This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/b44488-0500-4538-93b1-2688d346f6ab/1/sXuiRHlvEW8rrBF1Ev9CogiLSCQ.roa File: sXuiRHlvEW8rrBF1Ev9CogiLSCQ.roa (raw, json) Hash identifier: pLvRlLK05UpElewJM59U7OVcLxC0+h1J9DGDrZTZEFM= Subject key identifier: B1:7B:A2:44:79:6F:11:6F:2B:AC:11:75:12:FF:42:A2:08:8B:48:24 Certificate issuer: /CN=afe3f1ed1b49c5ba7cc1f192a4024765a253664e Certificate serial: 019B7EA700C67993B81908E0A60DCB15DEAB Authority key identifier: AF:E3:F1:ED:1B:49:C5:BA:7C:C1:F1:92:A4:02:47:65:A2:53:66:4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r-Px7RtJxbp8wfGSpAJHZaJTZk4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/b44488-0500-4538-93b1-2688d346f6ab/1/sXuiRHlvEW8rrBF1Ev9CogiLSCQ.roa Signing time: Fri 02 Jan 2026 12:20:32 +0000 ROA not before: Fri 02 Jan 2026 12:20:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213089 IP address blocks: 185.133.232.0/22 maxlen: 24 193.178.128.0/24 maxlen: 24 193.178.137.0/24 maxlen: 24 193.178.139.0/24 maxlen: 24 193.178.142.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/b44488-0500-4538-93b1-2688d346f6ab/1/r-Px7RtJxbp8wfGSpAJHZaJTZk4.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/b44488-0500-4538-93b1-2688d346f6ab/1/r-Px7RtJxbp8wfGSpAJHZaJTZk4.mft rsync://rpki.ripe.net/repository/DEFAULT/r-Px7RtJxbp8wfGSpAJHZaJTZk4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:00:c6:79:93:b8:19:08:e0:a6:0d:cb:15:de:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=afe3f1ed1b49c5ba7cc1f192a4024765a253664e Validity Not Before: Jan 2 12:20:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b17ba244796f116f2bac117512ff42a2088b4824 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:6e:38:de:d8:53:a3:9d:b4:e6:f1:60:16:01: 64:5e:57:30:c6:6a:13:f5:c7:2b:ad:00:ea:9e:25: 8f:35:b1:48:72:d1:e9:9c:0d:23:8c:e0:e8:4b:91: 38:75:79:46:65:ca:b7:07:12:33:99:89:36:ac:e0: 25:3b:b5:d3:2e:4b:27:38:c4:37:ca:28:32:e7:59: ad:3d:af:16:33:18:df:87:89:f2:88:d0:1c:b4:30: 89:2c:38:26:a7:93:6c:8d:ca:eb:55:4c:cf:68:ae: bf:7e:fc:a5:99:6f:94:d4:6d:e7:9a:e6:25:87:b0: b8:ed:fa:68:cd:4d:9a:af:ed:e5:87:90:ca:3a:55: e2:83:0f:b9:9e:1d:f8:98:35:0f:13:11:a0:88:30: e4:97:15:09:84:e6:4f:46:75:ea:5a:0a:37:d0:db: 34:f8:ee:24:30:43:e8:a8:39:06:1a:34:de:8c:4c: 28:7d:15:b0:35:76:de:be:98:6d:cb:7e:e5:4b:9f: fc:37:7e:9b:3e:dc:e2:ee:8c:41:ca:28:20:b2:e1: c0:ac:4d:f5:c7:46:3e:5c:07:32:59:64:9a:28:ac: 20:5b:87:17:3d:8a:6d:9a:06:28:49:95:ab:30:0e: 98:17:45:d0:57:21:a4:8e:c5:8a:91:80:f1:9a:d6: e0:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:7B:A2:44:79:6F:11:6F:2B:AC:11:75:12:FF:42:A2:08:8B:48:24 X509v3 Authority Key Identifier: keyid:AF:E3:F1:ED:1B:49:C5:BA:7C:C1:F1:92:A4:02:47:65:A2:53:66:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r-Px7RtJxbp8wfGSpAJHZaJTZk4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b44488-0500-4538-93b1-2688d346f6ab/1/sXuiRHlvEW8rrBF1Ev9CogiLSCQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/b44488-0500-4538-93b1-2688d346f6ab/1/r-Px7RtJxbp8wfGSpAJHZaJTZk4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.133.232.0/22 