This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/cneDK9wIJto0L8FIGybxXTkN7-g.roa File: cneDK9wIJto0L8FIGybxXTkN7-g.roa (raw, json) Hash identifier: /ZPU5CDQJmj0WcWpNTND51Omeqs1E74D4tLVOwv5dwM= Subject key identifier: 72:77:83:2B:DC:08:26:DA:34:2F:C1:48:1B:26:F1:5D:39:0D:EF:E8 Certificate issuer: /CN=cf4a717f8fa1bb0359274223acdae22b70e66bec Certificate serial: 019B7910CA01C8F36638EC7BD3AEE559A8BF Authority key identifier: CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/cneDK9wIJto0L8FIGybxXTkN7-g.roa Signing time: Thu 01 Jan 2026 10:18:21 +0000 ROA not before: Thu 01 Jan 2026 10:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15774 IP address blocks: 31.42.96.0/20 maxlen: 32 37.49.192.0/19 maxlen: 32 37.205.48.0/21 maxlen: 32 37.205.64.0/19 maxlen: 32 46.50.128.0/17 maxlen: 32 46.151.88.0/21 maxlen: 32 46.241.0.0/17 maxlen: 32 91.105.128.0/18 maxlen: 32 109.171.0.0/17 maxlen: 32 109.197.128.0/21 maxlen: 32 178.217.0.0/21 maxlen: 32 188.44.96.0/19 maxlen: 32 188.168.0.0/16 maxlen: 32 188.244.128.0/17 maxlen: 32 194.187.29.0/24 maxlen: 32 195.238.100.0/22 maxlen: 32 2a02:618::/32 maxlen: 96 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.mft rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 01 Feb 2026 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:ca:01:c8:f3:66:38:ec:7b:d3:ae:e5:59:a8:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf4a717f8fa1bb0359274223acdae22b70e66bec Validity Not Before: Jan 1 10:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7277832bdc0826da342fc1481b26f15d390defe8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:02:b2:18:21:d4:74:4e:ac:bb:84:1e:49:c9: fa:6b:e1:06:60:b2:fc:5e:49:88:31:8b:c0:e9:27: 85:fc:1a:e3:57:aa:61:48:b2:48:cb:bf:6b:7c:36: 57:bd:26:fa:7e:01:53:f8:60:0b:5d:5e:e4:cf:4d: 69:f2:1c:02:b0:44:d4:ed:e1:c4:00:bf:c3:0f:cc: b1:cc:e9:8f:a3:e7:20:43:67:58:51:62:36:9f:97: 3d:9f:62:29:84:ab:84:72:49:5e:31:0d:61:4c:04: e1:f4:b6:cb:3c:d0:9c:fc:05:77:ed:b2:a3:23:d5: e7:51:c2:ed:b3:72:81:79:eb:c6:3e:ed:69:d8:45: aa:d2:06:ac:76:af:f0:fc:32:57:bf:89:2e:c9:e1: e1:c7:0a:d7:06:44:81:2a:c3:26:ea:85:22:a8:18: 99:8f:9b:26:8d:96:ca:15:8f:dd:be:90:43:64:bb: cd:87:af:d5:0f:5a:fa:f0:80:53:3f:3d:04:48:f8: e3:6f:db:81:48:b8:ae:91:8b:30:0d:8c:4e:e9:28: ef:c5:b5:7e:6e:6d:03:ac:b9:63:a9:6c:78:3f:8f: d1:75:56:7e:ce:0a:24:8f:d7:d6:fb:b1:73:7f:ac: c1:f0:a1:63:14:7f:7e:25:d7:01:7b:61:e5:72:f0: ee:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:77:83:2B:DC:08:26:DA:34:2F:C1:48:1B:26:F1:5D:39:0D:EF:E8 X509v3 Authority Key Identifier: keyid:CF:4A:71:7F:8F:A1:BB:03:59:27:42:23:AC:DA:E2:2B:70:E6:6B:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0pxf4-huwNZJ0IjrNriK3Dma-w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/cneDK9wIJto0L8FIGybxXTkN7-g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/e50f54-6fdd-4fe9-9fe9-6aaa6b02160d/1/z0pxf4-huwNZJ0IjrNriK3Dma-w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.42.96.0/20 