This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/8659cf-f824-4f93-8604-b812bd594739/1/sFhaHiuTZkyPvfZGeitPsQ50uDY.roa File: sFhaHiuTZkyPvfZGeitPsQ50uDY.roa (raw, json) Hash identifier: A+Ir0fHumCJtAvIDD0Uq1l9aMQ2n7on4GhmvbKyT6iw= Subject key identifier: B0:58:5A:1E:2B:93:66:4C:8F:BD:F6:46:7A:2B:4F:B1:0E:74:B8:36 Certificate issuer: /CN=a433e32ac0c6fa735a6c7be144cfa3fc297c0b98 Certificate serial: 019B7DCAA11EFEBE922DCF83CF9D5AF9A27C Authority key identifier: A4:33:E3:2A:C0:C6:FA:73:5A:6C:7B:E1:44:CF:A3:FC:29:7C:0B:98 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDPjKsDG-nNabHvhRM-j_Cl8C5g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/8659cf-f824-4f93-8604-b812bd594739/1/sFhaHiuTZkyPvfZGeitPsQ50uDY.roa Signing time: Fri 02 Jan 2026 08:19:50 +0000 ROA not before: Fri 02 Jan 2026 08:19:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 28883 IP address blocks: 185.251.48.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/8659cf-f824-4f93-8604-b812bd594739/1/pDPjKsDG-nNabHvhRM-j_Cl8C5g.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/8659cf-f824-4f93-8604-b812bd594739/1/pDPjKsDG-nNabHvhRM-j_Cl8C5g.mft rsync://rpki.ripe.net/repository/DEFAULT/pDPjKsDG-nNabHvhRM-j_Cl8C5g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:a1:1e:fe:be:92:2d:cf:83:cf:9d:5a:f9:a2:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a433e32ac0c6fa735a6c7be144cfa3fc297c0b98 Validity Not Before: Jan 2 08:19:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b0585a1e2b93664c8fbdf6467a2b4fb10e74b836 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:9b:d3:6c:41:2e:67:6b:8c:98:c5:30:a2:1e: 92:46:08:9b:24:0a:f4:de:7f:b2:11:58:62:c7:4d: 91:38:4b:d8:df:09:2d:a5:ae:dc:9f:21:51:0c:d5: 37:5c:ff:e6:c8:34:e3:85:27:6a:bd:42:44:40:f1: 38:a8:e3:03:96:1b:79:9c:8e:89:76:3e:6c:e2:26: 13:39:ad:d0:f1:87:98:3e:e8:35:88:f1:61:fa:8b: 7a:a0:50:80:88:56:b1:35:ea:bb:93:8e:bb:55:14: 53:bf:0c:47:f1:43:a1:41:92:72:d8:7d:9f:15:c8: 07:2d:f4:51:9c:5c:e2:0a:ff:14:be:42:ad:6d:3b: 0e:43:ac:6b:fb:ce:a7:d4:f5:e1:ff:85:5d:ad:9f: 46:68:a0:b5:11:61:85:8f:c5:db:8b:f2:22:fd:51: 41:14:20:58:fc:97:12:2d:d3:99:eb:5f:61:a0:80: 8e:cf:82:0d:56:94:df:62:8d:c1:55:47:17:71:b9: f3:42:c0:05:33:9c:18:80:d5:37:4f:5c:20:cb:5c: 4e:9f:b6:b6:00:87:c0:ff:2d:4c:af:7f:08:81:33: c2:fd:23:53:91:11:4f:6b:8d:00:af:4a:80:43:cf: 80:ff:55:8e:cb:8e:97:eb:8a:2b:6d:0d:60:e3:99: 70:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:58:5A:1E:2B:93:66:4C:8F:BD:F6:46:7A:2B:4F:B1:0E:74:B8:36 X509v3 Authority Key Identifier: keyid:A4:33:E3:2A:C0:C6:FA:73:5A:6C:7B:E1:44:CF:A3:FC:29:7C:0B:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDPjKsDG-nNabHvhRM-j_Cl8C5g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8659cf-f824-4f93-8604-b812bd594739/1/sFhaHiuTZkyPvfZGeitPsQ50uDY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8659cf-f824-4f93-8604-b812bd594739/1/pDPjKsDG-nNabHvhRM-j_Cl8C5g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.251.48.0/22 