This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/S2GzX7bjyNfk8zuc_J7yDO8r8_A.roa File: S2GzX7bjyNfk8zuc_J7yDO8r8_A.roa (raw, json) Hash identifier: 9cgwTQAZVGZH9VKGn5dJT7UJ2jaArnzhzVtmHDdrHjU= Subject key identifier: 4B:61:B3:5F:B6:E3:C8:D7:E4:F3:3B:9C:FC:9E:F2:0C:EF:2B:F3:F0 Certificate issuer: /CN=5cd8583b211741049e6bb19a946d831aabf11ad3 Certificate serial: 019B76EAB0C577E0E127171466C4F257E831 Authority key identifier: 5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/S2GzX7bjyNfk8zuc_J7yDO8r8_A.roa Signing time: Thu 01 Jan 2026 00:17:30 +0000 ROA not before: Thu 01 Jan 2026 00:17:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8444 IP address blocks: 144.2.128.0/24 maxlen: 24 144.2.129.0/24 maxlen: 24 144.2.130.0/24 maxlen: 24 144.2.131.0/24 maxlen: 24 144.2.136.0/24 maxlen: 24 144.2.140.0/24 maxlen: 24 144.2.142.0/24 maxlen: 24 144.2.143.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.mft rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:b0:c5:77:e0:e1:27:17:14:66:c4:f2:57:e8:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5cd8583b211741049e6bb19a946d831aabf11ad3 Validity Not Before: Jan 1 00:17:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4b61b35fb6e3c8d7e4f33b9cfc9ef20cef2bf3f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:28:af:1e:2d:36:28:a1:b6:27:22:34:3c:26: 2e:22:ba:08:0f:aa:36:a9:64:b8:16:a9:f4:c3:83: b5:7a:c2:20:c7:9f:91:e4:eb:4e:56:54:c0:08:aa: 0f:58:22:31:2d:83:ea:cd:d9:c4:0d:cd:4d:da:df: fe:e8:42:95:96:a1:f7:81:cd:cf:51:24:60:6b:93: c6:32:93:38:94:a0:d4:18:80:55:f7:83:8f:28:b3: 4f:db:2f:4d:a5:3b:4b:50:d5:1c:3d:bd:4f:44:35: 1b:81:c9:15:7a:ed:24:19:34:f5:23:14:0b:3c:55: 34:3f:e9:15:03:84:2b:7a:14:2f:73:5b:29:9e:16: b3:93:0b:3a:52:44:e1:c4:01:b7:fd:f8:5f:40:42: 85:4c:ea:53:e5:f6:81:2a:86:f9:6c:b8:5c:ef:03: 56:c4:f1:8c:8f:b7:6c:7f:f0:f7:7c:e2:9d:87:51: fe:00:16:26:d5:42:7d:76:d2:12:29:60:39:d5:a7: 23:71:ed:17:3f:d1:22:f4:66:5c:1c:88:5e:8c:51: 44:ce:0d:8f:84:7a:16:ad:2b:89:49:6b:b8:13:f3: 36:80:b3:13:d1:d1:30:9a:5b:e4:e5:4b:d8:c4:df: 66:45:94:18:f2:16:79:33:17:0c:25:1f:dd:ed:bc: 51:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:61:B3:5F:B6:E3:C8:D7:E4:F3:3B:9C:FC:9E:F2:0C:EF:2B:F3:F0 X509v3 Authority Key Identifier: keyid:5C:D8:58:3B:21:17:41:04:9E:6B:B1:9A:94:6D:83:1A:AB:F1:1A:D3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNhYOyEXQQSea7GalG2DGqvxGtM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/S2GzX7bjyNfk8zuc_J7yDO8r8_A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/7298ab-7b9c-47ad-9085-50974bcdc248/1/XNhYOyEXQQSea7GalG2DGqvxGtM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 