This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/soRgBsppmhAjuwcesmTHduOH9zE.roa File: soRgBsppmhAjuwcesmTHduOH9zE.roa (raw, json) Hash identifier: FnK+5njb2ep7QTqDrCHoNsGJ6m0P3EF/QDbE4FdNFpc= Subject key identifier: B2:84:60:06:CA:69:9A:10:23:BB:07:1E:B2:64:C7:76:E3:87:F7:31 Certificate issuer: /CN=9f04b3cf24cf4b81b2221146a00f2277bc348780 Certificate serial: 019B7910F815F1256EE89CEAAC039DF8ECDA Authority key identifier: 9F:04:B3:CF:24:CF:4B:81:B2:22:11:46:A0:0F:22:77:BC:34:87:80 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwSzzyTPS4GyIhFGoA8id7w0h4A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/soRgBsppmhAjuwcesmTHduOH9zE.roa Signing time: Thu 01 Jan 2026 10:18:33 +0000 ROA not before: Thu 01 Jan 2026 10:18:33 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204567 IP address blocks: 185.175.220.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/nwSzzyTPS4GyIhFGoA8id7w0h4A.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/nwSzzyTPS4GyIhFGoA8id7w0h4A.mft rsync://rpki.ripe.net/repository/DEFAULT/nwSzzyTPS4GyIhFGoA8id7w0h4A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:f8:15:f1:25:6e:e8:9c:ea:ac:03:9d:f8:ec:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9f04b3cf24cf4b81b2221146a00f2277bc348780 Validity Not Before: Jan 1 10:18:33 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b2846006ca699a1023bb071eb264c776e387f731 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ee:13:8e:89:0c:d4:c8:ee:86:2d:2a:50:4b: af:c2:08:08:52:50:d6:7e:45:13:75:2c:d4:37:94: 6d:40:b8:42:42:20:92:8b:8b:ff:ef:02:76:18:43: 2e:e4:b1:92:30:d1:09:17:76:97:a6:ed:35:a9:b7: da:cb:ca:43:a4:33:15:79:7b:0e:af:18:74:b1:db: 30:b6:e2:0e:27:d8:a5:c4:f2:e4:82:3b:f7:dd:26: b0:3f:08:49:f6:b3:f8:1c:60:88:94:c7:8e:74:77: f7:da:ea:cb:1b:02:8f:ac:30:77:73:51:58:82:0c: 69:d7:03:62:f9:3c:42:74:b1:c6:b8:c7:cd:54:7b: 97:0b:48:81:fd:cd:ea:ce:be:f2:5f:a8:95:d1:9a: d6:87:41:4f:b6:16:3a:b6:d8:28:74:9a:25:8d:96: f2:6d:80:18:0d:8e:ce:78:dd:da:db:f4:a6:07:13: 1b:28:2c:8f:d9:06:12:17:9a:31:04:d2:c2:c6:34: 1e:07:6f:e6:53:0d:bf:fd:a1:0b:f1:ed:4e:00:cd: 74:80:c6:cc:c7:22:4a:3e:89:e0:f5:44:f1:6f:c5: 10:49:64:d1:76:8d:b0:71:9c:5f:8d:33:29:1d:c3: 65:3f:f0:c0:db:7f:9a:08:03:ab:5c:ed:34:a3:e3: 9d:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:84:60:06:CA:69:9A:10:23:BB:07:1E:B2:64:C7:76:E3:87:F7:31 X509v3 Authority Key Identifier: keyid:9F:04:B3:CF:24:CF:4B:81:B2:22:11:46:A0:0F:22:77:BC:34:87:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwSzzyTPS4GyIhFGoA8id7w0h4A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/soRgBsppmhAjuwcesmTHduOH9zE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/da358c-2e47-44ec-b0c5-2ad968b362de/1/nwSzzyTPS4GyIhFGoA8id7w0h4A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.175.220.0/22 