This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/sTU5fBJp-EWdh_BTD1N_DRnGv54.roa File: sTU5fBJp-EWdh_BTD1N_DRnGv54.roa (raw, json) Hash identifier: kDUJ3apAD6Z4RTY4CyhZzTpQCvGoDLl/umBo8RSMUaM= Subject key identifier: B1:35:39:7C:12:69:F8:45:9D:87:F0:53:0F:53:7F:0D:19:C6:BF:9E Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Certificate serial: 019B77C74624BAAC5AD086BAC3E6B4821725 Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/sTU5fBJp-EWdh_BTD1N_DRnGv54.roa Signing time: Thu 01 Jan 2026 04:18:26 +0000 ROA not before: Thu 01 Jan 2026 04:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 23532 IP address blocks: 178.255.244.0/22 maxlen: 23 192.200.192.0/19 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 13:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:46:24:ba:ac:5a:d0:86:ba:c3:e6:b4:82:17:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4 Validity Not Before: Jan 1 04:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b135397c1269f8459d87f0530f537f0d19c6bf9e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:d0:ba:40:42:1a:cc:40:f9:54:89:7a:f4:4b: ec:6c:12:d1:1d:2b:03:f8:7b:6d:fa:6a:b3:a1:2d: 51:47:3d:5f:cd:93:13:f2:1b:27:88:4d:d6:01:1b: ab:e3:97:56:97:15:37:43:02:08:0c:e9:ab:06:dd: 73:c2:8a:07:f8:9a:e5:2b:d9:73:9c:ba:0c:a7:2a: 98:88:6a:38:38:0d:3f:17:ff:35:a7:2b:a9:f4:04: f8:ff:2d:de:f2:ae:0d:ae:eb:40:88:d4:a5:28:51: a2:2a:22:6c:f9:0c:4d:2a:e2:18:98:9e:64:63:b7: 24:79:e4:97:2e:f1:a9:bb:2c:69:fa:ef:6e:f4:0a: 91:95:bd:89:b9:19:15:b6:39:a3:72:9a:31:44:c2: 1c:38:d9:9a:46:72:ad:b7:e3:c3:ae:f0:ba:0e:0d: 88:0d:c4:a1:3c:52:c2:a7:bd:09:13:17:f3:21:f5: 67:5f:86:01:73:ce:53:b6:e9:b1:fd:ed:81:b1:51: 89:00:0b:25:50:91:ec:74:af:91:41:f7:5d:ec:75: 9f:e5:aa:bc:f6:d5:cd:76:99:1c:93:8d:92:20:4e: 9c:0f:d5:e5:e7:a6:90:19:05:72:44:95:65:c4:9d: ec:34:43:60:84:62:d4:fa:5e:15:73:a9:69:8e:2d: 6e:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:35:39:7C:12:69:F8:45:9D:87:F0:53:0F:53:7F:0D:19:C6:BF:9E X509v3 Authority Key Identifier: keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/sTU5fBJp-EWdh_BTD1N_DRnGv54.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 178.255.244.0/22 192.200.192.0/19 Signature Algorithm: sha256WithRSAEncryption 87:98:f2:5b:87:d0:87:c3:65:e3:9d:eb:3d:56:b7:57:ec:15: 53:4e:08:40:ce:8d:2d:52:48:a3:1f:a8:9e:df:31:5a:9c:53: a4:56:8a:2e:ae:d8:47:d6:d9:38:5c:50:c1:63:29:94:b6:00: ec:43:9b:a2:65:fb:3e:22:6f:e8:7a:bd:11:80:bd:8b:e9:e8: 4e:43:88:d0:3e:1a:07:62:87:ae:bd:ef:43:05:fb:70:12:1a: b1:9d:63:59:94:ed:8d:7c:25:82:0a:a9:f7:03:0f:7c:e0:1b: af:10:94:0b:62:55:eb:d2:c5:77:4f:2d:8e:3f:b3:db:fe:2e: 1a:ed:88:e8:82:5f:0a:a2:08:5a:ee:c9:3b:7f:b6:af:82:a9: 17:d9:32:15:90:29:5c:ec:5e:2d:b6:ca:ba:bc:58:7a:78:b1: 3a:6d:60:bf:f8:01:1c:a2:b1:b7:27:54:3f:8b:cc:f7:3a:32: 77:49:1e:b8:b6:ca:f7:4c:84:87:82:34:5a:0e:7a:ee:0a:0e: e0:37:56:3f:d4:11:fe:87:f1:2a:d9:47:a2:0a:ce:e6:26:fe: 99:bf:05:0d:8e:3b:cc:ab:f1:b3:ce:30:1d:a2:e4:7b:67:ec: d9:e9:33:69:96:b9:31:70:b4:fc:7f:42:89:02:81:df:9e:73: ea:bb:1c:ac -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3x0Ykuqxa0Ia6w+a0ghclMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi NWRlZTQwHhcNMjYwMTAxMDQxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMTM1Mzk3YzEyNjlmODQ1OWQ4N2YwNTMwZjUzN2YwZDE5YzZiZjllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7NC6QEIazED5VIl69EvsbBLRHSsD +Htt+mqzoS1RRz1fzZMT8hsniE3WARur45dWlxU3QwIIDOmrBt1zwooH+JrlK9lz nLoMpyqYiGo4OA0/F/81pyup9AT4/y3e8q4NrutAiNSlKFGiKiJs+QxNKuIYmJ5k Y7ckeeSXLvGpuyxp+u9u9AqRlb2JuRkVtjmjcpoxRMIcONmaRnKtt+PDrvC6Dg2I DcShPFLCp70JExfzIfVnX4YBc85Ttumx/e2BsVGJAAslUJHsdK+RQfdd7HWf5aq8 9tXNdpkck42SIE6cD9Xl56aQGQVyRJVlxJ3sNENghGLU+l4Vc6lpji1uBQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFLE1OXwSafhFnYfwUw9Tfw0Zxr+eMB8GA1UdIwQY MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt NTlmNTk4NGI2NGVhLzEvc1RVNWZCSnAtRVdkaF9CVEQxTl9EUm5HdjU0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsv/0AwQF wMjAMA0GCSqGSIb3DQEBCwUAA4IBAQCHmPJbh9CHw2Xjnes9VrdX7BVTTghAzo0t UkijH6ie3zFanFOkVoourthH1tk4XFDBYymUtgDsQ5uiZfs+Im/oer0RgL2L6ehO Q4jQPhoHYoeuve9DBftwEhqxnWNZlO2NfCWCCqn3Aw984BuvEJQLYlXr0sV3Ty2O P7Pb/i4a7Yjogl8Kogha7sk7f7avgqkX2TIVkClc7F4ttsq6vFh6eLE6bWC/+AEc orG3J1Q/i8z3OjJ3SR64tsr3TISHgjRaDnruCg7gN1Y/1BH+h/Eq2UeiCs7mJv6Z vwUNjjvMq/GzzjAdouR7Z+zZ6TNplrkxcLT8f0KJAoHfnnPquxys -----END CERTIFICATE-----Generated at Thu Jan 1 20:30:06 2026 by rpki-client