This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/sI4LDL57R7oHp-cdx3_PvsnIYBk.roa File: sI4LDL57R7oHp-cdx3_PvsnIYBk.roa (raw, json) Hash identifier: Fe+5Zy6aiIJQVmo5ZjeT3vWpAqyJDqiiDCdDg0tEFQ4= Subject key identifier: B0:8E:0B:0C:BE:7B:47:BA:07:A7:E7:1D:C7:7F:CF:BE:C9:C8:60:19 Certificate issuer: /CN=c66a5f2b468db35eb562bd37e1f36ecea813ccac Certificate serial: 019B797EAE5AA0BCB3832228E0E1EB6BAFF0 Authority key identifier: C6:6A:5F:2B:46:8D:B3:5E:B5:62:BD:37:E1:F3:6E:CE:A8:13:CC:AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmpfK0aNs161Yr034fNuzqgTzKw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/sI4LDL57R7oHp-cdx3_PvsnIYBk.roa Signing time: Thu 01 Jan 2026 12:18:23 +0000 ROA not before: Thu 01 Jan 2026 12:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41670 IP address blocks: 89.248.240.0/20 maxlen: 20 185.110.204.0/22 maxlen: 22 2a01:168::/29 maxlen: 29 2a01:168::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/xmpfK0aNs161Yr034fNuzqgTzKw.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/xmpfK0aNs161Yr034fNuzqgTzKw.mft rsync://rpki.ripe.net/repository/DEFAULT/xmpfK0aNs161Yr034fNuzqgTzKw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:ae:5a:a0:bc:b3:83:22:28:e0:e1:eb:6b:af:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66a5f2b468db35eb562bd37e1f36ecea813ccac Validity Not Before: Jan 1 12:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b08e0b0cbe7b47ba07a7e71dc77fcfbec9c86019 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:26:f5:84:58:1d:e3:e9:78:13:a9:eb:b1:16: 36:80:f8:79:a2:0f:bf:c3:d2:47:b1:04:7e:01:79: bc:ad:a1:4f:45:08:9f:78:7c:f0:54:49:36:e1:aa: 35:db:a7:dc:dd:ad:f9:78:8b:b3:8a:53:c7:42:8e: 72:24:50:86:a5:c9:c3:8e:e8:f2:95:fb:eb:d1:4b: 68:7b:f8:0f:a4:2d:45:70:02:ce:4c:b0:20:64:ad: 1f:b1:d0:40:19:57:9f:fc:8e:76:a7:5e:82:a7:ab: 36:0d:2c:3b:d1:b2:5a:1c:f9:66:11:01:64:70:a5: 3f:85:a4:82:d5:db:6c:62:db:99:f8:c2:02:67:24: de:fd:1b:58:43:87:47:0c:9e:4b:16:cb:b0:8d:d0: 3e:e0:d9:ba:17:30:d7:af:01:88:78:55:88:ca:6d: 1c:96:86:0e:4f:64:f0:26:2a:ca:29:c6:ff:38:3b: 4a:ed:7b:e5:b2:fc:4c:15:ef:33:52:08:f2:78:ba: df:03:a8:79:28:46:2c:8b:b7:1d:62:78:90:85:4f: e5:db:a2:93:d6:6a:66:05:ad:10:2a:99:61:87:11: 6d:c6:3d:0e:6d:23:d8:0a:83:22:d3:f7:7b:07:ef: 2f:ce:ae:fb:29:d7:0a:9a:b1:7f:aa:9c:40:b8:96: 37:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:8E:0B:0C:BE:7B:47:BA:07:A7:E7:1D:C7:7F:CF:BE:C9:C8:60:19 X509v3 Authority Key Identifier: keyid:C6:6A:5F:2B:46:8D:B3:5E:B5:62:BD:37:E1:F3:6E:CE:A8:13:CC:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmpfK0aNs161Yr034fNuzqgTzKw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/sI4LDL57R7oHp-cdx3_PvsnIYBk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/531a4c-6521-4ef9-8878-31f4cc12d620/1/xmpfK0aNs161Yr034fNuzqgTzKw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.248.240.0/20 