This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/CNGA1APugY85UX0dprjXCO8SAZE.roa File: CNGA1APugY85UX0dprjXCO8SAZE.roa (raw, json) Hash identifier: Y6gShplutC6inA5lPQbPMWUguR/Iu80Io5IpMDjS2fc= Subject key identifier: 08:D1:80:D4:03:EE:81:8F:39:51:7D:1D:A6:B8:D7:08:EF:12:01:91 Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915 Certificate serial: 019AB5E59E7E36FAFC4A9275363711D6F9D6 Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/CNGA1APugY85UX0dprjXCO8SAZE.roa Signing time: Mon 24 Nov 2025 12:45:15 +0000 ROA not before: Mon 24 Nov 2025 12:45:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 215152 IP address blocks: 109.121.37.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 26 Nov 2025 14:08:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b5:e5:9e:7e:36:fa:fc:4a:92:75:36:37:11:d6:f9:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915 Validity Not Before: Nov 24 12:45:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=08d180d403ee818f39517d1da6b8d708ef120191 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:94:97:aa:87:06:db:ca:84:4e:4b:71:4b:80: e0:e8:47:57:d0:f1:51:8d:7e:64:7c:75:b7:67:a6: 03:48:13:20:30:1d:2f:a7:15:9c:b5:84:d3:fc:69: 5c:09:be:7a:b0:b7:89:72:63:1c:8f:eb:96:0e:ab: b8:af:b3:38:c6:b4:a2:99:34:28:b3:14:f3:03:f0: 82:53:07:02:04:ec:f4:7b:84:f1:a1:f6:f9:22:48: 28:1f:ce:0a:d7:78:8f:53:a9:5d:71:6b:1b:20:e1: 39:bc:87:ef:82:80:a3:15:93:e8:aa:2d:21:94:68: e1:80:fe:78:b7:78:25:f8:83:85:42:50:69:3d:5b: 00:34:0e:76:53:2e:ac:61:b0:71:67:43:d9:60:6c: 2d:2f:e1:f1:3b:d0:2a:eb:05:ae:18:f2:38:7f:5f: ff:13:86:08:01:0a:35:50:35:01:32:2f:1a:03:f0: 9a:29:44:fe:d9:20:4e:e2:f2:85:c0:00:e7:cd:e5: 9f:8c:fa:33:ec:c2:19:ba:57:64:2f:6b:66:80:20: 2d:1b:01:d9:7b:29:13:93:54:f9:b8:27:08:e9:28: 04:fc:67:0f:3c:b4:27:15:36:c6:a1:8d:28:1a:94: 36:8b:49:8e:d9:d7:9e:da:36:5d:f2:1c:52:29:19: fb:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:D1:80:D4:03:EE:81:8F:39:51:7D:1D:A6:B8:D7:08:EF:12:01:91 X509v3 Authority Key Identifier: keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/CNGA1APugY85UX0dprjXCO8SAZE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.121.37.0/24 Signature Algorithm: sha256WithRSAEncryption 1d:95:df:e1:fe:60:90:54:94:e4:21:8b:b7:dd:fe:d6:4e:4e: d5:5a:33:eb:01:6c:5b:a4:05:3d:84:08:44:c0:3b:d7:af:9e: eb:6b:c9:d3:b6:81:c0:7e:7a:56:4a:1c:5b:31:8e:57:d6:ed: bd:ac:ed:7f:d5:5f:d1:de:50:15:56:e8:67:cf:88:4b:d2:14: ab:3f:a2:c5:2d:65:5c:8f:27:aa:27:3e:d8:90:77:73:3e:f2: 78:2c:68:a7:0f:6d:bd:eb:cc:22:fd:70:ef:61:83:81:55:5c: ca:76:3e:92:80:e1:34:ac:48:8e:20:e4:67:d2:08:ab:57:9c: 55:da:ee:2c:22:c7:3e:8c:4a:7f:55:16:68:95:19:7f:74:f7: 2d:b9:79:aa:96:3f:55:a7:83:68:bf:13:0b:56:cc:cd:26:f9: f8:3c:d6:74:24:79:88:d3:23:20:12:15:70:ed:90:78:b0:8c: 91:d4:c9:97:82:ea:b9:b0:e5:8e:7b:dd:61:fb:0e:66:9f:cf: 84:c0:2c:65:d7:18:6f:db:04:5c:39:6a:c6:22:80:3a:1e:6b: c5:4a:45:88:5c:89:75:9d:be:55:de:83:ef:b2:18:60:51:71: e5:95:c8:ca:46:7e:30:3b:19:7a:32:93:69:5a:e9:79:57:73: f2:ee:4b:ae -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZq15Z5+Nvr8SpJ1NjcR1vnWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj N2U5MTUwHhcNMjUxMTI0MTI0NTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOGQxODBkNDAzZWU4MThmMzk1MTdkMWRhNmI4ZDcwOGVmMTIwMTkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJSXqocG28qETktxS4Dg6EdX0PFR jX5kfHW3Z6YDSBMgMB0vpxWctYTT/GlcCb56sLeJcmMcj+uWDqu4r7M4xrSimTQo sxTzA/CCUwcCBOz0e4Txofb5IkgoH84K13iPU6ldcWsbIOE5vIfvgoCjFZPoqi0h lGjhgP54t3gl+IOFQlBpPVsANA52Uy6sYbBxZ0PZYGwtL+HxO9Aq6wWuGPI4f1// E4YIAQo1UDUBMi8aA/CaKUT+2SBO4vKFwADnzeWfjPoz7MIZuldkL2tmgCAtGwHZ eykTk1T5uCcI6SgE/GcPPLQnFTbGoY0oGpQ2i0mO2dee2jZd8hxSKRn7zQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAjRgNQD7oGPOVF9Haa41wjvEgGRMB8GA1UdIwQY MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt ZmFlNWRiZWQzYjFiLzEvQ05HQTFBUHVnWTg1VVgwZHByalhDTzhTQVpFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXklMA0G CSqGSIb3DQEBCwUAA4IBAQAdld/h/mCQVJTkIYu33f7WTk7VWjPrAWxbpAU9hAhE wDvXr57ra8nTtoHAfnpWShxbMY5X1u29rO1/1V/R3lAVVuhnz4hL0hSrP6LFLWVc jyeqJz7YkHdzPvJ4LGinD22968wi/XDvYYOBVVzKdj6SgOE0rEiOIORn0girV5xV 2u4sIsc+jEp/VRZolRl/dPctuXmqlj9Vp4NovxMLVszNJvn4PNZ0JHmI0yMgEhVw 7ZB4sIyR1MmXguq5sOWOe91h+w5mn8+EwCxl1xhv2wRcOWrGIoA6HmvFSkWIXIl1 nb5V3oPvshhgUXHllcjKRn4wOxl6MpNpWul5V3Py7kuu -----END CERTIFICATE-----Generated at Tue Nov 25 17:36:04 2025 by rpki-client