This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/PCXd-9EviSUuR2-KbIZUWi0riBQ.roa File: PCXd-9EviSUuR2-KbIZUWi0riBQ.roa (raw, json) Hash identifier: nefgPfEo2Djt4hqoZTxg0xbxcxTGKZQtmu/1O0o4rzc= Subject key identifier: 3C:25:DD:FB:D1:2F:89:25:2E:47:6F:8A:6C:86:54:5A:2D:2B:88:14 Certificate issuer: /CN=0a4a702f677f336d9b3e36c384ebc8c9fd8859f4 Certificate serial: 019B7834E7CBEF1A51DB06A3E267C7B3B230 Authority key identifier: 0A:4A:70:2F:67:7F:33:6D:9B:3E:36:C3:84:EB:C8:C9:FD:88:59:F4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkpwL2d_M22bPjbDhOvIyf2IWfQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/PCXd-9EviSUuR2-KbIZUWi0riBQ.roa Signing time: Thu 01 Jan 2026 06:18:11 +0000 ROA not before: Thu 01 Jan 2026 06:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208395 IP address blocks: 45.139.136.0/22 maxlen: 22 2a0e:b940::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/CkpwL2d_M22bPjbDhOvIyf2IWfQ.crl rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/CkpwL2d_M22bPjbDhOvIyf2IWfQ.mft rsync://rpki.ripe.net/repository/DEFAULT/CkpwL2d_M22bPjbDhOvIyf2IWfQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 21:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:e7:cb:ef:1a:51:db:06:a3:e2:67:c7:b3:b2:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a4a702f677f336d9b3e36c384ebc8c9fd8859f4 Validity Not Before: Jan 1 06:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3c25ddfbd12f89252e476f8a6c86545a2d2b8814 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:1b:18:a2:1e:b4:3b:a5:5d:cc:17:fa:9b:7f: 4b:1c:4c:cd:a8:e3:38:72:63:9b:27:9c:76:28:51: d5:91:ac:ce:33:d3:72:59:21:1c:c4:3d:f7:1d:ca: c9:c8:1c:20:df:b0:38:69:d3:6a:17:92:f5:85:29: 30:53:88:d7:d9:d0:6a:91:3d:09:a0:c7:9e:fa:1d: df:10:e1:4f:76:72:9e:f1:85:67:17:bc:6e:a4:0e: 02:79:7d:6d:05:f2:00:80:0e:bc:5a:56:67:66:2a: 00:00:a7:34:53:eb:86:01:15:98:39:ef:6d:29:08: 67:0a:a2:92:5b:73:4d:b3:f9:c1:59:77:b0:1f:5a: 65:55:33:0a:dc:d2:36:c4:56:5a:2b:76:9d:1b:17: bc:28:fc:ad:4d:32:f7:17:e5:f6:57:71:96:81:07: 2d:8c:5b:ec:fb:97:21:68:6a:ce:29:f9:c6:f4:63: cc:a1:ea:65:9f:43:b9:29:4b:72:02:fe:2a:a9:2b: 8c:23:e3:5f:b3:b7:cf:1d:d0:4d:f1:2d:b9:ce:71: 07:56:16:10:cf:bc:35:38:70:e0:d2:52:06:c4:02: a8:84:1a:9c:af:06:4b:c8:fc:a5:57:d4:bc:25:85: 2e:d9:66:59:3f:a4:1e:14:fb:26:17:3b:6c:1a:e4: c2:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:25:DD:FB:D1:2F:89:25:2E:47:6F:8A:6C:86:54:5A:2D:2B:88:14 X509v3 Authority Key Identifier: keyid:0A:4A:70:2F:67:7F:33:6D:9B:3E:36:C3:84:EB:C8:C9:FD:88:59:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkpwL2d_M22bPjbDhOvIyf2IWfQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/PCXd-9EviSUuR2-KbIZUWi0riBQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/da5b32-20a7-4e0a-b834-ef31715611aa/1/CkpwL2d_M22bPjbDhOvIyf2IWfQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.139.136.0/22 