This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/CdfLb6TofkWtReh_YXLGBpk_g6c.roa File: CdfLb6TofkWtReh_YXLGBpk_g6c.roa (raw, json) Hash identifier: wzdkGkKknbVJYDWx/Ffoau27HnZpYfEves1fyMYu134= Subject key identifier: 09:D7:CB:6F:A4:E8:7E:45:AD:45:E8:7F:61:72:C6:06:99:3F:83:A7 Certificate issuer: /CN=e067a7b9de767eb97db64e516478494633bd54ea Certificate serial: 019B78A2180E5502DBA9A819808EFE27FEC5 Authority key identifier: E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/CdfLb6TofkWtReh_YXLGBpk_g6c.roa Signing time: Thu 01 Jan 2026 08:17:27 +0000 ROA not before: Thu 01 Jan 2026 08:17:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39878 IP address blocks: 45.67.168.0/22 maxlen: 22 91.135.160.0/20 maxlen: 20 185.33.8.0/22 maxlen: 22 185.64.48.0/22 maxlen: 22 185.87.237.0/24 maxlen: 24 185.87.238.0/23 maxlen: 23 185.196.240.0/22 maxlen: 22 2a04:40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:18:0e:55:02:db:a9:a8:19:80:8e:fe:27:fe:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e067a7b9de767eb97db64e516478494633bd54ea Validity Not Before: Jan 1 08:17:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=09d7cb6fa4e87e45ad45e87f6172c606993f83a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:94:04:77:47:df:29:03:af:44:71:6b:f6:db: 98:ac:61:4c:92:6f:c4:02:c9:48:03:e7:8d:8d:ed: db:88:88:a7:dc:7c:8d:c4:3b:f8:f9:6d:e5:87:f0: 74:e3:01:f8:a5:8b:00:6a:3f:36:fa:c5:0c:6b:b8: 52:f7:96:5a:e7:5a:29:09:1e:bf:a2:ec:5d:09:56: 60:c4:97:ad:a6:19:7d:81:dd:a2:d8:a8:52:e6:cd: 42:b8:e6:5b:3b:7b:a2:7b:9c:69:45:77:2e:fa:8b: 47:06:fe:1b:23:71:e3:f7:5f:c7:19:fc:1f:9b:f2: a1:27:b3:ea:c4:fb:48:fc:7a:bc:b8:85:a0:e5:db: 26:c5:34:fe:d8:0c:2f:8b:bb:95:65:93:a0:0f:3d: 51:e2:2a:cb:ba:ed:45:42:6f:05:1e:35:02:c5:ec: 8b:ea:2d:89:d3:8d:b4:eb:08:66:dc:e0:07:fc:96: 0e:8c:25:b0:9e:3c:6d:7b:03:89:8a:f2:52:e5:d5: b9:db:25:11:5a:a9:06:13:30:8a:7d:de:7f:e9:16: 93:50:43:dd:7b:a6:05:66:b5:43:1a:aa:33:a9:ad: ff:93:35:da:73:1d:25:db:d5:e5:f7:22:c8:5c:7a: a3:83:2e:b3:48:5e:cb:ae:72:1b:8f:6a:ba:b0:3e: fa:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:D7:CB:6F:A4:E8:7E:45:AD:45:E8:7F:61:72:C6:06:99:3F:83:A7 X509v3 Authority Key Identifier: keyid:E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/CdfLb6TofkWtReh_YXLGBpk_g6c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.67.168.0/22 91.135.160.0/20 185.33.8.0/22 185.64.48.0/22 185.87.237.0-185.87.239.255 185.196.240.0/22 IPv6: 