This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/sfYPhQ6RD9htbpRLWND2pNFZgk0.roa File: sfYPhQ6RD9htbpRLWND2pNFZgk0.roa (raw, json) Hash identifier: Nx5iosy0Tc5xWKlypEqy7h/HiFr5i52nJ2YrifsLjWw= Subject key identifier: B1:F6:0F:85:0E:91:0F:D8:6D:6E:94:4B:58:D0:F6:A4:D1:59:82:4D Certificate issuer: /CN=7728052ae7d10fd2261a2248fc00d202b0f25574 Certificate serial: 019B78A362EBCC7A20AEFF7EEEACE11911E6 Authority key identifier: 77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/sfYPhQ6RD9htbpRLWND2pNFZgk0.roa Signing time: Thu 01 Jan 2026 08:18:52 +0000 ROA not before: Thu 01 Jan 2026 08:18:52 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214063 IP address blocks: 45.12.125.0/24 maxlen: 24 45.12.127.0/24 maxlen: 24 91.232.92.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/dygFKufRD9ImGiJI_ADSArDyVXQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/dygFKufRD9ImGiJI_ADSArDyVXQ.mft rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a3:62:eb:cc:7a:20:ae:ff:7e:ee:ac:e1:19:11:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7728052ae7d10fd2261a2248fc00d202b0f25574 Validity Not Before: Jan 1 08:18:52 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b1f60f850e910fd86d6e944b58d0f6a4d159824d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:54:cc:c8:c8:60:eb:9f:8d:8f:8c:85:77:8c: 98:79:c5:dd:d6:22:2d:f5:df:17:1a:8a:93:08:b3: e8:79:38:31:78:d6:15:f8:b1:68:fb:48:4c:48:cf: 38:e7:69:1a:06:05:8c:3d:cb:ba:83:62:1c:93:21: 4f:40:c3:71:1d:12:9a:aa:62:27:c4:d4:42:5f:a1: 10:a9:84:c7:36:90:87:24:b3:c7:5f:3e:a1:3e:96: d3:36:9c:d1:e1:03:d5:9d:15:20:36:e4:84:d6:21: ff:4b:99:6c:7b:48:b2:17:ad:e3:e8:8a:bd:fa:14: 64:7d:2e:bd:a0:43:13:41:6b:ff:77:1c:99:3a:ca: ef:82:ba:02:96:2e:f7:2d:c4:2d:cf:c9:e6:8b:3d: 1a:18:54:22:ac:24:21:e5:02:b1:69:b6:16:c6:84: 4d:c4:09:3d:3f:b9:11:20:51:92:fd:41:7e:12:9c: 8f:81:1e:11:f9:db:f5:44:2c:c2:81:9c:e5:1d:ca: 11:b7:58:a0:1c:50:70:10:aa:32:1a:d2:e0:cd:89: 14:ce:35:04:32:51:37:58:3f:8b:5d:76:41:09:b9: 4e:eb:74:cc:43:8e:b7:d8:e8:5b:7f:36:63:fe:18: 31:3d:1d:79:f7:e2:cb:b3:c5:c3:8e:e0:06:76:7e: 62:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:F6:0F:85:0E:91:0F:D8:6D:6E:94:4B:58:D0:F6:A4:D1:59:82:4D X509v3 Authority Key Identifier: keyid:77:28:05:2A:E7:D1:0F:D2:26:1A:22:48:FC:00:D2:02:B0:F2:55:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dygFKufRD9ImGiJI_ADSArDyVXQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/sfYPhQ6RD9htbpRLWND2pNFZgk0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/4cb1b1-701b-4e42-8b05-2cbc40e5fe62/1/dygFKufRD9ImGiJI_ADSArDyVXQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.12.125.0/24 