This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/89a872-d04d-4217-8fc4-c90db8235f39/1/CNU3mQEbY-u6S3PERfizHiI3tYk.roa File: CNU3mQEbY-u6S3PERfizHiI3tYk.roa (raw, json) Hash identifier: /9Q8PFVvHk4oD7Nve3f5+udPkxTJLftVYP8vMjZBj5o= Subject key identifier: 08:D5:37:99:01:1B:63:EB:BA:4B:73:C4:45:F8:B3:1E:22:37:B5:89 Certificate issuer: /CN=5c428846f84d818361f6b9c0a463b2e5742a149b Certificate serial: 019B79EC9F585F1D4DBA28AFCAF896065E3A Authority key identifier: 5C:42:88:46:F8:4D:81:83:61:F6:B9:C0:A4:63:B2:E5:74:2A:14:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XEKIRvhNgYNh9rnApGOy5XQqFJs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/89a872-d04d-4217-8fc4-c90db8235f39/1/CNU3mQEbY-u6S3PERfizHiI3tYk.roa Signing time: Thu 01 Jan 2026 14:18:28 +0000 ROA not before: Thu 01 Jan 2026 14:18:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30795 IP address blocks: 185.225.52.0/22 maxlen: 22 195.88.88.0/24 maxlen: 24 2a01:650::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/89a872-d04d-4217-8fc4-c90db8235f39/1/XEKIRvhNgYNh9rnApGOy5XQqFJs.crl rsync://rpki.ripe.net/repository/DEFAULT/73/89a872-d04d-4217-8fc4-c90db8235f39/1/XEKIRvhNgYNh9rnApGOy5XQqFJs.mft rsync://rpki.ripe.net/repository/DEFAULT/XEKIRvhNgYNh9rnApGOy5XQqFJs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:9f:58:5f:1d:4d:ba:28:af:ca:f8:96:06:5e:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5c428846f84d818361f6b9c0a463b2e5742a149b Validity Not Before: Jan 1 14:18:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=08d53799011b63ebba4b73c445f8b31e2237b589 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:5b:f4:2b:87:f5:df:f5:0c:7d:47:9d:32:09: 32:49:aa:0d:dc:f2:0d:f1:f8:14:72:f2:1a:d3:32: 19:dd:6c:93:18:8e:d0:57:2f:7a:82:63:8e:9c:2b: 5a:d4:86:ff:95:60:90:4b:9b:9f:ae:89:b1:d0:e7: 18:9d:4e:c9:18:54:8f:26:8b:f8:d1:7e:54:fd:9c: 07:53:73:a4:1b:e0:bd:8b:8e:de:cb:d8:b9:d3:f9: a3:e7:62:ec:1c:ff:55:cc:54:4c:ae:65:ed:73:d9: 14:90:54:6d:0c:21:3d:28:91:e2:84:d8:3f:6e:d2: 15:74:28:db:6b:43:82:c2:16:6f:fc:bd:ab:13:fd: 65:89:9b:e3:6b:7d:d5:0c:7a:3b:b6:a9:0d:31:0c: 4d:ce:e9:3b:fd:61:7f:f9:27:dd:90:8e:af:0c:d1: 0e:da:68:a0:52:67:20:1b:bf:31:cb:1d:0e:eb:7a: 95:9c:9c:80:45:9d:43:7e:bd:1a:ab:fb:be:a4:20: ad:75:cb:6d:07:70:7a:dd:cd:02:a9:5b:af:36:54: bc:8d:b9:7f:ed:b9:35:3e:c4:27:e0:25:51:94:1e: 60:c4:84:26:b3:29:67:bb:fd:fe:a6:de:73:05:38: 2f:cc:25:39:73:68:6d:09:20:69:47:2a:93:45:c6: fe:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:D5:37:99:01:1B:63:EB:BA:4B:73:C4:45:F8:B3:1E:22:37:B5:89 X509v3 Authority Key Identifier: keyid:5C:42:88:46:F8:4D:81:83:61:F6:B9:C0:A4:63:B2:E5:74:2A:14:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XEKIRvhNgYNh9rnApGOy5XQqFJs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/89a872-d04d-4217-8fc4-c90db8235f39/1/CNU3mQEbY-u6S3PERfizHiI3tYk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/89a872-d04d-4217-8fc4-c90db8235f39/1/XEKIRvhNgYNh9rnApGOy5XQqFJs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.225.52.0/22 