Signature Algorithm: sha256WithRSAEncryption 95:f7:20:12:d9:ea:be:aa:7d:2a:85:5b:fe:fb:86:cf:06:2a: a5:76:44:c8:4c:29:34:9d:12:18:f2:7a:e6:34:2b:49:3e:15: 47:36:da:46:2f:b9:db:cd:a6:a3:1a:48:d8:f2:a8:fd:9b:d3: 28:bd:fc:0a:25:34:da:06:0c:e6:a2:2d:88:99:ca:a7:19:7d: 95:70:88:94:3d:23:b9:58:94:21:fc:ca:26:db:8a:44:71:7b: 08:d5:b8:44:40:da:a7:d6:fb:0c:0c:77:b6:48:0e:a8:9c:cc: 8a:dd:d0:ee:97:02:4f:18:6b:e7:36:26:d1:fd:18:31:d9:58: 4f:de:01:00:cc:51:8c:10:9a:0b:04:e8:4f:9c:91:69:b4:47: 40:7b:12:a4:7a:be:3f:87:5e:0d:a8:e6:35:90:80:82:c9:9e: 19:ff:84:63:eb:68:73:b4:77:1c:9b:cc:82:3c:d1:a7:33:87: cb:d5:f9:c1:84:cd:f7:f6:35:c7:96:b4:1b:f7:32:2a:80:7c: a6:43:aa:bd:10:97:86:9d:88:a2:53:e2:1b:15:f1:26:02:72: 6e:c0:45:ab:8c:51:f3:d1:49:fe:eb:a0:5f:f6:78:6a:81:8e: ff:05:6b:6f:04:54:60:dc:58:7e:24:95:f3:4e:4b:91:d0:fd: c1:8a:d3:c6 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5EPgV8SVu6JzqrAOd+OzaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlmMDRiM2NmMjRjZjRiODFiMjIyMTE0NmEwMGYyMjc3YmMz NDg3ODAwHhcNMjYwMTAxMTAxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMjg0NjAwNmNhNjk5YTEwMjNiYjA3MWViMjY0Yzc3NmUzODdmNzMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyu4TjokM1Mjuhi0qUEuvwggIUlDW fkUTdSzUN5RtQLhCQiCSi4v/7wJ2GEMu5LGSMNEJF3aXpu01qbfay8pDpDMVeXsO rxh0sdswtuIOJ9ilxPLkgjv33SawPwhJ9rP4HGCIlMeOdHf32urLGwKPrDB3c1FY ggxp1wNi+TxCdLHGuMfNVHuXC0iB/c3qzr7yX6iV0ZrWh0FPthY6ttgodJoljZby bYAYDY7OeN3a2/SmBxMbKCyP2QYSF5oxBNLCxjQeB2/mUw2//aEL8e1OAM10gMbM xyJKPong9UTxb8UQSWTRdo2wcZxfjTMpHcNlP/DA23+aCAOrXO00o+OdZwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLKEYAbKaZoQI7sHHrJkx3bjh/cxMB8GA1UdIwQY MBaAFJ8Es88kz0uBsiIRRqAPIne8NIeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbndTenp5VFBTNEd5SWhGR29BOGlkN3cwaDRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kYTM1OGMtMmU0Ny00NGVjLWIwYzUt MmFkOTY4YjM2MmRlLzEvc29SZ0JzcHBtaEFqdXdjZXNtVEhkdU9IOXpFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi9kYTM1OGMtMmU0Ny00NGVjLWIwYzUtMmFkOTY4YjM2MmRl LzEvbndTenp5VFBTNEd5SWhGR29BOGlkN3cwaDRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCua/cMA0G CSqGSIb3DQEBCwUAA4IBAQCV9yAS2eq+qn0qhVv++4bPBiqldkTITCk0nRIY8nrm NCtJPhVHNtpGL7nbzaajGkjY8qj9m9MovfwKJTTaBgzmoi2ImcqnGX2VcIiUPSO5 WJQh/Mom24pEcXsI1bhEQNqn1vsMDHe2SA6onMyK3dDulwJPGGvnNibR/Rgx2VhP 3gEAzFGMEJoLBOhPnJFptEdAexKker4/h14NqOY1kICCyZ4Z/4Rj62hztHccm8yC PNGnM4fL1fnBhM339jXHlrQb9zIqgHymQ6q9EJeGnYiiU+IbFfEmAnJuwEWrjFHz 0Un+66Bf9nhqgY7/BWtvBFRg3Fh+JJXzTkuR0P3BitPG -----END CERTIFICATE-----Generated at Mon Feb 9 22:32:07 2026 by rpki-client