This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sEVfuL7yy4Ksjhg0dt45ODNjPvM.roa File: sEVfuL7yy4Ksjhg0dt45ODNjPvM.roa (raw, json) Hash identifier: 8ZzL3rd5PIiGE97xN12R/r2JBAWdo9Fz+hJ2YgxnyMI= Subject key identifier: B0:45:5F:B8:BE:F2:CB:82:AC:8E:18:34:76:DE:39:38:33:63:3E:F3 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5AC8FDA6A72ED4B60717951B7DC5A7 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sEVfuL7yy4Ksjhg0dt45ODNjPvM.roa Signing time: Thu 01 Jan 2026 16:18:48 +0000 ROA not before: Thu 01 Jan 2026 16:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211936 IP address blocks: 82.153.32.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 07:45:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:c8:fd:a6:a7:2e:d4:b6:07:17:95:1b:7d:c5:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b0455fb8bef2cb82ac8e183476de393833633ef3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:69:db:2b:fc:f3:00:0d:80:49:25:6b:1a:a4: 80:ed:7c:a6:76:f1:41:c1:8f:df:d1:e5:9c:67:3d: 18:a8:7b:5d:5b:95:67:7b:4e:ea:43:b7:ab:b4:5d: 31:ff:89:10:35:e7:4b:7f:92:fd:6c:a1:3e:c4:8a: 93:a0:49:c0:c0:99:c1:e6:60:89:cd:e7:39:6d:2e: ce:1a:09:d4:ad:3b:84:ea:f6:e3:11:c9:55:29:13: 61:e3:14:fd:ad:b8:1c:6f:d7:db:df:8c:d8:d4:2c: 18:56:d1:09:2a:3d:68:ac:00:eb:1c:80:ce:42:59: d0:66:49:a1:74:f5:61:fb:34:a7:98:ab:23:f8:8a: c5:b5:3c:fb:e1:0d:70:3b:f9:09:19:03:49:7e:bf: d2:07:93:3c:d1:d8:47:de:72:21:ed:65:3f:42:48: a8:fd:d2:cd:a6:8c:1b:1c:32:06:cd:f8:4f:59:d9: b7:74:ee:f4:28:c9:12:c3:ca:fe:4a:a8:b1:19:e9: 3e:47:b5:e4:cc:e2:87:32:5e:65:65:be:76:b6:ab: 11:c0:d2:53:01:98:bc:87:f7:dd:98:07:54:17:14: e1:4d:23:43:71:40:05:46:c7:67:3a:3e:8d:f1:4a: 2b:49:5c:f5:6e:48:32:8e:42:59:4e:e8:d0:f4:98: af:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:45:5F:B8:BE:F2:CB:82:AC:8E:18:34:76:DE:39:38:33:63:3E:F3 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sEVfuL7yy4Ksjhg0dt45ODNjPvM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.153.32.0/24 Signature Algorithm: sha256WithRSAEncryption 3b:85:90:98:77:02:68:fd:2b:ee:a5:49:35:3f:87:ff:63:74: 51:b5:67:e2:c0:13:26:76:3f:65:5e:d3:c7:7d:21:f2:df:a5: 04:fc:d6:3f:1f:e5:76:71:c4:89:0f:74:5e:28:ab:3f:b3:a0: 3b:69:13:a3:61:65:e7:18:1a:fd:35:31:96:b4:e5:9d:d4:85: 2d:cc:3b:a2:1a:dd:57:80:77:7a:ec:d4:a5:11:75:d5:1e:c7: 15:c3:77:3c:a5:fb:5f:56:23:4a:00:76:42:3e:3a:4a:a0:3f: f4:11:4f:8d:c5:c5:bc:42:d6:18:92:26:dd:10:3a:2c:e1:8b: cd:aa:b4:0a:3d:38:6d:93:1c:d9:9b:8c:fc:3a:b6:fb:9d:92: 7c:d7:0d:a4:ed:f5:36:2d:42:f2:55:47:48:72:40:16:3d:65: 01:a0:df:2b:c5:81:1f:bb:2f:17:ab:37:72:0a:dd:98:fe:5a: 49:e6:1d:eb:4b:ea:65:e4:f2:c3:1b:54:e2:0c:c2:81:13:2e: 38:53:88:1c:33:50:1d:ea:00:7e:7e:38:c9:47:09:f9:12:95: 91:9b:8f:2f:53:23:5f:e4:b4:89:82:6e:21:81:4e:7c:c3:e1: 22:fd:eb:5a:27:aa:9f:96:57:16:a1:16:00:32:af:71:39:4b: 3e:4e:81:57 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6Wsj9pqcu1LYHF5UbfcWnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMDQ1NWZiOGJlZjJjYjgyYWM4ZTE4MzQ3NmRlMzkzODMzNjMzZWYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22nbK/zzAA2ASSVrGqSA7XymdvFB wY/f0eWcZz0YqHtdW5Vne07qQ7ertF0x/4kQNedLf5L9bKE+xIqToEnAwJnB5mCJ zec5bS7OGgnUrTuE6vbjEclVKRNh4xT9rbgcb9fb34zY1CwYVtEJKj1orADrHIDO QlnQZkmhdPVh+zSnmKsj+IrFtTz74Q1wO/kJGQNJfr/SB5M80dhH3nIh7WU/Qkio /dLNpowbHDIGzfhPWdm3dO70KMkSw8r+SqixGek+R7XkzOKHMl5lZb52tqsRwNJT AZi8h/fdmAdUFxThTSNDcUAFRsdnOj6N8UorSVz1bkgyjkJZTujQ9JivLQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLBFX7i+8suCrI4YNHbeOTgzYz7zMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvc0VWZnVMN3l5NEtzamhnMGR0NDVPRE5qUHZNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpkgMA0G CSqGSIb3DQEBCwUAA4IBAQA7hZCYdwJo/SvupUk1P4f/Y3RRtWfiwBMmdj9lXtPH fSHy36UE/NY/H+V2ccSJD3ReKKs/s6A7aROjYWXnGBr9NTGWtOWd1IUtzDuiGt1X gHd67NSlEXXVHscVw3c8pftfViNKAHZCPjpKoD/0EU+NxcW8QtYYkibdEDos4YvN qrQKPThtkxzZm4z8Orb7nZJ81w2k7fU2LULyVUdIckAWPWUBoN8rxYEfuy8Xqzdy Ct2Y/lpJ5h3rS+pl5PLDG1TiDMKBEy44U4gcM1Ad6gB+fjjJRwn5EpWRm48vUyNf 5LSJgm4hgU58w+Ei/etaJ6qfllcWoRYAMq9xOUs+ToFX -----END CERTIFICATE-----Generated at Wed Jan 21 10:49:50 2026 by rpki-client