This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sGuLDKh6IAnzwO4X3GQtwWX-rZE.roa File: sGuLDKh6IAnzwO4X3GQtwWX-rZE.roa (raw, json) Hash identifier: /DZ4XVEyBN7utNEu1/GPII9guyMnt25gqS3fJuWZ6Xw= Subject key identifier: B0:6B:8B:0C:A8:7A:20:09:F3:C0:EE:17:DC:64:2D:C1:65:FE:AD:91 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5AEC76A59403100CDF30EA1D6F9698 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sGuLDKh6IAnzwO4X3GQtwWX-rZE.roa Signing time: Thu 01 Jan 2026 16:18:57 +0000 ROA not before: Thu 01 Jan 2026 16:18:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 400866 IP address blocks: 82.152.4.0/24 maxlen: 24 82.152.5.0/24 maxlen: 24 82.153.153.0/24 maxlen: 24 82.153.156.0/24 maxlen: 24 82.153.200.0/24 maxlen: 24 213.210.63.0/24 maxlen: 24 213.218.211.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 03:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:ec:76:a5:94:03:10:0c:df:30:ea:1d:6f:96:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b06b8b0ca87a2009f3c0ee17dc642dc165fead91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:f3:bb:2f:0c:46:4a:97:8f:fa:68:9b:34:b9: 4d:61:02:21:89:33:b8:dd:d3:32:38:51:00:71:f0: 77:23:42:27:ee:56:85:c1:60:88:d0:af:03:c1:0f: d1:9c:b7:3b:9f:42:98:86:2a:90:4a:71:12:68:bc: 39:28:1c:dc:a1:ce:37:c5:e3:b8:94:21:dd:4a:44: 1f:76:73:b3:db:ec:72:07:7c:d3:91:a7:7f:5b:29: 1a:08:41:2b:b5:8a:57:32:d3:38:e1:ce:51:83:b2: ff:f2:6a:3d:67:44:b5:75:16:68:d1:9e:4d:67:42: e6:13:96:d7:3e:72:95:19:38:6d:e5:af:3f:13:81: 6d:be:79:53:dc:32:7b:65:38:80:dc:ea:00:5f:86: 1f:7e:99:0f:e3:ee:70:4d:b4:a3:d6:0d:3d:96:4c: e5:0a:52:ec:7e:39:f2:8a:e0:47:04:57:7f:a7:67: 4f:15:ce:08:e2:03:db:0a:92:87:d3:6e:e8:aa:4b: 67:ca:38:cc:a2:7b:0d:5d:6e:73:de:a8:5b:de:b7: f9:13:9b:d9:16:4f:aa:ea:07:12:c5:dc:eb:1b:43: 5d:cc:e1:c1:b7:4e:ef:f3:30:7e:ef:ab:29:20:1b: 2a:40:35:fe:79:49:c0:a0:04:66:a9:d9:51:0f:fa: 81:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:6B:8B:0C:A8:7A:20:09:F3:C0:EE:17:DC:64:2D:C1:65:FE:AD:91 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sGuLDKh6IAnzwO4X3GQtwWX-rZE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.152.4.0/23 82.153.153.0/24 82.153.156.0/24 82.153.200.0/24 213.210.63.0/24 213.218.211.0/24 Signature Algorithm: sha256WithRSAEncryption 4e:d4:ed:c3:00:9b:8c:69:89:37:00:75:7a:d0:9b:f9:77:fc: f5:c8:68:e1:3c:cf:f2:4d:ed:3c:8e:c6:d9:30:30:de:68:5d: 9d:ca:1d:ff:5f:28:3a:2f:8f:98:15:4d:c0:bc:92:c8:ee:bb: 7e:49:ef:c0:ee:f0:02:b6:01:71:04:c3:ed:0d:13:05:ce:40: 2a:c5:06:3a:a2:28:41:1f:f7:70:6c:6a:70:96:6b:fe:68:b6: 29:13:60:8c:d3:e3:55:da:83:0d:55:92:9f:ac:6d:61:b3:f7: 43:b3:a4:ef:2e:5c:2b:46:c9:a6:47:59:27:14:a8:6b:fb:0e: 6c:b8:f8:bf:18:ba:45:ef:47:57:c0:d8:a5:f2:ea:1c:41:f3: b3:74:ba:4c:04:80:cb:6c:5b:8b:6d:0f:b6:4d:d1:93:83:ef: c4:c8:c7:dd:df:06:e3:35:a4:f9:53:b2:ab:0d:16:5c:72:56: e9:a0:71:3b:a0:17:72:28:d7:32:0b:ab:b5:53:32:63:ce:bd: 04:d6:e3:e1:1d:c2:5c:2c:50:31:2a:7f:59:96:c5:b9:e5:a6: b2:54:6a:fb:87:d6:59:ea:35:a3:39:de:57:bb:8c:c6:99:c2: cd:19:6a:68:f7:16:5d:bf:23:08:4e:e7:81:46:4b:50:e2:1c: be:1f:ae:fd -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt6Wux2pZQDEAzfMOodb5aYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMDZiOGIwY2E4N2EyMDA5ZjNjMGVlMTdkYzY0MmRjMTY1ZmVhZDkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPO7LwxGSpeP+mibNLlNYQIhiTO4 3dMyOFEAcfB3I0In7laFwWCI0K8DwQ/RnLc7n0KYhiqQSnESaLw5KBzcoc43xeO4 lCHdSkQfdnOz2+xyB3zTkad/WykaCEErtYpXMtM44c5Rg7L/8mo9Z0S1dRZo0Z5N Z0LmE5bXPnKVGTht5a8/E4FtvnlT3DJ7ZTiA3OoAX4YffpkP4+5wTbSj1g09lkzl ClLsfjnyiuBHBFd/p2dPFc4I4gPbCpKH027oqktnyjjMonsNXW5z3qhb3rf5E5vZ Fk+q6gcSxdzrG0NdzOHBt07v8zB+76spIBsqQDX+eUnAoARmqdlRD/qBxwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFLBriwyoeiAJ88DuF9xkLcFl/q2RMB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvc0d1TERLaDZJQW56d080WDNHUXR3V1gtclpFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBUpgEAwQA UpmZAwQAUpmcAwQAUpnIAwQA1dI/AwQA1drTMA0GCSqGSIb3DQEBCwUAA4IBAQBO 1O3DAJuMaYk3AHV60Jv5d/z1yGjhPM/yTe08jsbZMDDeaF2dyh3/Xyg6L4+YFU3A vJLI7rt+Se/A7vACtgFxBMPtDRMFzkAqxQY6oihBH/dwbGpwlmv+aLYpE2CM0+NV 2oMNVZKfrG1hs/dDs6TvLlwrRsmmR1knFKhr+w5suPi/GLpF70dXwNil8uocQfOz dLpMBIDLbFuLbQ+2TdGTg+/EyMfd3wbjNaT5U7KrDRZcclbpoHE7oBdyKNcyC6u1 UzJjzr0E1uPhHcJcLFAxKn9ZlsW55aayVGr7h9ZZ6jWjOd5Xu4zGmcLNGWpo9xZd vyMITueBRktQ4hy+H679 -----END CERTIFICATE-----Generated at Tue Jan 20 11:56:48 2026 by rpki-client