2a04:40::/29 Signature Algorithm: sha256WithRSAEncryption cc:e4:94:a8:61:8e:7a:ef:aa:be:d1:00:4b:49:71:25:c0:21: 3b:02:97:19:f5:9d:ec:83:d7:bd:77:be:69:36:c5:dd:f3:b4: 59:1e:c1:cb:0a:c5:e6:78:78:24:de:20:88:3b:4e:e8:02:0c: 6a:19:59:2a:f2:82:7b:0c:1b:9f:10:91:6b:ce:32:18:08:e7: 9e:78:74:a6:c8:0f:2f:85:47:ce:55:99:87:3d:3d:a9:9d:10: 31:39:64:c4:9f:e6:89:2b:3d:26:77:5a:37:17:e8:54:12:15: 9d:1a:e8:4e:7a:70:2e:f2:97:7f:02:a8:fb:95:14:34:a1:4c: 3d:db:71:e7:8a:f9:ba:a6:7e:97:8b:0d:e7:8e:80:5b:b0:56: fa:69:78:0f:3d:20:79:9a:ff:1f:fa:35:c1:8f:9c:bb:0f:14: d1:cc:3a:1b:94:16:f3:cb:c6:7c:00:4e:ce:55:7f:0a:e1:ad: 86:ff:21:ff:24:38:19:11:d9:ef:5d:a5:f3:77:3f:78:7b:5c: ab:82:a5:2d:7f:9c:b4:32:77:e3:8d:0d:6f:f0:f1:06:79:f2: ae:b3:71:e9:e6:f5:c7:2c:ba:92:97:d4:c9:80:33:5e:a8:96: d1:02:d3:86:9a:22:3d:08:53:89:88:77:4d:ca:0a:3b:d4:db: ab:a0:42:0a -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgISAZt4ohgOVQLbqagZgI7+J/7FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwNjdhN2I5ZGU3NjdlYjk3ZGI2NGU1MTY0Nzg0OTQ2MzNi ZDU0ZWEwHhcNMjYwMTAxMDgxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOWQ3Y2I2ZmE0ZTg3ZTQ1YWQ0NWU4N2Y2MTcyYzYwNjk5M2Y4M2E3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpQEd0ffKQOvRHFr9tuYrGFMkm/E AslIA+eNje3biIin3HyNxDv4+W3lh/B04wH4pYsAaj82+sUMa7hS95Za51opCR6/ ouxdCVZgxJetphl9gd2i2KhS5s1CuOZbO3uie5xpRXcu+otHBv4bI3Hj91/HGfwf m/KhJ7PqxPtI/Hq8uIWg5dsmxTT+2Awvi7uVZZOgDz1R4irLuu1FQm8FHjUCxeyL 6i2J04206whm3OAH/JYOjCWwnjxtewOJivJS5dW52yURWqkGEzCKfd5/6RaTUEPd e6YFZrVDGqozqa3/kzXacx0l29Xl9yLIXHqjgy6zSF7LrnIbj2q6sD76QwIDAQAB o4ICPjCCAjowHQYDVR0OBBYEFAnXy2+k6H5FrUXof2FyxgaZP4OnMB8GA1UdIwQY MBaAFOBnp7nedn65fbZOUWR4SUYzvVTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYt NzY4ZjNkNmVlMTllLzEvQ2RmTGI2VG9ma1d0UmVoX1lYTEdCcGtfZzZjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYtNzY4ZjNkNmVlMTll LzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCLUOoAwQE W4egAwQCuSEIAwQCuUAwMAwDBAC5V+0DBAS5V+ADBAK5xPAwDQQCAAIwBwMFAyoE AEAwDQYJKoZIhvcNAQELBQADggEBAMzklKhhjnrvqr7RAEtJcSXAITsClxn1neyD 1713vmk2xd3ztFkewcsKxeZ4eCTeIIg7TugCDGoZWSrygnsMG58QkWvOMhgI5554 dKbIDy+FR85VmYc9PamdEDE5ZMSf5okrPSZ3WjcX6FQSFZ0a6E56cC7yl38CqPuV FDShTD3bceeK+bqmfpeLDeeOgFuwVvppeA89IHma/x/6NcGPnLsPFNHMOhuUFvPL xnwATs5VfwrhrYb/If8kOBkR2e9dpfN3P3h7XKuCpS1/nLQyd+ONDW/w8QZ58q6z cenm9ccsupKX1MmAM16oltEC04aaIj0IU4mId03KCjvU26ugQgo= -----END CERTIFICATE-----Generated at Tue Feb 10 07:29:47 2026 by rpki-client