185.110.204.0/22 IPv6: 2a01:168::/29 Signature Algorithm: sha256WithRSAEncryption 3f:c4:e0:e8:e3:69:d3:c0:a6:23:9c:f3:dd:bd:8b:98:1c:d4: e4:b9:68:40:1d:15:4a:25:b5:cd:91:0d:bc:bc:e4:7b:5f:69: 2d:44:67:48:06:56:81:5a:8d:03:ae:9d:76:63:3d:92:e9:b8: ff:01:3e:bc:67:08:a9:58:b9:54:7e:cb:2c:ad:60:a5:a5:21: b7:ab:71:34:f7:2b:73:cf:14:cc:b1:32:ad:41:e9:4c:07:f3: bd:b9:05:23:d6:9d:58:26:4a:67:41:c1:ed:66:19:a3:fe:6f: e7:76:bd:e1:a0:c6:6b:59:2e:0f:45:1f:a1:66:fb:55:51:f1: 41:ce:78:7d:48:f0:74:ca:77:5c:8e:57:3b:7a:39:bd:92:f1: cb:cf:ff:e2:cf:54:40:92:ae:27:3d:49:5c:13:42:06:ee:f1: c0:52:88:12:23:ba:2d:50:43:8e:72:c9:d0:ca:d1:07:6c:b3: f6:87:89:99:61:f6:76:c3:22:8c:fe:6b:d3:5a:13:0e:e8:7d: d9:67:e4:c3:98:e4:dd:1e:2b:a7:7c:d6:0d:dc:9d:41:63:96: 2f:b9:ec:2e:ab:9c:c7:ab:2b:bd:98:1d:76:f6:f9:6d:4f:ac: 24:74:5e:84:1f:31:23:4f:99:31:5b:68:84:a1:c7:0e:ee:ba: 69:5f:cf:ab -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5fq5aoLyzgyIo4OHra6/wMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NmE1ZjJiNDY4ZGIzNWViNTYyYmQzN2UxZjM2ZWNlYTgx M2NjYWMwHhcNMjYwMTAxMTIxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMDhlMGIwY2JlN2I0N2JhMDdhN2U3MWRjNzdmY2ZiZWM5Yzg2MDE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSb1hFgd4+l4E6nrsRY2gPh5og+/ w9JHsQR+AXm8raFPRQifeHzwVEk24ao126fc3a35eIuzilPHQo5yJFCGpcnDjujy lfvr0Utoe/gPpC1FcALOTLAgZK0fsdBAGVef/I52p16Cp6s2DSw70bJaHPlmEQFk cKU/haSC1dtsYtuZ+MICZyTe/RtYQ4dHDJ5LFsuwjdA+4Nm6FzDXrwGIeFWIym0c loYOT2TwJirKKcb/ODtK7XvlsvxMFe8zUgjyeLrfA6h5KEYsi7cdYniQhU/l26KT 1mpmBa0QKplhhxFtxj0ObSPYCoMi0/d7B+8vzq77KdcKmrF/qpxAuJY3KQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFLCOCwy+e0e6B6fnHcd/z77JyGAZMB8GA1UdIwQY MBaAFMZqXytGjbNetWK9N+Hzbs6oE8ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1wZkswYU5zMTYxWXIwMzRmTnV6cWdUekt3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS81MzFhNGMtNjUyMS00ZWY5LTg4Nzgt MzFmNGNjMTJkNjIwLzEvc0k0TERMNTdSN29IcC1jZHgzX1B2c25JWUJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS81MzFhNGMtNjUyMS00ZWY5LTg4NzgtMzFmNGNjMTJkNjIw LzEveG1wZkswYU5zMTYxWXIwMzRmTnV6cWdUekt3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEWfjwAwQC uW7MMA0EAgACMAcDBQMqAQFoMA0GCSqGSIb3DQEBCwUAA4IBAQA/xODo42nTwKYj nPPdvYuYHNTkuWhAHRVKJbXNkQ28vOR7X2ktRGdIBlaBWo0Drp12Yz2S6bj/AT68 ZwipWLlUfsssrWClpSG3q3E09ytzzxTMsTKtQelMB/O9uQUj1p1YJkpnQcHtZhmj /m/ndr3hoMZrWS4PRR+hZvtVUfFBznh9SPB0yndcjlc7ejm9kvHLz//iz1RAkq4n PUlcE0IG7vHAUogSI7otUEOOcsnQytEHbLP2h4mZYfZ2wyKM/mvTWhMO6H3ZZ+TD mOTdHiunfNYN3J1BY5Yvuewuq5zHqyu9mB129vltT6wkdF6EHzEjT5kxW2iEoccO 7rppX8+r -----END CERTIFICATE-----Generated at Mon Feb 9 20:09:37 2026 by rpki-client