This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/CpcMl2eeE4kivr7Y_KcbhMBQkho.roa File: CpcMl2eeE4kivr7Y_KcbhMBQkho.roa (raw, json) Hash identifier: 3J5pbfw99fV9VldJRwXaEGP1Raiiwe48ExCYD8L4uko= Subject key identifier: 0A:97:0C:97:67:9E:13:89:22:BE:BE:D8:FC:A7:1B:84:C0:50:92:1A Certificate issuer: /CN=c868ca82147ed2277b4bcc69a5285bae735f2e44 Certificate serial: 019B775939EEEF5B39130307B2A5B7FCF19F Authority key identifier: C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/CpcMl2eeE4kivr7Y_KcbhMBQkho.roa Signing time: Thu 01 Jan 2026 02:18:14 +0000 ROA not before: Thu 01 Jan 2026 02:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60032 IP address blocks: 2.59.68.0/22 maxlen: 22 2.59.72.0/22 maxlen: 22 5.252.60.0/22 maxlen: 22 5.252.88.0/22 maxlen: 22 45.11.148.0/22 maxlen: 22 45.65.104.0/21 maxlen: 21 45.85.176.0/22 maxlen: 22 45.90.224.0/22 maxlen: 22 45.129.48.0/22 maxlen: 22 45.152.184.0/22 maxlen: 22 80.240.176.0/21 maxlen: 21 80.240.184.0/21 maxlen: 21 91.92.18.0/23 maxlen: 23 95.214.44.0/22 maxlen: 22 109.70.16.0/21 maxlen: 22 128.127.16.0/21 maxlen: 22 185.13.180.0/22 maxlen: 22 185.61.144.0/22 maxlen: 22 185.107.84.0/22 maxlen: 24 185.128.140.0/22 maxlen: 23 185.163.60.0/22 maxlen: 22 185.189.20.0/22 maxlen: 24 185.203.180.0/22 maxlen: 22 185.229.176.0/22 maxlen: 22 185.253.36.0/22 maxlen: 22 188.92.64.0/21 maxlen: 22 193.8.116.0/22 maxlen: 22 193.56.168.0/22 maxlen: 22 194.36.137.0/24 maxlen: 24 194.36.167.0/24 maxlen: 24 194.36.169.0/24 maxlen: 24 194.36.221.0/24 maxlen: 24 194.182.112.0/20 maxlen: 22 212.104.240.0/20 maxlen: 20 2a02:79e0::/32 maxlen: 32 2a02:cfc0::/29 maxlen: 32 2a06:4280::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.mft rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 11:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:39:ee:ef:5b:39:13:03:07:b2:a5:b7:fc:f1:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c868ca82147ed2277b4bcc69a5285bae735f2e44 Validity Not Before: Jan 1 02:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a970c97679e138922bebed8fca71b84c050921a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:72:7a:62:95:ab:b1:b2:34:54:40:2e:7f:24: 94:4f:e3:71:a6:eb:e0:45:ad:12:ab:6e:54:03:6f: 53:2d:c6:09:81:ae:81:24:7a:39:5b:96:85:5f:fb: a3:f5:a7:20:6c:5f:01:85:6f:29:03:3b:0e:1e:ad: 76:dc:ee:a0:23:e4:86:a8:5b:f1:cf:83:51:50:59: 03:47:35:fb:67:b4:54:d0:49:7a:07:10:cc:f0:93: 74:34:70:57:82:5c:1c:a6:24:26:a9:b4:e2:a0:1b: 8f:b9:65:a7:eb:43:db:be:60:25:e0:b6:03:e9:45: 70:ab:84:c5:18:40:e0:e2:1e:be:3e:a1:35:bc:ea: 7d:95:53:b4:64:37:65:fe:57:f9:74:3b:1a:6a:83: b0:f2:a1:40:e5:97:5c:cb:cd:b6:dd:09:75:a3:a7: 01:fe:3a:96:f2:04:41:eb:21:65:61:12:c6:d9:8e: ac:24:a6:8a:06:f4:95:d9:e9:77:27:91:e5:8f:80: d7:a0:8c:a6:a1:3f:4a:84:20:fd:56:e9:16:d7:e2: 9c:0d:3b:0c:5b:52:08:d7:62:d2:29:49:64:79:67: 4a:92:ac:9e:d3:a0:96:92:aa:ab:f6:8e:c3:dd:96: a7:a7:5f:4f:01:2c:48:4e:77:ff:2c:c5:bb:8b:9e: 24:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:97:0C:97:67:9E:13:89:22:BE:BE:D8:FC:A7:1B:84:C0:50:92:1A X509v3 Authority Key Identifier: keyid:C8:68:CA:82:14:7E:D2:27:7B:4B:CC:69:A5:28:5B:AE:73:5F:2E:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yGjKghR-0id7S8xppShbrnNfLkQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/CpcMl2eeE4kivr7Y_KcbhMBQkho.