This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/pkANJWQGRxeYUhe9QHaxt_kkCZ0.roa File: pkANJWQGRxeYUhe9QHaxt_kkCZ0.roa (raw, json) Hash identifier: JQPpr1NgeNVkQnAHd4pZVUEgVBBePxibUcmbvm5s/ds= Subject key identifier: A6:40:0D:25:64:06:47:17:98:52:17:BD:40:76:B1:B7:F9:24:09:9D Certificate issuer: /CN=cb302a273ab4ef25a8ea91a4a3779bcf7d1de59b Certificate serial: 019B7EA509FC8FA06ADE87DCCA86F7260E35 Authority key identifier: CB:30:2A:27:3A:B4:EF:25:A8:EA:91:A4:A3:77:9B:CF:7D:1D:E5:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzAqJzq07yWo6pGko3ebz30d5Zs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/pkANJWQGRxeYUhe9QHaxt_kkCZ0.roa Signing time: Fri 02 Jan 2026 12:18:23 +0000 ROA not before: Fri 02 Jan 2026 12:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43028 IP address blocks: 193.200.201.0/24 maxlen: 24 2001:67c:12c8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/yzAqJzq07yWo6pGko3ebz30d5Zs.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/yzAqJzq07yWo6pGko3ebz30d5Zs.mft rsync://rpki.ripe.net/repository/DEFAULT/yzAqJzq07yWo6pGko3ebz30d5Zs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 18:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:09:fc:8f:a0:6a:de:87:dc:ca:86:f7:26:0e:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cb302a273ab4ef25a8ea91a4a3779bcf7d1de59b Validity Not Before: Jan 2 12:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a6400d2564064717985217bd4076b1b7f924099d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:08:18:bc:6c:1e:18:ec:e7:e5:ce:d5:aa:08: b8:f4:3d:73:f0:56:ae:60:0e:01:ca:a6:94:f1:b0: 16:ff:75:2b:55:f7:18:55:67:94:da:21:17:9c:5f: 69:e2:41:a1:01:a8:68:cb:01:0d:17:2b:c1:77:c4: 15:5e:a8:24:e5:cc:27:b5:c4:d7:fd:6c:b2:73:2f: c0:91:2c:b8:59:45:80:22:a9:7f:8f:ed:fe:aa:a1: e7:58:a9:b8:25:39:10:db:fa:c4:00:f4:52:cb:b5: f9:c9:b2:d3:fd:a0:12:14:bd:6f:b9:26:31:bd:d7: 75:d7:e9:e9:d0:80:c1:78:11:60:91:c4:bd:a3:4a: b8:11:62:fc:18:a5:72:1a:1f:9c:8f:08:45:a3:b5: c7:0e:b0:ea:b6:a7:5a:e0:8f:a3:e9:62:74:ad:82: 1b:65:45:8b:df:c0:b0:71:94:97:e8:2c:b5:e7:d9: 2d:a0:23:76:ee:cf:d0:b9:43:ab:2f:88:4c:54:eb: 4e:ae:54:5c:d2:62:fc:94:45:54:af:2a:3a:3b:45: 0b:82:d0:64:69:9e:8e:cf:07:32:37:24:ef:c4:75: 3e:c2:47:1a:d2:d9:6b:53:70:6c:3b:c9:0d:28:80: 33:db:dc:68:e1:12:92:a9:6c:e9:34:52:94:d8:26: e2:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:40:0D:25:64:06:47:17:98:52:17:BD:40:76:B1:B7:F9:24:09:9D X509v3 Authority Key Identifier: keyid:CB:30:2A:27:3A:B4:EF:25:A8:EA:91:A4:A3:77:9B:CF:7D:1D:E5:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzAqJzq07yWo6pGko3ebz30d5Zs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/pkANJWQGRxeYUhe9QHaxt_kkCZ0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/977ddb-3095-488d-b36b-8008d1e7c38c/1/yzAqJzq07yWo6pGko3ebz30d5Zs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.200.201.0/24 