This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/CUTOGOeFs0gWQuIN9nGgo3nSgWo.roa File: CUTOGOeFs0gWQuIN9nGgo3nSgWo.roa (raw, json) Hash identifier: KYflTNM3tjBYLQ/bNFbmP51W7O+D4SNuLCoNBLDu2B0= Subject key identifier: 09:44:CE:18:E7:85:B3:48:16:42:E2:0D:F6:71:A0:A3:79:D2:81:6A Certificate issuer: /CN=713b9404a0c43223addc8ea1b10ab74b777a2a01 Certificate serial: 019B7910E112014E905BB37A34F5945805A1 Authority key identifier: 71:3B:94:04:A0:C4:32:23:AD:DC:8E:A1:B1:0A:B7:4B:77:7A:2A:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cTuUBKDEMiOt3I6hsQq3S3d6KgE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/CUTOGOeFs0gWQuIN9nGgo3nSgWo.roa Signing time: Thu 01 Jan 2026 10:18:27 +0000 ROA not before: Thu 01 Jan 2026 10:18:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 25234 IP address blocks: 31.15.8.0/21 maxlen: 21 45.10.97.0/24 maxlen: 24 81.95.96.0/20 maxlen: 20 185.12.196.0/22 maxlen: 22 2a02:4a8::/32 maxlen: 32 2a10:bbc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/cTuUBKDEMiOt3I6hsQq3S3d6KgE.crl rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/cTuUBKDEMiOt3I6hsQq3S3d6KgE.mft rsync://rpki.ripe.net/repository/DEFAULT/cTuUBKDEMiOt3I6hsQq3S3d6KgE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 10:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:e1:12:01:4e:90:5b:b3:7a:34:f5:94:58:05:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=713b9404a0c43223addc8ea1b10ab74b777a2a01 Validity Not Before: Jan 1 10:18:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0944ce18e785b3481642e20df671a0a379d2816a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:41:68:3d:b6:8a:b2:57:45:0b:4a:e6:ee:3e: 92:8b:76:89:af:b3:5c:2b:3d:99:62:a3:1f:92:9f: d4:e1:f7:dc:3d:20:d9:ce:7c:df:fe:2b:cc:a6:12: b9:42:31:11:47:73:3e:19:ab:00:55:79:b7:43:69: d1:76:b9:f5:a1:d4:5a:95:d9:de:2e:a7:c7:ff:a1: 06:bb:58:35:02:db:e5:af:69:12:38:03:23:8a:93: 2e:a4:92:d7:94:27:5f:ec:51:67:01:1f:34:ce:64: 8b:32:9c:84:7d:73:4a:cf:00:02:4b:3d:8d:4d:cf: c3:f1:a8:60:b1:85:ee:ad:e4:92:e9:45:b3:0d:c9: 72:94:6f:0f:8e:8c:4e:74:32:dd:7c:d9:c8:dd:97: f5:88:a8:91:14:dc:26:64:d1:89:e0:e0:ca:82:1d: 5a:8c:81:cf:db:c9:31:2b:17:cd:95:9b:f2:8a:c0: c3:91:2b:2e:05:3b:d5:3f:66:2d:b4:0a:a4:5e:51: 06:f6:a3:01:6b:1d:8e:3f:f1:ff:ab:6d:18:3e:1c: a3:de:92:4e:7c:28:4d:e8:02:e8:c6:ac:d5:0e:0e: be:64:53:b2:65:da:61:44:be:57:2e:9e:d8:85:5b: fd:29:14:f4:c6:18:f7:36:35:4a:a6:51:6d:ab:1c: dc:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:44:CE:18:E7:85:B3:48:16:42:E2:0D:F6:71:A0:A3:79:D2:81:6A X509v3 Authority Key Identifier: keyid:71:3B:94:04:A0:C4:32:23:AD:DC:8E:A1:B1:0A:B7:4B:77:7A:2A:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cTuUBKDEMiOt3I6hsQq3S3d6KgE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/CUTOGOeFs0gWQuIN9nGgo3nSgWo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7ec7a2-8318-462f-966e-7a531d483747/1/cTuUBKDEMiOt3I6hsQq3S3d6KgE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.15.8.0/21 