f:59: 40:ab:da:cd:e4:b5:d1:89:f9:d9:7d:99:d5:dc:67:a7:cf:59: 74:67:5a:27:c4:e9:e8:b8:61:75:72:ab:0b:d1:30:92:cb:e0: 70:f6:62:49:ec:5f:5c:99:43:75:88:da:dd:3f:43:81:86:28: 71:6f:aa:2c:f2:57:78:15:89:8b:ad:7e:93:85:e4:60:f4:e3: 52:0a:bf:06:ae:6d:80:3a:3d:ac:05:3c:93:45:8c:62:18:47: b2:2f:b5:4b -----BEGIN CERTIFICATE----- MIIFEDCCA/igAwIBAgISAZt7o6E2NL4K1JvIqgAGLJ8JMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE5Y2RkODIwNmMxZTM1MmM1MDY1ZTQ4MTc5N2VmNzdhZjBj M2RlOGQwHhcNMjYwMTAxMjIxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYWM2OGRhZmQ2Yzk0MWM2YjNmZWVmYWQxMjE5YjFiZDdlMWFkOWE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOG1CKqo7Y5odbwZ6NAnIvGI/tXi e8x+S0IEjBJCSuvzvJ94n7VYk7YWp3fhC/NYX8b7NUyLOr0UqW4p9I+eLHIt0Iey BAhQO/El/QRGegbfa1811dBc07Cbrm3Vx6JUkoXktbW3C3DSY8Zch/2+0VG4TmTP 1VABv6ENPFoLqY4Wls5DQWEDpt3Oe76A6WZhxl3FmwuNQM19y3bQcJoP690TLb0f xkE8Ww0uECF0jMfczPaMDMjxBtcz2duTV+HDHnAF2MKlpFMujxFMgBwO0/Nz7Jy1 jStaYFwP+qnrMu+W4lnZ3xRCSm/bYXZPXPaYQqR3AxemfTYtLqz7fxbb8QIDAQAB o4ICHDCCAhgwHQYDVR0OBBYEFPrGja/WyUHGs/7vrRIZsb1+GtmpMB8GA1UdIwQY MBaAFBnN2CBsHjUsUGXkgXl+93rww96NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR2MzWUlHd2VOU3hRWmVTQmVYNzNldkREM28wLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9mMjUwNjYtOWViYS00M2FjLWJiYjQt N2IxNzc4ZGRmN2E5LzEvMS1zYU5yOWJKUWNhel91LXRFaG14dlg0YTJhay5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvODIvZjI1MDY2LTllYmEtNDNhYy1iYmI0LTdiMTc3OGRkZjdh OS8xL0djM1lJR3dlTlN4UVplU0JlWDczZXZERDNvMC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBR+BgAME BLB4sAMEBLKfMAMEArk/2DANBgkqhkiG9w0BAQsFAAOCAQEAskth418RR83z/ASD KU1U6g2zWhtYcgS9ZrP4OY/QSKPY0X48wTx3hgISMaX/CUx/iMSVl+v/p8mPF5si rEB3MjH+tHtWh6OBUkAPpIZYWmLwUICm7CpFCzEu3XxL27+pDedkAy39wvtWDm/n NiHW9y3cHsFjItvcilA5yGlc7K7Dp5fYndXnon/IGwrsu0+3uQkdGWkf8iEh3RFi QLDcm19ZQKvazeS10Yn52X2Z1dxnp89ZdGdaJ8Tp6LhhdXKrC9EwksvgcPZiSexf XJlDdYja3T9DgYYocW+qLPJXeBWJi61+k4XkYPTjUgq/Bq5tgDo9rAU8k0WMYhhH si+1Sw== -----END CERTIFICATE-----Generated at Tue Feb 10 07:11:57 2026 by rpki-client