Signature Algorithm: sha256WithRSAEncryption 84:98:ba:f8:4d:c7:e9:b2:17:bf:13:f4:8e:78:c5:a7:4b:9a: 95:06:21:23:0f:c7:8a:63:0b:28:57:c6:5b:f1:79:e4:81:68: c3:e9:3d:c6:75:2d:d8:55:ed:60:a8:73:f5:25:78:9f:a7:51: 22:1d:76:46:0e:3f:80:49:8f:87:30:84:13:8d:d7:43:72:e6: e6:fd:4e:2c:5e:f8:58:fb:5b:b4:8a:da:58:65:07:fa:99:ed: 29:8d:c0:c5:b2:bc:e5:81:70:c5:38:07:1d:7f:67:74:5d:bd: dc:56:05:f8:53:91:a5:32:b2:3d:33:ef:5c:61:41:52:9c:bf: 39:03:b3:e2:82:f6:92:b2:26:9a:9f:0a:96:35:3e:d5:03:91: e4:79:0c:4c:ae:7b:2b:84:e3:29:44:78:a9:0a:0a:ff:f1:77: b6:d8:3b:86:92:be:f8:bf:2a:d5:05:91:50:dc:2f:0f:22:57: 61:b4:ae:a2:dc:c9:4b:60:8b:ca:65:7a:0a:fa:63:53:79:9f: d1:3f:44:b6:6b:27:21:66:51:1e:34:78:4d:2d:0c:d0:19:5f: 76:e4:33:34:86:50:d6:2d:0a:9d:d3:e0:e3:e6:53:bd:ce:38: a9:4f:cc:36:97:22:33:21:81:ff:a3:08:ee:63:62:87:27:34: 8a:ec:91:25 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yqEe/r6SLc+Dz51a+aJ8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0MzNlMzJhYzBjNmZhNzM1YTZjN2JlMTQ0Y2ZhM2ZjMjk3 YzBiOTgwHhcNMjYwMTAyMDgxOTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMDU4NWExZTJiOTM2NjRjOGZiZGY2NDY3YTJiNGZiMTBlNzRiODM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5vTbEEuZ2uMmMUwoh6SRgibJAr0 3n+yEVhix02ROEvY3wktpa7cnyFRDNU3XP/myDTjhSdqvUJEQPE4qOMDlht5nI6J dj5s4iYTOa3Q8YeYPug1iPFh+ot6oFCAiFaxNeq7k467VRRTvwxH8UOhQZJy2H2f FcgHLfRRnFziCv8UvkKtbTsOQ6xr+86n1PXh/4VdrZ9GaKC1EWGFj8Xbi/Ii/VFB FCBY/JcSLdOZ619hoICOz4INVpTfYo3BVUcXcbnzQsAFM5wYgNU3T1wgy1xOn7a2 AIfA/y1Mr38IgTPC/SNTkRFPa40Ar0qAQ8+A/1WOy46X64orbQ1g45lwqQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLBYWh4rk2ZMj732RnorT7EOdLg2MB8GA1UdIwQY MBaAFKQz4yrAxvpzWmx74UTPo/wpfAuYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcERQaktzREctbk5hYkh2aFJNLWpfQ2w4QzVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi84NjU5Y2YtZjgyNC00ZjkzLTg2MDQt YjgxMmJkNTk0NzM5LzEvc0ZoYUhpdVRaa3lQdmZaR2VpdFBzUTUwdURZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi84NjU5Y2YtZjgyNC00ZjkzLTg2MDQtYjgxMmJkNTk0NzM5 LzEvcERQaktzREctbk5hYkh2aFJNLWpfQ2w4QzVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufswMA0G CSqGSIb3DQEBCwUAA4IBAQCEmLr4Tcfpshe/E/SOeMWnS5qVBiEjD8eKYwsoV8Zb 8XnkgWjD6T3GdS3YVe1gqHP1JXifp1EiHXZGDj+ASY+HMIQTjddDcubm/U4sXvhY +1u0itpYZQf6me0pjcDFsrzlgXDFOAcdf2d0Xb3cVgX4U5GlMrI9M+9cYUFSnL85 A7PigvaSsiaanwqWNT7VA5HkeQxMrnsrhOMpRHipCgr/8Xe22DuGkr74vyrVBZFQ 3C8PIldhtK6i3MlLYIvKZXoK+mNTeZ/RP0S2aychZlEeNHhNLQzQGV925DM0hlDW LQqd0+Dj5lO9zjipT8w2lyIzIYH/owjuY2KHJzSK7JEl -----END CERTIFICATE-----Generated at Mon Jan 26 22:32:39 2026 by rpki-client