This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/cxSAbl9AGDjuAytpRHVKIsDfitI.roa File: cxSAbl9AGDjuAytpRHVKIsDfitI.roa (raw, json) Hash identifier: 6VeXR5AotX5hFxSi1IUjWsyHhQBxezCmfN4HLADcz8c= Subject key identifier: 73:14:80:6E:5F:40:18:38:EE:03:2B:69:44:75:4A:22:C0:DF:8A:D2 Certificate issuer: /CN=a538bb0c2b41efa8c3b02064ebc52fba92c23626 Certificate serial: 019B7CEDD6DC364C8D77597D23E27802C4B3 Authority key identifier: A5:38:BB:0C:2B:41:EF:A8:C3:B0:20:64:EB:C5:2F:BA:92:C2:36:26 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTi7DCtB76jDsCBk68UvupLCNiY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/cxSAbl9AGDjuAytpRHVKIsDfitI.roa Signing time: Fri 02 Jan 2026 04:18:40 +0000 ROA not before: Fri 02 Jan 2026 04:18:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199927 IP address blocks: 185.251.236.0/22 maxlen: 24 2a0c:1ec0::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/pTi7DCtB76jDsCBk68UvupLCNiY.crl rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/pTi7DCtB76jDsCBk68UvupLCNiY.mft rsync://rpki.ripe.net/repository/DEFAULT/pTi7DCtB76jDsCBk68UvupLCNiY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 04:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:d6:dc:36:4c:8d:77:59:7d:23:e2:78:02:c4:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a538bb0c2b41efa8c3b02064ebc52fba92c23626 Validity Not Before: Jan 2 04:18:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=7314806e5f401838ee032b6944754a22c0df8ad2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:58:f3:da:99:71:dd:df:f2:45:9d:67:10:12: 86:69:d5:bf:e0:9f:3e:28:48:da:98:eb:8f:15:fd: fd:96:1a:b1:c5:31:e1:44:87:c7:fa:ba:33:cc:c7: 0c:1f:63:d1:9a:97:42:25:5d:4d:0a:ed:61:07:c7: d1:00:72:4b:68:5b:d2:56:ec:32:a7:de:51:05:9a: 9e:3e:cb:b7:bb:37:65:db:eb:23:f1:56:89:34:56: 5f:d8:b7:bc:f0:85:df:cd:ed:a6:db:f4:5a:04:1e: 34:8c:3e:3e:ba:8d:cb:b7:0a:39:7c:38:d5:7d:b7: dc:76:c4:1b:ee:d7:bf:51:a0:fc:43:38:47:ff:1e: d7:c2:83:f3:92:a2:a5:9e:b3:5a:f5:96:a9:d8:ae: 08:38:97:d6:01:d0:91:f1:f2:7f:f1:ef:e2:1b:82: 67:74:27:a9:20:80:88:f7:06:4a:2f:c2:a2:72:cf: fe:ed:23:07:e0:c8:c9:36:39:33:92:2f:cf:47:5b: 8b:d0:20:12:61:06:5b:5d:f1:56:4e:34:21:15:3f: 5c:a5:5f:35:4e:b6:70:f1:78:17:fe:b0:59:db:10: 88:e7:cd:1c:6a:d8:58:1e:f1:55:14:0c:f6:12:36: 67:87:ed:b2:d6:b1:50:f9:0a:b6:1b:ca:6d:d0:6d: 32:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:14:80:6E:5F:40:18:38:EE:03:2B:69:44:75:4A:22:C0:DF:8A:D2 X509v3 Authority Key Identifier: keyid:A5:38:BB:0C:2B:41:EF:A8:C3:B0:20:64:EB:C5:2F:BA:92:C2:36:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTi7DCtB76jDsCBk68UvupLCNiY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/cxSAbl9AGDjuAytpRHVKIsDfitI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/pTi7DCtB76jDsCBk68UvupLCNiY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.251.236.0/22 