This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/cu2Xiywf_NwB7KXfT97Z6jb0CYo.roa File: cu2Xiywf_NwB7KXfT97Z6jb0CYo.roa (raw, json) Hash identifier: UKkHmEAst70iOMfFVmNVzrxw0QLTthPENTDDfQ1b1Cc= Subject key identifier: 72:ED:97:8B:2C:1F:FC:DC:01:EC:A5:DF:4F:DE:D9:EA:36:F4:09:8A Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d Certificate serial: 019B7AC826089130A4E3E10AAF9795554CD6 Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/cu2Xiywf_NwB7KXfT97Z6jb0CYo.roa Signing time: Thu 01 Jan 2026 18:18:15 +0000 ROA not before: Thu 01 Jan 2026 18:18:15 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 2914 IP address blocks: 84.46.203.0/24 maxlen: 24 84.46.211.0/24 maxlen: 24 84.46.214.0/24 maxlen: 24 86.38.128.0/24 maxlen: 24 86.38.129.0/24 maxlen: 24 86.38.158.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:26:08:91:30:a4:e3:e1:0a:af:97:95:55:4c:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d Validity Not Before: Jan 1 18:18:15 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=72ed978b2c1ffcdc01eca5df4fded9ea36f4098a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ad:03:1f:db:44:db:d8:04:7f:13:12:cb:64: 69:a7:79:60:22:93:bd:1a:ca:06:62:6b:a7:ee:78: 22:95:ea:05:96:94:46:50:65:aa:97:f5:7c:a4:a1: 5c:28:3f:84:31:be:f1:1b:f3:a3:f5:20:79:c8:57: e1:2c:b5:d6:43:8e:6c:e0:d8:14:fd:60:64:18:88: 47:48:6c:73:e5:0d:81:39:8c:8a:03:a3:ce:27:e9: 19:0c:5d:4f:29:8f:ba:e5:6b:c2:e4:c6:7a:e9:07: 8c:19:c1:5e:48:cf:c6:fd:24:fb:60:ec:4e:75:3d: 0e:56:00:ec:70:13:05:98:63:38:22:fd:4e:d2:26: 12:e3:61:2e:a3:51:75:aa:e9:eb:18:ce:c9:49:9b: 84:d6:2e:32:d1:4f:78:88:6d:d5:8b:46:0a:e6:0b: b0:b1:8d:2b:7d:cc:71:22:b8:7d:72:62:fa:19:54: 25:7a:33:1a:0b:84:32:34:52:1b:25:32:7d:32:96: f2:d4:3c:d8:99:27:e8:26:cf:04:62:dd:21:18:65: 6d:bd:1e:fc:9b:e0:d9:16:25:0f:83:cc:23:6d:78: 5a:b3:b3:44:50:42:a8:fe:16:2b:91:86:4d:0c:e5: 35:1f:aa:af:60:b1:56:2e:df:3d:84:46:4c:e2:47: c9:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:ED:97:8B:2C:1F:FC:DC:01:EC:A5:DF:4F:DE:D9:EA:36:F4:09:8A X509v3 Authority Key Identifier: keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/cu2Xiywf_NwB7KXfT97Z6jb0CYo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.46.203.0/24 84.46.211.0/24 84.46.214.0/24 86.38.128.0/23 86.38.158.0/24 Signature Algorithm: sha256WithRSAEncryption 52:cd:ce:03:ae:c9:c1:09:5f:c7:7e:2f:7a:57:c4:9d:b6:31: 85:e2:f0:92:cd:3c:1e:86:0b:70:fa:c3:d6:98:5e:89:88:16: a3:2a:c3:68:10:02:96:9b:af:f9:59:4f:47:91:f5:1e:72:8a: f5:9f:1f:46:25:5d:31:2f:af:76:ba:74:9a:a4:a1:13:b7:1f: ee:d0:2e:3a:f8:38:7a:0f:c8:91:92:5c:47:17:4e:db:56:b8: 1e:37:70:ec:96:f4:c0:4e:03:09:7c:6b:83:d5:b3:2f:e7:a7: 79:4d:d5:71:c5:8b:69:bf:05:99:33:b3:fa:47:5f:0b:4d:8f: d8:2f:00:2b:72:a8:e8:86:43:5b:20:a0:53:51:84:b3:bc:5f: 65:44:dd:cd:b3:f7:1c:f7:74:37:2b:8d:4f:5d:6b:55:ee:fa: 08:67:d5:d7:01:37:64:bc:92:81:ee:45:97:25:98:3b:62:16: 77:86:bb:f6:ec:88:54:93:c6:6c:1d:09:97:7b:6a:e7:6f:0a: a7:5c:24:c7:23:94:a8:0e:7f:35:0c:e0:11:ee:29:20:03:2e: 52:11:81:b5:e9:d5:a9:b6:08:d4:0c:d3:de:1f:9a:06:7e:eb: 38:f7:2d:fd:1f:cc:0e:b0:7c:d4:95:91:1f:b3:d2:b6:da:dd: 41:10:ed:cf -----BEGIN CERTIFICATE----- MIIFFTCCA/2gAwIBAgISAZt6yCYIkTCk4+EKr5eVVUzWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3 MTE4MGQwHhcNMjYwMTAxMTgxODE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MmVkOTc4YjJjMWZmY2RjMDFlY2E1ZGY0ZmRlZDllYTM2ZjQwOThhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvK0DH9tE29gEfxMSy2Rpp3lgIpO9 GsoGYmun7ngileoFlpRGUGWql/V8pKFcKD+EMb7xG/Oj9SB5yFfhLLXWQ45s4NgU /WBkGIhHSGxz5Q2BOYyKA6POJ+kZDF1PKY+65WvC5MZ66QeMGcFeSM/G/ST7YOxO dT0OVgDscBMFmGM4Iv1O0iYS42Euo1F1qunrGM7JSZuE1i4y0U94iG3Vi0YK5guw sY0rfcxxIrh9cmL6GVQlejMaC4QyNFIbJTJ9Mpby1DzYmSfoJs8EYt0hGGVtvR78 m+DZFiUPg8wjbXhas7NEUEKo/hYrkYZNDOU1H6qvYLFWLt89hEZM4kfJpwIDAQAB o4ICITCCAh0wHQYDVR0OBBYEFHLtl4ssH/zcAeyl30/e2eo29AmKMB8GA1UdIwQY MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt MDQ2ODA0MjQ4NmRjLzEvY3UyWGl5d2ZfTndCN0tYZlQ5N1o2amIwQ1lvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVC7LAwQA VC7TAwQAVC7WAwQBViaAAwQAViaeMA0GCSqGSIb3DQEBCwUAA4IBAQBSzc4DrsnB CV/Hfi96V8SdtjGF4vCSzTwehgtw+sPWmF6JiBajKsNoEAKWm6/5WU9HkfUecor1 nx9GJV0xL692unSapKETtx/u0C46+Dh6D8iRklxHF07bVrgeN3DslvTATgMJfGuD 1bMv56d5TdVxxYtpvwWZM7P6R18LTY/YLwArcqjohkNbIKBTUYSzvF9lRN3Ns/cc 93Q3K41PXWtV7voIZ9XXATdkvJKB7kWXJZg7YhZ3hrv27IhUk8ZsHQmXe2rnbwqn XCTHI5SoDn81DOAR7ikgAy5SEYG16dWptgjUDNPeH5oGfus49y39H8wOsHzUlZEf s9K22t1BEO3P -----END CERTIFICATE-----Generated at Thu Jan 8 00:16:42 2026 by rpki-client