This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/sa-VxIHIFXVHRevvOB_tVdLXAUg.roa File: sa-VxIHIFXVHRevvOB_tVdLXAUg.roa (raw, json) Hash identifier: AJ35gvwbYj3xRDQgq3Eq1FxMxn80Yq+XvR8L/G/XxyE= Subject key identifier: B1:AF:95:C4:81:C8:15:75:47:45:EB:EF:38:1F:ED:55:D2:D7:01:48 Certificate issuer: /CN=1f7142b45b5ce39016e25e09b2fed579a9bd77d6 Certificate serial: 019B7DCA7CA7BEE71680037EB7AB2588EA20 Authority key identifier: 1F:71:42:B4:5B:5C:E3:90:16:E2:5E:09:B2:FE:D5:79:A9:BD:77:D6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H3FCtFtc45AW4l4Jsv7Veam9d9Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/sa-VxIHIFXVHRevvOB_tVdLXAUg.roa Signing time: Fri 02 Jan 2026 08:19:40 +0000 ROA not before: Fri 02 Jan 2026 08:19:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198539 IP address blocks: 185.228.112.0/23 maxlen: 23 185.228.114.0/24 maxlen: 24 185.228.115.0/24 maxlen: 24 194.50.141.0/24 maxlen: 24 194.50.142.0/24 maxlen: 24 194.50.143.0/24 maxlen: 24 2a0d:e00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/H3FCtFtc45AW4l4Jsv7Veam9d9Y.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/H3FCtFtc45AW4l4Jsv7Veam9d9Y.mft rsync://rpki.ripe.net/repository/DEFAULT/H3FCtFtc45AW4l4Jsv7Veam9d9Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:7c:a7:be:e7:16:80:03:7e:b7:ab:25:88:ea:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1f7142b45b5ce39016e25e09b2fed579a9bd77d6 Validity Not Before: Jan 2 08:19:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b1af95c481c815754745ebef381fed55d2d70148 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:0c:80:29:b1:58:20:c3:69:c3:6a:fe:a6:f4: b5:42:3b:9f:c3:1d:63:27:81:71:11:5e:10:94:6d: f0:d1:fd:9c:64:88:84:b2:57:a5:60:00:be:44:92: 98:c6:ce:2a:c6:1f:67:8b:f6:ff:da:07:c7:85:f9: d1:b5:94:ff:e6:9c:ff:b7:81:04:2b:ba:39:0b:26: 01:00:02:70:39:44:07:32:bb:ac:ff:72:95:77:0a: 75:80:78:8f:5a:dd:50:ed:0d:a0:7d:91:1b:92:3d: 94:61:cb:d6:39:de:b3:eb:40:39:72:f1:15:47:0d: 69:b5:2c:b2:65:7f:03:8b:58:97:e4:eb:d0:ed:82: db:c5:57:a4:3a:1b:b2:90:4e:be:93:91:27:12:ec: 47:45:72:86:46:f0:ee:a9:ab:a6:23:eb:e9:37:1d: 86:00:ad:93:26:29:59:04:c4:bc:45:55:7f:9e:3b: d9:e4:7f:12:e5:13:96:57:d5:b7:0d:c0:44:73:c7: 13:09:28:28:8b:ec:ea:0f:f4:d0:ba:d3:ea:05:d3: 14:16:db:8b:b0:2d:48:e7:ef:5a:a2:10:b0:e0:03: 4c:84:8d:ed:76:f0:15:5f:fc:bc:eb:b1:71:54:f4: 1a:46:a2:38:14:3a:6d:33:eb:fd:c4:0a:11:65:ba: 3d:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:AF:95:C4:81:C8:15:75:47:45:EB:EF:38:1F:ED:55:D2:D7:01:48 X509v3 Authority Key Identifier: keyid:1F:71:42:B4:5B:5C:E3:90:16:E2:5E:09:B2:FE:D5:79:A9:BD:77:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H3FCtFtc45AW4l4Jsv7Veam9d9Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/sa-VxIHIFXVHRevvOB_tVdLXAUg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/dfead7-586a-4b35-b199-dfe45f672f81/1/H3FCtFtc45AW4l4Jsv7Veam9d9Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.228.112.0/22 