144.2.128.0/22 144.2.136.0/24 144.2.140.0/24 144.2.142.0/23 Signature Algorithm: sha256WithRSAEncryption 67:32:5f:7c:93:50:89:eb:9b:ff:61:3d:9c:b6:7e:64:f2:7d: 87:37:2f:df:28:9a:b8:8f:9d:da:65:0d:a6:5e:a1:45:b2:66: 37:8c:47:93:7c:8a:9f:0e:45:90:9c:37:b1:a9:d8:d0:2e:9c: 4a:91:45:68:91:14:47:15:6f:02:91:bd:b2:1f:08:18:74:71: db:c4:9c:e6:51:69:28:f0:aa:4c:fc:fd:40:a1:6a:97:9c:13: 83:90:ed:f7:62:21:2e:30:23:db:ba:0d:2a:ab:b3:d3:26:e9: eb:79:c2:26:22:73:ea:6e:10:d3:a9:f6:2f:1e:1d:6e:a5:cf: c7:ff:48:fc:95:7e:d7:d6:c6:71:67:41:cb:c0:1a:b9:2f:3e: 6f:ee:70:ab:ee:5e:a6:09:0f:dd:fe:e6:ce:4f:72:9f:c1:4b: 7f:fc:7c:08:a6:dd:29:a3:68:22:4f:01:e2:e6:c3:76:b6:f5: 5f:b9:27:c6:a2:85:d7:8b:e2:8d:90:f7:aa:8c:5b:17:1a:04: d6:8f:67:26:7d:fe:83:48:9a:dc:2f:2f:8f:7f:79:a2:4d:ce: ec:ec:8a:b0:14:45:00:f4:dc:97:19:cf:02:38:ea:87:ed:b3: d3:d7:db:50:3a:38:52:95:e9:ee:28:0c:7f:6f:43:cb:df:cb: 57:ce:c0:00 -----BEGIN CERTIFICATE----- MIIFDzCCA/egAwIBAgISAZt26rDFd+DhJxcUZsTyV+gxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjZDg1ODNiMjExNzQxMDQ5ZTZiYjE5YTk0NmQ4MzFhYWJm MTFhZDMwHhcNMjYwMTAxMDAxNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YjYxYjM1ZmI2ZTNjOGQ3ZTRmMzNiOWNmYzllZjIwY2VmMmJmM2YwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSivHi02KKG2JyI0PCYuIroID6o2 qWS4Fqn0w4O1esIgx5+R5OtOVlTACKoPWCIxLYPqzdnEDc1N2t/+6EKVlqH3gc3P USRga5PGMpM4lKDUGIBV94OPKLNP2y9NpTtLUNUcPb1PRDUbgckVeu0kGTT1IxQL PFU0P+kVA4QrehQvc1spnhazkws6UkThxAG3/fhfQEKFTOpT5faBKob5bLhc7wNW xPGMj7dsf/D3fOKdh1H+ABYm1UJ9dtISKWA51acjce0XP9Ei9GZcHIhejFFEzg2P hHoWrSuJSWu4E/M2gLMT0dEwmlvk5UvYxN9mRZQY8hZ5MxcMJR/d7bxRXwIDAQAB o4ICGzCCAhcwHQYDVR0OBBYEFEths1+248jX5PM7nPye8gzvK/PwMB8GA1UdIwQY MBaAFFzYWDshF0EEnmuxmpRtgxqr8RrTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUt NTA5NzRiY2RjMjQ4LzEvUzJHelg3Ymp5TmZrOHp1Y19KN3lETzhyOF9BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hNC83Mjk4YWItN2I5Yy00N2FkLTkwODUtNTA5NzRiY2RjMjQ4 LzEvWE5oWU95RVhRUVNlYTdHYWxHMkRHcXZ4R3RNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCkAKAAwQA kAKIAwQAkAKMAwQBkAKOMA0GCSqGSIb3DQEBCwUAA4IBAQBnMl98k1CJ65v/YT2c tn5k8n2HNy/fKJq4j53aZQ2mXqFFsmY3jEeTfIqfDkWQnDexqdjQLpxKkUVokRRH FW8Ckb2yHwgYdHHbxJzmUWko8KpM/P1AoWqXnBODkO33YiEuMCPbug0qq7PTJunr ecImInPqbhDTqfYvHh1upc/H/0j8lX7X1sZxZ0HLwBq5Lz5v7nCr7l6mCQ/d/ubO T3KfwUt//HwIpt0po2giTwHi5sN2tvVfuSfGooXXi+KNkPeqjFsXGgTWj2cmff6D SJrcLy+Pf3miTc7s7IqwFEUA9NyXGc8COOqH7bPT19tQOjhSlenuKAx/b0PL38tX zsAA -----END CERTIFICATE-----Generated at Mon Feb 9 20:11:10 2026 by rpki-client