This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/shInVxnETptNhYG5ctgG1wBa_IE.roa File: shInVxnETptNhYG5ctgG1wBa_IE.roa (raw, json) Hash identifier: b14rKwCriv8+d3rzjVPCL7UyXFm3J/o38M8wbLSbZig= Subject key identifier: B2:12:27:57:19:C4:4E:9B:4D:85:81:B9:72:D8:06:D7:00:5A:FC:81 Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Certificate serial: 019B76EB824C1C7A720E0F51D7D69B0AE1D0 Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/shInVxnETptNhYG5ctgG1wBa_IE.roa Signing time: Thu 01 Jan 2026 00:18:24 +0000 ROA not before: Thu 01 Jan 2026 00:18:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43704 IP address blocks: 89.34.100.0/24 maxlen: 24 185.248.137.0/24 maxlen: 24 2a03:9c00:4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 06:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:82:4c:1c:7a:72:0e:0f:51:d7:d6:9b:0a:e1:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Validity Not Before: Jan 1 00:18:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b212275719c44e9b4d8581b972d806d7005afc81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:76:ab:a8:a5:33:60:0a:73:00:07:5d:2f:f5: ef:1b:57:b6:da:e1:74:7b:f4:3e:9b:ba:e5:d9:95: a5:9d:32:16:ba:b0:75:f3:5e:91:4a:c5:cd:07:fd: 40:59:34:d1:40:7f:d2:bb:f9:ec:da:58:81:a4:a9: 76:ad:26:19:f0:6a:3f:f1:25:5a:ab:90:95:e8:68: e2:86:6f:f5:da:f0:49:e1:36:d0:03:95:2b:55:11: cc:3f:f8:bb:c6:cb:3a:03:80:e0:9c:92:8e:ea:e0: 40:b2:48:77:cd:1b:d5:4b:c0:d1:30:97:76:a1:d8: 05:13:c7:df:29:01:4b:a5:c6:e8:db:50:c2:0e:e6: bc:e4:41:10:9f:b0:13:df:ce:7b:63:cc:de:38:ca: ae:f3:9a:b4:2f:97:52:8e:6a:20:ea:55:92:5c:34: ad:d4:f4:72:d4:02:c8:70:53:e7:5e:d4:fb:d9:15: a1:5a:61:c8:df:9b:d8:14:b0:be:dd:b9:f8:92:11: 84:f3:c9:a6:f6:8d:20:82:34:5d:d0:94:12:1d:ac: e8:68:96:1e:93:68:dc:ef:38:a2:6e:ab:9e:93:ab: 15:59:15:cd:6d:03:87:7b:46:7a:a2:e4:24:07:f0: ba:b2:b2:6a:8c:f7:1e:79:7e:b1:5d:7e:ed:83:0c: b0:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:12:27:57:19:C4:4E:9B:4D:85:81:B9:72:D8:06:D7:00:5A:FC:81 X509v3 Authority Key Identifier: keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/shInVxnETptNhYG5ctgG1wBa_IE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.34.100.0/24 185.248.137.0/24 IPv6: 2a03:9c00:4::/48 Signature Algorithm: sha256WithRSAEncryption 42:4e:00:69:41:35:f7:07:3e:5c:53:0c:39:46:3c:16:96:b6: d8:e3:6d:84:27:59:ce:04:b7:13:24:11:a5:40:4d:08:91:e7: bf:a8:3e:ba:cf:7c:c6:90:98:80:86:9c:ca:65:81:67:24:ce: 99:1f:50:7f:fe:64:c7:10:08:86:98:15:7e:ec:f0:9c:a4:6e: 6c:fa:4b:06:39:a5:04:e2:60:20:d1:57:c4:57:3f:26:4d:26: 6c:83:c0:5c:08:fd:67:56:75:77:ce:0a:74:46:e9:29:e5:ae: 70:0c:fb:59:d4:8c:f6:c7:f2:16:4a:f4:20:cc:41:e7:59:62: 5d:8e:83:41:f2:a9:ba:95:3b:7a:2f:64:0e:1e:48:31:64:2e: 78:7c:48:da:17:e2:f2:a5:09:42:c1:af:c6:88:57:d4:32:ad: 05:a6:4e:c3:a4:8c:6d:31:74:57:4b:3d:70:49:cf:09:c1:5a: cf:23:31:5a:1c:45:3c:29:d2:5f:d0:ae:15:46:f4:3e:97:ed: 39:5b:e4:8e:51:5a:ee:43:eb:b4:05:64:55:af:04:0e:37:7b: 4a:25:c3:09:e9:5c:28:7f:79:7b:85:a6:09:35:42:8e:1f:07: ff:a5:22:ad:09:d8:25:1b:df:2c:5a:48:d5:ea:8a:09:43:b2: be:84:db:13 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt264JMHHpyDg9R19abCuHQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3 YjQ1ODkwHhcNMjYwMTAxMDAxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMjEyMjc1NzE5YzQ0ZTliNGQ4NTgxYjk3MmQ4MDZkNzAwNWFmYzgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHarqKUzYApzAAddL/XvG1e22uF0 e/Q+m7rl2ZWlnTIWurB1816RSsXNB/1AWTTRQH/Su/ns2liBpKl2rSYZ8Go/8SVa q5CV6Gjihm/12vBJ4TbQA5UrVRHMP/i7xss6A4DgnJKO6uBAskh3zRvVS8DRMJd2 odgFE8ffKQFLpcbo21DCDua85EEQn7AT3857Y8zeOMqu85q0L5dSjmog6lWSXDSt 1PRy1ALIcFPnXtT72RWhWmHI35vYFLC+3bn4khGE88mm9o0ggjRd0JQSHazoaJYe k2jc7ziibquek6sVWRXNbQOHe0Z6ouQkB/C6srJqjPceeX6xXX7tgwywAQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFLISJ1cZxE6bTYWBuXLYBtcAWvyBMB8GA1UdIwQY MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt MmVjZTA0ZTE4NWMyLzEvc2hJblZ4bkVUcHROaFlHNWN0Z0cxd0JhX0lFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAWSJkAwQA ufiJMA8EAgACMAkDBwAqA5wAAAQwDQYJKoZIhvcNAQELBQADggEBAEJOAGlBNfcH PlxTDDlGPBaWttjjbYQnWc4EtxMkEaVATQiR57+oPrrPfMaQmICGnMplgWckzpkf UH/+ZMcQCIaYFX7s8Jykbmz6SwY5pQTiYCDRV8RXPyZNJmyDwFwI/WdWdXfOCnRG 6SnlrnAM+1nUjPbH8hZK9CDMQedZYl2Og0HyqbqVO3ovZA4eSDFkLnh8SNoX4vKl CULBr8aIV9QyrQWmTsOkjG0xdFdLPXBJzwnBWs8jMVocRTwp0l/QrhVG9D6X7Tlb 5I5RWu5D67QFZFWvBA43e0olwwnpXCh/eXuFpgk1Qo4fB/+lIq0J2CUb3yxaSNXq iglDsr6E2xM= -----END CERTIFICATE-----Generated at Wed Jan 21 11:09:05 2026 by rpki-client