IPv6: 2a0e:b940::/29 Signature Algorithm: sha256WithRSAEncryption 39:01:70:10:e8:34:13:53:78:75:e5:85:11:25:c6:9d:7d:97: 25:1c:3c:ff:d4:19:ee:d2:e9:69:85:9e:d7:30:83:4a:54:64: 50:3a:58:26:46:43:e8:02:58:85:67:55:2a:aa:bb:2a:1a:8f: 22:a4:f5:56:cf:97:2b:0f:e4:59:43:e5:1a:af:5f:58:45:15: 71:50:ed:7e:b4:4c:c9:25:2e:0d:0c:e3:eb:88:78:e0:cf:57: 88:c1:22:01:09:bf:37:45:2a:22:d8:7e:cc:ab:78:8c:f3:af: 9c:35:1d:3f:05:e7:aa:c6:44:97:b8:25:71:bd:58:1d:96:2b: 31:f3:9c:9b:7c:f6:fd:ec:9a:e1:62:a7:17:09:61:dd:74:3b: 23:7f:e0:02:58:c3:a9:62:67:c0:5c:d3:48:ca:f5:31:52:db: 48:24:a6:b3:ff:69:94:c0:f7:a0:c1:99:90:62:c9:64:7d:61: 38:d8:a8:af:60:a7:3a:26:7f:98:7e:b3:b5:2c:14:cd:fa:f0: c0:22:ef:4e:a3:11:c2:fd:7a:e0:e9:91:05:38:6d:fc:99:62: a5:55:43:a3:ac:45:b7:41:52:b0:f1:12:a1:8a:42:dd:d2:3b: 0c:51:76:98:2d:a2:3f:11:f9:79:7f:f7:47:08:a3:a0:26:fc: f1:b2:0a:e6 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt4NOfL7xpR2waj4mfHs7IwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhNGE3MDJmNjc3ZjMzNmQ5YjNlMzZjMzg0ZWJjOGM5ZmQ4 ODU5ZjQwHhcNMjYwMTAxMDYxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYzI1ZGRmYmQxMmY4OTI1MmU0NzZmOGE2Yzg2NTQ1YTJkMmI4ODE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRsYoh60O6VdzBf6m39LHEzNqOM4 cmObJ5x2KFHVkazOM9NyWSEcxD33HcrJyBwg37A4adNqF5L1hSkwU4jX2dBqkT0J oMee+h3fEOFPdnKe8YVnF7xupA4CeX1tBfIAgA68WlZnZioAAKc0U+uGARWYOe9t KQhnCqKSW3NNs/nBWXewH1plVTMK3NI2xFZaK3adGxe8KPytTTL3F+X2V3GWgQct jFvs+5chaGrOKfnG9GPMoepln0O5KUtyAv4qqSuMI+Nfs7fPHdBN8S25znEHVhYQ z7w1OHDg0lIGxAKohBqcrwZLyPylV9S8JYUu2WZZP6QeFPsmFztsGuTCOwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDwl3fvRL4klLkdvimyGVFotK4gUMB8GA1UdIwQY MBaAFApKcC9nfzNtmz42w4TryMn9iFn0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2twd0wyZF9NMjJiUGpiRGhPdkl5ZjJJV2ZRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kYTViMzItMjBhNy00ZTBhLWI4MzQt ZWYzMTcxNTYxMWFhLzEvUENYZC05RXZpU1V1UjItS2JJWlVXaTByaUJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy9kYTViMzItMjBhNy00ZTBhLWI4MzQtZWYzMTcxNTYxMWFh LzEvQ2twd0wyZF9NMjJiUGpiRGhPdkl5ZjJJV2ZRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYuIMA0E AgACMAcDBQMqDrlAMA0GCSqGSIb3DQEBCwUAA4IBAQA5AXAQ6DQTU3h15YURJcad fZclHDz/1Bnu0ulphZ7XMINKVGRQOlgmRkPoAliFZ1UqqrsqGo8ipPVWz5crD+RZ Q+Uar19YRRVxUO1+tEzJJS4NDOPriHjgz1eIwSIBCb83RSoi2H7Mq3iM86+cNR0/ BeeqxkSXuCVxvVgdlisx85ybfPb97JrhYqcXCWHddDsjf+ACWMOpYmfAXNNIyvUx UttIJKaz/2mUwPegwZmQYslkfWE42KivYKc6Jn+YfrO1LBTN+vDAIu9OoxHC/Xrg 6ZEFOG38mWKlVUOjrEW3QVKw8RKhikLd0jsMUXaYLaI/Efl5f/dHCKOgJvzxsgrm -----END CERTIFICATE-----Generated at Mon Feb 2 07:54:52 2026 by rpki-client