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/042c33-ab6b-48be-a492-66849019627e/1/yGjKghR-0id7S8xppShbrnNfLkQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.68.0-2.59.75.255 5.252.60.0/22 5.252.88.0/22 45.11.148.0/22 45.65.104.0/21 45.85.176.0/22 45.90.224.0/22 45.129.48.0/22 45.152.184.0/22 80.240.176.0/20 91.92.18.0/23 95.214.44.0/22 109.70.16.0/21 128.127.16.0/21 185.13.180.0/22 185.61.144.0/22 185.107.84.0/22 185.128.140.0/22 185.163.60.0/22 185.189.20.0/22 185.203.180.0/22 185.229.176.0/22 185.253.36.0/22 188.92.64.0/21 193.8.116.0/22 193.56.168.0/22 194.36.137.0/24 194.36.167.0/24 194.36.169.0/24 194.36.221.0/24 194.182.112.0/20 212.104.240.0/20 IPv6: 2a02:79e0::/32 2a02:cfc0::/29 2a06:4280::/29 Signature Algorithm: sha256WithRSAEncryption 22:94:d4:6a:ca:56:1f:70:00:6a:3b:38:8f:74:20:5f:cd:a1: 54:75:06:70:cd:91:d4:3a:3b:60:8e:93:32:8c:90:7c:f7:ba: d9:b3:68:88:23:16:ff:16:bf:69:2a:e9:70:26:2e:8b:b7:7c: d5:04:67:64:d4:dd:53:c9:2c:60:b9:93:4c:79:d5:7b:34:07: 5b:31:1b:35:8f:20:66:02:b2:4a:bd:e0:2b:9b:ab:04:f0:82: b4:1d:0f:e8:bf:ec:67:52:10:ae:96:11:84:dc:44:da:20:25: 49:9a:2d:8e:e3:80:3f:09:80:b9:18:e7:90:dc:74:19:65:3e: 95:7e:5c:51:2c:f5:c5:85:f5:90:11:98:36:0f:cc:16:b7:73: ce:d0:1f:bd:a3:b3:9f:8b:db:79:29:4b:e4:0c:03:fa:ad:fd: aa:ca:a0:07:5f:25:2d:0f:14:46:bf:e0:8e:d6:c0:83:10:9e: 24:f6:35:7c:65:56:c9:21:e5:fa:e2:d8:aa:65:6e:16:45:f3: 55:36:74:7c:55:ea:7b:6c:76:81:14:a3:2a:29:57:be:80:8c: fb:f1:08:e4:58:a5:2e:51:59:40:d7:2b:6f:42:3e:21:4d:81: 13:ae:a7:8d:51:61:e8:22:e6:c9:84:85:36:5a:16:e5:48:d5: 8e:c0:ca:31 -----BEGIN CERTIFICATE----- MIIF4jCCBMqgAwIBAgISAZt3WTnu71s5EwMHsqW3/PGfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4NjhjYTgyMTQ3ZWQyMjc3YjRiY2M2OWE1Mjg1YmFlNzM1 ZjJlNDQwHhcNMjYwMTAxMDIxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTk3MGM5NzY3OWUxMzg5MjJiZWJlZDhmY2E3MWI4NGMwNTA5MjFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnJ6YpWrsbI0VEAufySUT+Nxpuvg Ra0Sq25UA29TLcYJga6BJHo5W5aFX/uj9acgbF8BhW8pAzsOHq123O6gI+SGqFvx z4NRUFkDRzX7Z7RU0El6BxDM8JN0NHBXglwcpiQmqbTioBuPuWWn60PbvmAl4LYD 6UVwq4TFGEDg4h6+PqE1vOp9lVO0ZDdl/lf5dDsaaoOw8qFA5Zdcy8223Ql1o6cB /jqW8gRB6yFlYRLG2Y6sJKaKBvSV2el3J5Hlj4DXoIymoT9KhCD9VukW1+KcDTsM W1II12LSKUlkeWdKkqye06CWkqqr9o7D3Zanp19PASxITnf/LMW7i54k8wIDAQAB o4IC7jCCAuowHQYDVR0OBBYEFAqXDJdnnhOJIr6+2PynG4TAUJIaMB8GA1UdIwQY MBaAFMhoyoIUftIne0vMaaUoW65zXy5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTIt NjY4NDkwMTk2MjdlLzEvQ3BjTWwyZWVFNGtpdnI3WV9LY2JoTUJRa2hvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS8wNDJjMzMtYWI2Yi00OGJlLWE0OTItNjY4NDkwMTk2Mjdl LzEveUdqS2doUi0waWQ3Uzh4cHBTaGJybk5mTGtRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgc8EAgABMIHIMAwD BAICO0QDBAICO0gDBAIF/DwDBAIF/FgDBAItC5QDBAMtQWgDBAItVbADBAItWuAD BAItgTADBAItmLgDBARQ8LADBAFbXBIDBAJf1iwDBANtRhADBAOAfxADBAK5DbQD BAK5PZADBAK5a1QDBAK5gIwDBAK5ozwDBAK5vRQDBAK5y7QDBAK55bADBAK5/SQD BAO8XEADBALBCHQDBALBOKgDBADCJIkDBADCJKcDBADCJKkDBADCJN0DBATCtnAD BATUaPAwGwQCAAIwFQMFACoCeeADBQMqAs/AAwUDKgZCgDANBgkqhkiG9w0BAQsF AAOCAQEAIpTUaspWH3AAajs4j3QgX82hVHUGcM2R1Do7YI6TMoyQfPe62bNoiCMW /xa/aSrpcCYui7d81QRnZNTdU8ksYLmTTHnVezQHWzEbNY8gZgKySr3gK5urBPCC tB0P6L/sZ1IQrpYRhNxE2iAlSZotjuOAPwmAuRjnkNx0GWU+lX5cUSz1xYX1kBGY Ng/MFrdzztAfvaOzn4vbeSlL5AwD+q39qsqgB18lLQ8URr/gjtbAgxCeJPY1fGVW ySHl+uLYqmVuFkXzVTZ0fFXqe2x2gRSjKilXvoCM+/EI5FilLlFZQNcrb0I+IU2B E66njVFh6CLmyYSFNloW5UjVjsDKMQ== -----END CERTIFICATE-----Generated at Sat Jan 10 20:49:49 2026 by rpki-client