This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/ae1f3a-65a8-4794-91c8-a5879b69f126/1/cnybTQdw-1JzZEmKBwChzF9nwdA.roa File: cnybTQdw-1JzZEmKBwChzF9nwdA.roa (raw, json) Hash identifier: mUaYCEj2VPDWjtCv1k3iVXZhYm/cAKjBAxkBrbEbBps= Subject key identifier: 72:7C:9B:4D:07:70:FB:52:73:64:49:8A:07:00:A1:CC:5F:67:C1:D0 Certificate issuer: /CN=050365c8af48813a5bab97ede355539f11474dc7 Certificate serial: 019B7BA4183EED86C55B948C1FF01962AB07 Authority key identifier: 05:03:65:C8:AF:48:81:3A:5B:AB:97:ED:E3:55:53:9F:11:47:4D:C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQNlyK9IgTpbq5ft41VTnxFHTcc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/ae1f3a-65a8-4794-91c8-a5879b69f126/1/cnybTQdw-1JzZEmKBwChzF9nwdA.roa Signing time: Thu 01 Jan 2026 22:18:30 +0000 ROA not before: Thu 01 Jan 2026 22:18:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39587 IP address blocks: 147.78.236.0/23 maxlen: 23 2a0f:2980::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/ae1f3a-65a8-4794-91c8-a5879b69f126/1/BQNlyK9IgTpbq5ft41VTnxFHTcc.crl rsync://rpki.ripe.net/repository/DEFAULT/62/ae1f3a-65a8-4794-91c8-a5879b69f126/1/BQNlyK9IgTpbq5ft41VTnxFHTcc.mft rsync://rpki.ripe.net/repository/DEFAULT/BQNlyK9IgTpbq5ft41VTnxFHTcc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a4:18:3e:ed:86:c5:5b:94:8c:1f:f0:19:62:ab:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=050365c8af48813a5bab97ede355539f11474dc7 Validity Not Before: Jan 1 22:18:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=727c9b4d0770fb527364498a0700a1cc5f67c1d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:4e:0a:88:86:93:b3:9d:87:bc:2c:d6:ba:d5: fe:07:71:a8:ff:62:ef:11:5e:85:d5:9a:f6:69:e5: b4:5f:88:10:bb:68:9e:b3:df:fb:b9:d6:79:95:dd: 03:28:5f:a9:cf:ef:77:b7:ed:c2:9f:6a:af:30:a5: 75:70:ab:e0:8e:62:c1:2d:56:1b:d4:5c:1f:8e:d1: 9b:ba:50:95:08:f7:42:1e:fc:6b:0a:74:4f:57:a2: c1:a9:42:2c:dd:05:be:d8:09:5d:56:7a:6d:f7:20: 43:b0:f5:eb:5c:8e:bb:f2:2d:e3:57:0f:2b:74:0a: e6:5c:30:ef:ea:bb:ed:4e:0a:0c:cb:8c:e6:a3:f3: 28:11:9b:35:10:e3:b3:e5:0b:82:5e:bd:8b:14:bb: 88:7a:cf:d4:4c:91:9b:d1:08:b2:8b:38:1f:d1:98: ce:83:87:d5:77:18:81:9c:f7:6b:45:f7:81:79:59: 83:04:2a:c8:5e:41:87:1c:02:f7:38:cb:3d:bf:6e: 19:fc:2c:a5:bb:d6:fa:25:e0:72:89:4b:89:e8:85: bc:4a:c2:9b:f5:2d:ac:a3:9c:1a:48:e2:ad:63:f3: e2:bf:85:27:2b:85:4c:16:b0:bf:0a:c7:4c:0a:b9: 96:b2:f8:53:fc:33:03:19:a8:38:ed:c3:8e:26:96: aa:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:7C:9B:4D:07:70:FB:52:73:64:49:8A:07:00:A1:CC:5F:67:C1:D0 X509v3 Authority Key Identifier: keyid:05:03:65:C8:AF:48:81:3A:5B:AB:97:ED:E3:55:53:9F:11:47:4D:C7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQNlyK9IgTpbq5ft41VTnxFHTcc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ae1f3a-65a8-4794-91c8-a5879b69f126/1/cnybTQdw-1JzZEmKBwChzF9nwdA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/ae1f3a-65a8-4794-91c8-a5879b69f126/1/BQNlyK9IgTpbq5ft41VTnxFHTcc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 