This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/c5f49d-10b0-4818-a0c4-7c0b9b19fcfb/1/cdp1tnEqjEuwTYVbdI1j3wHPDuE.roa File: cdp1tnEqjEuwTYVbdI1j3wHPDuE.roa (raw, json) Hash identifier: PSpmNX2+qtjxbQErRebhWCHH46VZVaH6NZ253k2cPGo= Subject key identifier: 71:DA:75:B6:71:2A:8C:4B:B0:4D:85:5B:74:8D:63:DF:01:CF:0E:E1 Certificate issuer: /CN=2f314bc00a7e5ae23349e05406293a7d6060cda1 Certificate serial: 019B7DCA4EFB28F31019CE99E365584B21B7 Authority key identifier: 2F:31:4B:C0:0A:7E:5A:E2:33:49:E0:54:06:29:3A:7D:60:60:CD:A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzFLwAp-WuIzSeBUBik6fWBgzaE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/c5f49d-10b0-4818-a0c4-7c0b9b19fcfb/1/cdp1tnEqjEuwTYVbdI1j3wHPDuE.roa Signing time: Fri 02 Jan 2026 08:19:29 +0000 ROA not before: Fri 02 Jan 2026 08:19:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47268 IP address blocks: 195.216.249.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/c5f49d-10b0-4818-a0c4-7c0b9b19fcfb/1/LzFLwAp-WuIzSeBUBik6fWBgzaE.crl rsync://rpki.ripe.net/repository/DEFAULT/89/c5f49d-10b0-4818-a0c4-7c0b9b19fcfb/1/LzFLwAp-WuIzSeBUBik6fWBgzaE.mft rsync://rpki.ripe.net/repository/DEFAULT/LzFLwAp-WuIzSeBUBik6fWBgzaE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:4e:fb:28:f3:10:19:ce:99:e3:65:58:4b:21:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f314bc00a7e5ae23349e05406293a7d6060cda1 Validity Not Before: Jan 2 08:19:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=71da75b6712a8c4bb04d855b748d63df01cf0ee1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:f8:af:e4:80:aa:90:e7:f0:78:d3:22:84:67: 23:2e:ca:2a:76:f6:41:04:ac:77:1f:a7:dd:b3:13: e8:f3:8a:9f:a5:10:1a:7e:79:f2:a3:1f:c4:6a:fe: c3:d0:57:18:d7:7a:25:ec:15:38:ff:65:27:23:ce: 00:57:dc:38:df:48:45:59:09:2e:c9:7f:9d:c5:11: 63:49:49:33:6d:81:08:15:01:ad:d3:fa:ac:ca:1e: 4e:9d:79:bb:cb:44:c7:69:e0:67:76:e1:3f:18:97: 2c:bd:bd:00:6f:91:cf:5d:24:b2:93:bf:bf:b3:93: 87:2f:21:bf:0b:b2:c0:c6:50:f0:56:c1:fd:2a:1b: b9:39:22:b2:90:19:ff:21:99:59:ff:29:03:5c:8c: 11:d3:09:68:72:85:f1:21:f7:1f:f8:a7:e1:38:5c: 1c:61:b7:41:69:81:4a:6b:5b:5c:0d:e4:71:8b:3f: a8:c6:9e:fa:38:38:7c:0d:8a:6e:33:3a:7b:f0:fb: 57:82:3e:4b:d2:4c:6f:28:91:dc:14:7a:97:0d:17: d6:17:43:25:1c:28:4f:a6:ff:fb:89:fc:bb:96:a0: 39:e8:3e:82:69:d3:2a:14:84:da:f8:8e:7d:3c:62: 6e:32:ad:b9:0f:8a:61:f1:25:39:5b:a4:6a:be:96: fb:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:DA:75:B6:71:2A:8C:4B:B0:4D:85:5B:74:8D:63:DF:01:CF:0E:E1 X509v3 Authority Key Identifier: keyid:2F:31:4B:C0:0A:7E:5A:E2:33:49:E0:54:06:29:3A:7D:60:60:CD:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzFLwAp-WuIzSeBUBik6fWBgzaE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c5f49d-10b0-4818-a0c4-7c0b9b19fcfb/1/cdp1tnEqjEuwTYVbdI1j3wHPDuE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/c5f49d-10b0-4818-a0c4-7c0b9b19fcfb/1/LzFLwAp-WuIzSeBUBik6fWBgzaE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.216.249.