This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/CX2472qCzO-aaACdj6E1AdJ-DCw.roa File: CX2472qCzO-aaACdj6E1AdJ-DCw.roa (raw, json) Hash identifier: 0wyN/N/OwYzP6UQ6ZbY0ewhUqLTgCYzU7rFxrWxpcbs= Subject key identifier: 09:7D:B8:EF:6A:82:CC:EF:9A:68:00:9D:8F:A1:35:01:D2:7E:0C:2C Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d Certificate serial: 019B797E688B1DD5ECBC9065FDBF05316C23 Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/CX2472qCzO-aaACdj6E1AdJ-DCw.roa Signing time: Thu 01 Jan 2026 12:18:05 +0000 ROA not before: Thu 01 Jan 2026 12:18:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 16509 IP address blocks: 91.200.223.0/24 maxlen: 24 91.226.56.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:68:8b:1d:d5:ec:bc:90:65:fd:bf:05:31:6c:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d Validity Not Before: Jan 1 12:18:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=097db8ef6a82ccef9a68009d8fa13501d27e0c2c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d6:c0:c7:ba:a2:e0:ca:d6:7b:d5:a5:b9:aa: 41:87:16:77:40:58:2a:9a:be:55:33:07:1d:1c:c0: ea:44:17:25:3d:91:5c:d8:f9:db:85:6a:72:5c:da: 55:71:47:ad:2e:7c:9a:a6:a4:6c:c7:b4:7c:88:be: 06:fa:a5:79:60:c6:8b:8f:c6:f7:29:e7:df:50:b9: fe:c8:b3:4d:a5:a5:10:1a:cd:56:fe:12:bf:e5:95: 34:ef:ce:19:29:c9:53:d5:49:48:fa:f8:e3:7b:a9: 33:08:6d:2d:aa:9b:19:8c:28:2f:c0:d2:ce:4a:53: 72:87:43:f2:03:24:3f:07:63:e0:69:54:f6:14:e8: 0b:d7:87:1c:28:51:57:ee:42:a9:f1:81:fc:4a:78: 82:6d:0c:5b:76:55:2e:05:0c:1e:7e:21:0e:e6:8a: be:ea:30:19:9b:45:1f:75:dc:8a:85:fc:51:ae:cc: a5:73:f6:a3:83:89:ef:7e:0e:8a:b9:aa:09:0e:ee: 29:0d:6a:63:6b:a1:e9:16:89:27:ed:ba:06:ce:95: 09:f9:c0:6c:ec:9d:fa:ac:d5:85:73:47:a7:09:0e: f1:04:26:a4:1b:bd:52:96:a8:66:73:a5:4d:e0:ac: c1:51:f9:46:9d:3a:65:6b:83:d2:5f:ae:1f:c0:c1: 25:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:7D:B8:EF:6A:82:CC:EF:9A:68:00:9D:8F:A1:35:01:D2:7E:0C:2C X509v3 Authority Key Identifier: keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/CX2472qCzO-aaACdj6E1AdJ-DCw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.200.223.0/24 91.226.56.0/24 Signature Algorithm: sha256WithRSAEncryption 4c:e5:3f:ed:6e:df:73:e3:22:a4:8f:4d:58:a6:4c:6f:b6:15: 13:51:fe:e0:e9:86:3a:93:af:67:01:e5:cf:e3:be:6a:27:bb: 7a:6a:e8:eb:7f:bc:8d:1e:5a:a3:41:03:00:69:fe:00:2c:92: 23:e0:1c:a7:8b:09:b7:94:29:53:61:b1:f5:58:2c:37:d6:e2: 04:26:8b:f2:af:3f:89:3b:a9:e1:80:61:fe:0e:49:c8:6a:5a: 4d:e8:fe:92:4c:69:70:27:10:73:29:e9:5a:84:39:c6:86:a4: 9d:69:1b:a2:2b:46:84:0c:3e:85:36:9b:ad:b6:77:39:af:d7: 86:76:ab:da:3e:c6:e6:f6:a3:c4:0d:49:09:29:78:9c:c0:c6: 29:14:83:63:df:e9:32:11:bd:17:de:86:7e:1a:76:7c:b8:21: ec:ff:6c:9e:a6:04:4c:9d:af:12:2b:e3:e5:c8:f9:0f:35:1a: 3e:87:30:d7:1e:d9:2a:d4:40:85:5d:fb:c2:8d:04:88:ba:19: 23:46:4a:06:f7:c4:5d:b2:cb:f9:4c:cd:74:2d:b9:a1:71:d6: d6:09:16:4c:7b:02:f1:32:58:2e:65:5c:c4:6b:7d:f6:56:7c: 68:70:79:30:d3:a0:3e:44:48:e6:59:c7:bb:54:46:c7:c2:77: e9:d9:77:22 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5fmiLHdXsvJBl/b8FMWwjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj NWFjOGQwHhcNMjYwMTAxMTIxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOTdkYjhlZjZhODJjY2VmOWE2ODAwOWQ4ZmExMzUwMWQyN2UwYzJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytbAx7qi4MrWe9WluapBhxZ3QFgq mr5VMwcdHMDqRBclPZFc2PnbhWpyXNpVcUetLnyapqRsx7R8iL4G+qV5YMaLj8b3 KeffULn+yLNNpaUQGs1W/hK/5ZU0784ZKclT1UlI+vjje6kzCG0tqpsZjCgvwNLO SlNyh0PyAyQ/B2PgaVT2FOgL14ccKFFX7kKp8YH8SniCbQxbdlUuBQwefiEO5oq+ 6jAZm0UfddyKhfxRrsylc/ajg4nvfg6KuaoJDu4pDWpja6HpFokn7boGzpUJ+cBs 7J36rNWFc0enCQ7xBCakG71Slqhmc6VN4KzBUflGnTpla4PSX64fwMElcwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFAl9uO9qgszvmmgAnY+hNQHSfgwsMB8GA1UdIwQY MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt MzE4YTI2ZDRhOGM5LzEvQ1gyNDcycUN6Ty1hYUFDZGo2RTFBZEotREN3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5 LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8jfAwQA W+I4MA0GCSqGSIb3DQEBCwUAA4IBAQBM5T/tbt9z4yKkj01YpkxvthUTUf7g6YY6 k69nAeXP475qJ7t6aujrf7yNHlqjQQMAaf4ALJIj4Byniwm3lClTYbH1WCw31uIE Jovyrz+JO6nhgGH+DknIalpN6P6STGlwJxBzKelahDnGhqSdaRuiK0aEDD6FNput tnc5r9eGdqvaPsbm9qPEDUkJKXicwMYpFINj3+kyEb0X3oZ+GnZ8uCHs/2yepgRM na8SK+PlyPkPNRo+hzDXHtkq1ECFXfvCjQSIuhkjRkoG98Rdssv5TM10LbmhcdbW CRZMewLxMlguZVzEa332VnxocHkw06A+REjmWce7VEbHwnfp2Xci -----END CERTIFICATE-----Generated at Fri Jan 2 09:27:08 2026 by rpki-client