This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/CzohGtSLcmDpSrKXCjf2wQpuklI.roa File: CzohGtSLcmDpSrKXCjf2wQpuklI.roa (raw, json) Hash identifier: oSgq7hJ4clz8JZa9p9/cu2QQ6c0SU2FQe0lIPhhVo4k= Subject key identifier: 0B:3A:21:1A:D4:8B:72:60:E9:4A:B2:97:0A:37:F6:C1:0A:6E:92:52 Certificate issuer: /CN=bdf5b712f2e4932c1c030312d194a597883f3d5e Certificate serial: 019B79EBBCBDADC5B0A3993C5F4E94CEBBDB Authority key identifier: BD:F5:B7:12:F2:E4:93:2C:1C:03:03:12:D1:94:A5:97:88:3F:3D:5E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfW3EvLkkywcAwMS0ZSll4g_PV4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/CzohGtSLcmDpSrKXCjf2wQpuklI.roa Signing time: Thu 01 Jan 2026 14:17:30 +0000 ROA not before: Thu 01 Jan 2026 14:17:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29117 IP address blocks: 195.85.200.0/24 maxlen: 24 195.234.61.0/24 maxlen: 24 2001:67c:195c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/vfW3EvLkkywcAwMS0ZSll4g_PV4.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/vfW3EvLkkywcAwMS0ZSll4g_PV4.mft rsync://rpki.ripe.net/repository/DEFAULT/vfW3EvLkkywcAwMS0ZSll4g_PV4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:eb:bc:bd:ad:c5:b0:a3:99:3c:5f:4e:94:ce:bb:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bdf5b712f2e4932c1c030312d194a597883f3d5e Validity Not Before: Jan 1 14:17:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0b3a211ad48b7260e94ab2970a37f6c10a6e9252 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:3c:66:3e:68:c9:59:ff:08:5a:15:1e:f9:59: 01:bd:42:16:78:b3:39:5b:f4:6a:08:17:8f:2e:81: 07:7d:a4:4a:c0:bd:cb:6c:d3:3a:72:14:8c:18:c2: ab:ba:e4:63:37:8e:59:fd:68:d2:35:aa:22:f6:65: f1:43:f3:ef:5d:49:30:93:bd:ae:b5:57:ec:1f:bf: 1e:62:ba:0c:23:7e:64:81:de:e6:9e:86:18:97:a4: a4:65:19:37:62:7d:c1:c3:eb:a9:ae:eb:7b:e7:e9: 19:a6:ab:7c:f5:2a:86:45:3a:17:07:e0:1c:fb:e2: 07:21:a0:39:1d:d9:73:1c:02:6c:03:0c:61:4b:0a: e1:c6:f0:0b:9a:20:a0:71:c0:34:20:ae:51:38:d1: 5a:31:e9:3b:d2:a0:9a:24:df:8f:b9:41:41:8b:9f: bb:cd:69:4a:2e:3e:24:00:fb:af:04:8b:5c:8f:09: 79:92:ad:b4:db:a3:48:a2:13:7b:c8:c7:aa:10:14: 11:b6:d8:86:5f:3b:5b:4b:82:ad:a3:6f:54:68:35: 4c:51:73:75:b2:74:9d:2e:3a:fa:dd:79:2f:8e:ce: 9a:1a:8c:f9:2e:da:e0:08:ad:9d:d8:75:ed:f6:99: ba:3b:2a:4f:ca:9a:60:28:c8:33:d2:3a:27:0c:ef: 77:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:3A:21:1A:D4:8B:72:60:E9:4A:B2:97:0A:37:F6:C1:0A:6E:92:52 X509v3 Authority Key Identifier: keyid:BD:F5:B7:12:F2:E4:93:2C:1C:03:03:12:D1:94:A5:97:88:3F:3D:5E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfW3EvLkkywcAwMS0ZSll4g_PV4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/CzohGtSLcmDpSrKXCjf2wQpuklI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/vfW3EvLkkywcAwMS0ZSll4g_PV4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.85.200.0/24 