45.10.97.0/24 81.95.96.0/20 185.12.196.0/22 IPv6: 2a02:4a8::/32 2a10:bbc0::/32 Signature Algorithm: sha256WithRSAEncryption 57:e5:32:5a:e1:e7:67:5b:a0:d1:e2:fe:d7:a9:18:28:5a:84: 3e:85:b9:ad:eb:f5:20:d4:e2:44:09:c3:0f:4c:d9:75:5c:8f: b7:1f:a7:65:39:d7:cd:65:45:14:9f:51:6a:9f:75:3c:fd:b1: 8b:10:7a:0f:31:19:18:fa:67:77:7b:e8:d0:d1:de:45:82:cc: d3:82:95:95:c2:37:90:c0:f0:06:74:74:fb:91:3a:7c:a2:d7: d1:11:89:38:06:0a:ab:c6:73:a4:03:80:bf:fe:c7:21:01:1f: ab:a9:51:03:9b:9f:d5:42:6d:56:b5:8e:de:de:74:99:bb:c2: 43:0d:3b:ae:5e:6a:3b:c1:04:38:08:fc:e1:48:9b:25:50:2f: 89:d1:01:95:a4:23:1f:86:21:da:32:14:b9:4c:5c:ad:2f:e4: c9:70:06:64:c9:6d:db:90:e8:d5:95:1e:10:ee:91:a8:ea:76: b8:c3:8c:c7:cf:15:58:50:7d:2d:60:4a:03:94:72:48:a3:70: fe:fe:01:f4:27:f9:3b:d5:7d:60:e6:c3:ad:a8:2e:ce:9b:77: b4:b5:69:82:be:f2:ef:f0:a6:c1:d2:36:f0:db:62:54:df:29: f2:2e:1e:0d:b6:28:95:cd:90:6c:c4:6f:8f:f5:c7:4d:d2:57: b7:27:a5:80 -----BEGIN CERTIFICATE----- MIIFJTCCBA2gAwIBAgISAZt5EOESAU6QW7N6NPWUWAWhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxM2I5NDA0YTBjNDMyMjNhZGRjOGVhMWIxMGFiNzRiNzc3 YTJhMDEwHhcNMjYwMTAxMTAxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwOTQ0Y2UxOGU3ODViMzQ4MTY0MmUyMGRmNjcxYTBhMzc5ZDI4MTZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0FoPbaKsldFC0rm7j6Si3aJr7Nc Kz2ZYqMfkp/U4ffcPSDZznzf/ivMphK5QjERR3M+GasAVXm3Q2nRdrn1odRaldne LqfH/6EGu1g1Atvlr2kSOAMjipMupJLXlCdf7FFnAR80zmSLMpyEfXNKzwACSz2N Tc/D8ahgsYXureSS6UWzDclylG8PjoxOdDLdfNnI3Zf1iKiRFNwmZNGJ4ODKgh1a jIHP28kxKxfNlZvyisDDkSsuBTvVP2YttAqkXlEG9qMBax2OP/H/q20YPhyj3pJO fChN6ALoxqzVDg6+ZFOyZdphRL5XLp7YhVv9KRT0xhj3NjVKplFtqxzc4wIDAQAB o4ICMTCCAi0wHQYDVR0OBBYEFAlEzhjnhbNIFkLiDfZxoKN50oFqMB8GA1UdIwQY MBaAFHE7lASgxDIjrdyOobEKt0t3eioBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY1R1VUJLREVNaU90M0k2aHNRcTNTM2Q2S2dFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83ZWM3YTItODMxOC00NjJmLTk2NmUt N2E1MzFkNDgzNzQ3LzEvQ1VUT0dPZUZzMGdXUXVJTjluR2dvM25TZ1dvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My83ZWM3YTItODMxOC00NjJmLTk2NmUtN2E1MzFkNDgzNzQ3 LzEvY1R1VUJLREVNaU90M0k2aHNRcTNTM2Q2S2dFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDHw8IAwQA LQphAwQEUV9gAwQCuQzEMBQEAgACMA4DBQAqAgSoAwUAKhC7wDANBgkqhkiG9w0B AQsFAAOCAQEAV+UyWuHnZ1ug0eL+16kYKFqEPoW5rev1INTiRAnDD0zZdVyPtx+n ZTnXzWVFFJ9Rap91PP2xixB6DzEZGPpnd3vo0NHeRYLM04KVlcI3kMDwBnR0+5E6 fKLX0RGJOAYKq8ZzpAOAv/7HIQEfq6lRA5uf1UJtVrWO3t50mbvCQw07rl5qO8EE OAj84UibJVAvidEBlaQjH4Yh2jIUuUxcrS/kyXAGZMlt25Do1ZUeEO6RqOp2uMOM x88VWFB9LWBKA5RySKNw/v4B9Cf5O9V9YObDraguzpt3tLVpgr7y7/CmwdI28Nti VN8p8i4eDbYolc2QbMRvj/XHTdJXtyelgA== -----END CERTIFICATE-----Generated at Mon Jan 26 16:57:54 2026 by rpki-client