147.78.236.0/23 IPv6: 2a0f:2980::/29 Signature Algorithm: sha256WithRSAEncryption 64:90:79:d9:30:b2:f2:34:8a:21:09:42:b6:95:e0:e3:8e:f7: 13:55:76:84:77:98:aa:8f:b3:42:7c:dc:53:88:e4:03:6f:1d: e2:20:6c:27:f5:63:8d:14:89:cf:a8:ff:4c:79:ba:72:8d:f4: 4d:7c:50:ed:6a:42:96:6f:e5:1e:be:33:2f:0e:55:18:7a:71: cc:0c:92:eb:be:6d:55:7a:53:92:c2:6e:37:43:c4:e4:2b:14: a2:06:a3:fd:87:b4:d6:8a:fd:41:aa:45:d5:60:a1:c1:63:c6: 77:1f:a9:b4:09:04:b4:a5:a0:04:74:ab:6c:07:bf:1e:48:12: 9e:2d:84:43:d3:d7:55:11:c5:94:17:ea:a0:b9:0f:5b:bc:26: 6c:91:aa:3b:1b:92:6d:24:19:c8:1a:9e:7a:b1:7a:99:0e:e6: 38:bd:da:24:e9:78:26:d8:17:51:72:26:1b:36:84:41:9a:ac: b1:86:f2:fe:bc:7f:19:02:cc:b1:02:ac:59:f0:f2:b8:32:b6: 96:bd:8e:2f:3f:3f:ea:d7:87:e0:c7:0a:f2:d6:b0:f0:e9:c0: de:1f:ce:d3:5e:76:81:03:5f:ba:75:30:06:3a:a5:e6:58:61: 98:6e:6c:80:23:42:7d:bf:c8:42:5c:a1:74:3d:f7:55:e7:e4: bc:ac:4c:13 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7pBg+7YbFW5SMH/AZYqsHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA1MDM2NWM4YWY0ODgxM2E1YmFiOTdlZGUzNTU1MzlmMTE0 NzRkYzcwHhcNMjYwMTAxMjIxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MjdjOWI0ZDA3NzBmYjUyNzM2NDQ5OGEwNzAwYTFjYzVmNjdjMWQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxk4KiIaTs52HvCzWutX+B3Go/2Lv EV6F1Zr2aeW0X4gQu2ies9/7udZ5ld0DKF+pz+93t+3Cn2qvMKV1cKvgjmLBLVYb 1FwfjtGbulCVCPdCHvxrCnRPV6LBqUIs3QW+2AldVnpt9yBDsPXrXI678i3jVw8r dArmXDDv6rvtTgoMy4zmo/MoEZs1EOOz5QuCXr2LFLuIes/UTJGb0Qiyizgf0ZjO g4fVdxiBnPdrRfeBeVmDBCrIXkGHHAL3OMs9v24Z/Cylu9b6JeByiUuJ6IW8SsKb 9S2so5waSOKtY/Piv4UnK4VMFrC/CsdMCrmWsvhT/DMDGag47cOOJpaqmQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHJ8m00HcPtSc2RJigcAocxfZ8HQMB8GA1UdIwQY MBaAFAUDZcivSIE6W6uX7eNVU58RR03HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQlFObHlLOUlnVHBicTVmdDQxVlRueEZIVGNjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZTFmM2EtNjVhOC00Nzk0LTkxYzgt YTU4NzliNjlmMTI2LzEvY255YlRRZHctMUp6WkVtS0J3Q2h6Rjlud2RBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi9hZTFmM2EtNjVhOC00Nzk0LTkxYzgtYTU4NzliNjlmMTI2 LzEvQlFObHlLOUlnVHBicTVmdDQxVlRueEZIVGNjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBk07sMA0E AgACMAcDBQMqDymAMA0GCSqGSIb3DQEBCwUAA4IBAQBkkHnZMLLyNIohCUK2leDj jvcTVXaEd5iqj7NCfNxTiOQDbx3iIGwn9WONFInPqP9MebpyjfRNfFDtakKWb+Ue vjMvDlUYenHMDJLrvm1VelOSwm43Q8TkKxSiBqP9h7TWiv1BqkXVYKHBY8Z3H6m0 CQS0paAEdKtsB78eSBKeLYRD09dVEcWUF+qguQ9bvCZskao7G5JtJBnIGp56sXqZ DuY4vdok6Xgm2BdRciYbNoRBmqyxhvL+vH8ZAsyxAqxZ8PK4MraWvY4vPz/q14fg xwry1rDw6cDeH87TXnaBA1+6dTAGOqXmWGGYbmyAI0J9v8hCXKF0PfdV5+S8rEwT -----END CERTIFICATE-----Generated at Mon Feb 9 22:36:50 2026 by rpki-client