193.178.128.0/24 193.178.137.0/24 193.178.139.0/24 193.178.142.0/24 Signature Algorithm: sha256WithRSAEncryption 07:b1:10:ba:27:95:31:9e:c8:5a:05:cb:1b:65:4c:b3:37:a5: 5a:28:41:d8:ad:d7:bb:6f:5d:4a:26:79:84:79:2c:22:4e:83: dc:c7:85:a8:70:f0:87:61:07:b3:ad:f1:e7:48:bf:65:41:2e: 1a:a9:a4:10:28:f3:33:ed:b6:ae:f5:06:7f:71:9b:48:95:2c: 89:94:e7:dd:21:47:02:02:81:e8:3a:77:0a:25:68:21:2d:68: aa:a5:1b:8d:72:e2:d8:b9:05:1e:16:8e:31:e1:26:08:a0:bd: d1:ff:53:b9:a9:29:83:41:67:3f:f0:ff:6d:64:40:8e:7f:e3: cc:11:c6:54:bc:4e:3a:03:7b:68:5a:80:c1:c6:a9:87:e7:c4: ef:18:7e:9b:b5:92:fb:ed:0d:f3:fb:88:cf:bf:c8:aa:2d:78: ea:23:0b:4c:94:e8:59:8c:11:e5:f4:98:a1:92:07:7c:ac:3b: dd:cb:46:4f:8b:0d:c7:d3:aa:f8:07:3b:77:2b:27:d7:16:b3: bb:72:db:15:8a:9d:f5:e8:05:f1:94:30:96:f6:ef:7c:cc:f0: 6c:d0:dc:9d:cb:84:2f:41:37:ae:7f:09:1a:ab:82:07:4b:e8: 10:cb:f8:26:0c:f8:84:89:25:b4:51:c1:51:20:0f:34:fe:ce: 68:c2:57:19 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt+pwDGeZO4GQjgpg3LFd6rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmZTNmMWVkMWI0OWM1YmE3Y2MxZjE5MmE0MDI0NzY1YTI1 MzY2NGUwHhcNMjYwMTAyMTIyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMTdiYTI0NDc5NmYxMTZmMmJhYzExNzUxMmZmNDJhMjA4OGI0ODI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAom443thTo5205vFgFgFkXlcwxmoT 9ccrrQDqniWPNbFIctHpnA0jjODoS5E4dXlGZcq3BxIzmYk2rOAlO7XTLksnOMQ3 yigy51mtPa8WMxjfh4nyiNActDCJLDgmp5NsjcrrVUzPaK6/fvylmW+U1G3nmuYl h7C47fpozU2ar+3lh5DKOlXigw+5nh34mDUPExGgiDDklxUJhOZPRnXqWgo30Ns0 +O4kMEPoqDkGGjTejEwofRWwNXbevphty37lS5/8N36bPtzi7oxByiggsuHArE31 x0Y+XAcyWWSaKKwgW4cXPYptmgYoSZWrMA6YF0XQVyGkjsWKkYDxmtbgtQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFLF7okR5bxFvK6wRdRL/QqIIi0gkMB8GA1UdIwQY MBaAFK/j8e0bScW6fMHxkqQCR2WiU2ZOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvci1QeDdSdEp4YnA4d2ZHU3BBSkhaYUpUWms0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iNDQ0ODgtMDUwMC00NTM4LTkzYjEt MjY4OGQzNDZmNmFiLzEvc1h1aVJIbHZFVzhyckJGMUV2OUNvZ2lMU0NRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS9iNDQ0ODgtMDUwMC00NTM4LTkzYjEtMjY4OGQzNDZmNmFi LzEvci1QeDdSdEp4YnA4d2ZHU3BBSkhaYUpUWms0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuYXoAwQA wbKAAwQAwbKJAwQAwbKLAwQAwbKOMA0GCSqGSIb3DQEBCwUAA4IBAQAHsRC6J5Ux nshaBcsbZUyzN6VaKEHYrde7b11KJnmEeSwiToPcx4WocPCHYQezrfHnSL9lQS4a qaQQKPMz7bau9QZ/cZtIlSyJlOfdIUcCAoHoOncKJWghLWiqpRuNcuLYuQUeFo4x 4SYIoL3R/1O5qSmDQWc/8P9tZECOf+PMEcZUvE46A3toWoDBxqmH58TvGH6btZL7 7Q3z+4jPv8iqLXjqIwtMlOhZjBHl9Jihkgd8rDvdy0ZPiw3H06r4Bzt3KyfXFrO7 ctsVip316AXxlDCW9u98zPBs0Nydy4QvQTeufwkaq4IHS+gQy/gmDPiEiSW0UcFR IA80/s5owlcZ -----END CERTIFICATE-----Generated at Tue Feb 10 00:14:08 2026 by rpki-client