IPv6: 2001:67c:12c8::/48 Signature Algorithm: sha256WithRSAEncryption 99:a3:bf:48:ed:fe:38:b6:f8:f2:fb:33:11:90:c9:fd:d9:c8: 06:0c:00:16:7c:8a:30:ed:93:23:fa:11:49:de:01:1c:ca:91: 98:94:77:df:8e:46:19:72:6f:a6:2e:0a:85:66:c6:d7:62:15: fe:29:f4:7b:18:56:60:d1:a0:17:b2:06:ad:1f:9d:42:67:27: 45:38:3a:b8:46:69:07:49:40:19:7f:10:a5:b4:6b:e3:25:96: e6:21:a4:0f:f3:73:40:09:02:af:60:04:73:b1:ea:79:65:22: c7:11:48:6e:dc:cc:28:17:f0:e0:dd:77:02:c5:ef:4b:56:a9: 1c:bb:85:a9:91:f2:4c:60:d3:c3:bb:34:45:b1:22:9c:18:58: 16:b0:c3:12:fa:16:70:96:a5:8d:e0:ee:de:c6:14:b9:0d:34: 41:c4:8a:c3:c1:0b:b6:4e:b6:f7:e9:df:a0:56:1d:66:c5:d7: a9:6f:be:c2:ce:0e:30:b5:32:b3:b8:b6:17:02:6e:6f:aa:82: f8:ec:e3:0e:86:3a:bb:c8:b0:86:70:57:40:39:94:18:35:20: 10:48:57:21:ac:a3:e3:b3:cd:34:04:d8:e2:06:9e:b3:39:71: 54:aa:86:6e:97:2b:65:5c:ac:6d:ff:cc:67:12:b0:0a:c9:3f: 45:ff:c6:80 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+pQn8j6Bq3ofcyob3Jg41MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNiMzAyYTI3M2FiNGVmMjVhOGVhOTFhNGEzNzc5YmNmN2Qx ZGU1OWIwHhcNMjYwMTAyMTIxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNjQwMGQyNTY0MDY0NzE3OTg1MjE3YmQ0MDc2YjFiN2Y5MjQwOTlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ggYvGweGOzn5c7Vqgi49D1z8Fau YA4ByqaU8bAW/3UrVfcYVWeU2iEXnF9p4kGhAahoywENFyvBd8QVXqgk5cwntcTX /Wyycy/AkSy4WUWAIql/j+3+qqHnWKm4JTkQ2/rEAPRSy7X5ybLT/aASFL1vuSYx vdd11+np0IDBeBFgkcS9o0q4EWL8GKVyGh+cjwhFo7XHDrDqtqda4I+j6WJ0rYIb ZUWL38CwcZSX6Cy159ktoCN27s/QuUOrL4hMVOtOrlRc0mL8lEVUryo6O0ULgtBk aZ6OzwcyNyTvxHU+wkca0tlrU3BsO8kNKIAz29xo4RKSqWzpNFKU2CbiPwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFKZADSVkBkcXmFIXvUB2sbf5JAmdMB8GA1UdIwQY MBaAFMswKic6tO8lqOqRpKN3m899HeWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveXpBcUp6cTA3eVdvNnBHa28zZWJ6MzBkNVpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85NzdkZGItMzA5NS00ODhkLWIzNmIt ODAwOGQxZTdjMzhjLzEvcGtBTkpXUUdSeGVZVWhlOVFIYXh0X2trQ1owLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi85NzdkZGItMzA5NS00ODhkLWIzNmItODAwOGQxZTdjMzhj LzEveXpBcUp6cTA3eVdvNnBHa28zZWJ6MzBkNVpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwcjJMA8E AgACMAkDBwAgAQZ8EsgwDQYJKoZIhvcNAQELBQADggEBAJmjv0jt/ji2+PL7MxGQ yf3ZyAYMABZ8ijDtkyP6EUneARzKkZiUd9+ORhlyb6YuCoVmxtdiFf4p9HsYVmDR oBeyBq0fnUJnJ0U4OrhGaQdJQBl/EKW0a+MlluYhpA/zc0AJAq9gBHOx6nllIscR SG7czCgX8ODddwLF70tWqRy7hamR8kxg08O7NEWxIpwYWBawwxL6FnCWpY3g7t7G FLkNNEHEisPBC7ZOtvfp36BWHWbF16lvvsLODjC1MrO4thcCbm+qgvjs4w6GOrvI sIZwV0A5lBg1IBBIVyGso+OzzTQE2OIGnrM5cVSqhm6XK2VcrG3/zGcSsArJP0X/ xoA= -----END CERTIFICATE-----Generated at Tue Feb 10 02:22:31 2026 by rpki-client