This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/C21zbASNicmra4zyoCoLZDqDvhQ.roa File: C21zbASNicmra4zyoCoLZDqDvhQ.roa (raw, json) Hash identifier: r8tfux7xhAgWF8Mk45nw2T/D9vBasjHEsSb7OWMA26M= Subject key identifier: 0B:6D:73:6C:04:8D:89:C9:AB:6B:8C:F2:A0:2A:0B:64:3A:83:BE:14 Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Certificate serial: 019B78A2E5ECD74C6F79DD66C516F7B98E0C Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/C21zbASNicmra4zyoCoLZDqDvhQ.roa Signing time: Thu 01 Jan 2026 08:18:20 +0000 ROA not before: Thu 01 Jan 2026 08:18:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21738 IP address blocks: 2.59.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 02:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:e5:ec:d7:4c:6f:79:dd:66:c5:16:f7:b9:8e:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Validity Not Before: Jan 1 08:18:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0b6d736c048d89c9ab6b8cf2a02a0b643a83be14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c4:8e:25:27:83:11:df:cd:67:90:cd:4a:05: 21:04:0f:94:de:d3:8b:47:2a:6b:7e:af:f9:18:c7: 7f:a3:4b:27:bd:b1:56:f8:83:d5:84:d0:02:af:e3: 06:83:8f:d0:77:32:43:34:97:a2:ad:bb:da:ff:ca: 3e:74:5b:98:3c:08:cd:14:1d:b2:9f:2a:57:25:35: ab:c1:ab:42:20:80:21:e5:af:24:d6:fa:53:ec:6d: 90:6f:cf:53:78:10:72:e2:1d:14:c5:01:fe:d4:93: 66:a6:c5:a8:8d:de:d4:d3:32:f1:97:8b:fd:1a:fc: 65:d8:0b:2b:2b:ab:a1:19:be:bb:04:91:cb:ab:45: a0:04:a8:2d:11:f0:30:e3:1f:5e:dd:93:e2:4c:23: 0b:7e:82:44:f6:ab:e9:01:0f:52:41:70:7a:ce:1c: 88:8d:13:46:4c:80:0c:bb:83:53:5f:d9:08:ef:b3: 2e:c9:f6:8d:c5:57:af:75:c7:af:cd:4d:36:d9:d7: 8d:99:ad:6c:c7:5f:2a:73:22:16:58:31:d8:7f:09: 4e:0c:5f:ad:f3:9c:70:d3:ee:87:79:c6:97:d4:66: ee:ca:f1:4e:ad:77:3e:6e:8e:44:e9:b2:a3:d4:23: bb:f2:26:c9:57:9e:c8:21:22:82:ca:ab:c4:16:4e: 7a:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:6D:73:6C:04:8D:89:C9:AB:6B:8C:F2:A0:2A:0B:64:3A:83:BE:14 X509v3 Authority Key Identifier: keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/C21zbASNicmra4zyoCoLZDqDvhQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.255.0/24 Signature Algorithm: sha256WithRSAEncryption 37:92:87:c2:d5:13:98:68:cd:ab:45:c5:f9:d1:25:08:70:0a: 6f:69:d0:49:a4:7f:20:39:b0:d5:14:20:ee:48:f5:41:dc:08: b7:61:82:6e:90:f8:48:9a:07:e4:20:91:fc:04:03:5e:57:0b: 56:76:8b:6b:2a:79:49:87:ac:39:ac:e2:55:0a:cb:54:34:76: 18:29:47:0f:44:f7:92:7c:01:03:72:a7:26:31:51:4b:91:35: 2d:fd:d1:5f:7e:64:00:12:a1:f3:52:de:74:31:fa:d3:0e:d7: d8:d7:85:97:2c:8b:7f:ac:35:09:64:ce:9e:a5:3b:95:69:af: a7:a3:b8:ef:2f:77:0e:dd:8b:3e:56:2d:b2:d2:d0:b2:40:19: ef:63:61:1a:48:eb:e3:57:6a:ce:a6:11:27:92:90:fd:92:57: c2:83:84:f2:4b:99:a8:9f:d3:87:cd:95:3f:e6:c2:87:d7:71: a8:cd:13:9e:29:ce:59:20:f8:af:e1:b3:d7:4c:13:52:e0:f9: 1e:79:04:67:f0:43:25:cb:60:f5:56:93:97:f5:ee:10:c1:0f: c5:d8:02:56:97:be:1d:17:37:c4:9e:c9:00:8a:9f:d6:8e:fb: 36:ba:0d:df:39:4d:a8:41:3d:e4:f9:00:a6:d6:2e:39:6a:c0: da:1a:2e:d5 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4ouXs10xved1mxRb3uY4MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3 NzVlOWQwHhcNMjYwMTAxMDgxODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYjZkNzM2YzA0OGQ4OWM5YWI2YjhjZjJhMDJhMGI2NDNhODNiZTE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssSOJSeDEd/NZ5DNSgUhBA+U3tOL Ryprfq/5GMd/o0snvbFW+IPVhNACr+MGg4/QdzJDNJeirbva/8o+dFuYPAjNFB2y nypXJTWrwatCIIAh5a8k1vpT7G2Qb89TeBBy4h0UxQH+1JNmpsWojd7U0zLxl4v9 Gvxl2AsrK6uhGb67BJHLq0WgBKgtEfAw4x9e3ZPiTCMLfoJE9qvpAQ9SQXB6zhyI jRNGTIAMu4NTX9kI77MuyfaNxVevdcevzU022deNma1sx18qcyIWWDHYfwlODF+t 85xw0+6HecaX1GbuyvFOrXc+bo5E6bKj1CO78ibJV57IISKCyqvEFk56mQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAttc2wEjYnJq2uM8qAqC2Q6g74UMB8GA1UdIwQY MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct Y2QzY2E1OTc1NzEyLzEvQzIxemJBU05pY21yYTR6eW9Db0xaRHFEdmhRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjv/MA0G CSqGSIb3DQEBCwUAA4IBAQA3kofC1ROYaM2rRcX50SUIcApvadBJpH8gObDVFCDu SPVB3Ai3YYJukPhImgfkIJH8BANeVwtWdotrKnlJh6w5rOJVCstUNHYYKUcPRPeS fAEDcqcmMVFLkTUt/dFffmQAEqHzUt50MfrTDtfY14WXLIt/rDUJZM6epTuVaa+n o7jvL3cO3Ys+Vi2y0tCyQBnvY2EaSOvjV2rOphEnkpD9klfCg4TyS5mon9OHzZU/ 5sKH13GozROeKc5ZIPiv4bPXTBNS4PkeeQRn8EMly2D1VpOX9e4QwQ/F2AJWl74d FzfEnskAip/Wjvs2ug3fOU2oQT3k+QCm1i45asDaGi7V -----END CERTIFICATE-----Generated at Fri Jan 2 12:07:50 2026 by rpki-client