This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/0ShDfOH1Ac9e6vvkpUZXgh0BNC0.roa File: 0ShDfOH1Ac9e6vvkpUZXgh0BNC0.roa (raw, json) Hash identifier: BD8JCJierHp2LDaazEE6kGlqOyEpFiqAEwABUcVamkE= Subject key identifier: D1:28:43:7C:E1:F5:01:CF:5E:EA:FB:E4:A5:46:57:82:1D:01:34:2D Certificate issuer: /CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66 Certificate serial: 019B21C5CC041B922B99802476573AF10CDA Authority key identifier: E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/0ShDfOH1Ac9e6vvkpUZXgh0BNC0.roa Signing time: Mon 15 Dec 2025 11:29:29 +0000 ROA not before: Mon 15 Dec 2025 11:29:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 9304 IP address blocks: 185.129.208.0/22 maxlen: 22 185.199.196.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/5hvX3R-KyLQZK6eKWSNItd0KGmY.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/5hvX3R-KyLQZK6eKWSNItd0KGmY.mft rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:c5:cc:04:1b:92:2b:99:80:24:76:57:3a:f1:0c:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e61bd7dd1f8ac8b4192ba78a592348b5dd0a1a66 Validity Not Before: Dec 15 11:29:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=d128437ce1f501cf5eeafbe4a54657821d01342d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:70:06:63:23:77:bf:99:93:0c:b6:67:48:a5: f7:ad:8e:8f:5a:64:5b:76:63:eb:28:d9:33:0f:d0: 48:cb:1f:1b:8b:9b:2c:ac:31:cb:07:dc:d0:d1:44: a8:44:90:da:35:bd:bb:e2:31:48:b2:41:15:dd:22: fb:8a:54:8f:06:e2:f8:be:a2:c9:9c:dc:a0:2b:e8: 8a:6e:4a:cd:80:a2:06:21:60:00:4b:e0:f2:39:1e: 78:92:fe:6c:31:c5:28:38:ec:bb:ef:97:34:2e:8a: a9:6f:cc:9d:43:78:0b:5f:e4:84:a1:65:2f:b3:aa: 2a:b6:c4:0e:e5:36:7d:e8:b9:df:bb:ef:9d:cb:81: e4:49:5f:3e:e3:d0:a5:71:7b:07:e5:26:8d:4f:ff: 15:a1:51:a2:d4:80:ef:d5:e1:bd:0e:29:1d:b7:db: 75:80:a8:7e:78:82:d8:2a:51:c3:a1:7a:eb:68:1e: 3d:ad:87:5d:c9:25:81:79:e4:78:a3:f2:14:05:c1: bc:3b:9e:99:75:98:36:79:d3:4e:9d:8b:24:45:8b: 9c:5d:9f:8d:c9:fa:3e:6a:bf:fa:c3:ce:5e:79:50: c8:a0:4a:24:b8:16:6c:f8:9b:9f:d0:13:9a:da:0b: 0d:4e:6f:44:16:4f:f7:84:06:8b:93:11:65:a7:ab: 9f:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:28:43:7C:E1:F5:01:CF:5E:EA:FB:E4:A5:46:57:82:1D:01:34:2D X509v3 Authority Key Identifier: keyid:E6:1B:D7:DD:1F:8A:C8:B4:19:2B:A7:8A:59:23:48:B5:DD:0A:1A:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hvX3R-KyLQZK6eKWSNItd0KGmY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/0ShDfOH1Ac9e6vvkpUZXgh0BNC0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4acc15-bba0-4459-9667-de9b2f8f7e29/1/5hvX3R-KyLQZK6eKWSNItd0KGmY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.129.208.0/22 