195.234.61.0/24 IPv6: 2001:67c:195c::/48 Signature Algorithm: sha256WithRSAEncryption 82:e2:19:26:3e:0b:ba:7d:c6:42:d2:74:9e:af:7d:c9:6c:82: a2:35:ec:d2:68:6f:5a:44:2a:a5:79:45:00:03:76:b0:2a:d4: c5:b3:7c:0b:a4:d8:18:ac:6d:ae:96:fa:bd:4e:ca:3f:1c:31: 46:ef:29:d5:4f:c0:12:0b:6d:c2:7e:80:20:72:db:b8:24:47: 62:47:50:fa:b4:a3:82:f0:bd:f3:1e:3f:ca:ba:47:d9:dd:f8: 5c:0f:65:96:95:d1:a8:f3:e0:18:72:fd:41:1e:39:dd:3d:26: 42:3d:16:81:17:01:86:f1:73:41:ed:87:d2:32:e9:5f:50:c9: d9:42:9b:bb:63:7f:76:d5:0b:75:7a:0d:43:89:6b:92:78:3c: eb:ea:4c:d7:a8:e3:64:5b:a7:be:f9:07:51:a4:13:91:08:4a: 45:16:49:33:61:11:65:39:43:35:52:7f:80:e9:8e:18:2e:cb: 1b:f3:27:04:fd:ef:e9:96:6e:0b:dd:bc:28:11:27:30:e3:4f: 75:8c:9c:bf:79:e7:8a:a5:d5:47:04:77:22:5d:35:48:4c:f8: 7b:ab:43:34:20:e2:2c:3e:e2:b4:1c:2f:b3:87:16:6d:a5:ce: e2:aa:ed:1c:89:40:5b:7a:0d:82:19:7e:fb:33:49:0c:32:a7: fa:90:ef:90 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt567y9rcWwo5k8X06UzrvbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJkZjViNzEyZjJlNDkzMmMxYzAzMDMxMmQxOTRhNTk3ODgz ZjNkNWUwHhcNMjYwMTAxMTQxNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYjNhMjExYWQ0OGI3MjYwZTk0YWIyOTcwYTM3ZjZjMTBhNmU5MjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTxmPmjJWf8IWhUe+VkBvUIWeLM5 W/RqCBePLoEHfaRKwL3LbNM6chSMGMKruuRjN45Z/WjSNaoi9mXxQ/PvXUkwk72u tVfsH78eYroMI35kgd7mnoYYl6SkZRk3Yn3Bw+uprut75+kZpqt89SqGRToXB+Ac ++IHIaA5HdlzHAJsAwxhSwrhxvALmiCgccA0IK5RONFaMek70qCaJN+PuUFBi5+7 zWlKLj4kAPuvBItcjwl5kq2026NIohN7yMeqEBQRttiGXztbS4Kto29UaDVMUXN1 snSdLjr63Xkvjs6aGoz5LtrgCK2d2HXt9pm6OypPyppgKMgz0jonDO93BQIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFAs6IRrUi3Jg6Uqylwo39sEKbpJSMB8GA1UdIwQY MBaAFL31txLy5JMsHAMDEtGUpZeIPz1eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdmZXM0V2TGtreXdjQXdNUzBaU2xsNGdfUFY0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9jZTAwNzctYzcwMS00Y2VkLTlkNTMt NmM1YzM0NTg2ZjZlLzEvQ3pvaEd0U0xjbURwU3JLWENqZjJ3UXB1a2xJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS9jZTAwNzctYzcwMS00Y2VkLTlkNTMtNmM1YzM0NTg2ZjZl LzEvdmZXM0V2TGtreXdjQXdNUzBaU2xsNGdfUFY0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAw1XIAwQA w+o9MA8EAgACMAkDBwAgAQZ8GVwwDQYJKoZIhvcNAQELBQADggEBAILiGSY+C7p9 xkLSdJ6vfclsgqI17NJob1pEKqV5RQADdrAq1MWzfAuk2Bisba6W+r1Oyj8cMUbv KdVPwBILbcJ+gCBy27gkR2JHUPq0o4LwvfMeP8q6R9nd+FwPZZaV0ajz4Bhy/UEe Od09JkI9FoEXAYbxc0Hth9Iy6V9QydlCm7tjf3bVC3V6DUOJa5J4POvqTNeo42Rb p775B1GkE5EISkUWSTNhEWU5QzVSf4DpjhguyxvzJwT97+mWbgvdvCgRJzDjT3WM nL9554ql1UcEdyJdNUhM+HurQzQg4iw+4rQcL7OHFm2lzuKq7RyJQFt6DYIZfvsz SQwyp/qQ75A= -----END CERTIFICATE-----Generated at Mon Feb 9 22:31:55 2026 by rpki-client