This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/14b933-7e34-4a87-b215-8caad3e31adc/1/W37sGJ1Z1wl4UUbIKXQMtHltG0E.roa File: W37sGJ1Z1wl4UUbIKXQMtHltG0E.roa (raw, json) Hash identifier: hXtR6w7vecs+GA3es0V1qVgIw93rkqQSf8/pd9Bww6I= Subject key identifier: 5B:7E:EC:18:9D:59:D7:09:78:51:46:C8:29:74:0C:B4:79:6D:1B:41 Certificate issuer: /CN=cd3dbd5fc6f91b807b7bc4cf6e646e345862af3e Certificate serial: 019B797EE2B7CD935677574CBE8B148CBC33 Authority key identifier: CD:3D:BD:5F:C6:F9:1B:80:7B:7B:C4:CF:6E:64:6E:34:58:62:AF:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zT29X8b5G4B7e8TPbmRuNFhirz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/14b933-7e34-4a87-b215-8caad3e31adc/1/W37sGJ1Z1wl4UUbIKXQMtHltG0E.roa Signing time: Thu 01 Jan 2026 12:18:37 +0000 ROA not before: Thu 01 Jan 2026 12:18:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211621 IP address blocks: 195.96.143.0/24 maxlen: 24 213.232.234.0/24 maxlen: 24 2a12:e800::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/14b933-7e34-4a87-b215-8caad3e31adc/1/zT29X8b5G4B7e8TPbmRuNFhirz4.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/14b933-7e34-4a87-b215-8caad3e31adc/1/zT29X8b5G4B7e8TPbmRuNFhirz4.mft rsync://rpki.ripe.net/repository/DEFAULT/zT29X8b5G4B7e8TPbmRuNFhirz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 06:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:e2:b7:cd:93:56:77:57:4c:be:8b:14:8c:bc:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd3dbd5fc6f91b807b7bc4cf6e646e345862af3e Validity Not Before: Jan 1 12:18:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=5b7eec189d59d709785146c829740cb4796d1b41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:dc:36:d7:8f:51:dd:ee:62:0e:43:c7:97:cd: 9e:8c:5e:a0:30:78:c9:1f:97:f7:b5:df:b4:1d:c3: dd:76:cb:94:e9:91:7a:6c:35:ba:b2:77:33:5b:de: fa:aa:38:50:e4:39:a5:a0:b9:c5:d2:d5:32:f4:22: 17:9c:e8:05:4c:88:b7:ec:3c:30:ff:f1:5e:16:03: 5d:47:d9:66:05:19:63:c0:8f:da:5d:cd:13:dd:30: 1b:db:45:3a:25:8b:8e:3f:cf:36:31:8a:0d:5e:6b: 74:da:c7:b3:0d:1a:e0:51:83:5d:32:22:1e:f1:7d: c2:72:08:0c:2d:44:0c:61:1a:77:5d:11:b5:e9:ea: d9:0d:31:23:64:c1:fd:8d:39:07:27:37:8a:2c:e1: f1:bf:2d:bc:28:30:46:69:b6:18:78:c5:e6:2d:ed: 38:78:32:fd:af:e4:cc:62:c0:35:71:93:3d:e1:b7: 7c:09:d1:f9:62:87:77:78:9a:9a:c6:da:b8:ef:8c: b4:a5:9d:0a:d4:8e:45:6a:92:09:cb:00:ae:e3:82: c2:42:af:90:d8:3f:d3:de:34:f5:28:c7:e8:30:06: ab:18:a9:6d:0e:a7:f9:42:71:43:53:44:b8:77:fd: bf:83:00:d6:99:05:67:18:a2:5d:56:fc:7a:dd:a6: 41:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:7E:EC:18:9D:59:D7:09:78:51:46:C8:29:74:0C:B4:79:6D:1B:41 X509v3 Authority Key Identifier: