This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/cnb-lu4zIC_MaS7_GWqbYHjb5Ds.roa File: cnb-lu4zIC_MaS7_GWqbYHjb5Ds.roa (raw, json) Hash identifier: xsDHct3Pb3ka37zvQLXPltivcBR1NoO24YHJHA9SzO0= Subject key identifier: 72:76:FE:96:EE:33:20:2F:CC:69:2E:FF:19:6A:9B:60:78:DB:E4:3B Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c Certificate serial: 019B7AC788E63552DF5ED07333B3BD54CFD7 Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/cnb-lu4zIC_MaS7_GWqbYHjb5Ds.roa Signing time: Thu 01 Jan 2026 18:17:35 +0000 ROA not before: Thu 01 Jan 2026 18:17:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34665 IP address blocks: 45.137.52.0/24 maxlen: 24 45.137.55.0/24 maxlen: 24 45.137.191.0/24 maxlen: 24 45.139.28.0/24 maxlen: 24 45.139.31.0/24 maxlen: 24 45.140.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:88:e6:35:52:df:5e:d0:73:33:b3:bd:54:cf:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c Validity Not Before: Jan 1 18:17:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7276fe96ee33202fcc692eff196a9b6078dbe43b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:ef:f3:ae:0d:a4:fc:b1:5b:13:fe:40:be:f0: 05:81:54:f6:b0:00:1e:f3:01:ba:ef:06:66:67:1c: 2d:84:64:d3:36:60:45:da:a2:ab:77:68:7f:70:16: 0b:b9:8b:59:c2:a1:8e:7a:f7:41:6e:6a:0e:75:e2: 07:f3:e3:07:d8:b4:0c:d2:e9:a2:b5:dc:2f:7b:e1: e6:9b:88:d5:46:4a:ac:d2:06:fd:15:e1:e2:91:66: 5d:cc:52:fe:73:ab:6b:43:a9:41:ef:5f:21:21:df: c9:3b:7e:89:ca:2a:f9:ee:f5:f7:bf:71:b5:c3:a6: 3e:9d:b9:5b:98:16:1a:7d:b6:e0:e8:aa:44:45:4d: c4:b5:b1:c9:45:a5:22:ce:89:c0:11:f5:78:3f:84: 62:a3:20:2e:02:6a:fd:d1:39:15:05:6f:7e:29:8b: a7:29:ed:4b:4d:8d:27:18:eb:4c:fa:4a:09:94:e5: c4:90:05:be:20:75:b3:fe:52:f9:f6:c9:6f:0e:af: 4e:06:48:f4:01:63:87:86:28:d9:69:d6:3a:b7:51: c8:31:c5:2d:56:10:0e:5d:b7:22:d3:a7:00:29:f6: c5:15:dc:be:58:b5:1f:d9:f3:9c:a2:d3:f1:dc:7d: ec:eb:9e:e1:da:3f:32:6a:3e:f7:d8:21:f2:c7:f1: b1:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:76:FE:96:EE:33:20:2F:CC:69:2E:FF:19:6A:9B:60:78:DB:E4:3B X509v3 Authority Key Identifier: keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/cnb-lu4zIC_MaS7_GWqbYHjb5Ds.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.137.52.0/24 45.137.55.0/24 45.137.191.0/24 45.139.28.0/24 45.139.31.0/24 45.140.171.0/24 Signature Algorithm: sha256WithRSAEncryption 46:e3:eb:ac:f1:2b:84:85:ff:99:7a:76:3d:98:9a:1d:c1:c7: e7:f7:ef:31:58:83:ad:6f:78:75:98:32:8e:1b:4a:d6:2f:47: 04:f7:72:6c:be:48:c1:47:27:b4:88:e7:04:13:2f:ad:be:8b: 98:35:02:91:77:70:91:b2:e3:2e:c5:a8:a2:9d:0d:30:7b:f4: fe:1e:89:c4:30:87:fa:24:58:13:a2:27:41:06:e5:93:26:77: 1a:64:14:2b:7d:b9:90:4b:4e:c7:a5:49:25:2e:52:98:4c:94: 6b:1b:8a:d0:62:34:e5:7c:cf:e3:a2:8d:bd:1f:4d:9a:ac:7a: 9c:d5:37:fd:0e:c6:15:64:a6:aa:33:fe:e2:37:35:b3:9d:ab: 59:84:e9:d1:39:22:45:50:31:94:02:fa:01:44:67:c2:32:8f: 1e:03:b2:d2:16:2e:b4:22:84:c1:e4:2a:28:8d:62:71:8a:35: eb:ef:d0:74:51:6a:8c:67:d9:30:6e:13:68:e5:be:07:62:2b: a2:78:02:74:88:2f:97:00:bb:ef:32:e1:44:8c:0b:3e:5b:55: 2f:a7:c6:d7:66:28:7c:46:8c:d1:5d:96:5a:0b:61:66:70:b2: d0:3d:8d:b7:15:5a:7d:13:45:72:2e:3a:f2:57:55:a3:8a:d7: 90:8e:65:f5 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt6x4jmNVLfXtBzM7O9VM/XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0 ODBiOWMwHhcNMjYwMTAxMTgxNzM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3Mjc2ZmU5NmVlMzMyMDJmY2M2OTJlZmYxOTZhOWI2MDc4ZGJlNDNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3u/zrg2k/LFbE/5AvvAFgVT2sAAe 8wG67wZmZxwthGTTNmBF2qKrd2h/cBYLuYtZwqGOevdBbmoOdeIH8+MH2LQM0umi tdwve+Hmm4jVRkqs0gb9FeHikWZdzFL+c6trQ6lB718hId/JO36Jyir57vX3v3G1 w6Y+nblbmBYafbbg6KpERU3EtbHJRaUizonAEfV4P4RioyAuAmr90TkVBW9+KYun Ke1LTY0nGOtM+koJlOXEkAW+IHWz/lL59slvDq9OBkj0AWOHhijZadY6t1HIMcUt VhAOXbci06cAKfbFFdy+WLUf2fOcotPx3H3s657h2j8yaj732CHyx/GxLwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFHJ2/pbuMyAvzGku/xlqm2B42+Q7MB8GA1UdIwQY MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt NTczNzAxYzg0ODMzLzEvY25iLWx1NHpJQ19NYVM3X0dXcWJZSGpiNURzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYk0AwQA LYk3AwQALYm/AwQALYscAwQALYsfAwQALYyrMA0GCSqGSIb3DQEBCwUAA4IBAQBG 4+us8SuEhf+ZenY9mJodwcfn9+8xWIOtb3h1mDKOG0rWL0cE93JsvkjBRye0iOcE Ey+tvouYNQKRd3CRsuMuxaiinQ0we/T+HonEMIf6JFgToidBBuWTJncaZBQrfbmQ S07HpUklLlKYTJRrG4rQYjTlfM/joo29H02arHqc1Tf9DsYVZKaqM/7iNzWznatZ hOnROSJFUDGUAvoBRGfCMo8eA7LSFi60IoTB5CoojWJxijXr79B0UWqMZ9kwbhNo 5b4HYiuieAJ0iC+XALvvMuFEjAs+W1Uvp8bXZih8RozRXZZaC2FmcLLQPY23FVp9 E0VyLjryV1WjiteQjmX1 -----END CERTIFICATE-----Generated at Mon Jan 19 20:35:04 2026 by rpki-client