194.50.141.0-194.50.143.255 IPv6: 2a0d:e00::/29 Signature Algorithm: sha256WithRSAEncryption 26:17:d7:b0:0b:f3:df:f1:7d:f0:eb:b8:2d:78:8d:9d:e3:9f: bd:59:93:83:59:f7:f1:f5:4a:c1:3d:d8:45:82:32:32:0e:3d: 6b:32:be:fe:85:08:7a:76:6b:44:fc:fa:0f:3f:9d:67:96:8b: 23:93:44:cf:f6:9a:10:53:61:cb:47:d2:b2:f2:83:d9:75:ca: 48:16:4d:9b:3b:be:d0:16:1c:aa:07:10:e0:0e:2b:f4:8d:73: ad:39:7c:ab:6e:db:ec:5e:fe:6a:bf:99:36:fa:33:60:a7:ef: fa:f0:7a:4e:5f:e3:96:b6:35:7e:88:44:05:34:0e:93:ca:76: 1d:b6:98:75:bf:a0:c8:04:43:43:e6:b1:95:60:eb:4c:de:66: 53:15:d7:4d:28:1e:b9:18:0e:92:5a:75:25:d8:49:af:0b:d4: 31:bf:0f:cb:f4:7d:a7:67:b5:11:d0:87:3b:5e:6c:eb:7f:61: c2:1e:f3:6e:e8:f1:e3:5e:cf:0f:f4:98:1e:8b:2c:91:2f:7a: 68:38:21:7d:f6:e2:12:64:02:77:72:f9:14:13:c0:e0:45:7c: fc:5b:7c:fd:ea:4a:c6:f8:3f:70:cb:7e:42:9d:65:2d:7e:b5: ec:89:0a:a1:20:02:e6:66:19:56:4f:02:51:15:11:46:32:f6: b8:b7:12:7d -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgISAZt9ynynvucWgAN+t6sliOogMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFmNzE0MmI0NWI1Y2UzOTAxNmUyNWUwOWIyZmVkNTc5YTli ZDc3ZDYwHhcNMjYwMTAyMDgxOTQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMWFmOTVjNDgxYzgxNTc1NDc0NWViZWYzODFmZWQ1NWQyZDcwMTQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQyAKbFYIMNpw2r+pvS1Qjufwx1j J4FxEV4QlG3w0f2cZIiEslelYAC+RJKYxs4qxh9ni/b/2gfHhfnRtZT/5pz/t4EE K7o5CyYBAAJwOUQHMrus/3KVdwp1gHiPWt1Q7Q2gfZEbkj2UYcvWOd6z60A5cvEV Rw1ptSyyZX8Di1iX5OvQ7YLbxVekOhuykE6+k5EnEuxHRXKGRvDuqaumI+vpNx2G AK2TJilZBMS8RVV/njvZ5H8S5ROWV9W3DcBEc8cTCSgoi+zqD/TQutPqBdMUFtuL sC1I5+9aohCw4ANMhI3tdvAVX/y867FxVPQaRqI4FDptM+v9xAoRZbo9ywIDAQAB o4ICJjCCAiIwHQYDVR0OBBYEFLGvlcSByBV1R0Xr7zgf7VXS1wFIMB8GA1UdIwQY MBaAFB9xQrRbXOOQFuJeCbL+1XmpvXfWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSDNGQ3RGdGM0NUFXNGw0SnN2N1ZlYW05ZDlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9kZmVhZDctNTg2YS00YjM1LWIxOTkt ZGZlNDVmNjcyZjgxLzEvc2EtVnhJSElGWFZIUmV2dk9CX3RWZExYQVVnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9kZmVhZDctNTg2YS00YjM1LWIxOTktZGZlNDVmNjcyZjgx LzEvSDNGQ3RGdGM0NUFXNGw0SnN2N1ZlYW05ZDlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCueRwMAwD BADCMo0DBATCMoAwDQQCAAIwBwMFAyoNDgAwDQYJKoZIhvcNAQELBQADggEBACYX 17AL89/xffDruC14jZ3jn71Zk4NZ9/H1SsE92EWCMjIOPWsyvv6FCHp2a0T8+g8/ nWeWiyOTRM/2mhBTYctH0rLyg9l1ykgWTZs7vtAWHKoHEOAOK/SNc605fKtu2+xe /mq/mTb6M2Cn7/rwek5f45a2NX6IRAU0DpPKdh22mHW/oMgEQ0PmsZVg60zeZlMV 100oHrkYDpJadSXYSa8L1DG/D8v0fadntRHQhztebOt/YcIe827o8eNezw/0mB6L LJEvemg4IX324hJkAndy+RQTwOBFfPxbfP3qSsb4P3DLfkKdZS1+teyJCqEgAuZm GVZPAlEVEUYy9ri3En0= -----END CERTIFICATE-----Generated at Mon Feb 9 19:40:13 2026 by rpki-client