45.12.127.0/24 91.232.92.0/24 Signature Algorithm: sha256WithRSAEncryption 04:86:5a:33:ec:40:7b:a8:2b:b5:a3:16:53:60:aa:74:85:32: 65:a5:eb:0a:22:27:75:f2:37:e0:4c:df:9c:21:0a:7f:4d:80: fb:d6:ed:9d:29:6d:70:b4:5e:06:88:20:fd:06:80:fd:e7:bf: 0a:ed:46:68:d5:69:a0:99:55:7f:85:98:4f:9d:43:2f:f5:b6: a0:a4:f6:fe:43:67:8c:14:29:94:06:20:ac:02:ec:6f:d8:b8: c3:3f:36:7f:64:81:75:73:91:03:72:df:9f:7d:9e:db:96:e3: 92:29:b0:6d:a8:ac:e4:dc:b2:33:5d:da:87:a1:41:67:7c:2d: dc:53:20:bb:28:94:f3:48:5d:b6:e9:27:78:97:3d:9d:22:c1: 9c:bb:b5:4d:07:6c:5e:0e:08:21:37:09:7f:5d:36:2c:fd:c3: aa:ef:83:35:5b:a2:86:51:54:ae:1b:f1:57:41:b4:58:c3:bc: 84:a0:75:46:a9:f7:1b:9b:12:b4:21:45:eb:7c:ab:20:6e:6f: ec:af:a3:41:60:84:ed:c2:7e:47:aa:e7:df:0d:a1:4f:63:18: 07:2a:6d:e1:ae:fc:74:0d:8f:dd:c2:1d:44:27:19:8d:5a:f8: 92:49:dc:d4:1a:3c:8b:ed:68:e8:75:56:86:52:1c:ae:70:bc: 88:0f:53:e2 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt4o2LrzHogrv9+7qzhGRHmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc3MjgwNTJhZTdkMTBmZDIyNjFhMjI0OGZjMDBkMjAyYjBm MjU1NzQwHhcNMjYwMTAxMDgxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMWY2MGY4NTBlOTEwZmQ4NmQ2ZTk0NGI1OGQwZjZhNGQxNTk4MjRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylTMyMhg65+Nj4yFd4yYecXd1iIt 9d8XGoqTCLPoeTgxeNYV+LFo+0hMSM8452kaBgWMPcu6g2IckyFPQMNxHRKaqmIn xNRCX6EQqYTHNpCHJLPHXz6hPpbTNpzR4QPVnRUgNuSE1iH/S5lse0iyF63j6Iq9 +hRkfS69oEMTQWv/dxyZOsrvgroCli73LcQtz8nmiz0aGFQirCQh5QKxabYWxoRN xAk9P7kRIFGS/UF+EpyPgR4R+dv1RCzCgZzlHcoRt1igHFBwEKoyGtLgzYkUzjUE MlE3WD+LXXZBCblO63TMQ4632OhbfzZj/hgxPR159+LLs8XDjuAGdn5iKwIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFLH2D4UOkQ/YbW6US1jQ9qTRWYJNMB8GA1UdIwQY MBaAFHcoBSrn0Q/SJhoiSPwA0gKw8lV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUt MmNiYzQwZTVmZTYyLzEvc2ZZUGhRNlJEOWh0YnBSTFdORDJwTkZaZ2swLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS80Y2IxYjEtNzAxYi00ZTQyLThiMDUtMmNiYzQwZTVmZTYy LzEvZHlnRkt1ZlJEOUltR2lKSV9BRFNBckR5VlhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQx9AwQA LQx/AwQAW+hcMA0GCSqGSIb3DQEBCwUAA4IBAQAEhloz7EB7qCu1oxZTYKp0hTJl pesKIid18jfgTN+cIQp/TYD71u2dKW1wtF4GiCD9BoD9578K7UZo1WmgmVV/hZhP nUMv9bagpPb+Q2eMFCmUBiCsAuxv2LjDPzZ/ZIF1c5EDct+ffZ7bluOSKbBtqKzk 3LIzXdqHoUFnfC3cUyC7KJTzSF226Sd4lz2dIsGcu7VNB2xeDgghNwl/XTYs/cOq 74M1W6KGUVSuG/FXQbRYw7yEoHVGqfcbmxK0IUXrfKsgbm/sr6NBYITtwn5Hquff DaFPYxgHKm3hrvx0DY/dwh1EJxmNWviSSdzUGjyL7WjodVaGUhyucLyID1Pi -----END CERTIFICATE-----Generated at Mon Feb 9 22:16:33 2026 by rpki-client