37.49.192.0/19 37.205.48.0/21 37.205.64.0/19 46.50.128.0/17 46.151.88.0/21 46.241.0.0/17 91.105.128.0/18 109.171.0.0/17 109.197.128.0/21 178.217.0.0/21 188.44.96.0/19 188.168.0.0/16 188.244.128.0/17 194.187.29.0/24 195.238.100.0/22 IPv6: 2a02:618::/32 Signature Algorithm: sha256WithRSAEncryption 6c:2f:b1:20:8b:54:4c:2b:de:50:49:73:ba:00:20:29:75:75: 47:fe:99:04:85:ee:2b:c4:83:7e:51:1b:1d:99:16:37:35:df: 24:0f:87:7d:87:17:5b:8d:6b:0d:35:39:8d:05:18:51:d9:39: d8:68:0b:f4:45:05:c3:47:82:aa:0a:20:92:1c:ca:f7:d9:ff: 7b:cf:04:5e:2c:90:d2:44:c4:a1:64:76:f8:bd:72:2d:18:fd: 48:95:a9:06:5f:2d:6a:d2:e8:81:36:f0:ab:56:9e:81:34:d1: 3c:a3:a6:df:cc:73:30:f9:af:ea:6a:35:a0:15:60:39:0c:46: 12:e2:8a:3a:db:9b:dd:a2:62:a7:80:1e:b1:a4:0a:68:5f:87: bd:57:7c:6f:3c:bd:72:0a:b2:09:36:f9:15:a9:4b:76:7f:fd: 2a:06:f8:78:a4:35:db:c6:4e:e4:d5:24:2f:93:0e:3c:44:bc: 88:71:3c:e9:61:68:3c:82:62:9d:c9:03:7c:c9:42:84:0c:05: 81:a8:bd:47:53:4a:5e:dd:77:f6:09:39:16:4d:40:1d:de:48: 5b:7b:4f:13:c9:c0:26:df:42:fc:ab:e0:35:62:03:60:d7:d1: 6c:3f:03:ce:9c:44:a2:cd:c5:4e:56:8d:c6:bb:14:47:a8:f4: 65:ab:b0:40 -----BEGIN CERTIFICATE----- MIIFZjCCBE6gAwIBAgISAZt5EMoByPNmOOx7067lWai/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmNGE3MTdmOGZhMWJiMDM1OTI3NDIyM2FjZGFlMjJiNzBl NjZiZWMwHhcNMjYwMTAxMTAxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3Mjc3ODMyYmRjMDgyNmRhMzQyZmMxNDgxYjI2ZjE1ZDM5MGRlZmU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgKyGCHUdE6su4QeScn6a+EGYLL8 XkmIMYvA6SeF/BrjV6phSLJIy79rfDZXvSb6fgFT+GALXV7kz01p8hwCsETU7eHE AL/DD8yxzOmPo+cgQ2dYUWI2n5c9n2IphKuEckleMQ1hTATh9LbLPNCc/AV37bKj I9XnUcLts3KBeevGPu1p2EWq0gasdq/w/DJXv4kuyeHhxwrXBkSBKsMm6oUiqBiZ j5smjZbKFY/dvpBDZLvNh6/VD1r68IBTPz0ESPjjb9uBSLiukYswDYxO6SjvxbV+ bm0DrLljqWx4P4/RdVZ+zgokj9fW+7Fzf6zB8KFjFH9+JdcBe2HlcvDuAwIDAQAB o4ICcjCCAm4wHQYDVR0OBBYEFHJ3gyvcCCbaNC/BSBsm8V05De/oMB8GA1UdIwQY MBaAFM9KcX+PobsDWSdCI6za4itw5mvsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTkt NmFhYTZiMDIxNjBkLzEvY25lREs5d0lKdG8wTDhGSUd5YnhYVGtONy1nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC9lNTBmNTQtNmZkZC00ZmU5LTlmZTktNmFhYTZiMDIxNjBk LzEvejBweGY0LWh1d05aSjBJanJOcmlLM0RtYS13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwZQQCAAEwXwMEBB8qYAME BSUxwAMEAyXNMAMEBSXNQAMEBy4ygAMEAy6XWAMEBy7xAAMEBltpgAMEB22rAAME A23FgAMEA7LZAAMEBbwsYAMDALyoAwQHvPSAAwQAwrsdAwQCw+5kMA0EAgACMAcD BQAqAgYYMA0GCSqGSIb3DQEBCwUAA4IBAQBsL7Egi1RMK95QSXO6ACApdXVH/pkE he4rxIN+URsdmRY3Nd8kD4d9hxdbjWsNNTmNBRhR2TnYaAv0RQXDR4KqCiCSHMr3 2f97zwReLJDSRMShZHb4vXItGP1IlakGXy1q0uiBNvCrVp6BNNE8o6bfzHMw+a/q ajWgFWA5DEYS4oo625vdomKngB6xpApoX4e9V3xvPL1yCrIJNvkVqUt2f/0qBvh4 pDXbxk7k1SQvkw48RLyIcTzpYWg8gmKdyQN8yUKEDAWBqL1HU0pe3Xf2CTkWTUAd 3khbe08TycAm30L8q+A1YgNg19FsPwPOnESizcVOVo3GuxRHqPRlq7BA -----END CERTIFICATE-----Generated at Sat Jan 31 10:41:59 2026 by rpki-client