This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Sk7t1MTLy-mE6ILTeU920PY_M-g.roa File: Sk7t1MTLy-mE6ILTeU920PY_M-g.roa (raw, json) Hash identifier: OLnK8J+KbB8wVrBQPdBasMW3N+QmDq4FYwGFqKzTkEk= Subject key identifier: 4A:4E:ED:D4:C4:CB:CB:E9:84:E8:82:D3:79:4F:76:D0:F6:3F:33:E8 Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4 Certificate serial: 019B77C6F744F0B7CA8015BE0488CD607540 Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Sk7t1MTLy-mE6ILTeU920PY_M-g.roa Signing time: Thu 01 Jan 2026 04:18:06 +0000 ROA not before: Thu 01 Jan 2026 04:18:06 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 996 IP address blocks: 89.28.200.0/24 maxlen: 24 89.28.201.0/24 maxlen: 24 89.28.203.0/24 maxlen: 24 89.28.204.0/24 maxlen: 24 89.28.206.0/24 maxlen: 24 89.28.207.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.mft rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 15:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:f7:44:f0:b7:ca:80:15:be:04:88:cd:60:75:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4 Validity Not Before: Jan 1 04:18:06 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4a4eedd4c4cbcbe984e882d3794f76d0f63f33e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:9c:49:80:7c:11:b8:ee:b7:89:d2:42:b4:3a: 4d:b2:6f:f0:75:29:e7:a6:2a:ad:34:38:d4:37:3c: c5:5b:9f:a7:c4:09:b7:49:dc:4e:65:96:17:e4:a5: 7c:f1:74:3d:79:e5:e2:cd:37:15:6d:20:7b:62:09: 0a:74:02:2f:a0:be:ba:c4:f2:51:60:46:21:b9:3f: ab:8a:ce:43:cd:51:b7:32:31:d8:e7:e2:e8:6d:51: 97:cd:6f:b3:1f:ea:77:bc:f6:28:c7:d8:20:3d:3a: 18:e7:5b:86:c8:cb:65:a4:a6:9e:54:1b:24:61:24: 06:a2:9a:15:94:34:f6:3f:8f:87:09:6e:d4:15:53: 2c:62:c9:2d:19:ce:77:a5:81:a3:80:d5:23:59:98: 23:cf:e7:15:da:12:16:72:61:3c:32:68:1f:d2:30: e8:a5:54:e3:34:dd:c7:3f:6f:14:a9:75:8d:5a:2d: b1:ee:f6:07:40:3f:ce:57:dc:20:ca:69:05:01:11: 79:dc:08:73:c4:94:a2:89:8e:fb:c2:b6:7a:8e:04: 3f:53:94:8c:87:f5:65:38:47:80:aa:6b:e5:7b:0b: 19:a4:e7:97:5e:b7:51:91:23:c5:96:91:cf:a0:2e: ba:50:c0:de:7a:80:08:9f:59:4a:38:6b:8d:fa:ca: b9:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:4E:ED:D4:C4:CB:CB:E9:84:E8:82:D3:79:4F:76:D0:F6:3F:33:E8 X509v3 Authority Key Identifier: keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/Sk7t1MTLy-mE6ILTeU920PY_M-g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.28.200.0/23 89.28.203.0-89.28.204.255 89.28.206.0/23 Signature Algorithm: sha256WithRSAEncryption b9:2d:7c:4e:2f:26:c0:4a:24:0e:dc:e7:c6:18:88:27:f2:9c: 53:ea:8a:83:d4:cb:2d:70:29:af:cf:3b:65:dc:27:fd:75:f4: a0:fc:68:6c:ad:73:42:50:57:d1:ab:c0:4e:82:e0:75:e5:ea: 8b:49:84:c6:8e:81:45:8d:db:8a:d5:06:20:49:84:bc:b3:1a: c3:8c:51:f0:06:57:bd:17:7a:59:e2:42:5b:06:88:77:a9:a0: b4:3b:29:3a:45:29:ba:43:86:72:00:a4:29:0e:8a:9a:c8:2f: f1:2a:b8:54:b1:15:56:c3:bb:51:3f:55:f0:f7:69:ce:6c:e6: a9:48:86:23:6c:1a:62:10:44:b8:86:64:ed:e7:0a:2b:ba:cd: c2:ec:82:a5:15:aa:b4:f2:d2:f2:69:2a:a7:b6:d7:a1:0e:4e: 7f:c7:45:ba:9a:7e:ff:f2:c1:0c:13:34:77:a2:99:4b:74:88: c2:13:0b:f5:78:9d:ed:04:80:71:2d:eb:3a:3d:d9:6f:ff:a6: 1c:86:cb:b9:fd:c1:e0:a9:ad:aa:2d:09:31:87:97:4c:c4:de: dc:68:f5:ee:16:8e:fd:83:75:16:f2:8c:95:91:51:d7:de:cc: 47:a7:63:73:01:33:2f:09:2b:25:ab:f6:9f:ca:bb:bc:d7:bd: 5d:0a:02:62 -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZt3xvdE8LfKgBW+BIjNYHVAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy NTdkYzQwHhcNMjYwMTAxMDQxODA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YTRlZWRkNGM0Y2JjYmU5ODRlODgyZDM3OTRmNzZkMGY2M2YzM2U4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pxJgHwRuO63idJCtDpNsm/wdSnn piqtNDjUNzzFW5+nxAm3SdxOZZYX5KV88XQ9eeXizTcVbSB7YgkKdAIvoL66xPJR YEYhuT+ris5DzVG3MjHY5+LobVGXzW+zH+p3vPYox9ggPToY51uGyMtlpKaeVBsk YSQGopoVlDT2P4+HCW7UFVMsYsktGc53pYGjgNUjWZgjz+cV2hIWcmE8Mmgf0jDo pVTjNN3HP28UqXWNWi2x7vYHQD/OV9wgymkFARF53AhzxJSiiY77wrZ6jgQ/U5SM h/VlOEeAqmvlewsZpOeXXrdRkSPFlpHPoC66UMDeeoAIn1lKOGuN+sq5eQIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFEpO7dTEy8vphOiC03lPdtD2PzPoMB8GA1UdIwQY MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt OTk5MGUyZDllYWZlLzEvU2s3dDFNVEx5LW1FNklMVGVVOTIwUFlfTS1nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBWRzIMAwD BABZHMsDBABZHMwDBAFZHM4wDQYJKoZIhvcNAQELBQADggEBALktfE4vJsBKJA7c 58YYiCfynFPqioPUyy1wKa/PO2XcJ/119KD8aGytc0JQV9GrwE6C4HXl6otJhMaO gUWN24rVBiBJhLyzGsOMUfAGV70XelniQlsGiHepoLQ7KTpFKbpDhnIApCkOiprI L/EquFSxFVbDu1E/VfD3ac5s5qlIhiNsGmIQRLiGZO3nCiu6zcLsgqUVqrTy0vJp Kqe216EOTn/HRbqafv/ywQwTNHeimUt0iMITC/V4ne0EgHEt6zo92W//phyGy7n9 weCpraotCTGHl0zE3txo9e4Wjv2DdRbyjJWRUdfezEenY3MBMy8JKyWr9p/Ku7zX vV0KAmI= -----END CERTIFICATE-----Generated at Mon Jan 19 19:57:53 2026 by rpki-client