This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CmUOjn4cSGHQVbEmTKozagHiILg.roa File: CmUOjn4cSGHQVbEmTKozagHiILg.roa (raw, json) Hash identifier: aaYqfcui4A20yO3VLDfVLnkDxxOO7q1Pmh4kQg+thOU= Subject key identifier: 0A:65:0E:8E:7E:1C:48:61:D0:55:B1:26:4C:AA:33:6A:01:E2:20:B8 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5AAEC523E03E5FC33C346A43DC67A6 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CmUOjn4cSGHQVbEmTKozagHiILg.roa Signing time: Thu 01 Jan 2026 16:18:41 +0000 ROA not before: Thu 01 Jan 2026 16:18:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 63902 IP address blocks: 89.28.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:ae:c5:23:e0:3e:5f:c3:3c:34:6a:43:dc:67:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0a650e8e7e1c4861d055b1264caa336a01e220b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:ec:47:5e:30:31:fd:3e:13:85:b5:84:eb:ed: 47:7e:aa:f9:ec:10:9e:85:2e:73:ee:42:5b:59:9f: 88:73:f7:0f:19:07:8e:87:c0:b1:96:e5:12:d3:bc: 14:3a:33:40:3c:a9:80:86:bc:f7:5e:18:1d:c6:66: 43:6d:55:43:e0:79:74:12:98:fc:c4:b1:d5:7f:fc: 05:72:ce:18:31:07:44:0b:35:e9:33:91:b1:50:0d: 5e:7a:4a:74:ba:82:b6:62:f8:9a:78:8d:a0:4f:44: e3:9e:4b:dd:55:76:c4:c1:22:4d:86:52:0b:80:6d: 05:a1:40:7c:2a:6c:59:c9:c3:4d:10:18:cd:1c:01: d8:d9:a8:be:e1:a7:d4:7d:94:7e:43:2c:f9:7d:de: 1f:56:dd:da:b3:ef:0d:c3:47:3f:30:c8:61:64:5f: 00:bd:ce:20:f2:a0:11:21:58:90:8d:4e:c6:28:9d: 1f:3e:42:6d:c0:93:65:7c:79:cc:6a:77:c7:c8:55: 13:3d:87:3b:fd:22:ec:02:79:4f:67:10:69:99:2b: 78:b8:f2:43:fa:85:f8:9e:58:27:9a:f4:01:b7:9e: 02:a6:43:b1:17:29:5e:50:4e:60:dd:ef:21:5a:01: 44:c7:9f:ad:19:13:62:fe:da:0b:bf:3d:bd:3a:65: 30:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:65:0E:8E:7E:1C:48:61:D0:55:B1:26:4C:AA:33:6A:01:E2:20:B8 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CmUOjn4cSGHQVbEmTKozagHiILg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.28.235.0/24 Signature Algorithm: sha256WithRSAEncryption a6:f5:f4:a2:7f:04:62:c9:7b:ce:ef:bc:d3:d5:c7:e6:00:9c: 3b:d6:a8:d0:73:fe:b8:8d:14:90:98:5b:7d:ac:1b:56:0b:2e: ad:79:f2:9a:34:6c:c1:45:d5:59:b6:c8:ef:33:3d:b8:ab:28: ef:b1:41:03:ef:91:a9:1f:a5:ea:65:67:e4:9c:da:d2:a2:ff: b6:78:12:96:7f:c4:a7:c9:de:18:95:14:fb:9c:20:91:a7:9d: dc:8f:ac:7f:23:51:0f:fe:87:53:e9:db:15:cd:05:8a:63:3e: f3:73:6d:06:14:4a:22:52:c9:71:0b:06:70:a1:98:2a:58:28: 7e:4c:d0:21:7f:47:15:db:3e:ad:b1:fc:01:c2:64:b1:bc:36: c0:c5:e0:da:63:b5:89:f3:e8:c3:47:d8:14:ea:c9:2c:4a:87: d9:61:1d:f9:a8:56:99:71:03:e7:6a:5a:65:ed:1d:84:b5:46: 7c:5b:ea:45:86:e5:cf:b2:58:b3:4d:36:25:78:88:5a:a8:4f: 93:a2:5d:c0:89:1d:03:c1:f0:27:6f:70:36:b4:cf:16:02:a3: d9:36:4e:1f:a4:54:29:bd:54:37:be:b3:be:e8:87:fb:c9:ca: 91:0a:a0:74:55:7c:31:cc:01:e5:a7:77:01:2c:f1:84:6f:f7: 43:1c:a0:88 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6Wq7FI+A+X8M8NGpD3GemMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYTY1MGU4ZTdlMWM0ODYxZDA1NWIxMjY0Y2FhMzM2YTAxZTIyMGI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqexHXjAx/T4ThbWE6+1Hfqr57BCe hS5z7kJbWZ+Ic/cPGQeOh8CxluUS07wUOjNAPKmAhrz3XhgdxmZDbVVD4Hl0Epj8 xLHVf/wFcs4YMQdECzXpM5GxUA1eekp0uoK2YviaeI2gT0TjnkvdVXbEwSJNhlIL gG0FoUB8KmxZycNNEBjNHAHY2ai+4afUfZR+Qyz5fd4fVt3as+8Nw0c/MMhhZF8A vc4g8qARIViQjU7GKJ0fPkJtwJNlfHnManfHyFUTPYc7/SLsAnlPZxBpmSt4uPJD +oX4nlgnmvQBt54CpkOxFyleUE5g3e8hWgFEx5+tGRNi/toLvz29OmUwJwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFAplDo5+HEhh0FWxJkyqM2oB4iC4MB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvQ21VT2puNGNTR0hRVmJFbVRLb3phZ0hpSUxnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRzrMA0G CSqGSIb3DQEBCwUAA4IBAQCm9fSifwRiyXvO77zT1cfmAJw71qjQc/64jRSQmFt9 rBtWCy6tefKaNGzBRdVZtsjvMz24qyjvsUED75GpH6XqZWfknNrSov+2eBKWf8Sn yd4YlRT7nCCRp53cj6x/I1EP/odT6dsVzQWKYz7zc20GFEoiUslxCwZwoZgqWCh+ TNAhf0cV2z6tsfwBwmSxvDbAxeDaY7WJ8+jDR9gU6sksSofZYR35qFaZcQPnalpl 7R2EtUZ8W+pFhuXPslizTTYleIhaqE+Tol3AiR0DwfAnb3A2tM8WAqPZNk4fpFQp vVQ3vrO+6If7ycqRCqB0VXwxzAHlp3cBLPGEb/dDHKCI -----END CERTIFICATE-----Generated at Mon Jan 19 17:05:01 2026 by rpki-client