195.88.88.0/24 IPv6: 2a01:650::/32 Signature Algorithm: sha256WithRSAEncryption 5c:e9:0a:e8:ce:56:96:4a:86:ce:23:62:f9:d3:6b:d3:38:6d: 80:57:1d:09:e9:c1:82:4a:36:ef:81:eb:e1:4a:be:5b:6f:04: b0:a8:a3:45:33:c8:68:db:b0:e3:a6:19:ba:0f:be:b3:e9:9d: 4c:f3:37:65:44:1b:78:17:ca:1a:d9:4b:24:d4:75:73:00:be: 56:cc:53:bb:a8:6d:b1:98:7d:a0:93:53:0b:88:38:84:82:52: 26:7b:f0:73:06:5a:95:91:b9:39:7e:bd:83:6f:e2:00:7c:0d: 58:5a:2b:ea:5c:02:42:1b:54:7a:2a:ac:14:79:2a:24:79:4f: f3:a5:dc:6d:8f:72:a6:d2:7e:a7:66:52:19:b1:c8:e6:7e:63: 01:36:6e:24:3f:6d:e9:92:00:da:55:93:10:02:56:dd:7e:b1: 7d:af:8a:e9:5d:b7:89:0a:ca:26:3a:ed:1f:37:1c:b1:18:72: 2d:2e:3c:f7:ec:c6:47:71:46:12:7c:96:8d:44:f8:d8:91:b5: 74:72:6f:95:4c:96:ca:53:75:72:2b:61:8e:0c:c4:83:30:92: 09:e6:58:30:be:ad:ea:c6:73:8c:6f:28:2c:37:ef:7f:63:83: 72:27:e2:42:70:45:d9:d4:91:f3:fb:6b:1f:d8:e0:ba:3a:b8: 59:7d:51:b2 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt57J9YXx1NuiivyviWBl46MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDVjNDI4ODQ2Zjg0ZDgxODM2MWY2YjljMGE0NjNiMmU1NzQy YTE0OWIwHhcNMjYwMTAxMTQxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOGQ1Mzc5OTAxMWI2M2ViYmE0YjczYzQ0NWY4YjMxZTIyMzdiNTg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFv0K4f13/UMfUedMgkySaoN3PIN 8fgUcvIa0zIZ3WyTGI7QVy96gmOOnCta1Ib/lWCQS5ufromx0OcYnU7JGFSPJov4 0X5U/ZwHU3OkG+C9i47ey9i50/mj52LsHP9VzFRMrmXtc9kUkFRtDCE9KJHihNg/ btIVdCjba0OCwhZv/L2rE/1liZvja33VDHo7tqkNMQxNzuk7/WF/+SfdkI6vDNEO 2migUmcgG78xyx0O63qVnJyARZ1Dfr0aq/u+pCCtdcttB3B63c0CqVuvNlS8jbl/ 7bk1PsQn4CVRlB5gxIQmsylnu/3+pt5zBTgvzCU5c2htCSBpRyqTRcb+dwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFAjVN5kBG2PruktzxEX4sx4iN7WJMB8GA1UdIwQY MBaAFFxCiEb4TYGDYfa5wKRjsuV0KhSbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWEVLSVJ2aE5nWU5oOXJuQXBHT3k1WFFxRkpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84OWE4NzItZDA0ZC00MjE3LThmYzQt YzkwZGI4MjM1ZjM5LzEvQ05VM21RRWJZLXU2UzNQRVJmaXpIaUkzdFlrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My84OWE4NzItZDA0ZC00MjE3LThmYzQtYzkwZGI4MjM1ZjM5 LzEvWEVLSVJ2aE5nWU5oOXJuQXBHT3k1WFFxRkpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCueE0AwQA w1hYMA0EAgACMAcDBQAqAQZQMA0GCSqGSIb3DQEBCwUAA4IBAQBc6QrozlaWSobO I2L502vTOG2AVx0J6cGCSjbvgevhSr5bbwSwqKNFM8ho27Djphm6D76z6Z1M8zdl RBt4F8oa2Usk1HVzAL5WzFO7qG2xmH2gk1MLiDiEglIme/BzBlqVkbk5fr2Db+IA fA1YWivqXAJCG1R6KqwUeSokeU/zpdxtj3Km0n6nZlIZscjmfmMBNm4kP23pkgDa VZMQAlbdfrF9r4rpXbeJCsomOu0fNxyxGHItLjz37MZHcUYSfJaNRPjYkbV0cm+V TJbKU3VyK2GODMSDMJIJ5lgwvq3qxnOMbygsN+9/Y4NyJ+JCcEXZ1JHz+2sf2OC6 OrhZfVGy -----END CERTIFICATE-----Generated at Mon Feb 9 19:40:30 2026 by rpki-client