This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/so3uet9HxmTT1e6-Xaeu7Xu47R4.roa File: so3uet9HxmTT1e6-Xaeu7Xu47R4.roa (raw, json) Hash identifier: YS3OlsV7nqbX92XpohfbsDi48e2F2cYz3EHfcdxmOmQ= Subject key identifier: B2:8D:EE:7A:DF:47:C6:64:D3:D5:EE:BE:5D:A7:AE:ED:7B:B8:ED:1E Certificate issuer: /CN=d86b9c1778a0529ee7e232003cbe5c993c36fddb Certificate serial: 019B7CEE3B91E1CF0DA9FD78FDC3F21A0A52 Authority key identifier: D8:6B:9C:17:78:A0:52:9E:E7:E2:32:00:3C:BE:5C:99:3C:36:FD:DB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GucF3igUp7n4jIAPL5cmTw2_ds.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/so3uet9HxmTT1e6-Xaeu7Xu47R4.roa Signing time: Fri 02 Jan 2026 04:19:06 +0000 ROA not before: Fri 02 Jan 2026 04:19:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 33915 IP address blocks: 193.200.147.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.mft rsync://rpki.ripe.net/repository/DEFAULT/2GucF3igUp7n4jIAPL5cmTw2_ds.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:3b:91:e1:cf:0d:a9:fd:78:fd:c3:f2:1a:0a:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d86b9c1778a0529ee7e232003cbe5c993c36fddb Validity Not Before: Jan 2 04:19:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b28dee7adf47c664d3d5eebe5da7aeed7bb8ed1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:db:f1:0d:40:9c:89:a4:6f:21:98:d8:06:2b: 5a:b4:b5:91:b4:70:01:51:16:64:cb:a7:14:8c:3f: b4:bc:e0:fb:c0:f7:ee:df:40:7a:e7:02:14:f6:d6: 22:0e:04:61:a2:bb:36:f7:cf:49:90:8d:e6:17:65: 5b:db:54:63:a5:15:df:ea:e9:fb:b2:bb:8a:97:c8: f5:e2:f9:5e:6f:60:f5:ec:d5:53:e9:f8:e3:c8:ae: 61:da:1f:90:19:5b:67:04:18:6f:4a:50:d0:58:10: 6e:24:46:af:b4:9f:4d:20:e7:7f:49:00:c5:66:6e: 6d:10:89:01:67:e8:59:28:ce:ce:94:b6:f8:9f:70: 76:79:97:63:cb:63:fe:09:09:eb:59:f8:2e:25:bb: 58:94:af:b6:42:27:ed:77:7e:09:97:e4:92:30:7e: 2c:fc:32:55:56:aa:7a:61:7f:95:5e:03:ce:94:72: 13:56:8f:e4:9d:37:79:d3:30:da:e5:ba:20:85:1c: 30:85:a2:f6:08:42:36:24:07:cc:b7:ca:1e:69:4a: 44:0e:a4:a9:76:a6:2c:70:70:7d:cf:da:50:c8:fa: c2:31:34:43:3d:5c:60:fa:5f:43:ac:a9:78:5a:cc: 29:ee:1e:64:da:a8:ff:cb:04:42:38:b2:24:a4:a6: 51:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:8D:EE:7A:DF:47:C6:64:D3:D5:EE:BE:5D:A7:AE:ED:7B:B8:ED:1E X509v3 Authority Key Identifier: keyid:D8:6B:9C:17:78:A0:52:9E:E7:E2:32:00:3C:BE:5C:99:3C:36:FD:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GucF3igUp7n4jIAPL5cmTw2_ds.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/so3uet9HxmTT1e6-Xaeu7Xu47R4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/970f9a-9480-4fdd-a4f4-a80a95e5a099/1/2GucF3igUp7n4jIAPL5cmTw2_ds.