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:03:3a:bd:c5:2b:11:60:7c:4f:de:d2:2c:36:27:aa:e5:1f: 81:e3:17:49:56:39:17:96:34:6a:59:2a:9a:6c:f9:aa:f4:ff: ae:14:f9:44:92:2f:e7:13:32:32:60:30:d3:3b:3c:2f:93:c9: ab:d7:21:a9:f8:70:59:12:78:31:89:f9:9a:8b:22:c4:2d:00: 0d:8e:18:dd:d6:60:4e:67:f5:35:7c:2b:ab:5d:3a:5d:1d:44: 09:d2:da:62:48:05:93:21:e2:52:a7:b4:ff:ab:ce:3f:ff:12: 42:12:39:f1:b0:4b:97:44:2f:4f:02:ce:1e:bb:83:eb:8d:ca: 99:de:bc:61:cf:01:fd:f8:f6:87:a0:c8:cf:8b:65:d4:cc:43: af:32:79:40:71:22:5b:27:e7:dc:1e:34:f7:6f:49:af:da:8b: 62:ed:a4:40:df:9c:eb:71:88:21:68:b0:5b:74:f0:80:36:46: 1b:8f:4d:98:c7:cc:25:c6:a9:d4:b0:06:d3:a8:87:06:51:da: 4b:58:b8:0a:f8:ed:d6:dd:9d:e4:09:6d:67:4a:be:32:d8:09: 81:e1:e1:5f:8b:d3:2c:4b:7a:56:3c:d8:9a:ed:d7:1b:67:ca: 14:02:09:09:cd:7c:a5:43:bf:04:8f:f6:6e:02:95:a1:28:ef: fb:ba:81:ee -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yk77KPMQGc6Z42VYSyG3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmMzE0YmMwMGE3ZTVhZTIzMzQ5ZTA1NDA2MjkzYTdkNjA2 MGNkYTEwHhcNMjYwMTAyMDgxOTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MWRhNzViNjcxMmE4YzRiYjA0ZDg1NWI3NDhkNjNkZjAxY2YwZWUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1viv5ICqkOfweNMihGcjLsoqdvZB BKx3H6fdsxPo84qfpRAafnnyox/Eav7D0FcY13ol7BU4/2UnI84AV9w430hFWQku yX+dxRFjSUkzbYEIFQGt0/qsyh5OnXm7y0THaeBnduE/GJcsvb0Ab5HPXSSyk7+/ s5OHLyG/C7LAxlDwVsH9Khu5OSKykBn/IZlZ/ykDXIwR0wlocoXxIfcf+KfhOFwc YbdBaYFKa1tcDeRxiz+oxp76ODh8DYpuMzp78PtXgj5L0kxvKJHcFHqXDRfWF0Ml HChPpv/7ify7lqA56D6CadMqFITa+I59PGJuMq25D4ph8SU5W6Rqvpb7gwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHHadbZxKoxLsE2FW3SNY98Bzw7hMB8GA1UdIwQY MBaAFC8xS8AKflriM0ngVAYpOn1gYM2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTHpGTHdBcC1XdUl6U2VCVUJpazZmV0JnemFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9jNWY0OWQtMTBiMC00ODE4LWEwYzQt N2MwYjliMTlmY2ZiLzEvY2RwMXRuRXFqRXV3VFlWYmRJMWozd0hQRHVFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS9jNWY0OWQtMTBiMC00ODE4LWEwYzQtN2MwYjliMTlmY2Zi LzEvTHpGTHdBcC1XdUl6U2VCVUJpazZmV0JnemFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9j5MA0G CSqGSIb3DQEBCwUAA4IBAQA6Azq9xSsRYHxP3tIsNieq5R+B4xdJVjkXljRqWSqa bPmq9P+uFPlEki/nEzIyYDDTOzwvk8mr1yGp+HBZEngxifmaiyLELQANjhjd1mBO Z/U1fCurXTpdHUQJ0tpiSAWTIeJSp7T/q84//xJCEjnxsEuXRC9PAs4eu4PrjcqZ 3rxhzwH9+PaHoMjPi2XUzEOvMnlAcSJbJ+fcHjT3b0mv2oti7aRA35zrcYghaLBb dPCANkYbj02Yx8wlxqnUsAbTqIcGUdpLWLgK+O3W3Z3kCW1nSr4y2AmB4eFfi9Ms S3pWPNia7dcbZ8oUAgkJzXylQ78Ej/ZuApWhKO/7uoHu -----END CERTIFICATE-----Generated at Tue Feb 10 04:53:38 2026 by rpki-client