This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1q5SGdaySL0szhRd9kTkxuYm1QY.roa File: 1q5SGdaySL0szhRd9kTkxuYm1QY.roa (raw, json) Hash identifier: s4PMSdumwmvYRsbYswucoCx9tTGTrqptYDrpHTffVHo= Subject key identifier: D6:AE:52:19:D6:B2:48:BD:2C:CE:14:5D:F6:44:E4:C6:E6:26:D5:06 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5ABE4206673B00904373A4077182D7 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1q5SGdaySL0szhRd9kTkxuYm1QY.roa Signing time: Thu 01 Jan 2026 16:18:45 +0000 ROA not before: Thu 01 Jan 2026 16:18:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 206300 IP address blocks: 82.152.18.0/24 maxlen: 24 82.152.64.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:be:42:06:67:3b:00:90:43:73:a4:07:71:82:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d6ae5219d6b248bd2cce145df644e4c6e626d506 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:54:00:90:5c:11:ea:c2:d8:a9:97:0d:36:f0: bf:e3:20:f1:5e:7e:0b:f0:8d:66:b4:2d:68:a3:20: e5:bc:26:df:88:99:d7:79:0f:ce:a1:b2:3c:15:af: 4d:68:2d:2d:12:b2:47:4b:3a:3a:02:26:69:4d:f0: da:cf:82:f0:e9:56:6e:6e:5c:de:5c:56:c6:1c:cf: b8:d8:8d:54:40:6f:05:65:62:c2:08:97:2e:0e:93: b5:4a:a2:f5:03:ab:f2:15:e2:5e:53:02:42:1d:2a: 14:82:f6:53:d7:2d:38:41:01:87:ec:9f:69:4d:e6: 1d:73:69:59:95:01:64:f8:1e:fa:36:59:26:90:e8: 1b:7a:03:01:9a:e6:71:40:6f:6e:d0:f5:44:da:1b: d3:54:a3:b0:1a:1e:3c:1b:0c:82:c8:80:67:55:b7: fd:16:8b:ae:52:3a:d6:d2:7c:e4:ee:91:f5:46:db: 69:4c:ba:66:43:9d:d5:ce:c1:a6:f3:0d:95:1e:78: e9:2e:52:5a:fc:fa:85:10:2a:e1:5f:b3:26:58:8f: d5:e8:7e:e0:8a:25:1c:7c:f0:82:ca:07:b4:58:2a: 39:17:db:94:e4:60:6b:56:a9:e5:8d:67:c4:49:6c: 85:c1:6c:0e:92:5c:98:7c:7b:1f:a2:fb:ce:87:ee: 23:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:AE:52:19:D6:B2:48:BD:2C:CE:14:5D:F6:44:E4:C6:E6:26:D5:06 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1q5SGdaySL0szhRd9kTkxuYm1QY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.152.18.0/24 82.152.64.0/24 Signature Algorithm: sha256WithRSAEncryption 03:84:df:39:2e:9c:3d:44:a0:23:4b:01:d1:06:46:01:25:92: 35:70:35:12:43:a8:a5:a6:0d:3b:24:12:b5:83:3c:4f:ad:cf: cd:9a:da:cd:c2:df:17:42:82:05:8d:da:85:b7:52:83:d6:7c: 1e:bb:a2:e2:1d:58:42:dc:f5:60:c4:31:07:aa:4d:a4:2b:16: 67:94:f9:50:e9:e0:34:6a:bd:75:42:46:99:c4:ac:fa:9e:7c: fd:c5:3a:32:2e:3e:73:6c:60:4e:1f:ff:a3:d8:f4:0d:39:c9: 63:09:de:d1:05:f8:8c:d9:b9:71:e4:af:ff:1a:53:63:45:f9: e7:80:d6:52:82:1c:33:e4:54:ce:09:b0:b4:fb:5c:f0:c7:b9: e5:32:b5:9c:59:92:ca:c6:7c:7e:6d:2e:78:ae:b8:7b:3a:f1: 5e:e9:31:10:3e:ad:d9:47:65:97:77:11:5c:0a:55:8c:ca:ff: d3:30:75:d8:37:32:53:b3:d0:27:ca:38:89:c6:a1:d0:e5:db: cb:bf:45:ac:e2:64:65:28:e6:ef:49:85:1d:a0:f7:89:af:6d: ae:de:e9:89:e6:58:b2:e5:67:89:5a:74:f5:f5:32:b2:b1:02: 85:f4:64:e1:82:9b:2a:1b:38:8d:94:0b:2a:ff:ce:15:20:ad: 50:59:ee:47 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt6Wr5CBmc7AJBDc6QHcYLXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNmFlNTIxOWQ2YjI0OGJkMmNjZTE0NWRmNjQ0ZTRjNmU2MjZkNTA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplQAkFwR6sLYqZcNNvC/4yDxXn4L 8I1mtC1ooyDlvCbfiJnXeQ/OobI8Fa9NaC0tErJHSzo6AiZpTfDaz4Lw6VZublze XFbGHM+42I1UQG8FZWLCCJcuDpO1SqL1A6vyFeJeUwJCHSoUgvZT1y04QQGH7J9p TeYdc2lZlQFk+B76NlkmkOgbegMBmuZxQG9u0PVE2hvTVKOwGh48GwyCyIBnVbf9 FouuUjrW0nzk7pH1RttpTLpmQ53VzsGm8w2VHnjpLlJa/PqFECrhX7MmWI/V6H7g iiUcfPCCyge0WCo5F9uU5GBrVqnljWfESWyFwWwOklyYfHsfovvOh+4jyQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNauUhnWski9LM4UXfZE5MbmJtUGMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvMXE1U0dkYXlTTDBzemhSZDlrVGt4dVltMVFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpgSAwQA UphAMA0GCSqGSIb3DQEBCwUAA4IBAQADhN85Lpw9RKAjSwHRBkYBJZI1cDUSQ6il pg07JBK1gzxPrc/NmtrNwt8XQoIFjdqFt1KD1nweu6LiHVhC3PVgxDEHqk2kKxZn lPlQ6eA0ar11QkaZxKz6nnz9xToyLj5zbGBOH/+j2PQNOcljCd7RBfiM2blx5K// GlNjRfnngNZSghwz5FTOCbC0+1zwx7nlMrWcWZLKxnx+bS54rrh7OvFe6TEQPq3Z R2WXdxFcClWMyv/TMHXYNzJTs9AnyjiJxqHQ5dvLv0Ws4mRlKObvSYUdoPeJr22u 3umJ5liy5WeJWnT19TKysQKF9GThgpsqGziNlAsq/84VIK1QWe5H -----END CERTIFICATE-----Generated at Sun Jan 11 07:31:22 2026 by rpki-client