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.200.147.0/24 Signature Algorithm: sha256WithRSAEncryption 4a:4c:d4:b1:22:12:0e:dc:af:65:b0:e2:52:92:1f:8d:07:23: dd:9d:b3:28:95:7b:57:0f:bb:68:f4:b7:17:b4:41:36:d6:80: 2c:06:58:ec:ff:b6:89:37:05:18:3f:a1:00:96:dd:7f:52:04: 1e:6a:a6:8f:49:1f:b5:3d:6d:91:6f:8b:cf:98:27:90:30:e3: 5d:73:6b:26:6a:2a:4b:40:84:59:76:89:cd:a0:75:2b:4a:d6: 69:dc:08:bf:e9:c5:25:c6:54:c5:66:0c:70:8a:3d:8d:f5:23: 7a:1d:0f:f8:3a:01:dd:26:b9:a9:69:c2:da:35:79:1b:10:6e: e3:71:d5:17:bf:01:93:89:2f:c8:03:9d:bd:15:ad:15:86:36: 48:4d:70:bb:73:26:14:b7:c4:7b:ee:96:74:50:0e:b4:e2:97: 64:e7:6b:c0:3a:39:2f:40:28:1d:f3:09:7c:84:c8:5f:18:bd: 7e:24:6c:a9:9b:f4:f6:9c:ba:89:93:13:84:ae:71:66:11:3f: 41:aa:6d:cd:55:0f:e9:e8:0d:f7:f0:59:fc:33:27:cc:ba:da: 18:43:bc:fb:72:df:6a:b7:bc:fc:d5:ae:a9:05:a6:04:7d:d3: 93:7e:91:06:fb:66:a3:da:49:e8:b8:cd:16:98:2d:aa:ad:2e: cb:0f:1a:b4 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87juR4c8Nqf14/cPyGgpSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4NmI5YzE3NzhhMDUyOWVlN2UyMzIwMDNjYmU1Yzk5M2Mz NmZkZGIwHhcNMjYwMTAyMDQxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMjhkZWU3YWRmNDdjNjY0ZDNkNWVlYmU1ZGE3YWVlZDdiYjhlZDFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9vxDUCciaRvIZjYBitatLWRtHAB URZky6cUjD+0vOD7wPfu30B65wIU9tYiDgRhors2989JkI3mF2Vb21RjpRXf6un7 sruKl8j14vleb2D17NVT6fjjyK5h2h+QGVtnBBhvSlDQWBBuJEavtJ9NIOd/SQDF Zm5tEIkBZ+hZKM7OlLb4n3B2eZdjy2P+CQnrWfguJbtYlK+2Qiftd34Jl+SSMH4s /DJVVqp6YX+VXgPOlHITVo/knTd50zDa5boghRwwhaL2CEI2JAfMt8oeaUpEDqSp dqYscHB9z9pQyPrCMTRDPVxg+l9DrKl4Wswp7h5k2qj/ywRCOLIkpKZRhQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLKN7nrfR8Zk09Xuvl2nru17uO0eMB8GA1UdIwQY MBaAFNhrnBd4oFKe5+IyADy+XJk8Nv3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkd1Y0YzaWdVcDduNGpJQVBMNWNtVHcyX2RzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC85NzBmOWEtOTQ4MC00ZmRkLWE0ZjQt YTgwYTk1ZTVhMDk5LzEvc28zdWV0OUh4bVRUMWU2LVhhZXU3WHU0N1I0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC85NzBmOWEtOTQ4MC00ZmRkLWE0ZjQtYTgwYTk1ZTVhMDk5 LzEvMkd1Y0YzaWdVcDduNGpJQVBMNWNtVHcyX2RzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwciTMA0G CSqGSIb3DQEBCwUAA4IBAQBKTNSxIhIO3K9lsOJSkh+NByPdnbMolXtXD7to9LcX tEE21oAsBljs/7aJNwUYP6EAlt1/UgQeaqaPSR+1PW2Rb4vPmCeQMONdc2smaipL QIRZdonNoHUrStZp3Ai/6cUlxlTFZgxwij2N9SN6HQ/4OgHdJrmpacLaNXkbEG7j cdUXvwGTiS/IA529Fa0VhjZITXC7cyYUt8R77pZ0UA604pdk52vAOjkvQCgd8wl8 hMhfGL1+JGypm/T2nLqJkxOErnFmET9Bqm3NVQ/p6A338Fn8MyfMutoYQ7z7ct9q t7z81a6pBaYEfdOTfpEG+2aj2knouM0WmC2qrS7LDxq0 -----END CERTIFICATE-----Generated at Tue Jan 27 00:26:56 2026 by rpki-client