185.199.196.0/22 Signature Algorithm: sha256WithRSAEncryption 23:59:4c:d6:a8:dd:d5:2d:4d:8f:02:b2:a2:6e:0f:bc:cf:f6: 28:c3:36:45:9c:28:0b:cb:c5:54:c5:0b:f4:9b:57:a8:df:f4: b8:9e:24:73:92:66:09:16:df:91:b7:50:98:9a:c3:38:2f:7e: 4c:45:65:c2:30:bd:7b:7e:7f:f7:d4:5c:6c:ee:ef:60:1a:f0: ab:4d:3a:43:a3:1c:24:6d:ea:bc:ad:fd:11:52:81:7a:e2:78: bc:43:83:b5:10:0a:93:57:e3:f7:a0:7f:c5:ed:08:33:98:77: 7b:2a:62:00:98:f3:e4:ce:11:88:09:05:51:4b:43:f7:1a:f1: ad:e5:aa:07:33:c8:16:71:91:a0:db:61:1b:3d:29:9c:e7:36: 50:f1:8a:ab:2e:8c:db:e2:07:87:3d:2c:ac:65:8b:b9:23:b1: 1c:5e:e1:2f:bd:dc:ca:67:1f:85:01:dd:f5:c0:5e:f2:58:d4: 54:f2:34:70:7d:2a:fd:18:0f:46:0d:52:fc:01:34:05:0c:b4: c2:ff:18:69:9c:e0:e8:e4:17:39:45:c6:b5:0d:8e:09:d6:2c: 45:1b:c8:75:eb:30:ed:ed:a7:af:31:9b:18:89:22:2a:04:e7: fe:f9:c9:2d:a0:4f:78:21:69:df:a9:c7:eb:9b:65:19:25:cb: 40:ef:14:91 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZshxcwEG5IrmYAkdlc68QzaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU2MWJkN2RkMWY4YWM4YjQxOTJiYTc4YTU5MjM0OGI1ZGQw YTFhNjYwHhcNMjUxMjE1MTEyOTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkMTI4NDM3Y2UxZjUwMWNmNWVlYWZiZTRhNTQ2NTc4MjFkMDEzNDJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnAGYyN3v5mTDLZnSKX3rY6PWmRb dmPrKNkzD9BIyx8bi5ssrDHLB9zQ0USoRJDaNb274jFIskEV3SL7ilSPBuL4vqLJ nNygK+iKbkrNgKIGIWAAS+DyOR54kv5sMcUoOOy775c0Loqpb8ydQ3gLX+SEoWUv s6oqtsQO5TZ96Lnfu++dy4HkSV8+49ClcXsH5SaNT/8VoVGi1IDv1eG9Dikdt9t1 gKh+eILYKlHDoXrraB49rYddySWBeeR4o/IUBcG8O56ZdZg2edNOnYskRYucXZ+N yfo+ar/6w85eeVDIoEokuBZs+Juf0BOa2gsNTm9EFk/3hAaLkxFlp6ufJQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNEoQ3zh9QHPXur75KVGV4IdATQtMB8GA1UdIwQY MBaAFOYb190fisi0GSunilkjSLXdChpmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNWh2WDNSLUt5TFFaSzZlS1dTTkl0ZDBLR21ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80YWNjMTUtYmJhMC00NDU5LTk2Njct ZGU5YjJmOGY3ZTI5LzEvMFNoRGZPSDFBYzllNnZ2a3BVWlhnaDBCTkMwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC80YWNjMTUtYmJhMC00NDU5LTk2NjctZGU5YjJmOGY3ZTI5 LzEvNWh2WDNSLUt5TFFaSzZlS1dTTkl0ZDBLR21ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYHQAwQC ucfEMA0GCSqGSIb3DQEBCwUAA4IBAQAjWUzWqN3VLU2PArKibg+8z/YowzZFnCgL y8VUxQv0m1eo3/S4niRzkmYJFt+Rt1CYmsM4L35MRWXCML17fn/31Fxs7u9gGvCr TTpDoxwkbeq8rf0RUoF64ni8Q4O1EAqTV+P3oH/F7QgzmHd7KmIAmPPkzhGICQVR S0P3GvGt5aoHM8gWcZGg22EbPSmc5zZQ8YqrLozb4geHPSysZYu5I7EcXuEvvdzK Zx+FAd31wF7yWNRU8jRwfSr9GA9GDVL8ATQFDLTC/xhpnODo5Bc5Rca1DY4J1ixF G8h16zDt7aevMZsYiSIqBOf++cktoE94IWnfqcfrm2UZJctA7xSR -----END CERTIFICATE-----Generated at Tue Dec 16 18:40:45 2025 by rpki-client