This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/CFcnKO7eSo5CQ7GGPUzePhTRSUk.roa File: CFcnKO7eSo5CQ7GGPUzePhTRSUk.roa (raw, json) Hash identifier: p2GuXYMIL2vIUpj0yrySt0iLiO429V/TKdLSA6BuCH8= Subject key identifier: 08:57:27:28:EE:DE:4A:8E:42:43:B1:86:3D:4C:DE:3E:14:D1:49:49 Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2 Certificate serial: 019B79106C5126AE833AED261EE2D885634B Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/CFcnKO7eSo5CQ7GGPUzePhTRSUk.roa Signing time: Thu 01 Jan 2026 10:17:57 +0000 ROA not before: Thu 01 Jan 2026 10:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212219 IP address blocks: 31.210.36.0/24 maxlen: 24 78.135.85.0/24 maxlen: 24 188.132.197.0/24 maxlen: 24 188.132.198.0/24 maxlen: 24 212.68.34.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 09:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:6c:51:26:ae:83:3a:ed:26:1e:e2:d8:85:63:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2 Validity Not Before: Jan 1 10:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08572728eede4a8e4243b1863d4cde3e14d14949 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:e7:2a:22:e3:f7:95:7d:2d:76:f6:95:f3:4d: 71:fc:f7:15:87:28:1d:5d:80:b1:60:82:85:48:e4: 74:e5:7c:a6:38:b3:ae:d4:9a:73:dd:62:3f:0f:b9: cc:28:c9:3d:83:d7:6e:a7:98:a2:81:63:8a:da:7a: d7:bd:90:d9:cd:9b:a4:35:0f:cc:c6:a4:01:db:90: 7a:98:91:9d:56:46:fd:dd:23:36:b9:3d:e1:3f:b0: f6:bb:e8:ff:54:80:d7:0a:37:20:c3:89:a9:bb:34: b9:c9:e8:67:3f:53:a1:9f:49:ff:00:94:f0:1e:75: ba:1d:7d:98:a2:a3:09:3e:da:9b:7b:1f:b7:84:b6: 07:5e:7d:6c:b8:3c:7f:7b:a0:bf:58:67:b5:29:66: f5:84:d5:a2:f8:0b:19:0f:1b:97:4a:81:23:c5:f0: b4:9f:a9:9e:ae:37:93:1a:1c:66:74:8b:9d:9a:f3: 33:3a:3d:d8:3e:b8:45:d6:b5:5f:c9:10:d2:df:40: 2f:3d:2d:5b:cf:1d:3c:2d:a9:06:a1:c4:cc:e2:21: 1a:29:9f:04:49:64:b8:e0:cb:d6:9e:21:89:e4:fb: 0b:1c:cc:58:38:32:6e:5b:6c:28:8c:f3:9a:cc:e9: 7c:3a:3c:76:ec:68:7c:95:11:04:44:a0:33:cf:ab: 15:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:57:27:28:EE:DE:4A:8E:42:43:B1:86:3D:4C:DE:3E:14:D1:49:49 X509v3 Authority Key Identifier: keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/CFcnKO7eSo5CQ7GGPUzePhTRSUk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.210.36.0/24 78.135.85.0/24 188.132.197.0-188.132.198.255 212.68.34.0/24 Signature Algorithm: sha256WithRSAEncryption a3:db:62:ec:fe:0e:f8:de:79:a3:ca:a5:0b:76:ea:d0:9d:1e: f9:b9:4d:55:b4:cb:c2:f5:78:82:ba:9e:e9:8d:1e:98:c7:ba: 64:8a:56:33:87:bd:35:a2:fc:8e:db:b0:4a:b3:60:3a:80:88: 40:f1:40:0b:0b:26:f6:61:16:78:7e:87:99:66:79:ae:c7:38: ac:31:1d:76:9e:67:49:da:24:41:20:ba:b7:84:0c:20:97:f4: 4b:ca:88:ad:76:30:9b:0f:fa:54:ae:89:78:ec:5c:29:57:c8: 2d:87:b2:94:b0:5e:8a:29:76:8a:3c:70:5c:9c:44:18:06:8b: 70:d6:b7:52:e9:a3:15:d1:00:49:21:42:66:b8:be:89:ca:1e: ff:39:59:f5:76:56:f1:a8:00:17:a9:e5:86:e9:65:e7:38:1a: d9:00:46:31:ce:9f:99:00:45:a8:99:07:bf:f5:90:10:dd:0a: ea:8d:e2:da:45:c9:09:04:fc:93:a5:14:99:64:64:d3:2c:a3: ea:38:e2:4b:f7:20:63:e5:c7:ff:b1:75:de:31:de:7a:26:66: 83:50:d1:bc:fd:a2:7d:fc:d9:c9:23:28:00:09:10:8a:65:d8: cc:38:13:a7:fc:dd:53:53:c3:6a:60:94:95:08:ed:ab:5d:02: 9d:34:f3:a9 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgISAZt5EGxRJq6DOu0mHuLYhWNLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx OTJjYTIwHhcNMjYwMTAxMTAxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODU3MjcyOGVlZGU0YThlNDI0M2IxODYzZDRjZGUzZTE0ZDE0OTQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOcqIuP3lX0tdvaV801x/PcVhygd XYCxYIKFSOR05XymOLOu1Jpz3WI/D7nMKMk9g9dup5iigWOK2nrXvZDZzZukNQ/M xqQB25B6mJGdVkb93SM2uT3hP7D2u+j/VIDXCjcgw4mpuzS5yehnP1Ohn0n/AJTw HnW6HX2YoqMJPtqbex+3hLYHXn1suDx/e6C/WGe1KWb1hNWi+AsZDxuXSoEjxfC0 n6merjeTGhxmdIudmvMzOj3YPrhF1rVfyRDS30AvPS1bzx08LakGocTM4iEaKZ8E SWS44MvWniGJ5PsLHMxYODJuW2wojPOazOl8Ojx27Gh8lREERKAzz6sVLwIDAQAB o4ICIzCCAh8wHQYDVR0OBBYEFAhXJyju3kqOQkOxhj1M3j4U0UlJMB8GA1UdIwQY MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt NGUxOThmMGE2MDEzLzEvQ0ZjbktPN2VTbzVDUTdHR1BVemVQaFRSU1VrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAH9IkAwQA TodVMAwDBAC8hMUDBAC8hMYDBADURCIwDQYJKoZIhvcNAQELBQADggEBAKPbYuz+ DvjeeaPKpQt26tCdHvm5TVW0y8L1eIK6numNHpjHumSKVjOHvTWi/I7bsEqzYDqA iEDxQAsLJvZhFnh+h5lmea7HOKwxHXaeZ0naJEEgureEDCCX9EvKiK12MJsP+lSu iXjsXClXyC2HspSwXoopdoo8cFycRBgGi3DWt1LpoxXRAEkhQma4vonKHv85WfV2 VvGoABep5YbpZec4GtkARjHOn5kARaiZB7/1kBDdCuqN4tpFyQkE/JOlFJlkZNMs o+o44kv3IGPlx/+xdd4x3nomZoNQ0bz9on382ckjKAAJEIpl2Mw4E6f83VNTw2pg lJUI7atdAp0086k= -----END CERTIFICATE-----Generated at Wed Jan 21 13:32:42 2026 by rpki-client