This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/r0CQBezht7Nt1yaZYdGA4pL2eXI.roa File: r0CQBezht7Nt1yaZYdGA4pL2eXI.roa (raw, json) Hash identifier: L/Whq9Ji12wIgYsTvFwBu6K0HVQm7aMAyP97MeWq68w= Subject key identifier: AF:40:90:05:EC:E1:B7:B3:6D:D7:26:99:61:D1:80:E2:92:F6:79:72 Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc Certificate serial: 019B7B360A001755125696E138460DDE20BE Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/r0CQBezht7Nt1yaZYdGA4pL2eXI.roa Signing time: Thu 01 Jan 2026 20:18:17 +0000 ROA not before: Thu 01 Jan 2026 20:18:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 149457 IP address blocks: 45.134.145.0/24 maxlen: 24 103.100.168.0/24 maxlen: 24 185.233.18.0/24 maxlen: 24 193.107.218.0/24 maxlen: 24 202.71.5.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:0a:00:17:55:12:56:96:e1:38:46:0d:de:20:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc Validity Not Before: Jan 1 20:18:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=af409005ece1b7b36dd7269961d180e292f67972 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:3b:00:be:8d:df:11:20:a8:db:a9:35:cf:2e: 15:85:2e:09:3f:23:c0:35:e9:29:6c:78:18:98:6d: e8:1e:1b:02:b4:41:21:6d:66:5f:30:bb:d6:38:da: 95:a5:1c:45:97:92:79:45:e5:b1:67:f0:6a:95:98: 5d:d1:26:e3:ac:10:b1:d4:d9:95:30:81:2b:9d:49: 2d:2c:96:a4:58:7a:62:f6:bb:fb:53:28:88:05:b1: 61:7e:83:c0:44:2e:7f:05:b1:2a:52:d8:82:bc:d0: ca:4c:a2:4d:9c:63:98:d9:cf:0d:e4:68:14:79:6d: 49:e7:5c:b4:fb:a0:67:68:78:6c:90:49:3e:23:21: 79:e3:7f:0f:91:08:7a:c3:ee:dc:e9:0a:2b:5f:bc: 8d:c3:78:0c:26:e9:d7:e4:76:13:ee:0a:b2:d4:b2: 08:35:82:b0:a2:c9:fd:d0:43:73:ad:0a:f1:d6:7a: fc:9d:fc:e1:13:94:d0:33:1c:42:36:04:0a:01:c8: a6:19:47:fb:19:ae:38:42:5b:cf:96:6b:26:25:c2: 26:d2:d2:2b:7b:46:2e:90:e8:5b:5a:5a:57:9d:a5: 9c:dd:b3:1a:6f:26:cc:56:74:f3:a9:cb:ab:1c:1e: b4:c4:7b:4d:8f:3e:3c:fb:86:61:31:25:ad:33:39: 9a:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:40:90:05:EC:E1:B7:B3:6D:D7:26:99:61:D1:80:E2:92:F6:79:72 X509v3 Authority Key Identifier: keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/r0CQBezht7Nt1yaZYdGA4pL2eXI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.134.145.0/24 103.100.168.0/24 185.233.18.0/24 193.107.218.0/24 202.71.5.0/24 Signature Algorithm: sha256WithRSAEncryption 9c:aa:42:2f:95:8c:4c:96:d3:06:df:f8:0d:03:3f:9a:e9:06: 35:94:5b:19:03:5b:ec:5b:fd:df:4a:52:16:59:3a:81:39:66: 55:46:fc:f7:b1:bb:ed:79:23:c1:66:b5:72:0b:14:70:9b:4e: 74:7a:93:96:aa:53:d7:1d:d9:95:e1:2b:19:a5:4a:f1:f2:d9: 12:b7:79:c2:5a:89:50:8f:13:7a:fb:3c:35:8e:66:71:22:1f: 36:33:7e:a8:d5:f9:e3:3e:23:35:62:c7:39:b1:7a:17:b5:b5: 00:dc:d3:70:17:c4:a1:07:a5:a7:98:62:76:20:e0:3e:b0:65: cd:5f:62:53:72:ec:28:a2:c2:58:21:f8:e5:32:b6:3a:40:8f: 94:32:3c:c1:eb:04:df:43:64:a9:b6:46:30:a1:2e:5c:a9:14: d4:f1:22:ce:78:7b:5f:1f:5b:8a:d3:4e:ae:0e:3c:14:23:84: 0d:c1:22:ca:11:3e:b2:4b:ba:bd:41:3d:74:19:f0:b2:54:64: 8c:ca:0e:6d:cd:c8:70:0f:2c:03:69:98:d7:6a:60:29:5c:0f: 1a:95:e2:c7:24:27:2c:8f:1c:ad:32:75:d9:17:57:1a:b7:f6: 3b:e5:3d:39:f0:4f:51:f1:e8:c1:77:71:d7:4d:03:0a:89:ec: 1a:34:b5:a2 -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt7NgoAF1USVpbhOEYN3iC+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2 YzhkY2MwHhcNMjYwMTAxMjAxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjQwOTAwNWVjZTFiN2IzNmRkNzI2OTk2MWQxODBlMjkyZjY3OTcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jsAvo3fESCo26k1zy4VhS4JPyPA NekpbHgYmG3oHhsCtEEhbWZfMLvWONqVpRxFl5J5ReWxZ/BqlZhd0SbjrBCx1NmV MIErnUktLJakWHpi9rv7UyiIBbFhfoPARC5/BbEqUtiCvNDKTKJNnGOY2c8N5GgU eW1J51y0+6BnaHhskEk+IyF5438PkQh6w+7c6QorX7yNw3gMJunX5HYT7gqy1LII NYKwosn90ENzrQrx1nr8nfzhE5TQMxxCNgQKAcimGUf7Ga44QlvPlmsmJcIm0tIr e0YukOhbWlpXnaWc3bMabybMVnTzqcurHB60xHtNjz48+4ZhMSWtMzmayQIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFK9AkAXs4bezbdcmmWHRgOKS9nlyMB8GA1UdIwQY MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt OTE4YWM2NDYyNjc5LzEvcjBDUUJlemh0N050MXlhWllkR0E0cEwyZVhJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5 LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALYaRAwQA Z2SoAwQAuekSAwQAwWvaAwQAykcFMA0GCSqGSIb3DQEBCwUAA4IBAQCcqkIvlYxM ltMG3/gNAz+a6QY1lFsZA1vsW/3fSlIWWTqBOWZVRvz3sbvteSPBZrVyCxRwm050 epOWqlPXHdmV4SsZpUrx8tkSt3nCWolQjxN6+zw1jmZxIh82M36o1fnjPiM1Ysc5 sXoXtbUA3NNwF8ShB6WnmGJ2IOA+sGXNX2JTcuwoosJYIfjlMrY6QI+UMjzB6wTf Q2SptkYwoS5cqRTU8SLOeHtfH1uK006uDjwUI4QNwSLKET6yS7q9QT10GfCyVGSM yg5tzchwDywDaZjXamApXA8aleLHJCcsjxytMnXZF1cat/Y75T058E9R8ejBd3HX TQMKiewaNLWi -----END CERTIFICATE-----Generated at Wed Jan 21 09:22:18 2026 by rpki-client