IPv6: 2a0c:1ec0::/29 Signature Algorithm: sha256WithRSAEncryption 0d:f0:19:e5:6c:b4:17:42:18:3c:df:06:0e:01:48:1d:27:7d: d6:e2:d2:f9:8d:d8:a7:70:e8:ad:49:fa:f3:93:80:0d:c8:49: 44:5e:82:5f:30:2f:c3:97:ee:30:41:b2:64:b3:f5:62:2c:fb: 90:2d:c2:b9:2d:9d:5f:a9:19:9c:e1:7a:dd:7c:d8:7c:fb:a7: 8f:68:45:66:28:df:7f:3b:2b:5b:4e:cc:48:42:00:ba:f5:73: ba:6c:59:32:35:e1:80:20:29:ea:8f:1b:79:1b:de:f0:d4:f3: c6:9f:64:aa:c1:d1:7a:c6:24:fe:53:a5:bb:66:5c:41:e5:6e: f3:73:ac:24:dd:09:64:be:e8:32:8d:84:d5:88:32:18:6f:19: f4:93:54:86:7f:84:46:f4:73:d2:90:ae:d3:a6:21:ce:df:4b: e5:91:42:11:13:8c:da:b2:87:8d:fa:3a:d1:a0:b5:fc:84:7b: 15:98:2f:6f:93:03:e6:bf:26:20:39:ae:10:2b:30:ce:db:68: 5e:70:a8:24:38:91:5f:3f:a6:14:6f:d1:47:3d:5d:d1:f2:40: 32:59:d2:9e:4c:80:fa:23:a3:bb:32:c5:d6:7b:10:81:58:24: cc:83:f3:31:45:b7:fa:d3:5d:2b:57:f6:16:d4:48:58:94:7f: af:00:fe:90 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt87dbcNkyNd1l9I+J4AsSzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE1MzhiYjBjMmI0MWVmYThjM2IwMjA2NGViYzUyZmJhOTJj MjM2MjYwHhcNMjYwMTAyMDQxODQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MzE0ODA2ZTVmNDAxODM4ZWUwMzJiNjk0NDc1NGEyMmMwZGY4YWQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1jz2plx3d/yRZ1nEBKGadW/4J8+ KEjamOuPFf39lhqxxTHhRIfH+rozzMcMH2PRmpdCJV1NCu1hB8fRAHJLaFvSVuwy p95RBZqePsu3uzdl2+sj8VaJNFZf2Le88IXfze2m2/RaBB40jD4+uo3Ltwo5fDjV fbfcdsQb7te/UaD8QzhH/x7XwoPzkqKlnrNa9Zap2K4IOJfWAdCR8fJ/8e/iG4Jn dCepIICI9wZKL8Kics/+7SMH4MjJNjkzki/PR1uL0CASYQZbXfFWTjQhFT9cpV81 TrZw8XgX/rBZ2xCI580cathYHvFVFAz2EjZnh+2y1rFQ+Qq2G8pt0G0ywwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFHMUgG5fQBg47gMraUR1SiLA34rSMB8GA1UdIwQY MBaAFKU4uwwrQe+ow7AgZOvFL7qSwjYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcFRpN0RDdEI3NmpEc0NCazY4VXZ1cExDTmlZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9jZWJhNWMtZTlkOS00ZTkxLWJhYmMt NjcyODJkNzEzOGEwLzEvY3hTQWJsOUFHRGp1QXl0cFJIVktJc0RmaXRJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yi9jZWJhNWMtZTlkOS00ZTkxLWJhYmMtNjcyODJkNzEzOGEw LzEvcFRpN0RDdEI3NmpEc0NCazY4VXZ1cExDTmlZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufvsMA0E AgACMAcDBQMqDB7AMA0GCSqGSIb3DQEBCwUAA4IBAQAN8BnlbLQXQhg83wYOAUgd J33W4tL5jdincOitSfrzk4ANyElEXoJfMC/Dl+4wQbJks/ViLPuQLcK5LZ1fqRmc 4XrdfNh8+6ePaEVmKN9/OytbTsxIQgC69XO6bFkyNeGAICnqjxt5G97w1PPGn2Sq wdF6xiT+U6W7ZlxB5W7zc6wk3QlkvugyjYTViDIYbxn0k1SGf4RG9HPSkK7TpiHO 30vlkUIRE4zasoeN+jrRoLX8hHsVmC9vkwPmvyYgOa4QKzDO22hecKgkOJFfP6YU b9FHPV3R8kAyWdKeTID6I6O7MsXWexCBWCTMg/MxRbf6010rV/YW1EhYlH+vAP6Q -----END CERTIFICATE-----Generated at Mon Jan 26 14:43:37 2026 by rpki-client