keyid:CD:3D:BD:5F:C6:F9:1B:80:7B:7B:C4:CF:6E:64:6E:34:58:62:AF:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zT29X8b5G4B7e8TPbmRuNFhirz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/14b933-7e34-4a87-b215-8caad3e31adc/1/W37sGJ1Z1wl4UUbIKXQMtHltG0E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/14b933-7e34-4a87-b215-8caad3e31adc/1/zT29X8b5G4B7e8TPbmRuNFhirz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.96.143.0/24 213.232.234.0/24 IPv6: 2a12:e800::/29 Signature Algorithm: sha256WithRSAEncryption a5:53:ef:05:34:d1:ab:ca:22:5e:5a:47:7d:19:71:39:18:bf: e4:08:ff:fe:b0:60:7c:86:4f:47:32:45:5a:90:e0:2c:e2:cd: b9:3d:93:0c:07:8d:de:b5:3b:8e:87:08:96:ab:06:03:12:5c: 93:65:8d:a3:0e:49:8a:5f:c3:e5:38:70:02:84:a3:cb:52:0d: 42:36:8d:3d:15:83:81:95:3a:11:e6:03:55:c8:60:a9:39:bf: b3:7c:08:38:2a:60:cc:ae:6f:4b:4f:9e:04:4e:a3:cd:6e:fc: fd:f6:5c:ee:d4:35:86:ee:75:d8:92:f5:f4:1d:6d:13:5f:f2: 66:6b:60:84:f9:27:9e:05:ef:05:33:92:62:2a:75:2c:a9:46: c1:50:f0:3a:71:46:5e:61:9e:d5:6f:75:d8:dd:5b:bf:22:67: 8c:08:8c:eb:f7:19:d8:a4:85:84:96:1c:4c:99:28:43:ab:b8: 79:62:37:8b:97:5b:60:fe:5d:5c:87:b4:a8:41:9b:12:5f:5e: d2:80:d2:8c:0b:57:41:91:86:86:96:85:8a:99:ae:8d:ed:ea: 40:d3:76:82:92:18:b3:92:9f:d1:68:98:8f:84:6a:d2:fd:3b: 32:2e:ef:d6:12:53:af:2c:79:10:81:d1:9c:e2:09:7c:66:33: 56:72:0d:4c -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5fuK3zZNWd1dMvosUjLwzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkM2RiZDVmYzZmOTFiODA3YjdiYzRjZjZlNjQ2ZTM0NTg2 MmFmM2UwHhcNMjYwMTAxMTIxODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1YjdlZWMxODlkNTlkNzA5Nzg1MTQ2YzgyOTc0MGNiNDc5NmQxYjQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29w2149R3e5iDkPHl82ejF6gMHjJ H5f3td+0HcPddsuU6ZF6bDW6snczW976qjhQ5DmloLnF0tUy9CIXnOgFTIi37Dww //FeFgNdR9lmBRljwI/aXc0T3TAb20U6JYuOP882MYoNXmt02sezDRrgUYNdMiIe 8X3CcggMLUQMYRp3XRG16erZDTEjZMH9jTkHJzeKLOHxvy28KDBGabYYeMXmLe04 eDL9r+TMYsA1cZM94bd8CdH5Yod3eJqaxtq474y0pZ0K1I5FapIJywCu44LCQq+Q 2D/T3jT1KMfoMAarGKltDqf5QnFDU0S4d/2/gwDWmQVnGKJdVvx63aZBOQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFFt+7BidWdcJeFFGyCl0DLR5bRtBMB8GA1UdIwQY MBaAFM09vV/G+RuAe3vEz25kbjRYYq8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelQyOVg4YjVHNEI3ZThUUGJtUnVORmhpcno0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8xNGI5MzMtN2UzNC00YTg3LWIyMTUt OGNhYWQzZTMxYWRjLzEvVzM3c0dKMVoxd2w0VVViSUtYUU10SGx0RzBFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy8xNGI5MzMtN2UzNC00YTg3LWIyMTUtOGNhYWQzZTMxYWRj LzEvelQyOVg4YjVHNEI3ZThUUGJtUnVORmhpcno0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAw2CPAwQA 1ejqMA0EAgACMAcDBQMqEugAMA0GCSqGSIb3DQEBCwUAA4IBAQClU+8FNNGryiJe Wkd9GXE5GL/kCP/+sGB8hk9HMkVakOAs4s25PZMMB43etTuOhwiWqwYDElyTZY2j DkmKX8PlOHAChKPLUg1CNo09FYOBlToR5gNVyGCpOb+zfAg4KmDMrm9LT54ETqPN bvz99lzu1DWG7nXYkvX0HW0TX/Jma2CE+SeeBe8FM5JiKnUsqUbBUPA6cUZeYZ7V b3XY3Vu/ImeMCIzr9xnYpIWElhxMmShDq7h5YjeLl1tg/l1ch7SoQZsSX17SgNKM C1dBkYaGloWKma6N7epA03aCkhizkp/RaJiPhGrS/TsyLu/WElOvLHkQgdGc4gl8 ZjNWcg1M -----END CERTIFICATE-----Generated at Mon Jan 26 12:21:23 2026 by rpki-client